SNMPy update

Jeremy Hylton jeremy at cnri.reston.va.us
Tue Apr 6 13:24:16 EDT 1999 

>>>>> "MAL" == M -A Lemburg <mal at lemburg.com> writes:

  MAL> Jeremy Hylton wrote:
  >>  I'll second your sentiment!  I did some work on an X.509 library
  >> written entirely in Python.  Like you friend's SNMP code, it will
  >> probably never be released; I don't have time to finish it nor
  >> did I expect that I'd want to release it given the export control
  >> hassles.

  MAL> Just want to note that SSLeay/OpenSSL includes a pretty
  MAL> complete X.509 lib and also routines to do ASN.1 encoding an
  MAL> decoding.  The main argument for using OpenSSL in this context
  MAL> is, of course, that no export control restrictions apply.

Absolutely!  There are a number of good reasons for using OpenSSL
other than export control as well.  OpenSSL buys you all of SSL as
well as a lot of X.509 (and more of that every day).  A Python
application built on a SWIGed OpenSSL, however, has a *lot* of C code
underneath it -- with all the problems a large C program has.  A pure
Python implementation of X.509 could be easier to understand, debug,
and maintain.

  >> However, it seemed clear to me that an ASN.1 compiler could be
  >> written to generate the encode/decode routines.  If someone is
  >> interested in that, I've got some design notes and rough code on
  >> how to do the encode/decode and on how to build a backend for
  >> SNACC.  (A free-ish ASN.1 compiler; the only one?)

  MAL> Not sure what you mean with "ASN.1" compiler. If you want a
  MAL> compiler that does ASN.1 description -> Python function calling
  MAL> de/encoding routines kind of thing, then I guess the ASN.1
  MAL> stuff in OpenSSL could help you getting started quite fast.

It seems awfully hard to separate the ASN.1 specific stuff out of
OpenSSL.  It uses it owns I/O abstractions and some moderately hair C
data structures to manage the results.  It's a lot simpler to just
write the encode/decode routines in pure Python.

  MAL> Note that I have a project running with the intention to wrap
  MAL> OpenSSL in an OO manner called mxCrypto (see the link below).

Looking forward to seeing it.  When do you think you might have an
alpha release ready?

Jeremy

More information about the Python-list mailing list