[pycrypto] Pickling AES cipher objects - any reasons not to support this?

Pearu Peterson pearu.peterson at gmail.com
Tue Dec 25 03:48:05 PST 2012


Currently pickling cipher objects fail (Pycrypto v2.6):

>>> import pickle
>>> from Crypto.Cipher import AES
>>> cipher = AES.new('mysecret'*2)
>>> dump=pickle.dumps(cipher)
PicklingError: Can't pickle '_AES' object: <_AES object at 0x1fe0bd0>

I wonder if there are any fundamental reasons why pickling cipher objects
be pickled? Otherwise I would look into implementing pickling support for
cipher objects.

I am using Pycrypt in web2py and I need to temporarily store cipher
information within a session
without opening any security holes. I would presume that storing cipher
object is safer (would it be?)
than storing an encryption key used to create the cipher object.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20121225/43eecd9e/attachment.html>

More information about the pycrypto mailing list