views:

632

answers:

3

I want to encrypt the session key using the public key. How does the PGP software do this? Can somebody specify the procedure or function of encryption in Python?

+1  A: 

See this post for background information about the basic technology. That post is about encryption in general - for information about using gpg from Python, see this, for example.

Vinay Sajip
+1  A: 

There's also the PyCrypto module that looks exactly like what you are looking for: http://www.dlitz.net/software/pycrypto/ the API docs are here: http://www.dlitz.net/software/pycrypto/apidoc/ and some nice docs with basic examples of encrypting/decrypting here: http://www.dlitz.net/software/pycrypto/doc/.

I'll confess I haven't used this module, but it seems like you would establish a session with a public key, then use that to encrypt/decrypt the channel with a Crypto.PublicKey object. Then do the usual activity of generating a session key, communicating that over whatever channel you have. Finally, switch the channel to a Crypto.Cipher object using the session key.

Also, be sure to be very, very careful about how you obtain the value for your session key if security is a real concern, particularly on multiuser or only partially trusted machine.

Mike Miller
A: 

See What is the best/easiest to use encryption library in python, which mentions a PGP-compatible solution, gpgme.

For reasons I ignore, nobody in How to do PGP in Python (generate keys, encrypt/decrypt) mentioned gpgme...

bortzmeyer