django.conf.settings.PEPPER - python examples

Here are the examples of the python api django.conf.settings.PEPPER taken from open source projects. By voting up you can indicate which examples are most useful and appropriate.

2 Examples 7

0 View Complete Implementation : security.py
Copyright GNU Affero General Public License v3.0
Author : project-callisto
def pepper(encrypted_report):
    """
    Uses a secret value stored on the server to encrypt
    an already encrypted report, to add protection if the database
    is breached but the server is not.

    Requires settings.PEPPER to be set to a 32 byte value.
    In production, this value should be set via environment parameter.
    Uses PyNacl's Salsa20 stream cipher.

    Args:
      encrypted_report (bytes): the encrypted report

    Returns:
      bytes: a further encrypted report

    """
    pepper = settings.PEPPER
    box = nacl.secret.SecretBox(pepper)
    nonce = nacl.utils.random(nacl.secret.SecretBox.NONCE_SIZE)
    return box.encrypt(encrypted_report, nonce)

0 View Complete Implementation : security.py
Copyright GNU Affero General Public License v3.0
Author : project-callisto
def unpepper(peppered_report):
    """
    Decrypts a report that has been peppered with the _pepper method.
    Requires settings.PEPPER to be set to a 32 byte value.
    In production, this value should be set via environment parameter.

    Args:
      peppered_report(bytes): a report that has been encrypted
        using a secret key then encrypted using the pepper

    Returns:
      bytes: the report, still encrypted with the secret key

    Raises:
      CryptoError: If the pepper fails to decrypt the record.
    """
    pepper = settings.PEPPER
    box = nacl.secret.SecretBox(pepper)
    # need to force to bytes bc BinaryField can return as memoryview
    decrypted = box.decrypt(bytes(peppered_report))
    return decrypted