1 files changed, 17 insertions, 7 deletions

diff --git a/src/cryptography/fernet.py b/src/cryptography/fernet.py
index b990defa..862d9466 100644
--- a/src/cryptography/fernet.py
+++ b/src/cryptography/fernet.py
@@ -47,7 +47,9 @@ class Fernet(object):
         return base64.urlsafe_b64encode(os.urandom(32))
 
     def encrypt(self, data):
-        current_time = int(time.time())
+        return self.encrypt_at_time(data, int(time.time()))
+
+    def encrypt_at_time(self, data, current_time):
         iv = os.urandom(16)
         return self._encrypt_from_parts(data, current_time, iv)
 
@@ -71,8 +73,11 @@ class Fernet(object):
         return base64.urlsafe_b64encode(basic_parts + hmac)
 
     def decrypt(self, token, ttl=None):
+        return self.decrypt_at_time(token, ttl, int(time.time()))
+
+    def decrypt_at_time(self, token, ttl, current_time):
         timestamp, data = Fernet._get_unverified_token_data(token)
-        return self._decrypt_data(data, timestamp, ttl)
+        return self._decrypt_data(data, timestamp, ttl, current_time)
 
     def extract_timestamp(self, token):
         timestamp, data = Fernet._get_unverified_token_data(token)
@@ -105,8 +110,7 @@ class Fernet(object):
         except InvalidSignature:
             raise InvalidToken
 
-    def _decrypt_data(self, data, timestamp, ttl):
-        current_time = int(time.time())
+    def _decrypt_data(self, data, timestamp, ttl, current_time):
         if ttl is not None:
             if timestamp + ttl < current_time:
                 raise InvalidToken
@@ -146,13 +150,16 @@ class MultiFernet(object):
         self._fernets = fernets
 
     def encrypt(self, msg):
-        return self._fernets[0].encrypt(msg)
+        return self.encrypt_at_time(msg, int(time.time()))
+
+    def encrypt_at_time(self, msg, current_time):
+        return self._fernets[0].encrypt_at_time(msg, current_time)
 
     def rotate(self, msg):
         timestamp, data = Fernet._get_unverified_token_data(msg)
         for f in self._fernets:
             try:
-                p = f._decrypt_data(data, timestamp, None)
+                p = f._decrypt_data(data, timestamp, None, None)
                 break
             except InvalidToken:
                 pass
@@ -163,9 +170,12 @@ class MultiFernet(object):
         return self._fernets[0]._encrypt_from_parts(p, timestamp, iv)
 
     def decrypt(self, msg, ttl=None):
+        return self.decrypt_at_time(msg, ttl, int(time.time()))
+
+    def decrypt_at_time(self, msg, ttl, current_time):
         for f in self._fernets:
             try:
-                return f.decrypt(msg, ttl)
+                return f.decrypt_at_time(msg, ttl, current_time)
             except InvalidToken:
                 pass
         raise InvalidToken