diff options
| -rw-r--r-- | LICENSE | 40 | ||||
| -rw-r--r-- | README.md | 125 | ||||
| -rw-r--r-- | README.txt | 33 | ||||
| -rw-r--r-- | debian/changelog | 8 | ||||
| -rw-r--r-- | debian/control | 5 | ||||
| -rw-r--r-- | debian/copyright | 33 | ||||
| -rwxr-xr-x | setup.py | 4 | ||||
| -rw-r--r-- | srp/_pysrp.py | 2 |
8 files changed, 166 insertions, 84 deletions
@@ -1,25 +1,21 @@ -Copyright (c) 2010, Tom Cocagne -All rights reserved. +The MIT License (MIT) -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - * Neither the name of the Python Software Foundation nor the - names of its contributors may be used to endorse or promote products - derived from this software without specific prior written permission. +Copyright (c) 2012 Tom Cocagne -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL TOM COCAGNE BE LIABLE FOR ANY -DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..9490b20 --- /dev/null +++ b/README.md @@ -0,0 +1,125 @@ +pysrp +===== +Tom Cocagne <tom.cocagne@gmail.com> + +pysrp provides a Python implementation of the [Secure Remote Password +protocol](http://srp.stanford.edu/) (SRP). + + +SRP Overview +------------ + +SRP is a cryptographically strong authentication +protocol for password-based, mutual authentication over an insecure +network connection. + +Unlike other common challenge-response autentication protocols, such +as Kereros and SSL, SRP does not rely on an external infrastructure +of trusted key servers or certificate management. Instead, SRP server +applications use verification keys derived from each user's password +to determine the authenticity of a network connection. + +SRP provides mutual-authentication in that successful authentication +requires both sides of the connection to have knowledge of the +user's password. If the client side lacks the user's password or the +server side lacks the proper verification key, the authentication will +fail. + +Unlike SSL, SRP does not directly encrypt all data flowing through +the authenticated connection. However, successful authentication does +result in a cryptographically strong shared key that can be used +for symmetric-key encryption. + +For a full description of the pysrp package and the SRP protocol, please refer +to the [pysrp documentation](http://pythonhosted.org/srp/) + + +Usage Example +------------- + +```python +import srp + +# The salt and verifier returned from srp.create_salted_verification_key() should be +# stored on the server. +salt, vkey = srp.create_salted_verification_key( 'testuser', 'testpassword' ) + +class AuthenticationFailed (Exception): + pass + +# ~~~ Begin Authentication ~~~ + +usr = srp.User( 'testuser', 'testpassword' ) +uname, A = usr.start_authentication() + +# The authentication process can fail at each step from this +# point on. To comply with the SRP protocol, the authentication +# process should be aborted on the first failure. + +# Client => Server: username, A +svr = srp.Verifier( uname, salt, vkey, A ) +s,B = svr.get_challenge() + +if s is None or B is None: + raise AuthenticationFailed() + +# Server => Client: s, B +M = usr.process_challenge( s, B ) + +if M is None: + raise AuthenticationFailed() + +# Client => Server: M +HAMK = svr.verify_session( M ) + +if HAMK is None: + raise AuthenticationFailed() + +# Server => Client: HAMK +usr.verify_session( HAMK ) + +# At this point the authentication process is complete. + +assert usr.authenticated() +assert svr.authenticated() +``` + +Installation +------------ + +``` +$ pip install srp +``` + +Implementation +-------------- + +It consists of 3 modules: A pure Python implementation, A ctypes + +OpenSSL implementation, and a C extension module. The ctypes & +extension modules are approximately 10-20x faster than the pure Python +implementation and can take advantage of multiple CPUs. The extension +module will be used if available, otherwise the library will fall back +to the ctypes implementation followed by the pure Python +implementation. + +Note: The test_srp.py script prints the performance timings for each +combination of hash algorithm and prime number size. This may be of +use in deciding which pair of parameters to use in the unlikely +event that the defaults are unacceptable. + +Installation from source: +``` + $ python setup.py install +``` + +Documentation: +``` + $ cd srp/doc + $ sphinx-build -b html . <desired output directory> +``` + +Validity & Performance Testing: +``` + $ python setup.py build + $ python test_srp.py +``` diff --git