[Python-3000] 3.0 crypto (original) (raw)
Bill Janssen janssen at parc.com
Sat Sep 8 21:39:25 CEST 2007
- Previous message: [Python-3000] 3.0 crypto
- Next message: [Python-3000] 3.0 crypto
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>> Why do you say that doing the work is not a problem? I see it as >> a major problem. > > I'm willing to either do the work myself, or have someone else from the > secops team at OLPC do it.
It's not something that a single person can well do. You will also need to design APIs, and that traditionally involves the community. If you create something ad-hoc, I would request that this first gets field-proven for a few years before being included in the standard distribution. Then, it would face competition to existing such solutions.
We're already linking against the OpenSSL EVP libraries for hashlib (and against the OpenSSL SSL libraries for the SSL support). It wouldn't be hard to expose the EVP functions a bit more, essentially as hash functions that return long (and reversible) hashes:
encryptor = opensslevp.encryptor("AES-256-CBC", ...maybe some options...) encryptor.update(...some plaintext...) ... cipertext = encryptor.digest() ... decryptor = opensslevp.decryptor("AES-256-CBC", ...maybe some options...) decryptor.update(cipertext) plaintext = decryptor.digest()
Take a look at the docs for EVP_EncryptInit_ex.
The crypto would stay in the OpenSSL library; this would just be more hashing on top of it.
I'd sure like to have this so I could write a Python decryptor for my PalmOS password keeper (a program called Strip) which I could run on my iPhone. (The iPhone Python has SSL support.)
Bill
- Previous message: [Python-3000] 3.0 crypto
- Next message: [Python-3000] 3.0 crypto
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]