srptools
========
https://github.com/idlesign/srptools
.. image:: https://idlesign.github.io/lbc/py2-lbc.svg
:target: https://idlesign.github.io/lbc/
:alt: LBC Python 2
----
|release| |stats| |lic| |ci| |coverage| |health|
.. |release| image:: https://img.shields.io/pypi/v/srptools.svg
:target: https://pypi.python.org/pypi/srptools
.. |stats| image:: https://img.shields.io/pypi/dm/srptools.svg
:target: https://pypi.python.org/pypi/srptools
.. |lic| image:: https://img.shields.io/pypi/l/srptools.svg
:target: https://pypi.python.org/pypi/srptools
.. |ci| image:: https://img.shields.io/travis/idlesign/srptools/master.svg
:target: https://travis-ci.org/idlesign/srptools
.. |coverage| image:: https://img.shields.io/coveralls/idlesign/srptools/master.svg
:target: https://coveralls.io/r/idlesign/srptools
.. |health| image:: https://landscape.io/github/idlesign/srptools/master/landscape.svg?style=flat
:target: https://landscape.io/github/idlesign/srptools/master
Description
-----------
*Tools to implement Secure Remote Password (SRP) authentication*
SRP is a secure password-based authentication and key-exchange protocol -
a password-authenticated key agreement protocol (PAKE).
This package contains protocol implementation for Python 2 and 3.
You may import it into you applications and use its API or you may use
``srptools`` command-line utility (CLI):
CLI usage
---------
Command-line utility requires ``click`` package to be installed.
Basic scenario:
.. code-block::
> srptools get_user_data_triplet
> srptools server get_private_and_public
> srptools client get_private_and_public
> srptools client get_session_data
> srptools server get_session_data
Help is available:
.. code-block::
> srptools --help
API usage
---------
Preliminary step. Agree on communication details:
.. code-block:: python
from srptools import SRPContext
context = SRPContext('alice', 'password123')
username, password_verifier, salt = context.get_user_data_triplet()
prime = context.prime
gen = context.generator
Simplified workflow:
.. code-block:: python
from srptools import SRPContext, SRPServerSession, SRPClientSession
# Receive username from client and generate server public.
server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)
server_public = server_session.public
# Receive server public and salt and process them.
client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
client_session.process(server_public, salt)
# Generate client public and session key.
client_public = client_session.public
# Process client public and compare session keys.
server_session.process(client_public, salt)
assert server_session.key == client_session.key
Extended workflow
.. code-block:: python
from srptools import SRPContext, SRPServerSession, SRPClientSession
# Receive username from client and generate server public.
server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)
server_public = server_session.public
# Receive server public and salt and process them.
client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
client_session.process(server_public, salt)
# Generate client public and session key proof.
client_public = client_session.public
client_session_key_proof = client_session.key_proof
# Process client public and verify session key proof.
server_session.process(client_public, salt)
assert server_session.verify_proof(client_session_key_proof)
# Generate session key proof hash.
server_session_key_proof_hash = client_session.key_proof_hash
# Verify session key proof hash received from server.
assert client_session.verify_proof(server_session_key_proof_hash)
Usage hints
-----------
* ``srptools.constants`` contains basic constants which can be used with ``SRPContext`` for server and client to agree
upon communication details.
* ``.process()`` methods of session classes may raise ``SRPException`` in certain circumstances. Auth process on
such occasions must be stopped.
* ``.private`` attribute of session classes may be used to restore sessions:
.. code-block:: python
server_private = server_session.private
# Restore session on new request.
server_session = SRPServerSession(context, password_verifier, private=server_private)
* ``SRPContext`` is rather flexible, so you can implement some custom server/client session logic with its help.
