On Sat, 23 Sep 2017 20:53:42 +0200, Rob Austein wrote: > That's a very bad sign in a Python program. I wonder if they used the > claims-to-be-best-in-the-world-but-in-reality-awful-swig-crap M2Crypto > library instead of one of the half-dozen decent ones?
Nope, they're using PyCrypto, which (in my experience, anyway) has generally been pretty solid. Not sure why they bothered going outside the Python standard libraries, for what they're doing hashlib.sha256 and random.SystemRandom would probably work just fine. URLs for both implementations, since either they have not been posted here or I forgot where that message went: https://github.com/davidmcgrew/hash-sigs/ https://github.com/cisco/hash-sigs _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
