MeTooCrypto - Chandler Project (original) (raw)

M2Crypto

As of summer 2013 the maintainer has been Martin Paljak. The new home page is https://github.com/martinpaljak/M2Crypto.

M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA, DSA, DH, HMACs, message digests, symmetric ciphers (including AES); SSL functionality to implement clients and servers; HTTPS extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing AuthCookies for web session management; FTP/TLS client and server; S/MIME; ZServerSSL: A HTTPS server for Zope and ZSmime: An S/MIME messenger for Zope. M2Crypto can also be used to provide SSL for Twisted.

M2Crypto's unit tests cover over 80% of the Python code.

The original M2Crypto homepage is at http://sandbox.rulemaker.net/ngps/m2/. It hasn't been updated since M2Crypto 0.13.1 release.

Discuss M2Crypto on comp.lang.python newsgroup or python-list mailinglist. You can also get questions answered on stackoverflow.com (please tag questions with m2crypto tag). M2Crypto used to be discussed on the public python-crypto mailing list, but it is no longer the preferred forum. See http://listserv.surfnet.nl/archives/python-crypto.html for archives and subscription information.

M2Crypto was started and mostly developed by Ng Pheng Siong. Next maintainer was Heikki Toivonen (heikki@osafoundation.org). Heikki's blog contains updates on M2Crypto depevelopment.

As of summer 2013 the maintainer has been Martin Paljak. The new home page is https://github.com/martinpaljak/M2Crypto.

OSAF is providing limited hosting to the M2Crypto project - see below for details.

The rest of the page is provided for historical purposes, please see current home page.

Downloads

Note these are obsolete!

0.21.1:

Contributed Builds

These are provided by volunteers, untested by M2Crypto author. Feel free to add contributed build links. Please mention the configuration (platform, python version, openssl version, your name and preferably also your email address). You need to register on this wiki to be able to edit.

Requirements

0.21.1:

Documentation

Recommended reading for anyone using OpenSSL or any OpenSSL wrappers: "Network Security with OpenSSL" by John Viega, Matt Messier and Pravir Chandra, ISBN 059600270X.

SSL in Python 2.6 is a good overview of the status of SSL in Python 2.6 and later.

How to build M2Crypto on Windows by Eli Golovinsky

There are some old, minimal HOWTO documents in the doc/ directory:

Generated API Documentation

Unit tests and demo scripts are also useful learning tools. You can also easily generate API documentation for M2Crypto using Epydoc.

  1. Install Epydoc 3.0.1 or later, setuptools and optionally Graphviz
  2. cd M2Crypto source tree
  3. python setup build test
  4. epydoc --no-private --config=epydoc.conf

This will create api/ directory under doc/. Open the index.html file in your browser.

Epydoc takes a lot of optional arguments and options in the config file that you may wish to experiment with.

OpenSSL documentation can be used as well, you just have to figure out the actual OpenSSL APIs called.

Finally, here is a comparison of Python cryptography modules (PDF) which includes a nice feature list for M2Crypto.

Bugzilla database

Please note that OSAF's Bugzilla installation has several products, and M2Crypto is but one of them. Take that into account when you search for bugs and file new bugs.

List all open M2crypto bugs.

File an M2Crypto bug (advanced).

https://bugzilla.osafoundation.org/

Release Checklist

Projects Using M2Crypto

Feel free to update!

FAQ

Code

Q: I get an error initializing SSL.Context:

Traceback (most recent call last): ... File ".../M2Crypto/SSL/Context.py", line 43, in init map()[long(self.ctx)] = self ValueError: invalid literal for long(): _480e1008_p_SSL_CTX

A: Your version of SWIG is too old. The minimum required is 1.3.28.

Q: I get a typedef error during build:

_lib.h:5: error: redefinition of typedef 'Py_ssize_t'

A: It has been reported this was a problem with SWIG 1.3.30rc1, but that it works in 1.3.30 and newer.

Q: M2Crypto crashes/does not work in my multi-threaded application.

A: You need to call M2Crypto.threading.init() to initialize threading mode before use, and cleanup() to end threading support.

Q: I have OpenSSL in non-standard location, how can I build M2Crypto?

A: build_ext takes --openssl option to specify openssl directory prefix. However, there have been some reports that this is not always enough, and you need to also explicitly specify --library-dirs and --include-dirs options. So the full build and install command would be something like: python setup.py build_ext --openssl= --library-dirs=/lib --include-dirs=/include build install.

Q: I still can't build on a Fedora Core -based system, any workarounds?

A: Use the fedora_setup.sh wrapper script: ./fedora_setup.sh [setup.py options]

General

Q: Why is OSAF providing limited hosting to M2Crypto?

A: M2Crypto did not have public source repository nor bug database, which made it hard to contribute to it and keep track of issues. M2crypto is an integral part of OSAF's Chandler application and we have made and will continue to make changes to it, but we did not want to fork M2Crypto. We believe everyone will benefit by working on and improving the same official version.

Q: Will you host M2Crypto permanently?

A: We'll provide hosting as long as needed and/or we are able to do so. If some other hosting arrangement makes sense, we can switch to that in the future.

Q: My project X does not have a public source archive or Bugzilla, can you provide hosting for it?

A: Short answer: no. We do not intend to become a project hosting facility. We made an exception with M2Crypto because we use it in Chandler and intend to make lots of changes. If your project is used in Chandler and we feel like we would need to modify it a lot, we could consider it. But even then we'd ask you to first see if you could use some public project hosting facility like SourceForge.

Q: How can I edit this page?

A: You need to register on this wiki to be able to edit.