fernet / spec

Spec and acceptance tests for the Fernet format.
435 stars 43 forks source link

fernet acceptance tests

generate.json

contains all parameters needed to deterministically generate
a fernet token, as well as the token that should be generated.

src: payload to be encrypted
iv: 16-byte IV to use for encryption
secret: base64-encoded 32-byte key to use for signing and encryption
now: time to be used for the timestamp in the generated token
token: value of the token that should be generated

verify.json

contains a valid token and all parameters needed to deterministically
verify it.

token: token to be verified
ttl_sec: time-to-live in seconds
now: current time of the verifying process
secret: base64-encoded 32-byte key to use for signing and decryption
src: unencrypted payload to be retrieved from the token

invalid.json

contains parameters for verification and a token that is invalid
under those parameters, as well as a description of why the token
is invalid.

desc: reason why the token is invalid
token: invalid token
ttl_sec: time-to-live in seconds
now: current time of the verifying process
secret: base64-encoded 32-byte key to use for signing and decryption