[python-crypto] Add AES to amkCrypto?

M.-A. Lemburg mal at lemburg.com
Wed Jan 31 16:32:27 CET 2001

PC Drew wrote:
> Wednesday, January 31, 2001, 4:24:36 AM, you wrote:
> MAL> Michael Ströder wrote:
> >>
> >> PC Drew wrote:
> >> >
> >> > I just read on Python-URL! that someone has released the new AES in
> >> > python. (http://deja.com/=dnc/getdoc.xp?AN=720935577)  I also
> >> > expressed interest in creating an encryption sig and was told of
> >> > amkCrytpo and m2crypto.
> >>
> >> IMHO the main problem for application and crypto lib developers is
> >> the lack of a standard API. Crypto lib developers are designing new
> >> APIs every time and application developers have to deal with the
> >> different APIs.
> >> => there should be a standard class library which abstracts from
> >> various algorithms and their implementation etc.
> >>
> >> This would save time...
> MAL> The API designed by Andrew Kuchling is the defacto standard
> MAL> for interfacing to crypto algorithms in Python. His pycrypt
> MAL> library has been around for many years and suits the task very well.
> I didn't know that his API was the defacto standard, but I like the
> way he has it organized.  I'm not saying that we should start from the
> drawing board, I'm only saying that we should document a formal API
> for writing crypto algorithms and publish it (on python.org?).  Then
> trying to get that in the Python distribution.  You're saying it's the
> defacto standard, all I'm proposing is that we actually make a
> standard and use Andrew's code as the framework.

You mean wrap Andrew's docs as HTML file ? That should be
possible (his docs are written in LaTeX).
We could then have a python.org page for it much like the
database API page and probably also move this mailing list
there as crypto-sig.

> MAL> There's really no need to design yet another API...
> MAL> As for integrating AES into amkCrypto, I think the best way is
> MAL> to wait until OpenSLL has support for it and then integrate
> MAL> that support into amkCrypto.
> Just out of curiosity, why do you think that?  I don't know anything
> about the development of OpenSSL so I don't know how they do things.
> Why wouldn't it be prudent to "just do it"?

Because the maintainers of OpenSSL are really smart guys and
know a lot about writing code which runs as fast as possible.

Maintaining such code (usually a combination of C and assembler)
to run on multiple platforms isn't a simple task at all, but they are
doing a great job at it.

If you don't want to wait, though, go ahead and wrap the
AES C code into a Python module using the same APIs as the
other ciphers in amkCrypto. People will then be able to upgrade
to the OpenSSL based ciphers later on.

Marc-Andre Lemburg
Company:                                        http://www.egenix.com/
Consulting:                                    http://www.lemburg.com/
Python Pages:                           http://www.lemburg.com/python/

------------------------ Yahoo! Groups Sponsor ---------------------~-~>
eGroups is now Yahoo! Groups
Click here for more details

More information about the python-crypto mailing list