0

I am building a Django app that allows user to upload images to MySQL and the app also displays the uploaded images to users from MySQL. I plan to encrypt the file path that stores those images. Is there a way to configure MySQL to automatically decrypt data/images when my Django app queries the database for those encrypted image/file path?

Beso
  • 1,176
  • 5
  • 12
  • 26
Reallynoobatprogramming
  • 33
  • 1
  • 6

1 Answers1

0

Model methods provide a nice way to organize this code

class Example(models.model):
    filepath = models.CharField(max_length=255)

    def get_filepath(self):
        return decryption_magic(self.filepath)

    def set_filepath(self, filepath):
        self.filepath = encryption_magic(filepath)
Michael Lindsay
  • 1,290
  • 1
  • 8
  • 6
  • So this code is for models.py in the app? seems "decryption_magic" field means i need to pip install magic? – Reallynoobatprogramming Dec 17 '20 at 10:26
  • Yes, this would be in the models.py. However, it seems that the real answer is to encrypt the entire DB at rest, allowing the DB engine to to the hard work. – Michael Lindsay Dec 17 '20 at 10:30
  • If i were to encrypt the entire DB, would that mean that if my app would like to retrieve a file/image path from the DB, will the DB be able to automatically decrypt the requested fields and serve it to my app? – Reallynoobatprogramming Dec 17 '20 at 10:36
  • Using whole DB encryption means that you dont have to do any encryption in your code. What are you trying to protect against? – Michael Lindsay Dec 17 '20 at 10:43
  • I'm trying to protect against unauthorised third parties from reading the database fields, especially the file paths. What I am concerned is if the DB is able to decrypt and serve the images to my views.py/html if the entire DB has been encrypted, without me having to do any decryption coding on my app or the database – Reallynoobatprogramming Dec 17 '20 at 11:05
  • I think that you might need to take a larger look at the architecture here. Ask yourself what your threat model is, and what you are trying to achieve. ie. re-phrase the question from a higher level. – Michael Lindsay Dec 17 '20 at 11:10