本文整理汇总了Python中cryptography.fernet.Fernet方法的典型用法代码示例。如果您正苦于以下问题:Python fernet.Fernet方法的具体用法?Python fernet.Fernet怎么用?Python fernet.Fernet使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cryptography.fernet的用法示例。
在下文中一共展示了fernet.Fernet方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: __init__
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def __init__(self, config):
self.config = config
self.basic_auth = config['server']['basic_auth']
mobile_cfg = config.get('iris-mobile', {})
self.mobile = mobile_cfg.get('activated', False)
if self.mobile:
mobile_auth = mobile_cfg['auth']
self.time_window = mobile_auth.get('time_window', 60)
self.fernet = Fernet(mobile_auth['encrypt_key'])
else:
self.time_window = None
self.fernet = None
token = config['twilio']['auth_token']
if isinstance(token, list):
self.twilio_auth_token = token
else:
self.twilio_auth_token = [token]
self.debug = False
if self.config['server'].get('debug'):
self.debug = True 示例2: upgrade
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def upgrade():
conn = op.get_bind()
session = Session(bind=conn)
op.alter_column('user', 'password_hash',
existing_type=sa.VARCHAR(length=128),
type_=sa.VARCHAR(length=200),
existing_nullable=False)
op.alter_column('user', 'pin_hash',
existing_type=sa.VARCHAR(),
type_=sa.VARCHAR(length=200),
existing_nullable=False)
session.commit()
f = Fernet(current_app.config['PASSWORD_PEPPER'])
for user in session.query(User).execution_options(show_all=True).all():
if user.password_hash:
user.password_hash = f.encrypt(user.password_hash.encode()).decode()
if user.pin_hash:
user.pin_hash = f.encrypt(user.pin_hash.encode()).decode()
session.commit() 示例3: downgrade
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def downgrade():
conn = op.get_bind()
session = Session(bind=conn)
f = Fernet(current_app.config['PASSWORD_PEPPER'])
for user in session.query(User).execution_options(show_all=True).all():
if user.password_hash:
user.password_hash = f.decrypt(user.password_hash.encode()).decode()
if user.pin_hash:
user.pin_hash = f.decrypt(user.pin_hash.encode()).decode()
session.commit()
op.alter_column('user', 'password_hash',
existing_type=sa.VARCHAR(length=200),
type_=sa.VARCHAR(length=128),
existing_nullable=False)
op.alter_column('user', 'pin_hash',
existing_type=sa.VARCHAR(length=200),
type_=sa.VARCHAR(),
existing_nullable=False)
session.commit() 示例4: test_reset_password_valid_token
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def test_reset_password_valid_token(test_client, authed_sempo_admin_user):
"""
GIVEN a Flask application
WHEN a valid the password reset token is POSTED to '/api/auth/reset_password/'
THEN check response is 200 and check if password changed
"""
import bcrypt
# Explicitly test None case since database migration can result in None instead of []
authed_sempo_admin_user.password_reset_tokens = None
password_reset_token = authed_sempo_admin_user.encode_single_use_JWS('R')
authed_sempo_admin_user.save_password_reset_token(password_reset_token)
password = 'NewTestPassword'
response = test_client.post('/api/v1/auth/reset_password/',
data=json.dumps(dict(new_password=password, reset_password_token=password_reset_token)),
content_type='application/json', follow_redirects=True)
f = Fernet(config.PASSWORD_PEPPER)
decrypted_hash = f.decrypt(authed_sempo_admin_user.password_hash.encode())
assert bcrypt.checkpw(
password.encode(), decrypted_hash)
assert authed_sempo_admin_user.password_reset_tokens == []
assert response.status_code == 200 示例5: _encode_uuid_map
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def _encode_uuid_map(userid, uuid, passwd):
data = 'userid:%s:uuid:%s' % (userid, uuid)
