Re: Anyone using GPG or PGP encryption/signatures in your Python apps?
On Thu, Jul 1, 2010 at 11:48 AM, pyt...@bdurham.com wrote: Curious if any of you are using GPG or PGP encryption and/or signatures in your Python apps? Yes; disclaimer: I'm the author of evpy and am currently working on a openssl wrapper proposed for inclusion in the stdlib. In particular are you: 1. clearsigning specific emails? Yes; I use python-gnupg. 2. validating clearsigned emails from others? Yes, see above. 3. encrypting/decrypting files? Yes, I use evpy. 4. generating signatures for files that you are exchanging/posting for download? Yes, evpy again. 5. what public keyring services are you using? Can't comment on this as I don't use them. I'm also looking for recommendations on which 3rd party modules you're using for these tasks? In particular is there a particular module you prefer or have concerns about? Obviously I'm biased towards evpy, but I'm a really, really big fan of people not rolling their own crypto. It sounds like for most of what you want to do gpg or python-gnupg are pretty good options. Here's my short list of modules that *might* support encryption and signing in general: - m2crypto Supports encryption and signing; a high quality library with much to recommend it, assuming you need the full power of openssl and are able to use SWIG'd software. I think you probably have easier to use alternatives here, though. - pycrypto (standalone or with expycrypto or yawpycrypto wrappers) pycrypto is a good library as far as it goes, but I see a lot of nonexperts do things very badly with it, and AFAICS it hasn't seen the same level of scrutiny that something like openssl has, especially WRT side channel cryptanalysis. That's very worrying. - tlslite - pyme no experience here, can't comment. - evpy I like it ;). It supports encryption (public and private key) as well as signing and verification routines, and as long as you know your threat model it's reasonably hard to screw up. Having said that, it doesn't do anything with the web of trust or key revocation etc OOTB, so if what you're really looking for is gpg in python, use the right tool for the job. - python-gnupg (by developer of Python's logging module) I use it and like it for the reasons above. Any comments on using the subprocess module to wrap the gpg or openssl command line utilities? This seems to be a common technique for encryption and signing solutions and appears to the technique used by python-gnupg (for example). Seems fine, just make sure you know and trust where your keys are going. Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list
Re: Anyone using GPG or PGP encryption/signatures in your Python apps?
On 02-07-2010 09:39, geremy condra wrote: On Thu, Jul 1, 2010 at 11:48 AM, pyt...@bdurham.com wrote: Curious if any of you are using GPG or PGP encryption and/or signatures in your Python apps? Yes; disclaimer: I'm the author of evpy and am currently working on a openssl wrapper proposed for inclusion in the stdlib. Great Geremy !, but it's difficult to find, and I couldn't find any documentation. Did I not look at the right places ? thanks Stef Mientki -- http://mail.python.org/mailman/listinfo/python-list
Anyone using GPG or PGP encryption/signatures in your Python apps?
On Fri, Jul 2, 2010 at 6:15 AM, Stef Mientki stef.mien...@gmail.com wrote: On 02-07-2010 09:39, geremy condra wrote: On Thu, Jul 1, 2010 at 11:48 AM, pyt...@bdurham.com wrote: Curious if any of you are using GPG or PGP encryption and/or signatures in your Python apps? Yes; disclaimer: I'm the author of evpy and am currently working on a openssl wrapper proposed for inclusion in the stdlib. Great Geremy !, but it's difficult to find, and I couldn't find any documentation. Did I not look at the right places ? I assume you're talking about the proposed (and unnamed) crypto library, in which case I would be very surprised if you found it unless you looked on my hard drive ;). I don't usually release security-critical code for general use until I've done extensive testing and I simply haven't had time for that over the last week or so. If you're talking about evpy, the documentation for the three user-facing modules is in the docstrings, and I'm almost always here or available by email if you have any questions. Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list
Re: Anyone using GPG or PGP encryption/signatures in your Python apps?
On Thu, 01 Jul 2010 14:48:47 -0400 pyt...@bdurham.com wrote: Curious if any of you are using GPG or PGP encryption and/or signatures in your Python apps? ... 4. generating signatures for files that you are exchanging/posting for download? I use pyme to create and check save file signatures. 5. what public keyring services are you using? None Any comments on using the subprocess module to wrap the gpg or openssl command line utilities? This seems to be a common technique for encryption and signing solutions and appears to the technique used by python-gnupg (for example). pyme works great with Linux. However, I have never installed it on a Windows system. Martin -- http://mail.python.org/mailman/listinfo/python-list
Anyone using GPG or PGP encryption/signatures in your Python apps?
Curious if any of you are using GPG or PGP encryption and/or signatures in your Python apps? In particular are you: 1. clearsigning specific emails? 2. validating clearsigned emails from others? 3. encrypting/decrypting files? 4. generating signatures for files that you are exchanging/posting for download? 5. what public keyring services are you using? I'm also looking for recommendations on which 3rd party modules you're using for these tasks? In particular is there a particular module you prefer or have concerns about? Here's my short list of modules that *might* support encryption and signing in general: - m2crypto - pycrypto (standalone or with expycrypto or yawpycrypto wrappers) - tlslite - pyme - evpy - python-gnupg (by developer of Python's logging module) Any comments on using the subprocess module to wrap the gpg or openssl command line utilities? This seems to be a common technique for encryption and signing solutions and appears to the technique used by python-gnupg (for example). Thank you, Malcolm -- http://mail.python.org/mailman/listinfo/python-list
Re: Anyone using GPG or PGP encryption/signatures in your Python apps?
On Jul 2, 4:48 am, pyt...@bdurham.com wrote: Curious if any of you are using GPG or PGP encryption and/or signatures in your Python apps? In particular are you: 1. clearsigning specific emails? 2. validating clearsigned emails from others? 3. encrypting/decrypting files? 4. generating signatures for files that you are exchanging/posting for download? 5. what public keyring services are you using? I'm also looking for recommendations on which 3rd party modules you're using for these tasks? In particular is there a particular module you prefer or have concerns about? Here's my short list of modules that *might* support encryption and signing in general: - m2crypto - pycrypto (standalone or with expycrypto or yawpycrypto wrappers) - tlslite - pyme - evpy - python-gnupg (by developer of Python's logging module) Any comments on using the subprocess module to wrap the gpg or openssl command line utilities? This seems to be a common technique for encryption and signing solutions and appears to the technique used by python-gnupg (for example). Thank you, Malcolm I used python-gnupg successfully to create some Django utilities for sending encrypted email. You can grab the source code at http://github.com/stephenmcd/django-email-extras Cheers, Steve -- http://mail.python.org/mailman/listinfo/python-list