a/README.txt b/README.txt deleted file mode 100644 index 4902c9f..0000000 --- a/README.txt +++ /dev/null @@ -1,33 +0,0 @@ - -This package provides an implementation of the Secure Remote -Password protocol (SRP). SRP is a cryptographically -strong authentication protocol for password-based, mutual -authentication over an insecure network connection. - -It consists of 3 modules: A pure Python implementation, A ctypes + -OpenSSL implementation, and a C extension module. The ctypes & -extension modules are approximately 10-20x faster than the pure Python -implementation and can take advantage of multiple CPUs. The extension -module will be used if available, otherwise the library will fall back -to the ctypes implementation followed by the pure Python -implementation. - -Note: The test_srp.py script prints the performance timings for each -combination of hash algorithm and prime number size. This may be of -use in deciding which pair of parameters to use in the unlikely -event that the defaults are unacceptable. - -Installation: - python setup.py install - -Validity & Performance Testing: - python setup.py build - python test_srp.py - -Documentation: - cd srp/doc - sphinx-build -b html . <desired output directory> - - -** Note: The Sphinx documentation system is easy-installable: - easy-install sphinx diff --git a/debian/changelog b/debian/changelog index b1cfa22..a10a6d7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +python-srp (1.0.4-1) unstable; urgency=low + + * Upgrade to 1.0.4 + * Update debian/control VCS fields for new upstream location + * Add myself to Uploaders + + -- Micah Anderson <micah@debian.org> Wed, 06 Nov 2013 12:16:45 -0500 + python-srp (1.0.2-2) unstable; urgency=low * Python3 package. diff --git a/debian/control b/debian/control index 3ed60e9..2ea3de3 100644 --- a/debian/control +++ b/debian/control @@ -1,5 +1,6 @@ Source: python-srp Maintainer: Ben Carrillo <ben@futeisha.org> +Uploader: Micah Anderson <micah@debian.org> Section: python Priority: optional Build-Depends: @@ -11,8 +12,8 @@ Build-Depends: Standards-Version: 3.9.4 X-Python-Version: >= 2.6 X-Python3-Version: >= 3.0 -Vcs-Hg: https://code.google.com/p/pysrp/ -Vcs-Browser: http://code.google.com/p/pysrp/source/browse/ +Vcs-Git: https://github.com/cocagne/pysrp.git +Vcs-Browser: https://github.com/cocagne/pysrp Homepage: http://code.google.com/p/pysrp/ Package: python-srp diff --git a/debian/copyright b/debian/copyright index 33bc8d5..853687d 100644 --- a/debian/copyright +++ b/debian/copyright @@ -1,10 +1,11 @@ -Format: http://dep.debian.net/deps/dep5 +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: srp +Upstream-Contact: Tom Cocagne <tom.cocagne@gmail.com> Source: http://pypi.python.org/pypi/srp/ Files: * Copyright: 2010, Tom Cocagne -License: New BSD +License: BSD-3-clause All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -31,26 +32,10 @@ License: New BSD Files: debian/* Copyright: 2013 Ben Carrillo <ben@futeisha.org> -License: BSD-3-clause - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions - are met: +License: GPL3+ + This file is released under the GNU GPL, version 3 or a later revision. + For further details see the COPYING file. . - 1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - 3. The name of the author may not be used to endorse or promote products - derived from this software without specific prior written permission. - . - THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - IN NO EVENT SHALL THE AUTOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + On Debian systems, the full text of the GNU General Public + License version 3 can be found in the file + `/usr/share/common-licenses/GPL-3'. @@ -38,14 +38,14 @@ please refer to the `srp module documentation`_. ext_modules = [ Extension('srp._srp', ['srp/_srp.c',], libraries = ['ssl',]), ] setup(name = 'srp', - version = '1.0.2', + version = '1.0.4', description = 'Secure Remote Password', author = 'Tom Cocagne', author_email = 'tom.cocagne@gmail.com', url = 'http://code.google.com/p/pysrp/', download_url = 'http://pypi.python.org/pypi/srp', long_description = long_description, - provides = 'srp', + provides = ['srp'], packages = ['srp'], package_data = {'srp' : ['doc/*.rst', 'doc/*.py']}, ext_modules = ext_modules, diff --git a/srp/_pysrp.py b/srp/_pysrp.py index ff907ea..91c8c31 100644 --- a/srp/_pysrp.py +++ b/srp/_pysrp.py @@ -313,7 +313,7 @@ class User (object): def get_username(self): - return self.username + return self.I def get_session_key(self): |