推荐的Python加密模块？ [英] Recommended Python cryptographic module?

问题描述

我一直在探索什么加密模块可用于Python，我发现了3：ezPyCrypt，yawPyCrypt和KeyCzar（实际上支持几种语言，但Python包括在其中）。前两个依赖于PyCrypto模块。

有没有选择我缺少？有没有一个明确的前线为方便和功能，或者它只是下降到一个舒适水平的方式？

我目前倾向于KeyCzar，与ezPyCrypt关闭后面。

我将使用库进行数字签名签名和验证，并可能创建密钥（虽然我不会哭，如果我必须打电话

我正在使用Python 3.x并且可以访问GPG。 >解决方案

如果你在一个包含GnuPG和Python> = 2.4的环境中，那么你也可以考虑使用一个工具，例如 python-gnupg 。 （免责声明：我是这个项目的维护者）。它为 gpg 留下了沉重的负担，并提供了一个相当简单的API。

API概述：

 
 >>> import gnupg 
 >>> gpg = gnupg.GPG ='/ path / to / keyring / directory'）
 >>> gpg.list_keys（）
 
 [{
 ... 
'fingerprint' F819EE7705497D73E3CCEE65197D5DAC68F1AAB2'，
'keyid'：'197D5DAC68F1AAB2'，
'length'：'1024'，
'type'：'pub'，
'uids'：['' ，'gary Gross（A test user）']，
 {
 ... 
'fingerprint'：'37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A'，
'keyid'：'0C5FEFA7A921FC4A'，
'length'：'1024'，
 ... 
'uids'：[''，'Danny Davis（A test user）']}] 
 >>> encrypted = gpg.encrypt（Hello，world！，['0C5FEFA7A921FC4A']）
 >>> str（encrypted）
 
'----- BEGIN PGP MESSAGE ---- -\\\
Version：GnuPG v1.4.9（GNU / Linux）\\\
 
 \\\
hQIOA / 6NHMDTXUwcEAf 
 ... 
 ----- END PGP MESSAGE ----- \ n'
 >>> decrypted = gpg.decrypt（str（encrypted），passphrase ='secret'）
 >>> str（已解密）
'Hello，world！'
 >>> signed = gpg.sign（Goodbye，world！，passphrase ='secret'）
 >>> verified = verified = gpg.verify（str（signed））
> >> print已验证如果已验证其他未验证
 
'已验证'
 

I've been exploring what cryptographic modules are available to Python, and I've found 3: ezPyCrypt, yawPyCrypt and KeyCzar (which actually supports a few languages, but Python is included amongst them). The first two rely on the PyCrypto module.

Are there choices I am missing? Is there a clear front-runner for ease and features or does it simply come down to a manner of one's comfort level?

I'm currently leaning towards KeyCzar, with ezPyCrypt close behind.

I would be using the library for digital signature signing and verification, and potentially for key creation (although I won't cry if I have to make a call to something else for that functionality).

I am using Python 3.x and have access to GPG.

解决方案

If you are in an environment which includes GnuPG and Python >= 2.4, then you could also consider a tool such as python-gnupg. (Disclaimer: I'm the maintainer of this project.) It leaves the heavy lifting to gpg and provides a fairly straightforward API.

Overview of API:

>>> import gnupg
>>> gpg = gnupg.GPG(gnupghome='/path/to/keyring/directory')
>>> gpg.list_keys()

[{
  ...
  'fingerprint': 'F819EE7705497D73E3CCEE65197D5DAC68F1AAB2',
  'keyid': '197D5DAC68F1AAB2',
  'length': '1024',
  'type': 'pub',
  'uids': ['', 'Gary Gross (A test user) ']},
 {
  ...
  'fingerprint': '37F24DD4B918CC264D4F31D60C5FEFA7A921FC4A',
  'keyid': '0C5FEFA7A921FC4A',
  'length': '1024',
  ...
  'uids': ['', 'Danny Davis (A test user) ']}]
>>> encrypted = gpg.encrypt("Hello, world!", ['0C5FEFA7A921FC4A'])
>>> str(encrypted)

'-----BEGIN PGP MESSAGE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n
\nhQIOA/6NHMDTXUwcEAf
...
-----END PGP MESSAGE-----\n'
>>> decrypted = gpg.decrypt(str(encrypted), passphrase='secret')
>>> str(decrypted)
'Hello, world!'
>>> signed = gpg.sign("Goodbye, world!", passphrase='secret')
>>> verified = verified = gpg.verify(str(signed))
>>> print "Verified" if verified else "Not verified"

'Verified' 

这篇关于推荐的Python加密模块？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！