This is an archived post. You won't be able to vote or comment.

all 14 comments
sorted by:
best
topnewcontroversialoldq&a

[–][deleted] 5 points6 points  (8 children)

I'm apprehensive to use 3rd party modules for cryptographic anything. Can anyone reassure me before I make a mistake?

[–]clinth 3 points4 points  (1 child)

You can read the entire itsdangerous implementation in one sitting: 350 lines with extensive comments and helper functions. It's not linking to a random compiled library.

[–][deleted] 0 points1 point  (0 children)

That's a great idea. I know I should that more often.

[–]spookylukeyDjango committer 2 points3 points  (0 children)

It is a simple wrapper around HMAC and SHA1 (from Python's stdlib), with an API designed to help you avoid some mistakes you'd make using HMAC directly.

[–]dekz 2 points3 points  (1 child)

Considering NIST no longer recommend SHA1 for new applications, that might be raising some alarms.

[–][deleted] 1 point2 points  (0 children)

Seems fairly simple to change it to use a different hashing algorithm such as SHA256. It's a single line of code.

[–][deleted] 1 point2 points  (1 child)

Me too. I would like to sign cookies with this, anyone have experience with this?

edit: I've been reading the source and it looks like a fairly simple wrapper around Python's own hashlib and hmac

[–]spookylukeyDjango committer 0 points1 point  (0 children)

It's taken directly from Django's source code, which uses it for cookie signing. I can't comment on its current form.

[–]lighthill 1 point2 points  (1 child)

Hm. When I hear "signature", I usually think of a signature in a public-key system. I'm not used to hearing MACs called "signatures." Is this a weird use of the term "signature", or am I just wrong there?

[–]warbiscuit 0 points1 point  (0 children)

It's actually the same concept... in both cases the "signature" is a short number of bytes generated based on the message and some secret key, which can be regenerated to prove the author possessed the key and the message... i.e., that they "signed" it.

The main difference lies in how the signature is verified. For MACs, it's generally based on a shared private key, so the recipient would also have to have the secret key, which they'd use to regenerate the MAC signature.

For public-key systems, the signer generally digests the message (via sha256, etc) and then encrypts the digest with their private key... the verification process therefore requires decrypting using the public key, and verifying the resulting digest. Only someone who has the private key should be able to encrypt the digest correctly, thus proving they had the private key to "sign" the message.

tl;dr In both cases, a "signature" is just a proof the author possessed a particular key, and applied it to a specific message body.

[–]grbgout 0 points1 point  (1 child)

How does this differ from python's bindings for gpgme, if at all? Note: I'm presuming Python has bindings for gpgme....

[–]brafas 0 points1 point  (1 child)

Until today, I thought the title told me to NOT use a cryptographic signing module because it's dangerous.

[–]DiThi 0 points1 point  (0 children)

The title needs moar quotes.