Menu
▾
▴
pyopenssl-list
|
From: <ex...@tw...> - 2009-11-13 17:24:04
|
I'm happy to announce the release of pyOpenSSL 0.10.
pyOpenSSL 0.10 exposes several more OpenSSL APIs, including support for
running TLS connections over in-memory BIOs, access to the OpenSSL
random number generator, the ability to pass subject and issuer
parameters when creating an X509Extension instance, more control over
PKCS12 creation and an API for exporting PKCS12 objects, and APIs for
controlling the client CA list servers send to clients.
Several bugs have also been fixed, including a crash when certain
X509Extension instances are deallocated, a mis-handling of the OpenSSL
error queue in the X509Name implementation, Windows build issues, and a
possible double free when using a debug build.
The style of the docstrings for APIs implemented in C has also been
changed throughout the project to be more useful to Python programmers.
Extension type objects can also now be used to instantiate those types.
Many thanks to numerous people who contributed patches to this release.
You can find pyOpenSSL 0.10 on the Python Package Index:
http://pypi.python.org/pypi/pyOpenSSL/0.10
You can now also find the pyOpenSSL documentation there:
http://packages.python.org/pyOpenSSL/
As part of the ongoing transition away from SourceForge, I won't be
uploading the release or the documentation to SourceForge. Please
continue to use the pyOpenSSL Launchpad page for bug reports:
https://launchpad.net/pyopenssl
Enjoy!
Jean-Paul Calderone
|
|
From: Matěj C. <mc...@re...> - 2009-11-13 21:09:43
Attachments:
smime.p7s
|
Dne 13.11.2009 18:23, ex...@tw... napsal(a): > pyOpenSSL 0.10 exposes several more OpenSSL APIs, including support for > running TLS connections over in-memory BIOs, access to the OpenSSL > random number generator, the ability to pass subject and issuer > parameters when creating an X509Extension instance, more control over > PKCS12 creation and an API for exporting PKCS12 objects, and APIs for > controlling the client CA list servers send to clients. Is there a hope that we could get ever exported AES and RSA from openSSL. I am interested in gajim (PyGtk XMPP client) which currently uses for these two algorithms (and now only for them, the rest of security is done through pyOpenSSL or native python methods) python-crypto which contains its own C-implementations of AES and RSA. I hate this independent (and I would expect not much tested and maintained, certainly in comparison with openSSL library) solution. There seems to me two solutions to this problem: a) to persuade you (or somebody, I am not a C programmer) to implement bindings for these two algorithms in pyOpenSSL, b) port whole gajim to m2crypto, which IIRC has also only bindings for openSSL (not its own implementations). Of course, I would prefer the first solution. Is there a hope? Matěj -- http://www.ceplovi.cz/matej/, Jabber: mcepl<at>ceplovi.cz GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC To err is human, to purr feline. |
|
From: <ex...@tw...> - 2009-11-14 17:53:40
|
On 13 Nov, 09:09 pm, mc...@re... wrote: >Dne 13.11.2009 18:23, ex...@tw... napsal(a): >>pyOpenSSL 0.10 exposes several more OpenSSL APIs, including support >>for >>running TLS connections over in-memory BIOs, access to the OpenSSL >>random number generator, the ability to pass subject and issuer >>parameters when creating an X509Extension instance, more control over >>PKCS12 creation and an API for exporting PKCS12 objects, and APIs for >>controlling the client CA list servers send to clients. > >Is there a hope that we could get ever exported AES and RSA from >openSSL. I am interested in gajim (PyGtk XMPP client) which currently >uses for these two algorithms (and now only for them, the rest of >security is done through pyOpenSSL or native python methods) >python-crypto which contains its own C-implementations of AES and RSA. >I >hate this independent (and I would expect not much tested and >maintained, certainly in comparison with openSSL library) solution. >There seems to me two solutions to this problem: a) to persuade you (or >somebody, I am not a C programmer) to implement bindings for these two >algorithms in pyOpenSSL, b) port whole gajim to m2crypto, which IIRC >has >also only bindings for openSSL (not its own implementations). Of >course, >I would prefer the first solution. > >Is there a hope? This is certainly not something I'd rule out for pyOpenSSL. It's just a question of who will implement it and when. I was also recently reminded of a set of outstanding changes by David Crindland. I know these changes include some kind of crypto-related enhancements, but I still haven't looked at the patches closely enough to know exactly what. I'm going to try to get these integrated for 0.11. This is still probably a non-trivial undertaking, as I don't think the patches include much in the way of automated test coverage. I've recently become available for contract work. If this is something you'd like expedited and have a budget for doing so, perhaps we can work something out. Feel free to contact me off-list about that. Also, several other people have been active in pyOpenSSL development recently. I'm not sure if any of them are available for this sort of work, but it's possible, and I don't want anyone to think that I'm the only person who could be paid for pyOpenSSL development. :) I'll happily incorporate work done by anyone, so long as it meets the quality standards I've been trying to enforce since I took over maintainership. Jean-Paul |
|
From: Morgan R. <mor...@gm...> - 2009-11-15 03:09:41
|
On Sun, Nov 15, 2009 at 04:53, <ex...@tw...> wrote: > This is certainly not something I'd rule out for pyOpenSSL. It's just a > question of who will implement it and when. There are bindings to some of the low-level RSA methods which I wrote some time back in a branch on launchpad (mr-RSAadditions). Though I'm not sure what other stuff would be necessary to do a complete implementation of RSA (I only needed the low-level stuff for the project I was working on) I may be able to find time to expand on that work if somebody can tell me what is needed beyond what has been done. The AES stuff is a different matter but I can probably look at that too (it may become necessary for one of my projects anyway) Morgan |
|
From: <ex...@tw...> - 2009-11-15 14:44:49
|
On 03:09 am, mor...@gm... wrote: >On Sun, Nov 15, 2009 at 04:53, <ex...@tw...> wrote: >>This is certainly not something I'd rule out for pyOpenSSL. It's just >>a >>question of who will implement it and when. > >There are bindings to some of the low-level RSA methods which I wrote >some time back in a branch on launchpad (mr-RSAadditions). Though I'm >not sure what other stuff would be necessary to do a complete >implementation of RSA (I only needed the low-level stuff for the >project I was working on) Ah, I forgot about that branch. It would be excellent if you could file a ticket for it and describe what it does. :) It also looks like some conflicts have arisen. If you resolve these, I'll take a look at getting it merged. Jean-Paul |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X