0

i want to encrypt a sting with a public PGP key from my database. till now i search trough a lot of libsa and apps and such but i simply dont find a good working way here. I dont need any Key management and to be honest, it would be wonderful not to use any external binary here. I only need the encrypt function to wrap the string as a PGP encrypted message.

does anybody have a lightwight idea here?

This one seems to be a solution: https://github.com/singpolyma/OpenPGP-Python

but its quite old.

thanks and kind regards

1 Answers1

0

The protocols that OpenPGP uses are not different from what many libraries use. If you only want to encrypt a string you shouldn't worry too much about this unles you are going to store the string somewhere.

What I would recommend is useing the pyAesCrypt module as It is easy to read and It makes use of the more complicated Cryptography module which is pretty much the basis in which many cryptographic libraries are based, It is also partially written in C.

  • This doesn't at all honor the "as a PGP encrypted message" part of the spec. PGP is surprisingly complicated (which is, admittedly, one of the good reasons not to use it), but that complexity has reasons for existing; the real competitors are more modern protocols like saltpack designed to fulfill the same use cases with less complexity, not taking one of the internal components and using it standing alone without evaluating whether that standalone usage still meets the design goals. – Charles Duffy Jul 18 '19 at 15:42
  • Hi @Charles Duffy, of course PGP is very complicated, otherwise It wouldn't be a standard that comes with GNU. Although for low level projects I do not recommend using It as It overcomplicates things, thus th reason I advsed the usage of the pyAesCrypt module. –  Jul 20 '19 at 10:41
  • The problem is that much of the complexity is there for good reasons -- resisting replay attacks, resisting attacks that try to mismatch different correctly-signed message components, etc; if you aren't doing the analysis as to whether each of those attacks applies to you and whether you need the same countermeasures PGP gives you for free, using the same underlying encryption alone is not necessarily giving you the same level of resistance to real-world attacks. – Charles Duffy Jul 20 '19 at 15:23
  • ...there are newer, more modern, and otherwise *better* ways to resist some of those attacks than the approaches PGP uses, but if you just take AES alone, you aren't getting them. – Charles Duffy Jul 20 '19 at 15:25
  • @CharlesDuffy You're absolutely right, but the reason I advised It is because the person who asked the question want's to only encrypt a string, and If It was me I would like to use OpenPGP for every string I have, in case there are many. –  Jul 25 '19 at 22:08