def derive_key(keys, key, duration=DERIVED_KEY_LIFETIME): if not has_primary_key(keys, key): return None, None utc_expiration = timeutil.utcnow(seconds=duration) expiration = timeutil.utc_asint(utc_expiration) derived_key, salt = pbkdf2(key, key_len=DERIVED_KEY_LENGTH) key = {'key': derived_key, 'salt': salt, 'type': DERIVED, 'exp': expiration} keys.insert(key) return derived_key, salt
def remove_primary_key(keys, key, remove_derived=True): primary = _get_primary_key(keys, key) if not primary: return keys.remove(primary) if not remove_derived: return for derived_key in keys.find({'type': DERIVED}): computed_key, salt = pbkdf2(key, salt=derived_key['salt']) if computed_key == derived_key['key']: keys.remove(derived_key)
def derive_key(keys, key, duration=DERIVED_KEY_LIFETIME): if not has_primary_key(keys, key): return None, None utc_expiration = timeutil.utcnow(seconds=duration) expiration = timeutil.utc_asint(utc_expiration) derived_key, salt = pbkdf2(key, key_len=DERIVED_KEY_LENGTH) key = { 'key': derived_key, 'salt': salt, 'type': DERIVED, 'exp': expiration } keys.insert(key) return derived_key, salt