def derive_key(keys, key, duration=DERIVED_KEY_LIFETIME):
if not has_primary_key(keys, key):
return None, None
utc_expiration = timeutil.utcnow(seconds=duration)
expiration = timeutil.utc_asint(utc_expiration)
derived_key, salt = pbkdf2(key, key_len=DERIVED_KEY_LENGTH)
key = {'key': derived_key, 'salt': salt, 'type': DERIVED, 'exp': expiration}
keys.insert(key)
return derived_key, salt
def validate_key(keys, key):
key = keys.find_one({'key': key})
if not key:
return False
expiration = key.get('exp', None)
if not expiration:
return True
now = timeutil.utc_asint(timeutil.utcnow())
if now > expiration:
keys.remove(key)
return False
return True
def validate_key(keys, key):
key = keys.find_one({'key': key})
if not key:
return False
expiration = key.get('exp', None)
if not expiration:
return True
now = timeutil.utc_asint(timeutil.utcnow())
if now > expiration:
keys.remove(key)
return False
return True
def derive_key(keys, key, duration=DERIVED_KEY_LIFETIME):
if not has_primary_key(keys, key):
return None, None
utc_expiration = timeutil.utcnow(seconds=duration)
expiration = timeutil.utc_asint(utc_expiration)
derived_key, salt = pbkdf2(key, key_len=DERIVED_KEY_LENGTH)
key = {
'key': derived_key,
'salt': salt,
'type': DERIVED,
'exp': expiration
}
keys.insert(key)
return derived_key, salt