stackoom
  简体   繁体   中英

Using pycrypto decrypted data in SQLAlchemy query - Python Flask

 原文  2022-07-15 05:03:18       python/ flask/ sqlalchemy/ pycrypto

Question

Currently I have a PostgreSQL database that contains existing data. I would like to start encrypting some of the data going into the database. Hence there will be a mixture of legacy data that's not encrypted and new (going forward) data that will be encrypted, until I'm able to retroactively encrypt all the data. So from my understanding I can't currently just encrypt the column and instead need to do it before it hits the database.

I have no issue encrypting data and putting it in the database and then decrypting the data when consuming it in the backend using pycrypto.

However, I'm having trouble using the data in a SQLAlchemy query filter to find existing matching data to avoid duplicates. For example; I have a table with x amount of rows. When I enter a new row I want to first check the table to make sure a similar row does not already exist based on a specific field. Normally, if the data was not encrypted I would do something like this;

# New item I would like to entry into the db
new_item_code = xxx

# First I want to check if the item already exist
item = Item.query.filter(Item.item_code == new_item_code).first()

IF item doesn't exist I can go ahead and enter it into the Item table. IF it already exist I will ignore the new item.

My issue is I don't know how to query the table when the data is encrypted, because the encrypted value will always be different. Therefore, I would first have to decrypt the values in the table and then perform the query. For instance in the example above I would need to find a way to decrypt the Item.item_code part. I first thought of using a SQLAlchemy @hybrid_property , but I run into decoding issues because I'm trying to decrypt an attribute instead of a value.

The next thing I was going to try is to first return all the rows (only the item_code ) place it in a dict and then decrypt all the values in the dict and check if the new_item_code exist in the dict . However, this doesn't seem like a good solution and I'm worried about performance, especially when the table gets very large.

Is there a better way to decrypt a value from a table and use it in a SQL alchemy query filter as shown above?

1 answers

solution1
 0  2022-07-21 05:32:34

我能够通过使用SymmetricEncryptionClientSide并通过 SQLAlchemy 混合属性在客户端执行加密来解决我的问题。

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AES Decryption using Pycrypto(python) not working. Getting correct decrypted code in crypto(Nodejs). Python, Flask + SQLAlchemy - query not working Python Flask Sqlalchemy Subst Query Join query in PostgreSQL using Python Flask sqlalchemy orm How to read data from postgresql in python using Flask and SQLAlchemy? Python Flask-sqlAlchemy Prepapre query openssl not decrypted files encrypted by pycrypto Is there a dynamic query builder for Flask using Sqlalchemy? custom filter query for flask using sqlalchemy and postgresql How to do a select query using flask and sqlalchemy?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM