Hacker News new | past | comments | ask | show | jobs | submit login

Ugh, and they're all using M2Crypto, which is terrible and broken anyway. I had huge issues with encrypting things with it and being able to decrypt or verify signatures with other libraries.

I switched to PyPi RSA. It took a little bit of digging, but it seems to use a sane exponent by default:

https://github.com/sybrenstuvel/python-rsa/blob/11bf33264c62...






There's a reason we're telling you to use libsodium box instead: even if pyrsa sets a reasonable exponent, for example, it's still a separate pure Python implementation (with fewer eyeballs and almost certainly more side channel vulnerabilities), and still uses PKCSv15, exposing you to Bb98-style padding oracle attacks.



Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: