initial commit

2 files changed, 321 insertions, 0 deletions

diff --git a/doc/conf.py b/doc/conf.py
new file mode 100644
index 0000000..7d22afa
--- /dev/null
+++ b/doc/conf.py
@@ -0,0 +1,194 @@
+# -*- coding: utf-8 -*-
+#
+# srp documentation build configuration file, created by
+# sphinx-quickstart on Mon Aug 30 23:18:19 2010.
+#
+# This file is execfile()d with the current directory set to its containing dir.
+#
+# Note that not all possible configuration values are present in this
+# autogenerated file.
+#
+# All configuration values have a default; values that are commented out
+# serve to show the default.
+
+import sys, os
+
+# If extensions (or modules to document with autodoc) are in another directory,
+# add these directories to sys.path here. If the directory is relative to the
+# documentation root, use os.path.abspath to make it absolute, like shown here.
+#sys.path.append(os.path.abspath('.'))
+
+# -- General configuration -----------------------------------------------------
+
+# Add any Sphinx extension module names here, as strings. They can be extensions
+# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
+extensions = []
+
+# Add any paths that contain templates here, relative to this directory.
+templates_path = ['_templates']
+
+# The suffix of source filenames.
+source_suffix = '.rst'
+
+# The encoding of source files.
+#source_encoding = 'utf-8'
+
+# The master toctree document.
+master_doc = 'srp'
+
+# General information about the project.
+project = u'srp'
+copyright = u'2010, Tom Cocagne'
+
+# The version info for the project you're documenting, acts as replacement for
+# |version| and |release|, also used in various other places throughout the
+# built documents.
+#
+# The short X.Y version.
+version = '0.9'
+# The full version, including alpha/beta/rc tags.
+release = '0.9'
+
+# The language for content autogenerated by Sphinx. Refer to documentation
+# for a list of supported languages.
+#language = None
+
+# There are two options for replacing |today|: either, you set today to some
+# non-false value, then it is used:
+#today = ''
+# Else, today_fmt is used as the format for a strftime call.
+#today_fmt = '%B %d, %Y'
+
+# List of documents that shouldn't be included in the build.
+#unused_docs = []
+
+# List of directories, relative to source directory, that shouldn't be searched
+# for source files.
+exclude_trees = ['_build']
+
+# The reST default role (used for this markup: `text`) to use for all documents.
+#default_role = None
+
+# If true, '()' will be appended to :func: etc. cross-reference text.
+#add_function_parentheses = True
+
+# If true, the current module name will be prepended to all description
+# unit titles (such as .. function::).
+#add_module_names = True
+
+# If true, sectionauthor and moduleauthor directives will be shown in the
+# output. They are ignored by default.
+#show_authors = False
+
+# The name of the Pygments (syntax highlighting) style to use.
+pygments_style = 'sphinx'
+
+# A list of ignored prefixes for module index sorting.
+#modindex_common_prefix = []
+
+
+# -- Options for HTML output ---------------------------------------------------
+
+# The theme to use for HTML and HTML Help pages.  Major themes that come with
+# Sphinx are currently 'default' and 'sphinxdoc'.
+html_theme = 'default'
+
+# Theme options are theme-specific and customize the look and feel of a theme
+# further.  For a list of options available for each theme, see the
+# documentation.
+#html_theme_options = {}
+
+# Add any paths that contain custom themes here, relative to this directory.
+#html_theme_path = []
+
+# The name for this set of Sphinx documents.  If None, it defaults to
+# "<project> v<release> documentation".
+#html_title = None
+
+# A shorter title for the navigation bar.  Default is the same as html_title.
+#html_short_title = None
+
+# The name of an image file (relative to this directory) to place at the top
+# of the sidebar.
+#html_logo = None
+
+# The name of an image file (within the static path) to use as favicon of the
+# docs.  This file should be a Windows icon file (.ico) being 16x16 or 32x32
+# pixels large.
+#html_favicon = None
+
+# Add any paths that contain custom static files (such as style sheets) here,
+# relative to this directory. They are copied after the builtin static files,
+# so a file named "default.css" will overwrite the builtin "default.css".
+html_static_path = ['_static']
+
+# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
+# using the given strftime format.
+#html_last_updated_fmt = '%b %d, %Y'
+
+# If true, SmartyPants will be used to convert quotes and dashes to
+# typographically correct entities.
+#html_use_smartypants = True
+
+# Custom sidebar templates, maps document names to template names.
+#html_sidebars = {}
+
+# Additional templates that should be rendered to pages, maps page names to
+# template names.
+#html_additional_pages = {}
+
+# If false, no module index is generated.
+#html_use_modindex = True
+
+# If false, no index is generated.
+#html_use_index = True
+
+# If true, the index is split into individual pages for each letter.
+#html_split_index = False
+
+# If true, links to the reST sources are added to the pages.
+#html_show_sourcelink = True
+
+# If true, an OpenSearch description file will be output, and all pages will
+# contain a <link> tag referring to it.  The value of this option must be the
+# base URL from which the finished HTML is served.
+#html_use_opensearch = ''
+
+# If nonempty, this is the file name suffix for HTML files (e.g. ".xhtml").
