Recommended Python cryptographic module?
Question:
I’ve been exploring what cryptographic modules are available to Python, and I’ve found 3: ezPyCrypt, yawPyCrypt and KeyCzar (which actually supports a few languages, but Python is included amongst them). The first two rely on the PyCrypto module.
Are there choices I am missing? Is there a clear front-runner for ease and features or does it simply come down to a manner of one’s comfort level?
I’m currently leaning towards KeyCzar, with ezPyCrypt close behind.
I would be using the library for digital signature signing and verification, and potentially for key creation (although I won’t cry if I have to make a call to something else for that functionality).
I am using Python 3.x and have access to GPG.
Answers:
If you are in an environment which includes GnuPG and Python >= 2.4, then you could also consider a tool such as python-gnupg. (Disclaimer: I’m the maintainer of this project.) It leaves the heavy lifting to gpg and provides a fairly straightforward API.
Overview of API:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-----BEGIN PGP MESSAGE-----nVersion: GnuPG v1.4.9 (GNU/Linux)n
nhQIOA/6NHMDTXUwcEAf
...
-----END PGP MESSAGE-----n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
How about PyCrypto (formerly http://www.amk.ca/python/code/crypto.html)??
pycrypt is actually a simple AES encrypt/decrypt module built on top of pycrypto like other modules you mention — note that the latter is transitioning to the pycrypto.org URL as it’s changing maintainers, and stable versions and docs are still at the original author’s site. In addition to the easier-to-use wrappers you mention, one plus of pycrypto is that a pure-python subset of it is supplied with Google’s App Engine, so getting familiar with it would be useful if you ever want to deploy any code there.
The major alternative (another powerful and complex project, like pycrypto) is pyopenssl, which is a fairly regular wrapping (a “thin wrapper”, as the author describes it) of OpenSSL (that may be a plus if you’re used to coding in C with calls to OpenSSL). An alternative packaging that’s complete (comes with the needed libraries) and possibly legally safer (excludes parts on which there are patent disputes or doubts) is distributed by egenix.
Both main projects (pycrypto and pyopenssl) went through long periods of more or less inactivity as the original authors went on to other things, but both are actively developed and maintained again, which is always a good sign.
I am not aware of easy-to-use wrappers on top of pyopenssl (there most likely are, but they haven’t been publicized like those on top of pycrypto) and so, if as it seems you do care about ease of use and aren’t looking to write wrappers yourself, the ones on top of pycrypto appear to be a better choice.
I’ve just done such a survey last week and adopted M2Crypto that seems to be the most advanced wrapper today above openssl (found it in several recommandation lists while googling). I also tried pycrypto but it miss certificates management and standard key file format management that M2Crypto has (with pycrypto you have to pickle/unpicle your keys or write your own key manager for common formats).
I found M2Crypto was quite easy to use and was quicly able to develop what I needed (a signed and encrypted package format).
However I recommand to download full package, not just easy installing it, because in the package you also get nice exemples (look at demo directory).
Here is the link http://pypi.python.org/pypi/M2Crypto/0.20.1
A drawback could be that you are using python 3.0, I’m stuck with 2.5 at job (hopefully 2.6 soon) and don’t know if M2Crypto works with python 3.0
I’ve not much practice with it yet, put if you have specific problems with it just ask here. Someone may answer.
PyCrypto is my choice atm (latest pypi update 2012-05-24) and the source code is hosted on GitHub: https://github.com/dlitz/pycrypto. It can run pure Python math or use libgmp (you will need sudo apt-get install libgmp-dev on Debian to enable the latest).
M2Crypto is a wrapper for OpenSSL (latest pypi update 2011-01-15), source code at http://svn.osafoundation.org/m2crypto/.
gnupg (updated 2013-06-05), see Vinay Sajip’s answer. There is a patched fork (updated 2013-07-31) hosted at https://github.com/isislovecruft/python-gnupg
Other alternatives are mentioned by Alex Martelli
EDIT: critics of existing crypto packages and references to some new ones https://news.ycombinator.com/item?id=6194102
A new cryptography library for Python has been in rapid development for a few months now. The 0.2.1 release just happened a few days ago.
https://cryptography.io/en/latest/
It is mainly a CFFI wrapper around existing C libraries such as OpenSSL. It is distributed as a pure python module and supports CPython versions 2.6 – 3.3 as well as PyPy. It is also the upstream of the refactored pyOpenSSL package.
It aims to expose high-level “recipes” that makes cryptography as idiot-proof as possible as well as primitives that should only be used with the appropriate caution. Symmetric algorithms (including AES-GCM) is very well supported and asymmetric algorithms such as RSA and DSA should be coming in the next few releases. Other notable algorithms that are supported includes PBKDF2, HKDF, HOTP and TOTP.
Another crypto library to consider is PyCryptodome, a fork of PyCrypto with PyPy support and a few more primitives (SHA-3, Salsa20, scrypt, etc).
Keyczar is cool, but it lacks OAEP|PKCS padding which is only avaliable in Java version.
https://code.google.com/p/keyczar/wiki/KeyczarTool
Also, at the moment it lacks password based encryption which is avaliable in C++.
https://code.google.com/p/keyczar/issues/detail?id=149&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Implementation%20Summary
I’ve been exploring what cryptographic modules are available to Python, and I’ve found 3: ezPyCrypt, yawPyCrypt and KeyCzar (which actually supports a few languages, but Python is included amongst them). The first two rely on the PyCrypto module.
