using m2crypto to encrypt credit card numbers

gyromagnetic gyromagnetic at
Tue Jun 11 08:29:28 EDT 2002

Managing keys is a fundamental problem with encryption. I would highly
recommend that you not store the credit card numbers at all. Instead,
store a (SHA, MD5) hash of the number, and then validate against the


"Mark McEahern" <marklists at> wrote in message news:<mailman.1023748154.2706.python-list at>...
> I'm considering using M2Crypto ( to
> encrypt credit card numbers.  My part of the problem starts when the credit
> card arrives at the web server.  I plan to encrypt it with a public key and
> send it to a database that the web server only has write access to.

More information about the Python-list mailing list