[Tutor] Cryptography

[Simon Connah]

Hi,

I need to implement a way to securely sign a value in a cookie to make sure that it has not been tampered with. I've been playing around with the cryptography library and it does what I need but I'm stuck on secure locations to store the private key and the password required to decrypt it.

Having said that I have experience with GnuPG because I use it for other things and was wondering if that would be a more sensible choice.

I mean it doesn't matter too much if they get exposed as it is only to ensure that cookie data is correct. I'm not using it for secrecy.

So I thought I'd ask here about what the best practice is for generating, storing and encrypting key pairs in Python. I'm using the Flask framework and the MongoDB database.

Simon.