|
OpenQuizz
Une application de gestion des contenus pédagogiques
|


Public Member Functions | |
| def | __init__ (self, secret_key, salt=None, sep=".", key_derivation=None, digest_method=None, algorithm=None) |
| def | derive_key (self) |
| def | get_signature (self, value) |
| def | sign (self, value) |
| def | verify_signature (self, value, sig) |
| def | unsign (self, signed_value) |
| def | validate (self, signed_value) |
Data Fields | |
| secret_key | |
| sep | |
| salt | |
| key_derivation | |
| digest_method | |
| algorithm | |
Static Public Attributes | |
| default_digest_method | |
| default_key_derivation | |
This class can sign and unsign bytes, validating the signature
provided.
Salt can be used to namespace the hash, so that a signed string is
only valid for a given namespace. Leaving this at the default value
or re-using a salt value across different parts of your application
where the same signed value in one part can mean something different
in another part is a security risk.
See :ref:`the-salt` for an example of what the salt is doing and how
you can utilize it.
.. versionadded:: 0.14
``key_derivation`` and ``digest_method`` were added as arguments
to the class constructor.
.. versionadded:: 0.18
``algorithm`` was added as an argument to the class constructor.
| def __init__ | ( | self, | |
| secret_key, | |||
salt = None, |
|||
sep = ".", |
|||
key_derivation = None, |
|||
digest_method = None, |
|||
algorithm = None |
|||
| ) |
| def derive_key | ( | self | ) |
This method is called to derive the key. The default key derivation choices can be overridden here. Key derivation is not intended to be used as a security method to make a complex key out of a short password. Instead you should use large random secret keys.
| def get_signature | ( | self, | |
| value | |||
| ) |
Returns the signature for the given value.
| def sign | ( | self, | |
| value | |||
| ) |
Signs the given string.
Reimplemented in TimestampSigner.
| def unsign | ( | self, | |
| signed_value | |||
| ) |
Unsigns the given string.
| def validate | ( | self, | |
| signed_value | |||
| ) |
Only validates the given signed value. Returns ``True`` if the signature exists and is valid.
| def verify_signature | ( | self, | |
| value, | |||
| sig | |||
| ) |
Verifies the signature for the given value.
| algorithm |
|
static |
|
static |
| digest_method |
| key_derivation |
| salt |
| secret_key |
| sep |