[python-crypto] Add AES to amkCrypto?

Wed Jan 31 16:29:11 CET 2001

"M.-A. Lemburg" wrote:
> 
> Bryan Olson wrote:
> >
> > Marc-Andre Lemburg wrote:
> > > The API designed by Andrew Kuchling is the defacto standard
> > > for interfacing to crypto algorithms in Python. His pycrypt
> > > library has been around for many years and suits the task very
> well.
> >
> > > There's really no need to design yet another API...
> >
> > I disagree.  The amkCrypto interface is terrible, and especially
> > for block cipher modes of operation.  It defines a source-code
> > template to wrap around every block cipher at compile time to
> > provide the modes for that one cipher.
> 
> Huh ? The mode is a parameter of cipher constructors. What do you
> mean with "source-code template" ?
> 
> mxCrypto (which is part of amkCrypto) does some switching on
> the mode parameter since OpenSSL has different APIs for each mode,
> but this is not exposed at Python level.
> 
> > NIST is holding workshops on modes of operation, and will
> > probably define new ones along with the AES.  Modes and
> > ciphers should be interchangeable, and we should be able to
> > write each in either Python or an extension (and have it work
> > with the others of course).
> 
> I think this is what "PC Drew" (what's your real name, BTW ?)
> had in mind with his higherlevel API.

My name is Philip Cartier Drew, but I go by "PC" (my initials).  Drew
is my last name.

Here's what I want.  I want to be able to take a file or a block of text
and be able to encrypt it in any encryption algorithm, using any key
size.
The user would provide both the plaintext and the key to the function. 
I'm
not proposing key rings like PGP and stuff like that, just basically
providing
a Python interface to these encryption libraries.  I want to provide a
consistant
interface to every algorithm though.

> 
> An codec style interface would also be nice to have. Streams
> could then easily be encoded and decoded on-the-fly.

can you explain that?

> 
> > > As for integrating AES into amkCrypto, I think the best way is
> > > to wait until OpenSLL has support for it and then integrate
> > > that support into amkCrypto.
> >
> > OpenSSL is centered on one cryptographic protocol.  I'd like
> > to see the basic AES cipher, without any modes, in the
> > standard Python distribution.  Recent changes in export law
> > allow free software to include strong encryption.  We should
> > also get SHA-256, SHA-384 and SHA-512 into the standard
> > distribution.
> 
> OpenSSL is many things: its a collection of very fast cipher,
> hash and public key algorithms as well as an implementation of
> various binary serialization standards for keys, certificates,
> etc. plus some various other things.  The SSL implementation
> sits on top of these.
> 
> The goal of mxCrypto was to expose the lower-level parts of
> OpenSSL to be able to implement other cryptograhpic protocols.
> 
> m2Crypto is aiming at exposing the higher level to Python.
> 
> Note that even though we could add a strong cipher to the
> Python distribution, this would probably not do any good: some
> countries do not allow to *import* and use strong cryptographic
> code. Python would no longer be downloadable for people living
> in these countries.

That's an interesting thought...I didn't know that countries would
limit the importing of strong cryptography.  Okay, so how about
providing an easy way to download and install the cryptography package?
For instance, I really hate having to download 15 packages just to get
a feature working.  It'd be nice to have one download so that it's easy
for the user to install.

------------------------ Yahoo! Groups Sponsor ---------------------~-~>
eGroups is now Yahoo! Groups
Click here for more details
http://click.egroups.com/1/11231/1/_/22498/_/980981571/
---------------------------------------------------------------------_->