diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-09-04 14:08:10 -0500 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-09-04 14:08:10 -0500 |
commit | 8d242c78255eb872f53c685230459a2670217e19 (patch) | |
tree | 85930fe4feb200ebbae0a1d95a921f2cfdcfdfce | |
parent | f3e8aae5c001e643ec46ec8a55aa1c5c1ac097ae (diff) | |
download | cryptography-8d242c78255eb872f53c685230459a2670217e19.tar.gz cryptography-8d242c78255eb872f53c685230459a2670217e19.tar.bz2 cryptography-8d242c78255eb872f53c685230459a2670217e19.zip |
fix a docs typo and convert it to a doctest to prevent future problems
-rw-r--r-- | docs/fernet.rst | 46 |
1 files changed, 24 insertions, 22 deletions
diff --git a/docs/fernet.rst b/docs/fernet.rst index a066ae63..a2bab32a 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -115,28 +115,30 @@ password through a key derivation function such as :class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`, bcrypt or scrypt. -.. code-block:: python - - import base64 - import os - - from cryptography.fernet import Fernet - from cryptography.hazmat.backends import default_backend - from cryptography.hazmat.primitives import hashes - from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC - - password = b"password" - salt = os.urandom(16) - - kdf = PBKDF2HMAC( - algorithm=hashes.SHA256(), - length=32, - salt=salt, - iterations=100000, - backend=default_backend - ) - key = base64.urlsafe_b64encode(kdf.derive(password)) - f = Fernet(key) +.. doctest:: + + >>> import base64 + >>> import os + >>> from cryptography.fernet import Fernet + >>> from cryptography.hazmat.backends import default_backend + >>> from cryptography.hazmat.primitives import hashes + >>> from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC + >>> password = b"password" + >>> salt = os.urandom(16) + >>> kdf = PBKDF2HMAC( + ... algorithm=hashes.SHA256(), + ... length=32, + ... salt=salt, + ... iterations=100000, + ... backend=default_backend() + ... ) + >>> key = base64.urlsafe_b64encode(kdf.derive(password)) + >>> f = Fernet(key) + >>> token = f.encrypt(b"Secret message!") + >>> token + '...' + >>> f.decrypt(token) + 'Secret message!' In this scheme, the salt has to be stored in a retrievable location in order to derive the same key from the password in the future. |