[pycrypto] Library design philosophy
Mads Kiilerich
mads at kiilerich.com
Sun Apr 12 14:57:31 CST 2009
Legrandin wrote, On 04/12/2009 04:36 PM
> I think that pycrypto is a great project, but the dependency
> on the C files to carry out the core operation in a way defeats
> the purpose of the library (i.e. being scriptable and platform
> independent).
>
> Of course performance is important, but if I really need to be fast
> my first choice is to use some wrapper to openssl or libtomcrypt
> (e.g m2crypto). On the other hand, the most value I find in pycrypto
> is it being (also) a command-line crypto workbench.
>
> What's your view on this? I appreciate that for some algorithms
> both versions can be used (C vs python), but for instance there is no way
> to use AES w/o having to go through the compilation step. To me, it's
> should be the other way around, first Python code, then C routines.
>
Well ... you can have your opinion if I (a random user) can have mine ;-)
Pycrypto does not claim to be a pure-python crypto library. If you
expect it to be that then it probably won't meet your expectations.
Pycrypto _is_ cross-platform, and written in a combination of platform
independent C and python, just like Python is. (FWIW, pycrypto _is_
partly a "libtomcrypt wrapper", see
http://www.dlitz.net/software/pycrypto/doc/#credits.) Pycrypto _is_
fast. Perhaps not as fast as other optimized libraries are, but it can
be used where performance is important.
Some advantages of pycrypto are that it is small, has a simple pythonic
API, and don't have any external dependencies. It is not a incomplete
wrapper of a huge and complex API (such as the openssl API).
Pure python implementations _could_ be added, but they would probably
not really be usable. Users getting this slow fallback would probably be
annoyed or complain about the performance instead of fixing the problem
by installing the right compiled version. It would also double the cost
of maintenance of the library. But a pure python implementation would be
convenient for verification of correctness and for documentation purposes.
(Note: I don't understand your comments about being scriptable and a
command-line crypto workbench. That seems to be features related to
using Python, independent of which crypto library you use.)
/Mads
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3435 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.dlitz.net/pipermail/pycrypto/attachments/20090412/39e4e817/attachment.bin
More information about the pycrypto
mailing list