On 2 Oct 2012, at 8:51 PM, Dave <[email protected]> wrote: > Sorry... there was supposed to be a 2 as well... i was making a numbered > list. These days my brain is not functioning as well as I would like given > my health. > > My utility class does in fact use PyCrypto. What I was saying is PyCrypto > has to be compiled on the host it is being run on because it has C in it. > It's not native Python. I wonder though, it may be possible to get our hands > on the modified source that Google has compiled in the GAE platform. That > version would be pure python without IDEA.
Export restrictions aside, a possible approach would be to have a wrapper that works with (say) SlowAES, but uses PyCrypto if available. > > Attached is the file. Keep in mind that it will require a secret key exactly > 256 bits or 32 bytes long. > > > My intent is to cache the Class to prevent overhead and file locking issues > reading the secret file every time I need encryption. I understand that > there is risk to having the key in memory, but reading a file for every crypt > or decrypt is silly. There are far better ways for securing the secret key. > This is just an example. > > Enjoy. > > On Monday, October 1, 2012 8:21:19 PM UTC-4, Massimo Di Pierro wrote: > Not sure I understand. Does your library uses PyCrypto or not? What do you > mean "due to 1"? > Anyway, I would like to see it. > > Massimo > > On Monday, 1 October 2012 17:15:51 UTC-5, Dave wrote: > I wanted to post to the group that I have created a utility class for > performing encryption and decryption using the PyCrypto library. It really > can't be baked in to web2py due to 1, export restrictions, but also the > underlying PyCrypto library is not pure python. There is some optimized C in > the library. > > If anybody is interested, I can clean up the code, remove some of my more > "trade secret" stuff and share it. If you are hosting on GAE, you may use > PyCrpyto, but there are caveats. PGP and IDEA crpyt modules are not there > due to licensing. Furthermore PKI operations are re-written by Google in > pure python instead of optimized, faster C. This is due to their security > policy. > > My utility class uses AES and the CFB mode. > > cheers > > -- > > > > <crypto.py> --