+#html_file_suffix = ''
+
+# Output file base name for HTML help builder.
+htmlhelp_basename = 'srpdoc'
+
+
+# -- Options for LaTeX output --------------------------------------------------
+
+# The paper size ('letter' or 'a4').
+#latex_paper_size = 'letter'
+
+# The font size ('10pt', '11pt' or '12pt').
+#latex_font_size = '10pt'
+
+# Grouping the document tree into LaTeX files. List of tuples
+# (source start file, target name, title, author, documentclass [howto/manual]).
+latex_documents = [
+  ('srp', 'srp.tex', u'srp Documentation',
+   u'Tom Cocagne', 'manual'),
+]
+
+# The name of an image file (relative to this directory) to place at the top of
+# the title page.
+#latex_logo = None
+
+# For "manual" documents, if this is true, then toplevel headings are parts,
+# not chapters.
+#latex_use_parts = False
+
+# Additional stuff for the LaTeX preamble.
+#latex_preamble = ''
+
+# Documents to append as an appendix to all manuals.
+#latex_appendices = []
+
+# If false, no module index is generated.
+#latex_use_modindex = True
diff --git a/doc/srp.rst b/doc/srp.rst
new file mode 100644
index 0000000..8cfd780
--- /dev/null
+++ b/doc/srp.rst
@@ -0,0 +1,127 @@
+:mod:`srp` --- Secure Remote Password
+=====================================
+
+.. module:: srp
+    :synopsis: Secure Remote Password
+    
+.. moduleauthor:: Tom Cocagne <tom.cocagne@gmail.com>
+
+.. sectionauthor:: Tom Cocagne <tom.cocagne@gmail.com>
+
+
+This module provides an implementation of the Secure Remote Password
+Protocol. It may be used for secure, mutual authentication across an
+unsecured network connection. With SRP, the user's password is never
+sent across the network and a successful authentication results in a
+cryptographically secure shared key that may be used for symmetric key
+encryption.
+
+The SRP authentication requires that the server store a salt and verification
+key that is computed from user's password. While care should be taken
+to protect the verification key from disclosure, the protocol remains
+reasonably secure even in the event that an attacker obtains it as a 
+computationally infeasible brute-force dictionary attack would be required
+to derive the users password.
+
+See http://srp.stanford.edu/ for a full description of the SRP protocol.
+
+Functions
+---------
+
+.. function:: gen_sv ( username, password )
+
+    Generates a salt and verifier for the given username and password.
+    Returns (salt_bytes, verifier_bytes)
+    
+    
+:class:`Verifier` Objects
+-------------------------
+
+A :class:`Verifier` object is used to verify the identity of a remote
+user.
+
+.. class:: Verifier( username, bytes_s, bytes_v, bytes_A )
+
+  *username* Name of the remote user being authenticated.
+  
+  *bytes_s* Salt generated by :func:`gen_sv`.
+  
+  *bytes_v* Verifier generated by :func:`gen_sv`.
+  
+  *bytes_A* Challenge from the remote user. Generated by
+  :meth:`User.start_authentication`
+  
+  .. method:: authenticated()
+  
+    Returns True if the authentication succeeded. False
+    otherwise.
+    
+  .. method:: get_username()
+  
+    Returns the name of the user this :class:`Verifier` object is for.
+    
+  .. method:: get_session_key()
+  
+    Returns the session key for an authenticated user or None if the
+    authentication failed or has not yet completed.
+    
+  .. method:: get_challenge()
+  
+    Returns (bytes_s, bytes_B) on success or (None, None) if
+    authentication has failed.
+    
+  .. method:: verify_session( user_M )
+  
+    Completes the :class:`Verifier` side of the authentication
+    process. If the authentication succeded the return result,
+    bytes_H_AMK should be returned to the remote user. On failure,
+    this method returns None.
+    
+    
+:class:`User` Objects
+-------------------------
+
+A :class:`User` object is used to perform mutual authentication with a
+remote :class:`Verifier`. Successful authentication requires not only
+that the :class:`User` be provided with a valid username/password but
+also that the remote :class:`Verifier` have a salt & verifier for that 
+username/password pair.
+
+.. class:: User( username, password )
+
+  *username* Name of the user being authenticated.
+  
+  *password* Password for the user.
+    
+  .. method:: authenticated()
+  
+      Returns True if authentication succeeded. False
+      otherwise.
+    
+  .. method:: get_username()
+  
+     Returns the username passed to the constructor.
+    
+  .. method:: get_session_key()
+  
+    Returns the session key if authentication succeeded or None if the
+    authentication failed or has not yet completed.
+    
+  .. method:: start_authentication()
+  
+    Returns (username, bytes_A). These should be passed to the
+    constructor of the remote :class:`Verifer`
+    
+  .. method:: process_challenge( bytes_s, bytes_B )
+  
+    Processes the challenge returned
+    by :meth:`Verifier.get_challenge` on success this method
+    returns bytes_M that should be sent
+    to :meth:`Verifier.verify_session` if authentication failed,
+    it returns None.
+    
+  .. method:: verify_session( bytes_H_AMK )
+  
+    Completes the :class:`User` side of the authentication
+    process. If the authentication succeded :meth:`authenticated` will
+    return True
\ No newline at end of file