* Basic values are represented as hex strings but base64 encoded values are also supported:
.. code-block:: python
server_public = server_session.public_b64
# Receive server public and salt and process them.
client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
client_session.process(server_public, salt, base64=True)
# Use srptools.hex_from_b64() to represent base64 value as hex.
server_public_hex = hex_from_b64(server_public)
Links
-----
* RFC 2945 - The SRP Authentication and Key Exchange System
https://tools.ietf.org/html/rfc2945
* RFC 5054 - Using the Secure Remote Password (SRP) Protocol for TLS Authentication
https://tools.ietf.org/html/rfc5054
Raw data
{
"_id": null,
"home_page": "https://github.com/idlesign/srptools",
"name": "srptools",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "",
"author": "Igor `idle sign` Starikov",
"author_email": "idlesign@yandex.ru",
"download_url": "https://files.pythonhosted.org/packages/a1/8a/d62af55a56d56216e96563bc9c29c2d16d957317742c2e5bd4e79a524b06/srptools-1.0.1.tar.gz",
"platform": "",
"description": "srptools\n========\nhttps://github.com/idlesign/srptools\n\n.. image:: https://idlesign.github.io/lbc/py2-lbc.svg\n :target: https://idlesign.github.io/lbc/\n :alt: LBC Python 2\n\n----\n\n|release| |stats| |lic| |ci| |coverage| |health|\n\n.. |release| image:: https://img.shields.io/pypi/v/srptools.svg\n :target: https://pypi.python.org/pypi/srptools\n\n.. |stats| image:: https://img.shields.io/pypi/dm/srptools.svg\n :target: https://pypi.python.org/pypi/srptools\n\n.. |lic| image:: https://img.shields.io/pypi/l/srptools.svg\n :target: https://pypi.python.org/pypi/srptools\n\n.. |ci| image:: https://img.shields.io/travis/idlesign/srptools/master.svg\n :target: https://travis-ci.org/idlesign/srptools\n\n.. |coverage| image:: https://img.shields.io/coveralls/idlesign/srptools/master.svg\n :target: https://coveralls.io/r/idlesign/srptools\n\n.. |health| image:: https://landscape.io/github/idlesign/srptools/master/landscape.svg?style=flat\n :target: https://landscape.io/github/idlesign/srptools/master\n\n\nDescription\n-----------\n\n*Tools to implement Secure Remote Password (SRP) authentication*\n\nSRP is a secure password-based authentication and key-exchange protocol -\na password-authenticated key agreement protocol (PAKE).\n\nThis package contains protocol implementation for Python 2 and 3.\n\nYou may import it into you applications and use its API or you may use\n``srptools`` command-line utility (CLI):\n\n\nCLI usage\n---------\n\nCommand-line utility requires ``click`` package to be installed.\n\nBasic scenario:\n\n.. code-block::\n\n > srptools get_user_data_triplet\n > srptools server get_private_and_public\n > srptools client get_private_and_public\n > srptools client get_session_data\n > srptools server get_session_data\n\nHelp is available:\n\n.. code-block::\n\n > srptools --help\n\n\n\nAPI usage\n---------\n\nPreliminary step. Agree on communication details:\n\n.. code-block:: python\n\n from srptools import SRPContext\n\n context = SRPContext('alice', 'password123')\n username, password_verifier, salt = context.get_user_data_triplet()\n prime = context.prime\n gen = context.generator\n\n\nSimplified workflow:\n\n.. code-block:: python\n\n from srptools import SRPContext, SRPServerSession, SRPClientSession\n\n # Receive username from client and generate server public.\n server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)\n server_public = server_session.public\n\n # Receive server public and salt and process them.\n client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n client_session.process(server_public, salt)\n # Generate client public and session key.\n client_public = client_session.public\n\n # Process client public and compare session keys.\n server_session.process(client_public, salt)\n\n assert server_session.key == client_session.key\n\n\nExtended workflow\n\n.. code-block:: python\n\n from srptools import SRPContext, SRPServerSession, SRPClientSession\n\n # Receive username from client and generate server public.