# FIXME scrypt.encrypt is broken in windows.
# This is a quick hack. The hostname might not be unique enough though.
# We could use a long random hash per entry and store it in the file.
# Other option is to use a different KDF that is supported by cryptography
# (ie, pbkdf)
if IS_WIN:
key = scrypt.hash(passwd, socket.gethostname())
key = base64.urlsafe_b64encode(key[:32])
f = Fernet(key, backend=crypto_backend)
encrypted = f.encrypt(data)
else:
encrypted = scrypt.encrypt(data, passwd, maxtime=0.05)
return base64.urlsafe_b64encode(encrypted) 示例6: _decode_uuid_line
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def _decode_uuid_line(line, passwd):
decoded = base64.urlsafe_b64decode(line)
if IS_WIN:
key = scrypt.hash(passwd, socket.gethostname())
key = base64.urlsafe_b64encode(key[:32])
try:
f = Fernet(key, backend=crypto_backend)
maybe_decrypted = f.decrypt(key)
except Exception:
return None
else:
try:
maybe_decrypted = scrypt.decrypt(decoded, passwd, maxtime=0.1)
except scrypt.error:
return None
match = re.findall("userid\:(.+)\:uuid\:(.+)", maybe_decrypted)
if match:
return match[0] 示例7: execute
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def execute(self, amphora_id, server_pem):
"""Update the amphora expiration date with new cert file date.
:param amphora_id: Id of the amphora to update
:param server_pem: Certificate in PEM format
:returns: None
"""
LOG.debug("Update DB cert expiry date of amphora id: %s", amphora_id)
key = utils.get_compatible_server_certs_key_passphrase()
fer = fernet.Fernet(key)
cert_expiration = cert_parser.get_cert_expiration(
fer.decrypt(server_pem))
LOG.debug("Certificate expiration date is %s ", cert_expiration)
self.amphora_repo.update(db_apis.get_session(), amphora_id,
cert_expiration=cert_expiration) 示例8: execute
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def execute(self, amphora_id, server_pem, server_group_id,
build_type_priority=constants.LB_CREATE_NORMAL_PRIORITY,
ports=None, flavor=None, availability_zone=None):
"""Create an amphora
:returns: an amphora
"""
# load client certificate
with open(CONF.controller_worker.client_ca, 'r') as client_ca:
ca = client_ca.read()
key = utils.get_compatible_server_certs_key_passphrase()
fer = fernet.Fernet(key)
config_drive_files = {
'/etc/octavia/certs/server.pem': fer.decrypt(server_pem),
'/etc/octavia/certs/client_ca.pem': ca}
return super(CertComputeCreate, self).execute(
amphora_id, config_drive_files=config_drive_files,
build_type_priority=build_type_priority,
server_group_id=server_group_id, ports=ports, flavor=flavor,
availability_zone=availability_zone) 示例9: test_amphora_cert_upload
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def test_amphora_cert_upload(self,
mock_driver,
mock_generate_uuid,
mock_log,
mock_get_session,
mock_listener_repo_get,
mock_listener_repo_update,
mock_amphora_repo_update):
key = utils.get_compatible_server_certs_key_passphrase()
fer = fernet.Fernet(key)
pem_file_mock = fer.encrypt(
utils.get_compatible_value('test-pem-file'))
amphora_cert_upload_mock = amphora_driver_tasks.AmphoraCertUpload()
amphora_cert_upload_mock.execute(_amphora_mock, pem_file_mock)
mock_driver.upload_cert_amp.assert_called_once_with(
_amphora_mock, fer.decrypt(pem_file_mock)) 示例10: test_update_amphora_db_cert_exp
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def test_update_amphora_db_cert_exp(self,
mock_generate_uuid,
mock_LOG,
mock_get_session,
mock_loadbalancer_repo_update,
mock_listener_repo_update,
mock_amphora_repo_update,
mock_amphora_repo_delete,
