Potentially. The way that I am storing the encrypted data is pretty standard. 16 byte IV at the head of the encrypted data. It should be fairly compatible. I have never looked at slowAES personally.
My reason for creating this was to facilitate symmetric encryption of arbitrary data in my app but keeping the encryption in the app so as to not be tied to a particular data store. Some databases allow field level encryption but I feel better about doing the encryption in the app and storing the base64 encoded encrypted byte data as a string. On Wednesday, October 3, 2012 12:21:10 AM UTC-4, Jonathan Lundell wrote: > > On 2 Oct 2012, at 8:51 PM, Dave <dave....@gmail.com <javascript:>> wrote: > > Sorry... there was supposed to be a 2 as well... i was making a numbered > list. These days my brain is not functioning as well as I would like given > my health. > > My utility class does in fact use PyCrypto. What I was saying is PyCrypto > has to be compiled on the host it is being run on because it has C in it. > It's not native Python. I wonder though, it may be possible to get our > hands on the modified source that Google has compiled in the GAE platform. > That version would be pure python without IDEA. > > > Export restrictions aside, a possible approach would be to have a wrapper > that works with (say) SlowAES, but uses PyCrypto if available. > > > Attached is the file. Keep in mind that it will require a secret key > exactly 256 bits or 32 bytes long. > > > My intent is to cache the Class to prevent overhead and file locking > issues reading the secret file every time I need encryption. I understand > that there is risk to having the key in memory, but reading a file for > every crypt or decrypt is silly. There are far better ways for securing > the secret key. This is just an example. > > Enjoy. > > On Monday, October 1, 2012 8:21:19 PM UTC-4, Massimo Di Pierro wrote: >> >> Not sure I understand. Does your library uses PyCrypto or not? What do >> you mean "due to 1"? >> Anyway, I would like to see it. >> >> Massimo >> >> On Monday, 1 October 2012 17:15:51 UTC-5, Dave wrote: >>> >>> I wanted to post to the group that I have created a utility class for >>> performing encryption and decryption using the PyCrypto library. It really >>> can't be baked in to web2py due to 1, export restrictions, but also the >>> underlying PyCrypto library is not pure python. There is some optimized C >>> in the library. >>> >>> If anybody is interested, I can clean up the code, remove some of my >>> more "trade secret" stuff and share it. If you are hosting on GAE, you may >>> use PyCrpyto, but there are caveats. PGP and IDEA crpyt modules are not >>> there due to licensing. Furthermore PKI operations are re-written by >>> Google in pure python instead of optimized, faster C. This is due to their >>> security policy. >>> >>> My utility class uses AES and the CFB mode. >>> >>> cheers >>> >> > -- > > > > <crypto.py> > > > > --
