[PYTHON-CRYPTO] complete disagreement

Sun Feb 11 20:26:05 CET 2001

On Domingo 11 Fevereiro 2001 13:44, you wrote:
> Dan Parisien wrote:
> > Instead of
> > following XML or Unicode module tricks (with runtime registration of
> > crypto functions) you should look at the Python DB way of doing things.
>
> Can you give us a better example?

Steal ideas from:

Random Number Generator Interface:
http://python.org/doc/current/lib/rng-objects.html

whichdb
http://python.org/doc/current/lib/module-whichdb.html

shelve
http://python.org/doc/current/lib/module-shelve.html

example shelve code:

import shelve
import bsddb

db = shelve.open("filename")
db["some key"] = "some value"

---
Each crypto module should adhere to a standard interface depending on what it
is (e.g. symmetric cypher, asymmetric cypher, msg digest, key excange, etc.)
If the cypher or other has options that are different than what is in the std
interface, then all is well. Just add new methods and they will ignore by any
wrapper module.

I'm only worried about syntax, ease of code and maximizing reuse of code (the
last one being the most important).

> Example:
>
> In http://www.web2ldap.de I'm using cryptographic algorithms for the
> following functionality (all optional):
> - Modules crypt, md5, sha for creating client-hashed password on
> LDAP server
>   (all modules optional, on Win32 crypt is not available at all)
> - M2Crypto for having a SSL-enabled web server
> - My own libs for parsing and displaying X.509 certs and CRLs

funky. I've actually used your software before when I did some research on
LDAP. It's a good idea.

> All required modules may or may not be present on a certain platform
> => all functionality is optional. I'm trying to leave up as much as
> possible to the administrator which software he wants to install on
> his platform for the functionality he/she wants. Therefore I have to
> detect all modules. Mainly today done by:
>
> try:
>   import md5
> except ImportError:
>   md5present

I see nothing wrong with this type of code. This is no different than a
.find_alg("md5") except you never had to
a) code the find_alg
b) import the finder module into the namespace

but I digress... a searching module, as long as it remains only that, is a
cool idea that would help you a lot.

> Well, in a Python installation without md5 module but with M2Crypto
> being present I could use the MD5 implementation provided by
> M2Crypto. On Win32 one might install module fcrypt (pure Python
> substitute for crypt)...

I wish people would just write portable code. Bryan Mongeau is busy porting
his AES to windows right now. It's very difficult :( I don't know why they
don't teach portable code practices somewhere...

> Now what's wrong with thinking about 1. a unified API and 2. a
> unified locator mechanism for hashed, ciphers, protocols ?

Absolutely nothing. As long as the API doesn't reach too broadly and stays
minimal, all is well. A line not coded is the best line of code you
can write.

peace,
Dan