diff options
| author | Donald Stufft <donald@stufft.io> | 2014-01-23 15:20:00 -0800 |
|---|---|---|
| committer | Donald Stufft <donald@stufft.io> | 2014-01-23 15:20:00 -0800 |
| commit | f5e2b4d7cac6c2cf7137eb8b02efe25f59868c27 (patch) | |
| tree | fd97253209bec719bfb44b12b47c37793833adeb /docs | |
| parent | 56f81ea267be5339c6d17e19f68a1e8592e52582 (diff) | |
| parent | b32b491a9d976165a1b8ca8565a272ce46fc2730 (diff) | |
| download | cryptography-f5e2b4d7cac6c2cf7137eb8b02efe25f59868c27.tar.gz cryptography-f5e2b4d7cac6c2cf7137eb8b02efe25f59868c27.tar.bz2 cryptography-f5e2b4d7cac6c2cf7137eb8b02efe25f59868c27.zip | |
Merge pull request #501 from alex/document-primitives
Document primitives
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/fernet.rst | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/docs/fernet.rst b/docs/fernet.rst index 13295c0c..b0215e32 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -72,5 +72,22 @@ symmetric (also known as "secret key") authenticated cryptography. See :meth:`Fernet.decrypt` for more information. +Implementation +-------------- + +Fernet is built on top of a number of standard cryptographic primitives. +Specifically it uses: + +* :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` in + :class:`~cryptography.hazmat.primitives.ciphers.modes.CBC` mode with a + 128-bit key for encryption; using + :class:`~cryptography.hazmat.primitives.ciphers.PKCS7` padding. +* :class:`~cryptography.hazmat.primitives.hmac.HMAC` using + :class:`~cryptography.hazmat.primitives.hashes.SHA256` for authentication. +* Initialization vectors are generated using ``os.urandom()``. + +For complete details consult the `specification`_. + .. _`Fernet`: https://github.com/fernet/spec/ +.. _`specification`: https://github.com/fernet/spec/blob/master/Spec.md |