From 8d242c78255eb872f53c685230459a2670217e19 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 4 Sep 2015 14:08:10 -0500 Subject: fix a docs typo and convert it to a doctest to prevent future problems --- docs/fernet.rst | 46 ++++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 22 deletions(-) (limited to 'docs') diff --git a/docs/fernet.rst b/docs/fernet.rst index a066ae63..a2bab32a 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -115,28 +115,30 @@ password through a key derivation function such as :class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`, bcrypt or scrypt. -.. code-block:: python - - import base64 - import os - - from cryptography.fernet import Fernet - from cryptography.hazmat.backends import default_backend - from cryptography.hazmat.primitives import hashes - from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC - - password = b"password" - salt = os.urandom(16) - - kdf = PBKDF2HMAC( - algorithm=hashes.SHA256(), - length=32, - salt=salt, - iterations=100000, - backend=default_backend - ) - key = base64.urlsafe_b64encode(kdf.derive(password)) - f = Fernet(key) +.. doctest:: + + >>> import base64 + >>> import os + >>> from cryptography.fernet import Fernet + >>> from cryptography.hazmat.backends import default_backend + >>> from cryptography.hazmat.primitives import hashes + >>> from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC + >>> password = b"password" + >>> salt = os.urandom(16) + >>> kdf = PBKDF2HMAC( + ... algorithm=hashes.SHA256(), + ... length=32, + ... salt=salt, + ... iterations=100000, + ... backend=default_backend() + ... ) + >>> key = base64.urlsafe_b64encode(kdf.derive(password)) + >>> f = Fernet(key) + >>> token = f.encrypt(b"Secret message!") + >>> token + '...' + >>> f.decrypt(token) + 'Secret message!' In this scheme, the salt has to be stored in a retrievable location in order to derive the same key from the password in the future. -- cgit v1.2.3