Miscellaneous crypto High-Level Classes
9.2.2.4 Miscellaneous crypto
from M2Crypto import DH, DSA, RSA, RC4 The DH, DSA, and RSA modules provide access to the three supported low-level, public key cryptographic algorithms known by the same names. The RC4 module provides direct access to the symmetric cipher by the same name. Its curious that RC4 is the only symmetric cipher that is supported directly with a class of its own, particularly since the EVP interface is exposed. We recommend that you avoid using it in favor of the EVP modules Cipher class. The DH module provides a class by the same name that is generally instantiated by using one of the four functions provided by the module. The function DH.gen_params can be used to create a new DH object with randomly generated parameters. The functions DH.load_params and DH.load_params_bio can be used to create a DH object created from parameters stored in a file. DH.load_params accepts a filename from which the parameters will be loaded, and DH.load_params_bio accepts a BIO object from which the parameters will be loaded. Finally, DH.set_params allows you to create a DH object and specify the parameters yourself. The DSA module provides a class by the same name that is generally instantiated by one of several module functions. The function DSA.gen_params can be used to create a new DSA object with randomly generated parameters. DSA.load_params and DSA.load_params_bio create a DSA object from a file or a BIO object. DSA.load_key and DSA.load_key_bio create a DSA object loaded from a file or BIO object containing a PEM representation of a private key. There is no mechanism to load public DSA keys. The RSA module provides two classes: RSA and RSA_pub . The classes should be instantiated using one of the modules functions. RSA.gen_key returns an RSA object after generating a new key pair. RSA.load_key and RSA.load_key_bio both create an RSA object from a private key stored in PEM format from a file or BIO object. RSA.load_pub_key and RSA.load_pub_key_bio create an RSA_pub object from a public key stored in PEM representation from a file or BIO object. Finally, RSA.new_pub_key will instantiate an RSA_pub object from the public exponent and composite of the primes that make up a private key. The RC4 module provides an RC4 class as an interface to the RC4 symmetric cipher algorithm. This class is intended to be instantiated directly. It can be instantiated with or without a key, and 231 the key can be changed with a call to its set_key method. Calling the update method with data to be encrypted will return the encrypted data.9.2.3 Python Module Extensions
Parts
» Network Security With OpenSSL 2002
» Goals of Cryptography Cryptography for the Rest of Us
» Symmetric key encryption Cryptographic Algorithms
» Public key encryption Cryptographic Algorithms
» Cryptographic hash functions and Message Authentication Codes
» Overview of SSL Introduction
» Cryptographic acceleration hardware Load balancing
» Bad Server Credentials Problems with SSL
» Certificate Validation Problems with SSL
» Poor Entropy Problems with SSL
» Insecure Cryptography Problems with SSL
» Other Transport Layer Protocols Non-Repudiation Protection Against Software Flaws
» Server-Side Proxies Securing Third-Party Software
» Client-Side Proxies Securing Third-Party Software
» Configuration Files The Basics
» Passwords and Passphrases Command-Line Interface
» Seeding the Pseudorandom Number Generator
» Private Certification Authorities Public Certification Authorities
» Certificate Revocation Lists Certificates
» Online Certificate Status Protocol
» Personal Certificates Obtaining a Certificate
» Code-Signing Certificates Obtaining a Certificate
» Web Site Certificates Obtaining a Certificate
» Creating an Environment for Your Certification Authority
» Building an OpenSSL Configuration File
» Creating a Self-Signed Root Certificate
» Revoking Certificates Setting Up a Certification Authority
» Static Locking Callbacks Multithread Support
» Dynamic Locking Callbacks Multithread Support
» Manipulating Error Queues Internal Error Handling
» Human-Readable Error Messages Internal Error Handling
» Threading and Practical Applications
» Memory sourcessinks File sourcessinks
» Socket sourcessinks SourceSink BIOs
» Filter BIOs Abstract InputOutput
» Seeding the PRNG Random Number Generation
» Using an Alternate Entropy Source
» The Basics Arbitrary Precision Math
» Mathematical Operations Arbitrary Precision Math
» Generating Prime Numbers Arbitrary Precision Math
» Using Engines Support Infrastructure
» Background Step 1: SSL Version Selection and Certificate Preparation
» Certificate preparation Step 1: SSL Version Selection and Certificate Preparation
» Our example extended Step 1: SSL Version Selection and Certificate Preparation
» Background Incorporating trusted certificates
» Certificate verification Step 2: Peer Authentication
» Incorporating certificate revocation lists
» Post-connection assertions Step 2: Peer Authentication
» Further extension of the examples
» Setting SSL options Step 3: SSL Options and Cipher Suites
» Ephemeral keying Step 3: SSL Options and Cipher Suites
» Cipher suite selection Step 3: SSL Options and Cipher Suites
» The final product Step 3: SSL Options and Cipher Suites
» Beyond the example Step 3: SSL Options and Cipher Suites
» Client-side SSL sessions SSL Session Caching
» Server-side SSL sessions SSL Session Caching
» An on-disk, session caching framework
» Reading and writing functions
» Blocking IO IO on SSL Connections
» Non-blocking IO IO on SSL Connections
» Implementing renegotiations IO on SSL Connections
» Renegotiations in 0.9.7 IO on SSL Connections
» Further notes IO on SSL Connections
» Block Ciphers and Stream Ciphers
» AES Blowfish CAST5 Available Ciphers
» IDEA RC2™ RC4™ Available Ciphers
» Initializing Symmetric Ciphers Encrypting with the EVP API
» Specifying Key Length and Other Options
» Encryption Encrypting with the EVP API
» Decryption Encrypting with the EVP API
» Handling UDP Traffic with Counter Mode
» General Recommendations Symmetric Cryptography
» Secure HTTP Cookies Hashes and MACs
» When to Use Public Key Cryptography
» Generating and Exchanging Parameters
» Computing Shared Secrets Diffie-Hellman
» The Basics Digital Signature Algorithm DSA
» Generating Parameters and Keys
» Signing and Verifying Digital Signature Algorithm DSA
» Data Encryption, Key Agreement, and Key Transport
» Signing and Verifying The EVP Public Key Interface
» Encrypting and Decrypting The EVP Public Key Interface
» Writing and Reading DER-Encoded Objects
» Writing and Reading PEM-Encoded Objects
» Net::SSLeay Variables Net::SSLeay for Perl
» Net::SSLeay Error Handling Net::SSLeay Utility Functions
» Net::SSLeay Low-Level Bindings
» M2Crypto.SSL High-Level Classes
» Miscellaneous crypto High-Level Classes
» Extensions to httplib: httpslib
» Extensions to urllib: m2urllib Extensions to xmlrpclib: m2xmlrpclib
» General Functions OpenSSL Support in PHP
» Certificate Functions OpenSSL Support in PHP
» Encryption and Signing Functions
» PKCS7 SMIME Functions OpenSSL Support in PHP
» Object Stacks Advanced Programming Topics
» Configuration Files Advanced Programming Topics
» Subject name Generating Requests
» X.509 Version 3 extensions Putting it all together
» X.509 Certificate Checking X.509
» Signing and Verifying PKCS7 and SMIME
» Encrypting and Decrypting PKCS7 and SMIME
Show more