Python Cryptography - Passwords and Secrets

Functionality from this chapter is used for generating passwords and other secrets. All generated output uses strong and safe cryptography, employing a system source of randomness via os.urandom().

  • Passwords are by default 192-bit strong. Other secrets are by default 256-bit strong.
  • Data is always returned as a string suitable for use in URLs.

Passwords

# -*- coding: utf-8 -*-

# Zato
from zato.server.service import Service

class MyService(Service):
    def handle(self):

        # Generate a new password of default strength (192 bits)
        password = self.crypto.generate_password()
        self.logger.info('Password is `%s`', password)

        # Generate a new password of 64-bit strength
        password = self.crypto.generate_password(64)
        self.logger.info('Password is `%s`', password)

        # Generate a password of 384-bit strength
        password = self.crypto.generate_password(384)
        self.logger.info('Password is `%s`', password)
INFO - Password is `VUm6BxC1nZpOo6csDtJHOxTipijQfLrl`
INFO - Password is `msDwPWuvQGU=`
INFO - Password is `EPyzwB29s8UxjJW9pY-C35y5JNYm2ZgYoNJe_-mAmclMMAOc4ybTSri-u3__OucQ`

Secrets

# -*- coding: utf-8 -*-

# Zato
from zato.server.service import Service

class MyService(Service):
    def handle(self):

        # Generate a new secret of default strength (256 bits)
        secret = self.crypto.generate_secret()
        self.logger.info('Secret is `%s`', secret)

        # Generate a secret of 48-bit strength
        secret = self.crypto.generate_secret(48)
        self.logger.info('Secret is `%s`', secret)
INFO - Secret is `KSFGcjIDLHgeUsR-6XDLjPof9agDSYOO9BCBALV8xWM=`
INFO - Secret is `BGqOVsBw`

Other crypto APIs: