Recommended Python cryptographic module? Recommended Python cryptographic module? python python

Recommended Python cryptographic module?


python cryptography

A new cryptography library for Python has been in rapid development for a few months now. The 0.2.1 release just happened a few days ago.

https://cryptography.io/en/latest/

It is mainly a CFFI wrapper around existing C libraries such as OpenSSL. It is distributed as a pure python module and supports CPython versions 2.6 - 3.3 as well as PyPy. It is also the upstream of the refactored pyOpenSSL package.

It aims to expose high-level "recipes" that makes cryptography as idiot-proof as possible as well as primitives that should only be used with the appropriate caution. Symmetric algorithms (including AES-GCM) is very well supported and asymmetric algorithms such as RSA and DSA should be coming in the next few releases. Other notable algorithms that are supported includes PBKDF2, HKDF, HOTP and TOTP.

python cryptography

If you are in an environment which includes GnuPG and Python >= 2.4, then you could also consider a tool such as python-gnupg. (Disclaimer: I'm the maintainer of this project.) It leaves the heavy lifting to gpg and provides a fairly straightforward API.

Overview of API:

>>> import gnupg>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')>>> gpg.list_keys()[{  ...  'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',  'keyid': '197D5DAC68F1AAB2',  'length': '1024',  'type': 'pub',  'uids': ['', 'Gary Gross (A test user) ']}, {  ...  'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',  'keyid': '0C5FEFA7A921FC4A',  'length': '1024',  ...  'uids': ['', 'Danny Davis (A test user) ']}]>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])>>> str(encrypted)'-----BEGIN PGP MESSAGE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\nhQIOA/6NHMDTXUwcEAf...-----END PGP MESSAGE-----\n'>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')>>> str(decrypted)'Hello, world!'>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')>>> verified = verified = gpg.verify(str(signed))>>> print "Verified" if verified else "Not verified"'Verified'

python cryptography

Another crypto library to consider is PyCryptodome, a fork of PyCrypto with PyPy support and a few more primitives (SHA-3, Salsa20, scrypt, etc).

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last