aboutsummaryrefslogtreecommitdiffstats
path: root/docs/fernet.rst
diff options
context:
space:
mode:
authorPaul Kehrer <paul.l.kehrer@gmail.com>2015-09-04 14:08:10 -0500
committerPaul Kehrer <paul.l.kehrer@gmail.com>2015-09-04 14:08:10 -0500
commit8d242c78255eb872f53c685230459a2670217e19 (patch)
tree85930fe4feb200ebbae0a1d95a921f2cfdcfdfce /docs/fernet.rst
parentf3e8aae5c001e643ec46ec8a55aa1c5c1ac097ae (diff)
downloadcryptography-8d242c78255eb872f53c685230459a2670217e19.tar.gz
cryptography-8d242c78255eb872f53c685230459a2670217e19.tar.bz2
cryptography-8d242c78255eb872f53c685230459a2670217e19.zip
fix a docs typo and convert it to a doctest to prevent future problems
Diffstat (limited to 'docs/fernet.rst')
-rw-r--r--docs/fernet.rst46
1 files changed, 24 insertions, 22 deletions
diff --git a/docs/fernet.rst b/docs/fernet.rst
index a066ae63..a2bab32a 100644
--- a/docs/fernet.rst
+++ b/docs/fernet.rst
@@ -115,28 +115,30 @@ password through a key derivation function such as
:class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`, bcrypt or
scrypt.
-.. code-block:: python
-
- import base64
- import os
-
- from cryptography.fernet import Fernet
- from cryptography.hazmat.backends import default_backend
- from cryptography.hazmat.primitives import hashes
- from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
-
- password = b"password"
- salt = os.urandom(16)
-
- kdf = PBKDF2HMAC(
- algorithm=hashes.SHA256(),
- length=32,
- salt=salt,
- iterations=100000,
- backend=default_backend
- )
- key = base64.urlsafe_b64encode(kdf.derive(password))
- f = Fernet(key)
+.. doctest::
+
+ >>> import base64
+ >>> import os
+ >>> from cryptography.fernet import Fernet
+ >>> from cryptography.hazmat.backends import default_backend
+ >>> from cryptography.hazmat.primitives import hashes
+ >>> from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
+ >>> password = b"password"
+ >>> salt = os.urandom(16)
+ >>> kdf = PBKDF2HMAC(
+ ... algorithm=hashes.SHA256(),
+ ... length=32,
+ ... salt=salt,
+ ... iterations=100000,
+ ... backend=default_backend()
+ ... )
+ >>> key = base64.urlsafe_b64encode(kdf.derive(password))
+ >>> f = Fernet(key)
+ >>> token = f.encrypt(b"Secret message!")
+ >>> token
+ '...'
+ >>> f.decrypt(token)
+ 'Secret message!'
In this scheme, the salt has to be stored in a retrievable location in order
to derive the same key from the password in the future.