keyrings.cryptfile released on github

ng0 contact.ng0 at
Thu Mar 9 18:09:09 EST 2017

Hans-Peter Jansen transcribed 3.8K bytes:
> Hi,
> since the PyCrypto ML is dead, I'm looking for advise/feedback from some
> cryptography aware people.
> I've released a keyring companion package today:
> Its primary purpose is a decent encrypted file backend for python keyrings.
> As such, it uses manually parameterized argon2 hashes as KDF, and AES in OCB 
> mode as stream cipher (well, it just encrypts the password for a given 
> service/user name). Granted, the advantages of OCB are not /that/ crucial 
> here :wink:, but apart from technical factors, the exclusion of military uses 

I was looking for some proprietary EULA or something else locked down license
and instead just saw the Expat license.  I assume that you are aware
that no anti-mil clause exists in co-existence with free software
and your sentence was just written in an
odd way?

> by its license is rather *attractive* from my POV(!). But I'm open for 
> discussions of course.
> What do you think? The class hierarchy is inherited from keyrings.alt, and 
> not exactly easy to follow, but the interesting parts are all in cryptfile,
> which is quite brief.
> I would be glad to hear something from you about my handling of cryptography. 
> Is it ready for the public in that form or should I better locked away? :wink:
> TIA,
> Pete
> -- 

More information about the Python-list mailing list