1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE> [pycrypto] RSA exportKey question with bcrypt?
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20RSA%20exportKey%20question%20with%20bcrypt%3F&In-Reply-To=%3CCAGwD-jae%3DV7Q8-v0h1LgQH9z4ADrcrtBbTCecf_0WMqX6pnkJw%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<style type="text/css">
pre {
white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */
}
</style>
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000678.html">
<LINK REL="Next" HREF="000680.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[pycrypto] RSA exportKey question with bcrypt?</H1>
<B>Kurt Vogel</B>
<A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20RSA%20exportKey%20question%20with%20bcrypt%3F&In-Reply-To=%3CCAGwD-jae%3DV7Q8-v0h1LgQH9z4ADrcrtBbTCecf_0WMqX6pnkJw%40mail.gmail.com%3E"
TITLE="[pycrypto] RSA exportKey question with bcrypt?">kvogel at mdcom.com
</A><BR>
<I>Sun Jul 14 23:40:05 PDT 2013</I>
<P><UL>
<LI>Previous message: <A HREF="000678.html">[pycrypto] RSA exportKey question with bcrypt?
</A></li>
<LI>Next message: <A HREF="000680.html">[pycrypto] RSA exportKey question with bcrypt?
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#679">[ date ]</a>
<a href="thread.html#679">[ thread ]</a>
<a href="subject.html#679">[ subject ]</a>
<a href="author.html#679">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>While I'm on the subject and appears Dwayne is merging in pull requests :)
For RSA exportKey() think we could have **kwargs for extra prot_params
passed to
PKCS8.wrap() like iteration_count and salt size?
On Sun, Jul 14, 2013 at 9:34 PM, Kurt Vogel <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">kvogel at mdcom.com</A>> wrote:
><i> Hi,
</I>><i>
</I>><i> Do you guys know roughly when this will go in?
</I>><i>
</I>><i> Also with import/export RSA keys can we support bcrypt?
</I>><i>
</I>><i> Does JCA and BouncyCastle use bcrypt, eg:
</I>><i>
</I>><i> 'BcryptWithHMAC-SHA1AndAES256-CBC'
</I>><i>
</I>><i> Thanks,
</I>><i> Kurt
</I>><i>
</I>><i>
</I>><i> On Fri, Jul 5, 2013 at 2:52 AM, Legrandin <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">helderijs at gmail.com</A>> wrote:
</I>><i> >
</I>><i> > Hi Kurt , thanks a lot for providing feedback. It is much appreciated.
</I>><i> >
</I>><i> > * I guess you refer to camel-casing used for several variables, which
</I>><i> > was due to my preference to stick to ASN.1 naming.
</I>><i> > I can work on that and make sure flake8 does not complain that much.
</I>><i> >
</I>><i> > * Right. Code evolved at different points in time, and indeed it is
</I>><i> > now hard to follow the path of the 'parameter' value. I will try to
</I>><i> > fix that.
</I>><i> >
</I>><i> > * I used strings like 'PBKDF2WithHMAC-SHA1AndAES128-CBC' because that
</I>><i> > is the style used in JCA and BouncyCastle and a lot of people are
</I>><i> > familiar with it.
</I>><i> > I am not very clear what the benefit enums might bring? One option I
</I>><i> > considered was the ability to provide 3 independent parameters
</I>><i> > instead of one (since protection mainly depends on type of KDF, PRF,
</I>><i> > and symmetric cipher) but at the end I guess most
</I>><i> > uses case are about the desire to protect the private key using a
</I>><i> > password in a strong way, and the ability to tweak the various
</I>><i> > parameters
</I>><i> > is not that relevant. Plus, exportKey() parameter list becomes to long.
</I>><i> >
</I>><i> > * I am really ashamed to admit that I actually have 9 pull requests
</I>><i> > open, not 2 so I am totally giving headaches to the maintainer. :-)
</I>><i> > It is of course only up to him to decide which features should go
</I>><i> > in; given that he has not much time these days, it is likely that only
</I>><i> > few features and bugfixes may go into any next release.
</I>><i> > The release merge window seems to roughly be once per year and I
</I>><i> > find it is natural to have so many outstanding pull requests by now.
</I>><i> > To my defense, I can only say that the all pull requests cover one
</I>><i> > feature only and that I try to keep them as independent as possible.
</I>><i> > Most of them apply cleanly to master (e.g. HKDF, CCM, PKCS#8, bug
</I>><i> fixes, etc).
</I>><i> > In some cases though, they do depend on an existing pull request (as
</I>><i> > in the case of DSA import/export depending on PKCS8 be applied first),
</I>><i> > because keeping them separated is honestly too much work for me
</I>><i> > *and* they are indeed extensions of other extensions.
</I>><i> >
</I>><i> > > Hi, I was looking at the pycrypto pull request
</I>><i> > > <A HREF="https://github.com/dlitz/pycrypto/pull/32.">https://github.com/dlitz/pycrypto/pull/32.</A> Just a few comments...
</I>><i> > >
</I>><i> > > * For readability can you pep8 format the code?
</I>><i> > > * RSA, for import/export the protection parameter maybe rename to algo
</I>><i> or
</I>><i> > > wrap algo? It evolves from: 'protection' to 'wrap_algo' to 'mode' as
</I>><i> it
</I>><i> > > goes down the call stack.
</I>><i> > > * Also maybe make this parameter an enum/value? Since the long string
</I>><i> can
</I>><i> > > be error prone, low level code would need to change anyway if it were
</I>><i> either
</I>><i> > > string or int if we support more modes.
</I>><i> > > * And last but not least... I'm new to this email list and not sure how
</I>><i> > > often pull requests are accepted but maybe you could reduce the amount
</I>><i> of
</I>><i> > > features going in? I know you have another one, 51, after this...
</I>><i> > > Maintainer may reluctant to do massive changes all at once?
</I>><i> > >
</I>><i> > > Anyway just ideas...
</I>><i> > > Thanks for your time,
</I>><i> > > Sincerely,
</I>><i> > > Kurt
</I>><i> > >
</I>><i> > _______________________________________________
</I>><i> > pycrypto mailing list
</I>><i> > <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">pycrypto at lists.dlitz.net</A>
</I>><i> > <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</A>
</I>><i>
</I>><i>
</I>-------------- next part --------------
An HTML attachment was scrubbed...
URL: <<A HREF="http://lists.dlitz.net/pipermail/pycrypto/attachments/20130714/b9d6fe8d/attachment.html">http://lists.dlitz.net/pipermail/pycrypto/attachments/20130714/b9d6fe8d/attachment.html</A>>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000678.html">[pycrypto] RSA exportKey question with bcrypt?
</A></li>
<LI>Next message: <A HREF="000680.html">[pycrypto] RSA exportKey question with bcrypt?
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#679">[ date ]</a>
<a href="thread.html#679">[ thread ]</a>
<a href="subject.html#679">[ subject ]</a>
<a href="author.html#679">[ author ]</a>
</LI>
</UL>
<hr>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
mailing list</a><br>
</body></html>
|
