Closed Bug 763103 Opened 13 years ago Closed 13 years ago

Encrypt key fields

Categories

(Marketplace Graveyard :: Payments/Refunds, defect, P1)

Product:
Marketplace Graveyard
Component:
Payments/Refunds
Platform:
x86
macOS
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: andy+bugzilla, Assigned: andy+bugzilla)

References

Details

Should we be encrypting key fields? Things include: pre-approval key, paypal_id of the seller. If so how?
rforbes: last time I remember talking about this we discussed using a key file on disk and doing AES encrypt/decrypt with the MySQL function. This is what we do for the in-app payment secrets: bug 742751
sounds good to me.
I'd like to encrypt the following fields: Buyers: key (< preapproval key) Sellers: paypal_id (< paypal_email), token (< permissions token), secret (< permissions secret) Is it possible to abstract that AES field a little so we just say models.AESField? Would be a nice library to have lying around for this stuff.
(In reply to Andy McKay [:andym] from comment #3) > Is it possible to abstract that AES field a little so we just say > models.AESField? Would be a nice library to have lying around for this stuff. Yeah, that's exactly what I'm thinking too. I think we can expand the implementation here https://github.com/mozilla/zamboni/commit/32883fe58a89b3f429a0512fd1f9ea50c4e33c66#L0R370 to be more like http://djangosnippets.org/snippets/2489/
That would be awesome.
@rforbes: does this encryption remove the requirement for bug 759021 or should that requirement be part of this bug?
For the record, encryption of data using a PIN is not required. That will be seperate.
Assignee: nobody → amckay
Priority: -- → P1
https://github.com/mozilla/solitude/commit/aa971a
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.