import gluon.contrib.aes as AES
import threading
import base64
import os
def w2p_encrypt(data):
key = 'asdsaddasdasdas'
key = pad(key[:32])
cipher, IV = AES_new(key)
encrypted_data = IV + cipher.encrypt(pad(data))
return base64.urlsafe_b64encode(encrypted_data)
def w2p_decrypt(data):
key = 'asdsaddasdasdas'
key = pad(key[:32])
data = base64.urlsafe_b64decode(data)
IV, data = data[:16], data[16:]
cipher, _ = AES_new(key, IV=IV)
data = cipher.decrypt(data)
data = data.rstrip(' ')
return data
db.define_table('t_test',
Field('f_field')
)
db.t_test.f_field.filter_in = lambda value : w2p_encrypt(value)
db.t_test.f_field.filter_out = lambda value : w2p_decrypt(value)
from gluon.utils import secure_dumps, secure_loads
db.t_test.f_field.filter_in = lambda value : secure_dumps(value, 'your_key')
db.t_test.f_field.filter_out = lambda value : secure_loads(value, 'your_key')
import gluon.contrib.aes as AES
import threading
import os
import base64
def fast_urandom16(urandom=[], locker=threading.RLock()):
"""
this is 4x faster than calling os.urandom(16) and prevents
the "too many files open" issue with concurrent access to os.urandom()
"""
try:
return urandom.pop()
except IndexError:
try:
locker.acquire()
ur = os.urandom(16 * 1024)
urandom += [ur[i:i + 16] for i in xrange(16, 1024 * 16, 16)]
return ur[0:16]
finally:
locker.release()
def pad(s, n=32, padchar=' '):
return s + (32 - len(s) % 32) * padchar
def AES_new(key, IV=None):
""" Returns an AES cipher object and random IV if None specified """
if IV is None:
IV = fast_urandom16()
return AES.new(key, AES.MODE_CBC, IV), IV
db.define_table('contact', Field('user_id', db.auth_user, default=auth.user_id, readable=False, writable=False), Field('email', label='Contact email'), Field('phone', label='Contact phone'))
db.contact.email.requires = [IS_EMAIL(error_message="Wrong email address")]db.contact.phone.requires= [IS_LENGTH(maxsize=30, error_message="Bit too long, right?")]db.contact.email.filter_in = lambda value : w2p_encrypt(value)db.contact.phone.filter_in = lambda value : w2p_encrypt(value)db.contact.email.filter_out = lambda value : w2p_decrypt(value)db.contact.phone.filter_out = lambda value : w2p_decrypt(value)
is this correct: I need roughly 44 characters generated by my password generator (no human/dictionary words) to contain about 256 bits of randomness to obtain an AES 256-bit key?