[PYTHON-CRYPTO] Current state of the art?

Ng Pheng Siong ngps at POST1.COM
Thu Feb 8 16:53:26 CET 2001 

On Thu, Feb 08, 2001 at 09:32:12AM +1100, Richard Jones wrote:
> Could people please summarise the current state of the art?
>
> I'm specifically interested in OpenPGP from Python, but am curious where
> other systems stand.

M2Crypto, a Python binding for OpenSSL, has:

- S/MIMEv2 and ZSmime, a Zope product that generates S/MIME-signed/encrypted
mail. Interoperates with Netscape Communicator and should also work with
Outlook.

- Some PGPv2 packet parsing code. But once I have S/MIME I stopped work
on this.

- SSL server frameworks: forking, threading and async-I/O. Have been used
to extend SimpleHTTPServer, Medusa's https server, Zope's ZServer and the
eff-bot's xmlrpc server. Also enhanced httplib in both Python 1 and 2.

I've also built an encrypting monitor for Zope, but I'm not satisfied
with it and I intend to build another using the Secure Remote Protocol
(SRP).

- RSA, DSA, DH.

- MD5, SHA1, RIPEMD160 and HMACs using those.

- Symmetric ciphers using an interface modeled after the OpenSSL EVP
interface. AES should be in the next release of OpenSSL and M2Crypto
will then support that.

- Bits and pieces of other stuff.


Here are M2Crypto's current stories: (I'm an XPer-wannabe! ;-)

- SSL socket timeouts.
- Prevent NULL returns becoming Py_None.
- Raise exception if necessary when returning NULL.
- Distutils setup file.
- Unit tests for BIO.CipherFilter.
- Handle exceptions in Python callbacks gracefully.
- PassKeep, a password safe.
- Wagner/Laurie lucre.
- Shared RSA key gen.
- ZSmime (and GuardedFile) for current Zope.
- Secure multiparty computation.
- Secure Remote Protocol.
- Fix caveats noted in the README.
+ Handle non-SSL connection to an SSL server gracefully.
    See demo/https/https_server.py's recv().
+ ZServerSSL for current Zope.


Oh, now that Zope has "Python scripts", maybe "signed Python scripts"
(a la signed applets) might be a fun thing to do.


M2Crypto is severely lacking in documentation. I hope to address this
RSN.

This is not a commercial, since M2Crypto is freely available under
a BSD license. ;-)

Cheers.
--
Ng Pheng Siong <ngps at post1.com> * http://www.post1.com/home/ngps

More information about the python-crypto mailing list