def _initialize_stash(self):
"""
Create an empty stash at self._path with password self._password
"""
outer_data = {
'hash': self._default_hash,
'salt': bytes_to_hex_str(os.urandom(self._default_salt_len)),
'iterations': self._default_num_iterations,
}
# Derive key from password:
dk = pbkdf2_hmac(outer_data['hash'],
self._password,
hex_str_to_bytes(outer_data['salt']),
outer_data['iterations'],
nacl.secret.SecretBox.KEY_SIZE
)
if len(dk) < nacl.secret.SecretBox.KEY_SIZE:
raise SSCryptoError("Derived key is not long enough")
box = nacl.secret.SecretBox(dk)
empty_store = json.dumps({}).encode('utf-8')
nonce = nacl.utils.random(nacl.secret.SecretBox.NONCE_SIZE)
outer_data['enc_blob'] = bytes_to_hex_str(
box.encrypt(empty_store,nonce))
with open(self._path,'w',encoding='ascii') as fw:
json.dump(outer_data,fw)
评论列表
文章目录
