[pycrypto] the sad state of pycrypto
Sergey Chernov
sergey.chernov at thrift.ru
Tue Nov 11 06:29:20 CST 2008
+1
policy-checking in existing object creation code will be enough.
centralized "any object" factory is (as for me) uglier than policy
central used in several object factories.
Sergey Chernov
sergey.chernov at thrift.ru
09.11.2008, в 20:50, Dwayne C. Litzenberger написал(а):
> So, hypothetically, you would have something like this:
>
> >>> from Crypto import CryptoAPI
> >>> from Crypto.Policy.p2008v1 import ConservativePolicy
> >>> api = CryptoAPI(policy=ConservativePolicy)
> >>> h = api.Hash.MD5.new()
> Traceback (most recent call last):
> File "<stdin>", line 1, in <module>
> PolicyError: MD5 hash not allowed by policy
> <2008.1.ConservativePolicy>
>
> This would probably involve concentrating all object creation into a
> single "factory", so I'm not quite sure how to shoehorn the current
> PyCrypto API into it.
>
> This would also make unit testing easier, since we could substitute
> dummy functions for real ones. Also, things like
> Util.number.isPrime could more easily be made non-deterministic
> (giving them access to the user's selected RNG) without having to
> change the external API.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2193 bytes
Desc: not available
Url : http://lists.dlitz.net/pipermail/pycrypto/attachments/20081111/c044e9d9/attachment.bin
More information about the pycrypto
mailing list