diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-01-23 16:24:13 -0600 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-01-23 16:24:13 -0600 |
| commit | b32b491a9d976165a1b8ca8565a272ce46fc2730 (patch) | |
| tree | fd97253209bec719bfb44b12b47c37793833adeb | |
| parent | 56f81ea267be5339c6d17e19f68a1e8592e52582 (diff) | |
| download | cryptography-b32b491a9d976165a1b8ca8565a272ce46fc2730.tar.gz cryptography-b32b491a9d976165a1b8ca8565a272ce46fc2730.tar.bz2 cryptography-b32b491a9d976165a1b8ca8565a272ce46fc2730.zip | |
DOcument the primitives used in Fernet
| -rw-r--r-- | docs/fernet.rst | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/docs/fernet.rst b/docs/fernet.rst index 13295c0c..b0215e32 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -72,5 +72,22 @@ symmetric (also known as "secret key") authenticated cryptography. See :meth:`Fernet.decrypt` for more information. +Implementation +-------------- + +Fernet is built on top of a number of standard cryptographic primitives. +Specifically it uses: + +* :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` in + :class:`~cryptography.hazmat.primitives.ciphers.modes.CBC` mode with a + 128-bit key for encryption; using + :class:`~cryptography.hazmat.primitives.ciphers.PKCS7` padding. +* :class:`~cryptography.hazmat.primitives.hmac.HMAC` using + :class:`~cryptography.hazmat.primitives.hashes.SHA256` for authentication. +* Initialization vectors are generated using ``os.urandom()``. + +For complete details consult the `specification`_. + .. _`Fernet`: https://github.com/fernet/spec/ +.. _`specification`: https://github.com/fernet/spec/blob/master/Spec.md |