Comments (12)
This is embarrassing... ...
It is 2018, many dependencies for this project, people trusted you Google as professionals and you cannot just simply write this code to be compatible with both versions of Python. There is a module called six which can help with that. I saw this code and i am shocked how amateur it was written. I expected something professional but it looks like first program of student in high school. You should stop finding excuses and fix this library to work as good as it should. You should write open source code as good as commercial software to show that you are as good as you advertise yourself. Now this library is horrible and it looks that you are much worse programmers as it is widely believed.
from keyczar.
I know this is a frustrating situation, but I hope we can all agree that attacking the maintainers of the project isn't constructive.
Given that other libraries are starting to drop support for Python 2, it's increasingly a problem that keyczar doesn't support Python 3, and it's disappointing that Google hasn't provided more organizational support for the project.
However, unless someone with the necessary expertise wants to take on the Python 3 port in their spare time, we should be grateful for folks like Ed, who is clearly putting time and effort into providing a path forward.
ππ»Thank you @edknapp!
from keyczar.
Hey folks, any news on providing a Python 3 migration path for Keyczar users?
from keyczar.
In case it helps anyone else, we will likely use the following solution from @StackStorm to migrate from Keyczar to cryptography:
from keyczar.
Let me give a little window into what's happening inside google. One of the issues with keyczar is that it was a full fork of an internal library and the two were not even fully compatible. Keyczar's toolschains, libraries, and platforms were inconvenient for google folks to develop in so the two libraries diverged. Titus Winters gave a talk at cppcon 2017 that paints a general picture of how development at google has existed during this time (https://www.youtube.com/watch?v=tISy7EJQPzI).
Fortunately, things are starting to improve. Google's internal tooling and core libraries are starting to be opensourced. Our internal version of keyczar is being rewritten as CrunchyCrypt (https://github.com/google/crunchy), which has only c++ and java jni bindings for the moment. One goal of CrunchyCrypt is make sure the library we opensource is the same library we use internally, not a fork, so that we can avoid the same fate and incompatibilities as keyczar.
This brings us to python... our internal version of keyczar uses swig, which is being replaced by clif, which currently does not support bazel (google/clif#20). Once that support arrives, we'll be in a position to deliver python APIs in line with CrunchyCrypt's not-a-fork philosophy. For (efficient) migration, we'd likely take advantage of the built-in key versioning support of Keyczar/CrunchyCrypt and wrap keyczar in whatever CrunchyCrypt APIs we land on.
If you're solely interested a pure-python library, I don't have concrete plans at the moment. Concerns around timing attacks leads me to prefer wrapping c/c++ for crypto in python.
from keyczar.
Thanks for the update, Ed, I really appreciate it. I'm an ex-Googler, btw, 2005-2011.
I'm glad to hear that there's a migration plan going forward, and . as long as I can get it running in a Heroku buildpack, I personally don't need a pure-python library.
I suppose the remaining concern is timing. Do you have a rough sense for when this might happen? First half of 2018 or later?
from keyczar.
I doubt anything we'll have anything soon. clif-based crypto and key-management is on the horizon, but we likely won't get to it until late 2018. It's not unlikely that a crypto-only API would come sooner, much like what we already have via jni java.
from keyczar.
Thanks for the additional info, I appreciate it. I'll keep an eye out for any news!
In the meantime, some rough code to decrypt Keyczar ciphertext using Cryptography, PyNacl or another well-regarded Python library might be helpful for others who need/want to transition sooner.
If I get around to doing this, I'll post it here... unless someone's already done it and wants to share!
from keyczar.
@edknapp , any updates on this?
I'm starting to see more and more Python libraries update to Python 3 only
from keyczar.
Unfortunately, I've moved on to other things, the folks behind github.com/google/tink now own all these projects, you might reach out to them.
from keyczar.
Hi everybody,
I'm Thai from Tink. We're aware of Keyczar and we want to provide a migration path. The plan is not different from what Ed wrote in #213 (comment), replacing Crunchy with Tink.
We're still blocked by google/clif#20. I'll ping the owner and see if they can prioritize it.
from keyczar.
Note that we have a skylark extension:
https://github.com/google/nucleus/blob/master/third_party/clif.bzl
If you're willing to maintain that, then google/clif#20 needn't be a blocker.
from keyczar.
Related Issues (20)
- Keyczar throws an ImportError on import HOT 1
- name() function is not implemented in DefaultKeyType. HOT 3
- (wrong account, sorry)
- Python (wrong) semicolons in docs
- Inconsistent git tagging (java_* vs Java_*) between releases HOT 3
- Use cryptography.io instead of pycrypto / m2crypto HOT 5
- Can't add key to keyset that doesn't have name. HOT 1
- ArrayIndexOutOfBoundsException with empty string
- KeyczarTool still hosted on Google Code, referred to by wiki HOT 5
- Python 0.716 tagged, but not available in pypi HOT 1
- Design document link in README.md is broken HOT 2
- Problem with python 3.5 HOT 7
- Java: Make ImportedKeyReader constructors public HOT 1
- Support pycryptodome (pycrypto fork/continuation) HOT 2
- testParseX509 fails for python-keyczar using pyasn1 0.2.x HOT 1
- ExceptionInInitializerError
- Incompatible with pyasn1 0.4.2-2 HOT 3
- Python3 and Keyczar HOT 3
- Is the library abandoned? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from keyczar.