Use cryptography.Fernet to encrypt and store a tempfile, automatically store the key in keyring. Indended to thrawrt only the most basic filesystem scans for plaintext tokens.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for thehappycheese from gravatar.com thehappycheese

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Copyright (c) 2004 thehappycheese Permission is hereby granted, free of charge, to any person obtai...
  • Author: thehappycheese
  • Requires: Python >=3.8

Project description

Fernet Keyring Tempfile

WARNING: you should read the source code and understand this package, or do not use it. If you do choose to use it, then that is at your own risk. It is a naive and simple secret storage system. The main purpose is to avoid storing plaintext tokens on disk between python notebook sessions.

A better solution would be to use the keyring package directly, but on windows there is some silly limit on the size of a password (1280 characters?) that means I need to save my secret to disk instead.

When used as demonstrated below it does not guard against any serious attack, rather, it might stop a hypothetical file system scan from detecting an unencrypted token stored on disk. If an attacker has remote code execution, and can run a python script under your Username, then they can retrieve the secret as easily as you can by running the code similar to the example below. However if their process is running under another username, or they just got access to your storage device without remote code execution, then perhaps this method offers some level of protection.

This package uses cryptography.Fernet().encrypt() to encrypt and store a file in your machines temporary folder (determined using tempfile.gettempdir()). The key is generated using cryptography.Fernet.generate_key() and is automatically stored in your system's secret storage using keyring.set_password().

from fernet_keyring_tempfile import FernetKeyringTempfile

(
    FernetKeyringTempfile(
        application_name="TEST_APPLICATION_NAME"
    )
    .store("SECRET MESSAGE!".encode("utf-8"))
)

Later:

from fernet_keyring_tempfile import FernetKeyringTempfile

print(
    FernetKeyringTempfile(
        application_name"TEST_APPLICATION_NAME"
    )
    .load()
    .decode("utf-8")
)
# >> "SECRET MESSAGE!"

Note that if the passphrase (e.g. "TEST_APPLICATION_NAME") appears in plaintext in the example above then there is a hole in security since the attacker can presumably also see your source code.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for thehappycheese from gravatar.com thehappycheese

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Copyright (c) 2004 thehappycheese Permission is hereby granted, free of charge, to any person obtai...
  • Author: thehappycheese
  • Requires: Python >=3.8

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fernet_keyring_tempfile-0.1.0.tar.gz (3.9 kB view hashes)

Uploaded Source

Built Distribution

fernet_keyring_tempfile-0.1.0-py3-none-any.whl (3.6 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page