Django Encrypted Fields
This is a collection of Django Model Field classes that are encrypted using Keyczar.
Keyczar is a crypto library that exposes a simple API by letting the user set things like the algorithm and key size right in the keyfile. It also provides for things like expiring old keys and cycling in new ones.
$ pip install django-encrypted-fields
Create a basic keyczar keyset.
AES-256 in this case.
$ mkdir fieldkeys $ keyczart create --location=fieldkeys --purpose=crypt $ keyczart addkey --location=fieldkeys --status=primary --size=256
ENCRYPTED_FIELDS_KEYDIR = '/path/to/fieldkeys'
from encrypted_fields import EncryptedTextField class MyModel(models.Model): text_field = EncryptedTextField()
Use your model as normal and your data will be encrypted in the database.
Warning: Once the data is encrypted, it can no longer to used to query or sort. In SQL, these will all look like text fields with random noise in them (which is what you want).
Currently build in and unit-tested fields. They have the same APIs as their non-encrypted counterparts.
Encrypt All The Fields!
Making new fields is easy! Django Encrypted Fields uses a handy mixin to make upgrading pre-existing fields quite easy.
from django.db import models from encrypted_fields import EncryptedFieldMixin class EncryptedIPAddressField(EncryptedFieldMixin, models.IPAddressField): pass
Please report an issues you encounter when trying this, since I've only tested it with the fields above.