Christian, really appreciated the details. I understood. Is wrapper library like ssl module with openssl on platform also not good idea? My intention is not re-invention but single standard way as standard library.
If I can read past discussion somewhere, it's also appreciated Thanks and Regards, Takahiro Ono 2018年9月5日(水) 1:48 Christian Heimes <christ...@python.org>: > On 2018-09-04 16:37, 大野隆弘 wrote: > > Dear all, > > > > Have we tried cipher implementation includes AES as a standard library > > in the past? > > https://docs.python.org/3.6/library/crypto.html > > > > if possible I want to try to implement AES because famous 3rd party > > library is not maintained and general cipher programs should be used for > > multiple purpose.Though the implementation is tough, I believe this > > should be worth to it. > > In my case, I want to use AES implementation for zipfile module. > > strong -1 > > The Python standard library doesn't contain any encryption, signing, and > other cryptographic algorithms for multiple reasons. The only exception > from the rule are hashing algorithms and HMAC construct. There are legal > implications like export restrictions. Crypto is just too hard to get > right and we don't want to give the user additional rope. We already had > a very lengthy and exhausting discussion for the secrets module. That > module just provides a user-friendly interface to CPRNG. > > By the way, AES by itself is a useless to borderline dangerous > algorithm. It must be embedded within additional layers like block mode, > authenticated encryption / MAC, and more. There isn't a single correct > answer for block mode and AD algorithm, too. It highly depends on the > problem space. While GCM AEAD mode is good choice for network > communication, it can be a pretty bad idea for persistent storage. > > There is one excellent Python library with high level and low level > cryptographic algorithms: http://cryptography.readthedocs.io/ . It's t > > Regards, > Christian >
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
