
 M2Crypto 0.08 (29 Dec 2002)
-----------------------------

M2Crypto = Python + OpenSSL + SWIG.

M2 stands for "me, too!"*

M2Crypto makes accessible to the Python programmer the following:

    - DH, RSA, DSA, symmetric ciphers, message digests, HMACs.
    - SSL functionality to implement clients and servers.
    - HTTPS extensions to Python's HTTP functionality.
    - S/MIME v2.
    - FTP/TLS client and server.
    - ZServerSSL: A HTTPS server for Zope.

M2Crypto is released under a very liberal BSD-style licence. See 
LICENCE for details.

This release requires Python 2.1, 2.2, OpenSSL 0.9.6 or later, and
SWIG 1.3.17.  Earlier versions of Python may or may not work. You are
recommended to use the current version of OpenSSL. Earlier versions of
SWIG may not work.

To install, see the file INSTALL.


Note these caveats:

1. Possible memory leaks, because some objects need to be freed on the 
Python side and other objects on the C side, and these may change between 
OpenSSL versions. (Multiple free's lead to crashes very quickly, so 
these should have been rooted out.)

2. No memory locking/clearing for keys, passphrases, etc.

3. PRNG may not be CS**; it may not be CS***.

4. AFAIK, Python and OpenSSL have not been subjected to the full attention 
of the Bugtraq crowd. M2Crypto's handling of active hostile input is 
probably suspect. (Dec 2002: Well, there have been reported vulnerabilities 
in some versions of OpenSSL.)

Of course, I hope to address these in future.

Meanwhile, have fun! Your feedback is welcome.


Ng Pheng Siong
ngps@netmemetic.com 
http://www.netmemetic.com/
http://www.post1.com/home/ngps/


* Similar software are Marc-Andre Lemburg's mxCrypto, and two earlier
Python interfaces to the SSL portion of SSLeay/OpenSSL. Since M2Crypto 
came into being, yet more Python OpenSSL wrappers have appeared.

** Continuous seeding.

*** Cryptographically strong.

---------------------------------------------------------------------------
$Id: README,v 1.3 2002/12/29 16:15:45 ngps Exp $
