[pycrypto] Generating a public/private key pair from a passphrase
Legrandin
gooksankoo at hoiptorrow.mailexpire.com
Tue May 22 17:21:15 EDT 2012
Hi Rye,
You really want a cryptographically strong PRNG for that.
I don't think Python's random module is good enough.
One option is to use the Fortuna PRNG in PyCrypto.
Another is to use a NIST approved PRNG, like HMAC-DRBG, shown below.
===
from Crypto.PublicKey import RSA
from Crypto.Hash import HMAC
class PRNG():
def __init__(self, passphrase):
self.K = passphrase
self.V = b'\x00'*16
self.pool = b''
def __call__(self, n):
while len(self.pool)<n:
self.pool += HMAC.new(self.K,self.V).digest()
self.V = self.pool[HMAC.digest_size:]
res = self.pool[:n]
self.pool = self.pool[n:]
return res
key = RSA.generate(2048, PRNG(b'pass phrase'))
===
Mind that - if possible - you should couple the pass phrase to a salt number.
> I'd like to be able to repeatably generate a public/private key pair from a
> user-supplied passphrase. I could use Python's built in random function
> seeded with the passphrase, or numpy's, but is there a better way of going
> about doing this via pycrypto?
More information about the pycrypto
mailing list