def test_non_iterable_argument(self, backend):
with pytest.raises(TypeError):
MultiFernet(None)
import os
import base64
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.fernet import Fernet, MultiFernet
from cryptography.hazmat.primitives import serilization
from cryptography.hazmat.primities.serilization import load_pem_private_key
from cryptography.hazmat.primities.assymmetric import rsa
import socket
from stored import storage
###variable ###
host = socket.gethostname()
encrypted_dict = {}
f_key_reader= MultiFernet(key,key2,key3)
###intial setup of files
class InitalSavedData(object):
def __init__(self, creation_file = host, ):
self.creation_file =creation_file
def initial_input(self,number,number1):
new_host = "~/inr/."+ self.creation_file
f = open(new_host, "w+")
f.write("%s\n %.1f,%.1f\n"%(f.encrypt(creationfile),f.encrypt(number),f.encrypt(number1)))
# The sample code is extracted from the book Python Cryptography # The book can be downloaded from https://leanpub.com/cryptop # Online Crypto Playgroud https://8gwifi.org # Author Anish Nath from cryptography.fernet import Fernet, MultiFernet key1 = Fernet(Fernet.generate_key()) key2 = Fernet(Fernet.generate_key()) key3 = Fernet(Fernet.generate_key()) plaintext = "Hello 8gwifi.org" f = MultiFernet([key1, key2, key3]) token = f.encrypt(plaintext) d = f.decrypt(token) assert d, plaintext
def decrypt(key1, key2, encryptedMessage):
k1 = Fernet(key1)
k2 = Fernet(key2)
decryptoKey = MultiFernet([k1, k2])
message = decryptoKey.decrypt(encryptedMessage)
return message
def fernet(self):
if len(self.fernet_keys) == 1:
return Fernet(self.fernet_keys[0])
return MultiFernet([Fernet(k) for k in self.fernet_keys])
def _get_multi_fernet(self) -> MultiFernet:
return MultiFernet(self.fernet_keys)
def __init__(self, key, *old_keys):
keys = [key] + list(old_keys)
self.fernet = MultiFernet([Fernet(k) for k in keys])
def _fernet_default(self):
if cryptography is None or not self.keys:
return None
return MultiFernet(
[Fernet(base64.urlsafe_b64encode(key)) for key in self.keys])
def __renew_key(self):
self.__keys.insert(0, Fernet(Fernet.generate_key()))
self.__keys = self.__keys[:self.__max_keys]
logging.debug(self.__keys)
self.__encryptor = MultiFernet(self.__keys)
#Esta classe implementa a rotação de chaves para o Fernet. #Ele pega uma list de instâncias de Fernet from cryptography.fernet import Fernet, MultiFernet key1 = Fernet(Fernet.generate_key()) key2 = Fernet(Fernet.generate_key()) f = MultiFernet([key1, key2]) token = f.encrypt(b'Secret message!') print(token) #O multiFernet tenta descriptografar com uma chave de cada vez #Uma exceção é lançada caso a chave correta não seja encontrada #A rotação de tokens facilita a substituição de chaves antigas print(f.decrypt(token)) ''' MultiFernet é uma prática recomendada e uma maneira de higiene criptográfica projetada para limitar os danos em caso de um evento não detectado e aumentar a dificuldade dos ataques ''' #Criando uma nova chave key3 = Fernet(Fernet.generate_key()) #lista de chaves f2 = MultiFernet([key3, key1, key2]) #Gira um token criptografando-o
def multiDecryptInput(privateKeys, token):
initiateKeys = []
for i in privateKeys:
initiateKeys.append(Fernet(i))
crypt = MultiFernet(initiateKeys)
return crypt.decrypt(token)
print("Timestamp of the encrypted string: %s" % timestamp)
decrypted_string = key_object.decrypt(encrypted_string)
print("Decrypted String: %s" % decrypted_string)
# Multi-Fernet Cryptography
print("Multi-Fernet Cryptography")
first_key = Fernet(Fernet.generate_key())
second_key = Fernet(Fernet.generate_key())
key_object = MultiFernet([first_key, second_key])
print("Original String: %s" % string)
encrypted_string = key_object.encrypt(string)
print("Encrypted String: %s" % encrypted_string)
timestamp = key_object.extract_timestamp(encrypted_string)
print("Timestamp of the encrypted string: %s" % timestamp)
decrypted_string = key_object.decrypt(encrypted_string)
print("Decrypted String: %s" % decrypted_string)
def fernet(self, keys):
if len(keys) == 1:
return Fernet(keys[0])
else:
return MultiFernet([Fernet[k] for k in keys])
def generate_token(password, key):
fernet = Fernet(key)
data = MultiFernet([fernet])
token = data.encrypt(base64.urlsafe_b64encode(password.encode('utf-8')))
return token
# -*- coding: utf-8 -*-
from __future__ import unicode_literals, absolute_import
import os
import six
from cryptography.fernet import Fernet, MultiFernet
fernet = Fernet(os.environ['KOMBU_FERNET_KEY'])
fallback_fernet = None
try:
fallback_fernet = Fernet(os.environ['KOMBU_FERNET_KEY_PREVIOUS'])
except KeyError:
pass
else:
fernet = MultiFernet([fernet, fallback_fernet])
def fernet_encode(func):
def inner(message):
message = func(message)
if isinstance(message, six.text_type):
message = message.encode('utf-8')
return fernet.encrypt(message)
return inner
def fernet_decode(func):
def inner(encoded_message):
if isinstance(encoded_message, six.text_type):
encoded_message = encoded_message.encode('utf-8')