Are there choices I am missing? Is there a clear front-runner for ease and features or does it simply come down to a manner of one’s comfort level?
I’m currently leaning towards KeyCzar, with ezPyCrypt close behind.
I would be using the library for digital signature signing and verification, and potentially for key creation (although I won’t cry if I have to make a call to something else for that functionality).
I am using Python 3.x and have access to GPG.
If you are in an environment which includes GnuPG and Python >= 2.4, then you could also consider a tool such as python-gnupg. (Disclaimer: I’m the maintainer of this project.) It leaves the heavy lifting to gpg and provides a fairly straightforward API.
Overview of API:
>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()
[{
...
'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
'keyid': '197D5DAC68F1AAB2',
'length': '1024',
'type': 'pub',
'uids': ['', 'Gary Gross (A test user) ']},
{
...
'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
'keyid': '0C5FEFA7A921FC4A',
'length': '1024',
...
'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)
'-----BEGIN PGP MESSAGE-----nVersion: GnuPG v1.4.9 (GNU/Linux)n
nhQIOA/6NHMDTXUwcEAf
...
-----END PGP MESSAGE-----n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"
'Verified'
How about PyCrypto (formerly http://www.amk.ca/python/code/crypto.html)??
pycrypt is actually a simple AES encrypt/decrypt module built on top of pycrypto like other modules you mention — note that the latter is transitioning to the pycrypto.org URL as it’s changing maintainers, and stable versions and docs are still at the original author’s site. In addition to the easier-to-use wrappers you mention, one plus of pycrypto is that a pure-python subset of it is supplied with Google’s App Engine, so getting familiar with it would be useful if you ever want to deploy any code there.
The major alternative (another powerful and complex project, like pycrypto) is pyopenssl, which is a fairly regular wrapping (a “thin wrapper”, as the author describes it) of OpenSSL (that may be a plus if you’re used to coding in C with calls to OpenSSL). An alternative packaging that’s complete (comes with the needed libraries) and possibly legally safer (excludes parts on which there are patent disputes or doubts) is distributed by egenix.
Both main projects (pycrypto and pyopenssl) went through long periods of more or less inactivity as the original authors went on to other things, but both are actively developed and maintained again, which is always a good sign.
I am not aware of easy-to-use wrappers on top of pyopenssl (there most likely are, but they haven’t been publicized like those on top of pycrypto) and so, if as it seems you do care about ease of use and aren’t looking to write wrappers yourself, the ones on top of pycrypto appear to be a better choice.
I’ve just done such a survey last week and adopted M2Crypto that seems to be the most advanced wrapper today above openssl (found it in several recommandation lists while googling). I also tried pycrypto but it miss certificates management and standard key file format management that M2Crypto has (with pycrypto you have to pickle/unpicle your keys or write your own key manager for common formats).
I found M2Crypto was quite easy to use and was quicly able to develop what I needed (a signed and encrypted package format).
However I recommand to download full package, not just easy installing it, because in the package you also get nice exemples (look at demo directory).
Here is the link http://pypi.python.org/pypi/M2Crypto/0.20.1
A drawback could be that you are using python 3.0, I’m stuck with 2.5 at job (hopefully 2.6 soon) and don’t know if M2Crypto works with python 3.0
I’ve not much practice with it yet, put if you have specific problems with it just ask here. Someone may answer.
PyCrypto is my choice atm (latest pypi update 2012-05-24) and the source code is hosted on GitHub: https://github.com/dlitz/pycrypto. It can run pure Python math or use libgmp (you will need sudo apt-get install libgmp-dev on Debian to enable the latest).
M2Crypto is a wrapper for OpenSSL (latest pypi update 2011-01-15), source code at http://svn.osafoundation.org/m2crypto/.
gnupg (updated 2013-06-05), see Vinay Sajip’s answer. There is a patched fork (updated 2013-07-31) hosted at https://github.com/isislovecruft/python-gnupg
Other alternatives are mentioned by Alex Martelli
EDIT: critics of existing crypto packages and references to some new ones https://news.ycombinator.com/item?id=6194102
A new cryptography library for Python has been in rapid development for a few months now. The 0.2.1 release just happened a few days ago.
https://cryptography.io/en/latest/
It is mainly a CFFI wrapper around existing C libraries such as OpenSSL. It is distributed as a pure python module and supports CPython versions 2.6 – 3.3 as well as PyPy. It is also the upstream of the refactored pyOpenSSL package.
It aims to expose high-level “recipes” that makes cryptography as idiot-proof as possible as well as primitives that should only be used with the appropriate caution. Symmetric algorithms (including AES-GCM) is very well supported and asymmetric algorithms such as RSA and DSA should be coming in the next few releases. Other notable algorithms that are supported includes PBKDF2, HKDF, HOTP and TOTP.
Another crypto library to consider is PyCryptodome, a fork of PyCrypto with PyPy support and a few more primitives (SHA-3, Salsa20, scrypt, etc).
Keyczar is cool, but it lacks OAEP|PKCS padding which is only avaliable in Java version.
https://code.google.com/p/keyczar/wiki/KeyczarTool
Also, at the moment it lacks password based encryption which is avaliable in C++.
https://code.google.com/p/keyczar/issues/detail?id=149&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Implementation%20Summary