Skip to content

Commit

Permalink
add docs for passing in encryption keys via environment variables
Browse files Browse the repository at this point in the history
  • Loading branch information
dantownsend committed Sep 11, 2024
1 parent aa08d31 commit 074bbe9
Showing 1 changed file with 27 additions and 0 deletions.
27 changes: 27 additions & 0 deletions docs/source/encryption/providers.rst
Original file line number Diff line number Diff line change
Expand Up @@ -67,3 +67,30 @@ Which provider to use?

You may decide to use ``FernetProvider`` if you already have the Python
``cryptography`` library as a dependency in your project.

-------------------------------------------------------------------------------

Passing in encryption keys via environment variables
----------------------------------------------------

A common way of passing sensitive information to an app is via environment
variables.

The encryption keys for ``XChaCha20Provider`` and ``FernetProvider`` are in
bytes. You can still pass them in as environment variables though.

One approach (using ``XChaCha20Provider`` as an example), is to convert the
bytes to a hex string:

.. code-block:: python
>>> key = XChaCha20Provider.get_new_key()
>>> key.hex()
'25d49a31af520fd4c24553890f154deeead1fb61a409e6ea3df7b62ed4b8925d'
You can then use the hex string as the environment variable. To convert it back
into bytes:

.. code-block:: python
>>> key = bytes.fromhex('25d49a31af520fd4c24553890f154deeead1fb61a409e6ea3df7b62ed4b8925d')

0 comments on commit 074bbe9

Please sign in to comment.