mock_get_cert_exp):
update_amp_cert = database_tasks.UpdateAmphoraDBCertExpiration()
key = utils.get_compatible_server_certs_key_passphrase()
fer = fernet.Fernet(key)
_pem_mock = fer.encrypt(
utils.get_compatible_value('test_cert')
)
update_amp_cert.execute(_amphora_mock.id, _pem_mock)
repo.AmphoraRepository.update.assert_called_once_with(
'TEST',
AMP_ID,
cert_expiration=_cert_mock) 示例11: test_amphora_cert_upload
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def test_amphora_cert_upload(self,
mock_driver,
mock_generate_uuid,
mock_log,
mock_get_session,
mock_listener_repo_get,
mock_listener_repo_update,
mock_amphora_repo_get,
mock_amphora_repo_update):
key = utils.get_compatible_server_certs_key_passphrase()
mock_amphora_repo_get.return_value = _db_amphora_mock
fer = fernet.Fernet(key)
pem_file_mock = fer.encrypt(
utils.get_compatible_value('test-pem-file')).decode('utf-8')
amphora_cert_upload_mock = amphora_driver_tasks.AmphoraCertUpload()
amphora_cert_upload_mock.execute(_amphora_mock, pem_file_mock)
mock_driver.upload_cert_amp.assert_called_once_with(
_db_amphora_mock, fer.decrypt(pem_file_mock.encode('utf-8'))) 示例12: test_execute
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def test_execute(self, mock_driver):
key = utils.get_compatible_server_certs_key_passphrase()
fer = fernet.Fernet(key)
dummy_cert = local.LocalCert(
utils.get_compatible_value('test_cert'),
utils.get_compatible_value('test_key'))
mock_driver.generate_cert_key_pair.side_effect = [dummy_cert]
c = cert_task.GenerateServerPEMTask()
pem = c.execute('123')
self.assertEqual(
fer.decrypt(pem.encode('utf-8')),
dummy_cert.get_certificate() +
dummy_cert.get_private_key()
)
mock_driver.generate_cert_key_pair.assert_called_once_with(
cn='123', validity=CONF.certificates.cert_validity_time) 示例13: test_update_amphora_db_cert_exp
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def test_update_amphora_db_cert_exp(self,
mock_generate_uuid,
mock_LOG,
mock_get_session,
mock_loadbalancer_repo_update,
mock_listener_repo_update,
mock_amphora_repo_update,
mock_amphora_repo_delete,
mock_get_cert_exp):
update_amp_cert = database_tasks.UpdateAmphoraDBCertExpiration()
key = utils.get_compatible_server_certs_key_passphrase()
fer = fernet.Fernet(key)
_pem_mock = fer.encrypt(
utils.get_compatible_value('test_cert')
).decode('utf-8')
update_amp_cert.execute(_db_amphora_mock.id, _pem_mock)
repo.AmphoraRepository.update.assert_called_once_with(
'TEST',
AMP_ID,
cert_expiration=_cert_mock) 示例14: encrypt
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def encrypt(input_str, key, iterations=100000):
"""Basic encryption with a predefined key. Its purpose is to protect not very important data, just to avoid
saving them as plaintext."""
salt = b'D9\x82\xbfSibW(\xb1q\xeb\xd1\x84\x118'
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=iterations,
backend=default_backend()
)
key = base64.urlsafe_b64encode(kdf.derive(key.encode('utf-8')))
fer = Fernet(key)
h = fer.encrypt(input_str.encode('utf-8'))
h = h.hex()
return h 示例15: decrypt
# 需要导入模块: from cryptography import fernet [as 别名]
# 或者: from cryptography.fernet import Fernet [as 别名]
def decrypt(input_str, key, iterations=100000):
try:
input_str = binascii.unhexlify(input_str)
salt = b'D9\x82\xbfSibW(\xb1q\xeb\xd1\x84\x118'
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=iterations,
backend=default_backend()
)
key = base64.urlsafe_b64encode(kdf.derive(key.encode('utf-8')))
fer = Fernet(key)
h = fer.decrypt(input_str)
h = h.decode('utf-8')
except:
raise
return h