[Cryptography-dev] Low level API for Symmetric Encryption
Hynek Schlawack
hs at ox.cx
Thu Aug 8 08:10:08 CEST 2013
Am 08.08.2013 um 01:12 schrieb Donald Stufft <donald at stufft.io>:
>> GCM (CBC, etc) is a mode of operation that is applicable to arbitrary
>> block ciphers.
>>
>> Why should it be tied to "AES128"? Why wouldn't you GCM(AES128())? If
>> you're talking about primitives, AES128 is more primitive than GCM on
>> AES128. And GCM isn't specific to AES, so I don't see
>> cryptography.primitives.aes as the proper home for it.
>>
>> I hope these aren't questions with highly obvious answers.
>
> As far as I know (and I could be wrong? I don't know OpenSSL guts that well) OpenSSL doesn't do composition like that, in order to get AES-128-GCM you pass that in.
>
> Is there a way to access openssl where you're composing GCM with AES128? If not I think we'd be stuck do some sort of "combine variables of the classes AES128 and GCM to make the name AES-128-GCM to pass into openssl" thing which doesn't feel particularly clean to me?
Please, don’t use OpenSSL’s atrocious APIs as a reason to make our API suck too. Composition is awesome and concatenating strings not that hard.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 235 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20130808/11233003/attachment.pgp>
More information about the Cryptography-dev
mailing list