[python-crypto] To clarify...

M.-A. Lemburg mal at lemburg.com
Fri Feb 2 10:50:00 CET 2001

PC Drew wrote:
> Okay, so we've been replying to each other's emails so much that it's time to
> start another thread. So here's what I've gathered so far...let me know if I'm
> wrong.
> 1.  There IS an interested in a cryptography SIG.  Since I'm hearing "but not
> right now" from the Python guys, we should hold back on this for now.  If we get
> some stuff going, then maybe we can move this list and some other stuff to a
> SIG.
> 2.  People ARE interested in coming up with a formal API.  Similar to the
> Database API (and they have a SIG!!!).  I'm thinking that the API should be
> flexible enough to be able to handle different variations of any given algorithm
> (i.e. key lengths).
> 3.  Because our API will be so flexible and encapsulated, the implementation of
> each algorithm could be in C or in Python, as far as the user is concerned, it
> doesn't matter.  As Bryan said, that means that reference implementations can be
> completed and added more quickly than the C implementations, but once the thing
> is implemented, the end developer doesn't care whether or not it's in C or in
> Python (I'm talking about in terms of using the alogrithm in his code...of
> course he cares about the speed and stuff).
> 4.  The base level of the API would be a direct interface to the algorithm
> itself.  That means that if the developer doesn't want any fancy schmancy other
> stuff (i.e. keyring stuff for PGP), he can go directly to the algorithm.  But,
> stacked on top of the base level algorithms, will be implementations for SSL,
> S/MIME, PGP, certificates, etc (like Michael wanted).
> Thoughts?

The application frame for a crypto API is somewhat different than
for database backends, but in general I agree, a standard for
the Python interface of cipher, hash and key algorithms would be
a nice addition. Again, I find Andrew's interfaces pretty much up
to the task, so these should be used as reference.

Note that you are talking about three levels of API specification:

1. low-level: shifting bits around
2. medium-level: process data
3. high-level: process protocols and complex secure storage mechanisms

amkCrypto is level 2. m2Crypto aims at level 3. We currently
do not expose level 1.

Marc-Andre Lemburg
Company:                                        http://www.egenix.com/
Consulting:                                    http://www.lemburg.com/
Python Pages:                           http://www.lemburg.com/python/

------------------------ Yahoo! Groups Sponsor ---------------------~-~>
eGroups is now Yahoo! Groups
Click here for more details

More information about the python-crypto mailing list