[Cryptography-dev] Asymmetric signing primitives
Glyph
glyph at twistedmatrix.com
Sun Jul 27 20:58:41 CEST 2014
On Jul 26, 2014, at 5:11 PM, Paul Kehrer <paul.l.kehrer at gmail.com> wrote:
> We’ve talked about adding alternate APIs to get the raw (r, s) tuple out of the DSA signature but we’ve been conflicted about whether we wanted to add a dependency on pyasn1 or if we just want to write some code that handles ASN.1 sequences and integers ourselves. How did you approach it? Filed as: https://github.com/pyca/cryptography/issues/1285
Just to add my 2¢ to this debate:
Let's (or, to the extent that I am lazy and have not put any PRs forward yet, "you should") add a dependency on pyasn1, and contribute upstream to pyasn1 if there are issues that make it problematic to depend upon. Much like we shouldn't have lots of ad-hoc repeated crypto code because of the gravity of potential errors, there shouldn't be lots of ad-hoc repeated asn.1 processing code, because it's just as security-critical.
-glyph
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20140727/c1bbc1c5/attachment.html>
More information about the Cryptography-dev
mailing list