Python OpenSSL library
in [Python]
|
From: geremy condra on 14 Jun 2010 14:05 On Mon, Jun 14, 2010 at 10:25 AM, Antoine Pitrou <solipsis(a)pitrou.net> wrote: > Le lundi 14 juin 2010 à 13:18 -0400, geremy condra a écrit : >> >> >> >> Evpy[1] is designed to be a very easy-to-use interface to OpenSSL, >> >> although it is by design limited to doing things the right way, so it >> >> may not meet your needs. >> > >> > How about contributing to the standard hashlib and ssl modules? Is >> > there anything there that goes in the way, e.g. design-wise? >> > >> > Regards >> > >> > Antoine >> >> Evpy currently uses ctypes for its bindings, so my understanding is >> that it isn't eligible for inclusion, but a rewrite as a C extension is >> under way and I'd be happy to contribute that. > > That was not my question. My question was whether there was a reason to > rewrite a separate OpenSSL-accessing library rather than contributing to > improve the "hashlib" and "ssl" modules which are already part of the > Python stdlib. Yes. Hashlib is designed to provide cryptographic hashes, and the ssl module to provide TLS support. Evpy provides encryption and signing. Am I answering your question? Geremy Condra
From: Nobody on 14 Jun 2010 14:47 On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote: > The new SSL module in Python 2.6 There isn't an SSL module in Python 2.6. There is a module named "ssl" which pretends to implement SSL, but in fact doesn't. > is convenient, but insecure. In which case, it isn't actually convenient, in any meaningful sense of the word.
From: geremy condra on 14 Jun 2010 14:58 On Mon, Jun 14, 2010 at 11:47 AM, Nobody <nobody(a)nowhere.com> wrote: > On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote: > >> The new SSL module in Python 2.6 > > There isn't an SSL module in Python 2.6. There is a module named "ssl" > which pretends to implement SSL, but in fact doesn't. > >> is convenient, but insecure. > > In which case, it isn't actually convenient, in any meaningful sense of > the word. As one of my friends is fond of saying, it lets you talk encrypted to your attacker ;) Geremy Condra
From: Antoine Pitrou on 14 Jun 2010 16:49 On Mon, 14 Jun 2010 11:05:50 -0700 geremy condra <debatem1(a)gmail.com> wrote: > > Yes. Hashlib is designed to provide cryptographic hashes, and the ssl > module to provide TLS support. Evpy provides encryption and signing. > Am I answering your question? Hmm, indeed, thank you. For some strange reason I had forgotten that hashlib is limited to hashing (I'm not even being ironical :-S). Regards Antoine.
From: John Nagle on 15 Jun 2010 16:08
On 6/14/2010 11:58 AM, geremy condra wrote: > On Mon, Jun 14, 2010 at 11:47 AM, Nobody<nobody(a)nowhere.com> wrote: >> On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote: >> >>> The new SSL module in Python 2.6 >> >> There isn't an SSL module in Python 2.6. There is a module named "ssl" >> which pretends to implement SSL, but in fact doesn't. >> >>> is convenient, but insecure. >> >> In which case, it isn't actually convenient, in any meaningful sense of >> the word. > > As one of my friends is fond of saying, it lets you talk encrypted to > your attacker ;) That's a good way to put it. John Nagle |