* OPAQUE-Store
This is a simple client-server system, which implements a simple online storage
of blobs, which can be recovered using only a password.
Client-Server Communication is protected using a Noise-XK pattern
thanks to dissononce.
You might want to read this blogpost on this topic and on more info:
https://www.ctrlc.hu/~stef/blog/posts/How_to_recover_static_secrets_using_OPAQUE.html
** Installation
opaquestore depends on https://github.com/stef/libopaque/ which also
depends on libsodium.
When you have libopaque, a simple `pip install opaquestore` should get you started.
** API
The client provides two simple functions for creating and querying blobs:
Store a new blob:
#+BEGIN_SRC python
from opaquestore import opaquestore
from opaquestore.noiseclient import NoiseWrapper
s = NoiseWrapper.connect(cfg['address'], cfg['port'], cfg['noise_key'], cfg['server_pubkey'])
opaquestore.create(s, password, blob_id, blob)
#+END_SRC
To query an existing blob:
#+BEGIN_SRC python
from opaquestore import opaquestore
from opaquestore.noiseclient import NoiseWrapper
s = NoiseWrapper.connect(cfg['address'], cfg['port'], cfg['noise_key'], cfg['server_pubkey'])
blob = opaquestore.get(s, password, blob_id)
#+END_SRC
The `cfg` variable should be loaded with the values from a configfile or otherwise populated.
** Configfiles
For an example and documentation on the values in the config files
see: opaque-store.cfg for the client config, and opaque-stored.cfg for
the server config.
** Example
Generate keys
#+BEGIN_EXAMPLE
opaquestore genkey
#+END_EXAMPLE
This should output a private key and a public key, these you can/should use in the configfiles.
Run the server
#+BEGIN_EXAMPLE
opaquestore server
#+END_EXAMPLE
Store a new blob:
#+BEGIN_EXAMPLE
echo -en "mypassword\!sMyV0ice\nmy secretty token data that i need to protect and store using opaque" | opaquestore create cfba1e747f706b542451a9d5404346f8
#+END_EXAMPLE
the password and the blob are expected on stdin, in this order,
seperated by a newline. The second parameter to the client is an ID
used to refer to the blob.
Recall the blob:
#+BEGIN_EXAMPLE
echo -en "mypassword\!sMyV0ice" | opaquestore get cfba1e747f706b542451a9d5404346f8
#+END_EXAMPLE
The password is again supplied on stdin, and the same ID as used for
creation is used as reference.
Raw data
{
"_id": null,
"home_page": "https://github.com/stef/opaque-store/",
"name": "opaquestore",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "",
"author": "Stefan Marsiske",
"author_email": "opaque@ctrlc.hu",
"download_url": "https://files.pythonhosted.org/packages/a0/d1/af2f85b58315ef9504fd945d924ebddb55a76ab319326dc42859bf1a6646/opaquestore-0.0.6.tar.gz",
"platform": null,
"description": "* OPAQUE-Store\n\nThis is a simple client-server system, which implements a simple online storage\nof blobs, which can be recovered using only a password.\n\nClient-Server Communication is protected using a Noise-XK pattern\nthanks to dissononce.\n\nYou might want to read this blogpost on this topic and on more info:\nhttps://www.ctrlc.hu/~stef/blog/posts/How_to_recover_static_secrets_using_OPAQUE.html\n\n** Installation\n\nopaquestore depends on https://github.com/stef/libopaque/ which also\ndepends on libsodium.\n\nWhen you have libopaque, a simple `pip install opaquestore` should get you started.\n\n** API\n\nThe client provides two simple functions for creating and querying blobs:\n\nStore a new blob:\n\n#+BEGIN_SRC python\n from opaquestore import opaquestore\n from opaquestore.noiseclient import NoiseWrapper\n s = NoiseWrapper.connect(cfg['address'], cfg['port'], cfg['noise_key'], cfg['server_pubkey'])\n opaquestore.create(s, password, blob_id, blob)\n#+END_SRC\n\nTo query an existing blob:\n\n#+BEGIN_SRC python\n from opaquestore import opaquestore\n from opaquestore.noiseclient import NoiseWrapper\n s = NoiseWrapper.connect(cfg['address'], cfg['port'], cfg['noise_key'], cfg['server_pubkey'])\n blob = opaquestore.get(s, password, blob_id)\n#+END_SRC\n\nThe `cfg` variable should be loaded with the values from a configfile or otherwise populated.\n\n** Configfiles\n\nFor an example and documentation on the values in the config files\nsee: opaque-store.cfg for the client config, and opaque-stored.cfg for\nthe server config.\n\n** Example\n\nGenerate keys\n\n#+BEGIN_EXAMPLE\nopaquestore genkey\n#+END_EXAMPLE\n\nThis should output a private key and a public key, these you can/should use in the configfiles.\n\nRun the server\n\n#+BEGIN_EXAMPLE\nopaquestore server\n#+END_EXAMPLE\n\nStore a new blob:\n\n#+BEGIN_EXAMPLE\necho -en \"mypassword\\!sMyV0ice\\nmy secretty token data that i need to protect and store using opaque\" | opaquestore create cfba1e747f706b542451a9d5404346f8\n#+END_EXAMPLE\n\nthe password and the blob are expected on stdin, in this order,\nseperated by a newline. The second parameter to the client is an ID\nused to refer to the blob.\n\nRecall the blob:\n\n#+BEGIN_EXAMPLE\necho -en \"mypassword\\!sMyV0ice\" | opaquestore get cfba1e747f706b542451a9d5404346f8\n#+END_EXAMPLE\n\nThe password is again supplied on stdin, and the same ID as used for\ncreation is used as reference.\n",
"bugtrack_url": null,
"license": "GPLv3",
"summary": "Simple Online secret-storage based on the OPAQUE protocol",
"version": "0.0.6",
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "a0d1af2f85b58315ef9504fd945d924ebddb55a76ab319326dc42859bf1a6646",
"md5": "6193e03f7ee03d327b9b7861e1324b92",
"sha256": "3ff1c8d1f142d7d0d9de711e21d102d8475f82a3a1cd6781fb4ca001f0e4def0"
},
"downloads": -1,
"filename": "opaquestore-0.0.6.tar.gz",
"has_sig": true,
"md5_digest": "6193e03f7ee03d327b9b7861e1324b92",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 21384,
"upload_time": "2023-04-08T19:53:06",
"upload_time_iso_8601": "2023-04-08T19:53:06.838282Z",
"url": "https://files.pythonhosted.org/packages/a0/d1/af2f85b58315ef9504fd945d924ebddb55a76ab319326dc42859bf1a6646/opaquestore-0.0.6.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-04-08 19:53:06",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "stef",
"github_project": "opaque-store",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "opaquestore"
}