[PYTHON-CRYPTO] PyCrypto Draft: Proposal 2001-02-18

Andrew Archibald aarchiba at YAHOO.COM
Tue Feb 20 18:30:47 CET 2001 

On Mon, Feb 19, 2001 at 12:37:18AM +0100, Michael Ströder wrote:
> Dan Parisien wrote:
> >
> > >  - Passing arguments in factory function
> > > PyCrypto.registry.getInstance()
> > >    to __init__() methods of implementation classes.
> >
> > As classes are a type just like any other, why not just return a reference
> > to the class and instantiate that?
>
> I already thought about just returning the class. Well, some people
> might be concerned about having to instantiate the object themselves
> (one extra line of code). We can provide both. No problem.

Well, it's actually no extra lines of code but it looks sort of
disturbing:

machine = PyCrypto.registry.getInstance("blowfish")(mode=PyCrypto.block.CBC,
                                                    IV=my_iv,
                                                    key="seekrit")

Or, I suppose:

blowfish = PyCrypto.regstry.getInstance("blowfish")
machine = blowfish(mode=blowfish.CBC, IV=my_iv, key="seekrit")

I should point out, that if you do this, then it shouldn't be called
getImplementation.  I'd be tempted to just call it 'get'.

> > If you do not need the implementation registry, could you not use it?
>
> Off course you can import the implementation modules directly.

It is important that this have a similar interface: for example, you
shouldn't need different startup arguments, or different function
calls.

Questions I have:
What should be done about algorithms that have no OID yet?  Pick a
random one?  Put them in under some canonical name?  Presumably there
will be few implementations of such an algorithm, so it doesn't really
matter if you have the magic multiple-implementations hack, but it
would be nice to still be able to use the same code to get at it.

How hard is it to find ASN.1 OIDs for known algorithms?  I certainly
don't know where to look to find out how to register (say) arcfour in
the registry.

In your algorithm categories, is "Ciphers" supposed to cover both
symmetric and asymmetric algorithms?  Is "Hashes" supposed to cover
both keyed and unkeyed hashes?

If we provide a registerImplementation method, we should also provide
an unregisterImplementation method --- If I disintall openSSL because
it has a security hole, all my Python applications shouldn't start
dying.

An alternative would be to scan the directory structure on demand.
This is probably too slow.

Thanks,
Andrew

More information about the python-crypto mailing list