I am creating a website using Django, my website will encrypt uploaded files and another user can then download the files unencrypted.
It's pretty straightforward encrypting in python (I am using the cryptography python library), but where do I store the encryption key?
I encrypt the files in case the database or source code has been compromised. Then I can't store the encryption key as a file or in the database.
Where can I store the encryption key?
CodePudding user response:
You can create a .env
file and store it in there.
I would recommend you do the same for your SECRET_KEY
in your settings
You can do something like this (just below imports in the top of your file (be it settings / views or something different):
#pip install environs is required
from environs import Env
env = Env()
env.read_env()
#
# some code here
#
SECRET_KEY = env.str("SECRET_KEY")
And your .env
would look something like:
SECRET_KEY=VerySecretKey
ENCRYPTION_KEY=SomeEncryptionKey
More info can be found here