srptools


Namesrptools JSON
Version 1.0.1 PyPI version JSON
download
home_pagehttps://github.com/idlesign/srptools
SummaryTools to implement Secure Remote Password (SRP) authentication
upload_time2020-09-12 02:06:28
maintainer
docs_urlNone
authorIgor `idle sign` Starikov
requires_python
licenseBSD 3-Clause License
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage
            srptools
========
https://github.com/idlesign/srptools

.. image:: https://idlesign.github.io/lbc/py2-lbc.svg
   :target: https://idlesign.github.io/lbc/
   :alt: LBC Python 2

----

|release| |stats|  |lic| |ci| |coverage| |health|

.. |release| image:: https://img.shields.io/pypi/v/srptools.svg
    :target: https://pypi.python.org/pypi/srptools

.. |stats| image:: https://img.shields.io/pypi/dm/srptools.svg
    :target: https://pypi.python.org/pypi/srptools

.. |lic| image:: https://img.shields.io/pypi/l/srptools.svg
    :target: https://pypi.python.org/pypi/srptools

.. |ci| image:: https://img.shields.io/travis/idlesign/srptools/master.svg
    :target: https://travis-ci.org/idlesign/srptools

.. |coverage| image:: https://img.shields.io/coveralls/idlesign/srptools/master.svg
    :target: https://coveralls.io/r/idlesign/srptools

.. |health| image:: https://landscape.io/github/idlesign/srptools/master/landscape.svg?style=flat
    :target: https://landscape.io/github/idlesign/srptools/master


Description
-----------

*Tools to implement Secure Remote Password (SRP) authentication*

SRP is a secure password-based authentication and key-exchange protocol -
a password-authenticated key agreement protocol (PAKE).

This package contains protocol implementation for Python 2 and 3.

You may import it into you applications and use its API or you may use
``srptools`` command-line utility (CLI):


CLI usage
---------

Command-line utility requires ``click`` package to be installed.

Basic scenario:

.. code-block::

    > srptools get_user_data_triplet
    > srptools server get_private_and_public
    > srptools client get_private_and_public
    > srptools client get_session_data
    > srptools server get_session_data

Help is available:

.. code-block::

    > srptools --help



API usage
---------

Preliminary step. Agree on communication details:

.. code-block:: python

    from srptools import SRPContext

    context = SRPContext('alice', 'password123')
    username, password_verifier, salt = context.get_user_data_triplet()
    prime = context.prime
    gen = context.generator


Simplified workflow:

.. code-block:: python

    from srptools import SRPContext, SRPServerSession, SRPClientSession

    # Receive username from client and generate server public.
    server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)
    server_public = server_session.public

    # Receive server public and salt and process them.
    client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
    client_session.process(server_public, salt)
    # Generate client public and session key.
    client_public = client_session.public

    # Process client public and compare session keys.
    server_session.process(client_public, salt)

    assert server_session.key == client_session.key


Extended workflow

.. code-block:: python

    from srptools import SRPContext, SRPServerSession, SRPClientSession

    # Receive username from client and generate server public.
    server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)
    server_public = server_session.public

    # Receive server public and salt and process them.
    client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
    client_session.process(server_public, salt)
    # Generate client public and session key proof.
    client_public = client_session.public
    client_session_key_proof = client_session.key_proof

    # Process client public and verify session key proof.
    server_session.process(client_public, salt)
    assert server_session.verify_proof(client_session_key_proof)
    # Generate session key proof hash.
    server_session_key_proof_hash = client_session.key_proof_hash

    # Verify session key proof hash received from server.
    assert client_session.verify_proof(server_session_key_proof_hash)



Usage hints
-----------

* ``srptools.constants`` contains basic constants which can be used with ``SRPContext`` for server and client to agree
  upon communication details.
* ``.process()`` methods of session classes may raise ``SRPException`` in certain circumstances. Auth process on
  such occasions must be stopped.
* ``.private`` attribute of session classes may be used to restore sessions:
    .. code-block:: python

        server_private = server_session.private

        # Restore session on new request.
        server_session = SRPServerSession(context, password_verifier, private=server_private)

* ``SRPContext`` is rather flexible, so you can implement some custom server/client session logic with its help.
* Basic values are represented as hex strings but base64 encoded values are also supported:

    .. code-block:: python

        server_public = server_session.public_b64

        # Receive server public and salt and process them.
        client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
        client_session.process(server_public, salt, base64=True)

        # Use srptools.hex_from_b64() to represent base64 value as hex.
        server_public_hex = hex_from_b64(server_public)


Links
-----
* RFC 2945 - The SRP Authentication and Key Exchange System
    https://tools.ietf.org/html/rfc2945

* RFC 5054 - Using the Secure Remote Password (SRP) Protocol for TLS Authentication
    https://tools.ietf.org/html/rfc5054

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/idlesign/srptools",
    "name": "srptools",
    "maintainer": "",
    "docs_url": null,
    "requires_python": "",
    "maintainer_email": "",
    "keywords": "",
    "author": "Igor `idle sign` Starikov",
    "author_email": "idlesign@yandex.ru",
    "download_url": "https://files.pythonhosted.org/packages/a1/8a/d62af55a56d56216e96563bc9c29c2d16d957317742c2e5bd4e79a524b06/srptools-1.0.1.tar.gz",
    "platform": "",
    "description": "srptools\n========\nhttps://github.com/idlesign/srptools\n\n.. image:: https://idlesign.github.io/lbc/py2-lbc.svg\n   :target: https://idlesign.github.io/lbc/\n   :alt: LBC Python 2\n\n----\n\n|release| |stats|  |lic| |ci| |coverage| |health|\n\n.. |release| image:: https://img.shields.io/pypi/v/srptools.svg\n    :target: https://pypi.python.org/pypi/srptools\n\n.. |stats| image:: https://img.shields.io/pypi/dm/srptools.svg\n    :target: https://pypi.python.org/pypi/srptools\n\n.. |lic| image:: https://img.shields.io/pypi/l/srptools.svg\n    :target: https://pypi.python.org/pypi/srptools\n\n.. |ci| image:: https://img.shields.io/travis/idlesign/srptools/master.svg\n    :target: https://travis-ci.org/idlesign/srptools\n\n.. |coverage| image:: https://img.shields.io/coveralls/idlesign/srptools/master.svg\n    :target: https://coveralls.io/r/idlesign/srptools\n\n.. |health| image:: https://landscape.io/github/idlesign/srptools/master/landscape.svg?style=flat\n    :target: https://landscape.io/github/idlesign/srptools/master\n\n\nDescription\n-----------\n\n*Tools to implement Secure Remote Password (SRP) authentication*\n\nSRP is a secure password-based authentication and key-exchange protocol -\na password-authenticated key agreement protocol (PAKE).\n\nThis package contains protocol implementation for Python 2 and 3.\n\nYou may import it into you applications and use its API or you may use\n``srptools`` command-line utility (CLI):\n\n\nCLI usage\n---------\n\nCommand-line utility requires ``click`` package to be installed.\n\nBasic scenario:\n\n.. code-block::\n\n    > srptools get_user_data_triplet\n    > srptools server get_private_and_public\n    > srptools client get_private_and_public\n    > srptools client get_session_data\n    > srptools server get_session_data\n\nHelp is available:\n\n.. code-block::\n\n    > srptools --help\n\n\n\nAPI usage\n---------\n\nPreliminary step. Agree on communication details:\n\n.. code-block:: python\n\n    from srptools import SRPContext\n\n    context = SRPContext('alice', 'password123')\n    username, password_verifier, salt = context.get_user_data_triplet()\n    prime = context.prime\n    gen = context.generator\n\n\nSimplified workflow:\n\n.. code-block:: python\n\n    from srptools import SRPContext, SRPServerSession, SRPClientSession\n\n    # Receive username from client and generate server public.\n    server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)\n    server_public = server_session.public\n\n    # Receive server public and salt and process them.\n    client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n    client_session.process(server_public, salt)\n    # Generate client public and session key.\n    client_public = client_session.public\n\n    # Process client public and compare session keys.\n    server_session.process(client_public, salt)\n\n    assert server_session.key == client_session.key\n\n\nExtended workflow\n\n.. code-block:: python\n\n    from srptools import SRPContext, SRPServerSession, SRPClientSession\n\n    # Receive username from client and generate server public.\n    server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)\n    server_public = server_session.public\n\n    # Receive server public and salt and process them.