diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2013-12-17 20:23:43 -0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2013-12-17 20:23:43 -0800 |
| commit | 0d0896319f59fe7b03d8ef6a153275f87816976b (patch) | |
| tree | 9b57cd30a07d8cdcffbea048bbabceb989aafbbc | |
| parent | e9083291b9dac1c1ab7b0a2da38f9455536a807d (diff) | |
| download | cryptography-0d0896319f59fe7b03d8ef6a153275f87816976b.tar.gz cryptography-0d0896319f59fe7b03d8ef6a153275f87816976b.tar.bz2 cryptography-0d0896319f59fe7b03d8ef6a153275f87816976b.zip | |
Use the term fernet token
| -rw-r--r-- | cryptography/fernet.py | 6 | ||||
| -rw-r--r-- | docs/fernet.rst | 24 |
2 files changed, 16 insertions, 14 deletions
diff --git a/cryptography/fernet.py b/cryptography/fernet.py index c5474af4..10698f29 100644 --- a/cryptography/fernet.py +++ b/cryptography/fernet.py @@ -78,8 +78,8 @@ class Fernet(object): hmac = h.finalize() return base64.urlsafe_b64encode(basic_parts + hmac) - def decrypt(self, data, ttl=None): - if isinstance(data, six.text_type): + def decrypt(self, token, ttl=None): + if isinstance(token, six.text_type): raise TypeError( "Unicode-objects must be encoded before decryption" ) @@ -87,7 +87,7 @@ class Fernet(object): current_time = int(time.time()) try: - data = base64.urlsafe_b64decode(data) + data = base64.urlsafe_b64decode(token) except (TypeError, binascii.Error): raise InvalidToken diff --git a/docs/fernet.rst b/docs/fernet.rst index 287c991b..0122e364 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -16,10 +16,10 @@ using it cannot be manipulated or read without the key. >>> from cryptography.fernet import Fernet >>> key = Fernet.generate_key() >>> f = Fernet(key) - >>> ciphertext = f.encrypt(b"my deep dark secret") - >>> ciphertext + >>> token = f.encrypt(b"my deep dark secret") + >>> token '...' - >>> f.decrypt(ciphertext) + >>> f.decrypt(token) 'my deep dark secret' :param bytes key: A URL-safe base64-encoded 32-byte key. This **must** be @@ -38,11 +38,13 @@ using it cannot be manipulated or read without the key. :param bytes plaintext: The message you would like to encrypt. :returns bytes: A secure message which cannot be read or altered - without the key. It is URL-safe base64-encoded. + without the key. It is URL-safe base64-encoded. This is + refered to as a "Fernet token". - .. method:: decrypt(ciphertext, ttl=None) + .. method:: decrypt(token, ttl=None) - :param bytes ciphertext: An encrypted message. + :param bytes token: The Fernet token. This is the result of calling + :meth:`encrypt`. :param int ttl: Optionally, the number of seconds old a message may be for it to be valid. If the message is older than ``ttl`` seconds (from the time it was originally @@ -50,11 +52,11 @@ using it cannot be manipulated or read without the key. provided (or is ``None``), the age of the message is not considered. :returns bytes: The original plaintext. - :raises InvalidToken: If the ``ciphertext`` is in any way invalid, this - exception is raised. A ciphertext may be invalid - for a number of reasons: it is older than the - ``ttl``, it is malformed, or it does not have a - valid signature. + :raises InvalidToken: If the ``token`` is in any way invalid, this + exception is raised. A token may be invalid for a + number of reasons: it is older than the ``ttl``, + it is malformed, or it does not have a valid + signature. .. class:: InvalidToken |