\n server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)\n server_public = server_session.public\n\n # Receive server public and salt and process them.\n client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n client_session.process(server_public, salt)\n # Generate client public and session key proof.\n client_public = client_session.public\n client_session_key_proof = client_session.key_proof\n\n # Process client public and verify session key proof.\n server_session.process(client_public, salt)\n assert server_session.verify_proof(client_session_key_proof)\n # Generate session key proof hash.\n server_session_key_proof_hash = client_session.key_proof_hash\n\n # Verify session key proof hash received from server.\n assert client_session.verify_proof(server_session_key_proof_hash)\n\n\n\nUsage hints\n-----------\n\n* ``srptools.constants`` contains basic constants which can be used with ``SRPContext`` for server and client to agree\n upon communication details.\n* ``.process()`` methods of session classes may raise ``SRPException`` in certain circumstances. Auth process on\n such occasions must be stopped.\n* ``.private`` attribute of session classes may be used to restore sessions:\n .. code-block:: python\n\n server_private = server_session.private\n\n # Restore session on new request.\n server_session = SRPServerSession(context, password_verifier, private=server_private)\n\n* ``SRPContext`` is rather flexible, so you can implement some custom server/client session logic with its help.\n* Basic values are represented as hex strings but base64 encoded values are also supported:\n\n .. code-block:: python\n\n server_public = server_session.public_b64\n\n # Receive server public and salt and process them.\n client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n client_session.process(server_public, salt, base64=True)\n\n # Use srptools.hex_from_b64() to represent base64 value as hex.\n server_public_hex = hex_from_b64(server_public)\n\n\nLinks\n-----\n* RFC 2945 - The SRP Authentication and Key Exchange System\n https://tools.ietf.org/html/rfc2945\n\n* RFC 5054 - Using the Secure Remote Password (SRP) Protocol for TLS Authentication\n https://tools.ietf.org/html/rfc5054\n",
"bugtrack_url": null,
"license": "BSD 3-Clause License",
"summary": "Tools to implement Secure Remote Password (SRP) authentication",
"version": "1.0.1",
"project_urls": {
"Homepage": "https://github.com/idlesign/srptools"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "8db83f935d7f7d6bc25a88859beb0a6e246313012a12ae4844665322f771a5cb",
"md5": "50e253b5e35b0b937363d4eb996602c0",
"sha256": "fccb44c949eb2507ba19f349a3087cb8fed2393014d7f0887b06c3186f19d1e9"
},
"downloads": -1,
"filename": "srptools-1.0.1-py2.py3-none-any.whl",
"has_sig": false,
"md5_digest": "50e253b5e35b0b937363d4eb996602c0",
"packagetype": "bdist_wheel",
"python_version": "2.7",
"requires_python": null,
"size": 13183,
"upload_time": "2020-09-12T02:06:30",
"upload_time_iso_8601": "2020-09-12T02:06:30.452454Z",
"url": "https://files.pythonhosted.org/packages/8d/b8/3f935d7f7d6bc25a88859beb0a6e246313012a12ae4844665322f771a5cb/srptools-1.0.1-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "a18ad62af55a56d56216e96563bc9c29c2d16d957317742c2e5bd4e79a524b06",
"md5": "f6deab27650c9a707f3dbf4959de0873",
"sha256": "7fa4337256a1542e8f5bb4bed19e1d9aea98fe5ff9baf76693342a1dd6ac7c96"
},
"downloads": -1,
"filename": "srptools-1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "f6deab27650c9a707f3dbf4959de0873",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 15436,
"upload_time": "2020-09-12T02:06:28",
"upload_time_iso_8601": "2020-09-12T02:06:28.244655Z",
"url": "https://files.pythonhosted.org/packages/a1/8a/d62af55a56d56216e96563bc9c29c2d16d957317742c2e5bd4e79a524b06/srptools-1.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2020-09-12 02:06:28",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "idlesign",
"github_project": "srptools",
"travis_ci": false,
"coveralls": true,
"github_actions": true,
"tox": true,
"lcname": "srptools"
}
JSON