\n    client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n    client_session.process(server_public, salt)\n    # Generate client public and session key proof.\n    client_public = client_session.public\n    client_session_key_proof = client_session.key_proof\n\n    # Process client public and verify session key proof.\n    server_session.process(client_public, salt)\n    assert server_session.verify_proof(client_session_key_proof)\n    # Generate session key proof hash.\n    server_session_key_proof_hash = client_session.key_proof_hash\n\n    # Verify session key proof hash received from server.\n    assert client_session.verify_proof(server_session_key_proof_hash)\n\n\n\nUsage hints\n-----------\n\n* ``srptools.constants`` contains basic constants which can be used with ``SRPContext`` for server and client to agree\n  upon communication details.\n* ``.process()`` methods of session classes may raise ``SRPException`` in certain circumstances. Auth process on\n  such occasions must be stopped.\n* ``.private`` attribute of session classes may be used to restore sessions:\n    .. code-block:: python\n\n        server_private = server_session.private\n\n        # Restore session on new request.\n        server_session = SRPServerSession(context, password_verifier, private=server_private)\n\n* ``SRPContext`` is rather flexible, so you can implement some custom server/client session logic with its help.\n* Basic values are represented as hex strings but base64 encoded values are also supported:\n\n    .. code-block:: python\n\n        server_public = server_session.public_b64\n\n        # Receive server public and salt and process them.\n        client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n        client_session.process(server_public, salt, base64=True)\n\n        # Use srptools.hex_from_b64() to represent base64 value as hex.\n        server_public_hex = hex_from_b64(server_public)\n\n\nLinks\n-----\n* RFC 2945 - The SRP Authentication and Key Exchange System\n    https://tools.ietf.org/html/rfc2945\n\n* RFC 5054 - Using the Secure Remote Password (SRP) Protocol for TLS Authentication\n    https://tools.ietf.org/html/rfc5054\n",
    "bugtrack_url": null,
    "license": "BSD 3-Clause License",
    "summary": "Tools to implement Secure Remote Password (SRP) authentication",
    "version": "1.0.1",
    "project_urls": {
        "Homepage": "https://github.com/idlesign/srptools"
    },
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "8db83f935d7f7d6bc25a88859beb0a6e246313012a12ae4844665322f771a5cb",
                "md5": "50e253b5e35b0b937363d4eb996602c0",
                "sha256": "fccb44c949eb2507ba19f349a3087cb8fed2393014d7f0887b06c3186f19d1e9"
            },
            "downloads": -1,
            "filename": "srptools-1.0.1-py2.py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "50e253b5e35b0b937363d4eb996602c0",
            "packagetype": "bdist_wheel",
            "python_version": "2.7",
            "requires_python": null,
            "size": 13183,
            "upload_time": "2020-09-12T02:06:30",
            "upload_time_iso_8601": "2020-09-12T02:06:30.452454Z",
            "url": "https://files.pythonhosted.org/packages/8d/b8/3f935d7f7d6bc25a88859beb0a6e246313012a12ae4844665322f771a5cb/srptools-1.0.1-py2.py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "a18ad62af55a56d56216e96563bc9c29c2d16d957317742c2e5bd4e79a524b06",
                "md5": "f6deab27650c9a707f3dbf4959de0873",
                "sha256": "7fa4337256a1542e8f5bb4bed19e1d9aea98fe5ff9baf76693342a1dd6ac7c96"
            },
            "downloads": -1,
            "filename": "srptools-1.0.1.tar.gz",
            "has_sig": false,
            "md5_digest": "f6deab27650c9a707f3dbf4959de0873",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 15436,
            "upload_time": "2020-09-12T02:06:28",
            "upload_time_iso_8601": "2020-09-12T02:06:28.244655Z",
            "url": "https://files.pythonhosted.org/packages/a1/8a/d62af55a56d56216e96563bc9c29c2d16d957317742c2e5bd4e79a524b06/srptools-1.0.1.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2020-09-12 02:06:28",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "idlesign",
    "github_project": "srptools",
    "travis_ci": false,
    "coveralls": true,
    "github_actions": true,
    "tox": true,
    "lcname": "srptools"
}
        
Elapsed time: 0.11554s