[lug] Python and Cryptography

[PC Drew]

Thus spake Sean Reifschneider on Tuesday, July 04, 2000, 4:47:40 PM:

SR> On Tue, Jul 04, 2000 at 04:40:55PM -0600, PC Drew wrote:
>>SSLeay and I don't want to distribute something that requires other
>>packages.  Would it be a good idea to write a wrapper for SSH
>>version 1?  Any help would be appreciated.

SR> I guess it depends on what kind of crypto you need to do.  With SSH,
SR> you'll have to have a system account on the destination machine to
SR> use it.  Besides, making a wrapper for ssh doesn't qualify under your
SR> goal of not requiring other packages.

1.  My software would already be installed on both machines and (if
necessary, i.e. using RSA) would've already exchanged keys.
2.  I'm okay with wrapping another program only if I can wrap it in
such a way where the installer can say "config; make; make install"
and everything gets installed and it works.  I don't want to have to
say "get SSLeay, install it, get xxxx, install it, then install my
package".

SR> I looked at M2Crypto (see freshmeat.net) a couple of weeks ago, and it
SR> looks promising.  I don't know of any crypto libraries that are written
SR> in pure Python -- I think AMK's crypto stuff is the closest, it's got a
SR> lot of stuff written in C though.  I don't believe it links against libssl
SR> though.

I looked at both of those...they both link against SSLeay.  The only
one that I've found is a Two-fish wrapper for python:

http://twofish-py.sourceforge.net/

Has anyone heard of this wrapper?  I downloaded it and it installed
just fine.  It looks like something that I can hack to make it work
seamlessly with what I'm trying to do.

Also, I'm not sure whether I want to go with a public key cryptography
system or a block ciphering system yet.  If there are any crypto gurus
out there, who'd like to discuss this off-line, I'd sure appreciate
it.

Thanks folks!