Pure Python HTTPS Server
Paul Rubin
http
Sat Feb 28 04:41:43 EST 2004
trevp at trevp.net (Trevor Perrin) writes:
> > I proposed a standard block cipher API and wrote a
> > sample implementation last year,
>
> I like that API. I wonder if there's any performance issues in
> separating the codebook from the mode-of-operation, but I haven't
> thought about that much.
If needed, the C-level API can be expanded so codebook modules have a
way to communicate directly with the modes-of-operation module,
without needing to do Python attribute lookups all the time. But even
without that optimization, I don't think the performance issues should
be so bad. The attribute lookup shouldn't be any slower than a
codebook call, so if you do it just once when you invoke a chaining
mode, the overhead for large buffers should be minimal.
> Yeah, I thought things were pretty liberalized these days. US Export
> isn't a problem. I guess a few countries still have import issues,
> but providing a no-crypto distribution that omits a few modules seems
> like it would take care of that.
I think that got debated at some length, but I wasn't around for it.
> > I haven't pursued the issue since then, but I guess I can do some
> > more work on the code now.
>
> I'd be happy to help, or cheerlead, or anything. Is this something
> that belongs on the python-crypto list?
I dunno, discussions on that list tend to go around in circles. There
were a couple of unresolved questions about the API that I've now
forgotten. I guess I should dig up that code and look at it again.
Do you happen to have a pure-Python DES implementation around? I
started writing one once, but it had some bug (i.e. it didn't pass
FIPS test vectors) that I never got around chasing down.
Did you ever look at the key management scheme I circulated a while
back? Is it the kind of thing anyone cares about?
More information about the Python-list
mailing list