[Python-ideas] Specification of procedures to store cryptographic secrets

Dustin J. Mitchell dustin at v.igoro.us
Mon Feb 4 01:30:09 CET 2013


On Sun, Feb 3, 2013 at 7:18 PM,  <desnacked at riseup.net> wrote:
> If that property of bytearrays was specified in the Python standards, it
> would be easier for people who write cryptographic applications and
> libraries to use bytearrays correctly, and it would also guarantee that
> this property won't change in future versions of Python. Furthermore, it
> would help authors of cryptographic libraries to design their APIs and
> internal functions in a way that would allow the secure erasure of
> sensitive data.

It would similarly be helpful to add low-level support for "pinning"
such memory so that it is not written to backing store.  While that
can be done with the mmap module, the details are tricky.

I don't think that this belongs in the Python core, though.  Rather, I
think that this should be implemented in a module which can be used in
conjunction with bytearrays, mmap, and any other necessary pieces of
the core and stdlib.  In fact, such a thing might already exist - I
haven't looked (it's really not within my area of interest)

Putting such a thing in the stdlib might achieve the guarantee you
suggest, but it might not.  It really just shifts responsibility for
ensuring good cryptographic programming onto people who spend their
time implementing programming languages.

Dustin



More information about the Python-ideas mailing list