From 127e4b422c9e4a7c01d41fe1dbff9714fe36c5dd Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 6 Nov 2013 12:11:03 -0500 Subject: update to 1.0.4 --- LICENSE | 40 ++++++++---------- README.md | 125 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ README.txt | 33 --------------- debian/changelog | 2 +- setup.py | 4 +- srp/_pysrp.py | 2 +- 6 files changed, 147 insertions(+), 59 deletions(-) create mode 100644 README.md delete mode 100644 README.txt diff --git a/LICENSE b/LICENSE index 9431bf6..c08bbd0 100644 --- a/LICENSE +++ b/LICENSE @@ -1,25 +1,21 @@ -Copyright (c) 2010, Tom Cocagne -All rights reserved. +The MIT License (MIT) -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - * Neither the name of the Python Software Foundation nor the - names of its contributors may be used to endorse or promote products - derived from this software without specific prior written permission. +Copyright (c) 2012 Tom Cocagne -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL TOM COCAGNE BE LIABLE FOR ANY -DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..9490b20 --- /dev/null +++ b/README.md @@ -0,0 +1,125 @@ +pysrp +===== +Tom Cocagne <tom.cocagne@gmail.com> + +pysrp provides a Python implementation of the [Secure Remote Password +protocol](http://srp.stanford.edu/) (SRP). + + +SRP Overview +------------ + +SRP is a cryptographically strong authentication +protocol for password-based, mutual authentication over an insecure +network connection. + +Unlike other common challenge-response autentication protocols, such +as Kereros and SSL, SRP does not rely on an external infrastructure +of trusted key servers or certificate management. Instead, SRP server +applications use verification keys derived from each user's password +to determine the authenticity of a network connection. + +SRP provides mutual-authentication in that successful authentication +requires both sides of the connection to have knowledge of the +user's password. If the client side lacks the user's password or the +server side lacks the proper verification key, the authentication will +fail. + +Unlike SSL, SRP does not directly encrypt all data flowing through +the authenticated connection. However, successful authentication does +result in a cryptographically strong shared key that can be used +for symmetric-key encryption. + +For a full description of the pysrp package and the SRP protocol, please refer +to the [pysrp documentation](http://pythonhosted.org/srp/) + + +Usage Example +------------- + +```python +import srp + +# The salt and verifier returned from srp.create_salted_verification_key() should be +# stored on the server. +salt, vkey = srp.create_salted_verification_key( 'testuser', 'testpassword' ) + +class AuthenticationFailed (Exception): + pass + +# ~~~ Begin Authentication ~~~ + +usr = srp.User( 'testuser', 'testpassword' ) +uname, A = usr.start_authentication() + +# The authentication process can fail at each step from this +# point on. To comply with the SRP protocol, the authentication +# process should be aborted on the first failure. + +# Client => Server: username, A +svr = srp.Verifier( uname, salt, vkey, A ) +s,B = svr.get_challenge() + +if s is None or B is None: + raise AuthenticationFailed() + +# Server => Client: s, B +M = usr.process_challenge( s, B ) + +if M is None: + raise AuthenticationFailed() + +# Client => Server: M +HAMK = svr.verify_session( M ) + +if HAMK is None: + raise AuthenticationFailed() + +# Server => Client: HAMK +usr.verify_session( HAMK ) + +# At this point the authentication process is complete. + +assert usr.authenticated() +assert svr.authenticated() +``` + +Installation +------------ + +``` +$ pip install srp +``` + +Implementation +-------------- + +It consists of 3 modules: A pure Python implementation, A ctypes + +OpenSSL implementation, and a C extension module. The ctypes & +extension modules are approximately 10-20x faster than the pure Python +implementation and can take advantage of multiple CPUs. The extension +module will be used if available, otherwise the library will fall back +to the ctypes implementation followed by the pure Python +implementation. + +Note: The test_srp.py script prints the performance timings for each +combination of hash algorithm and prime number size. This may be of +use in deciding which pair of parameters to use in the unlikely +event that the defaults are unacceptable. + +Installation from source: +``` + $ python setup.py install +``` + +Documentation: +``` + $ cd srp/doc + $ sphinx-build -b html . +``` + +Validity & Performance Testing: +``` + $ python setup.py build + $ python test_srp.py +``` diff --git a/README.txt b/README.txt deleted file mode 100644 index 4902c9f..0000000 --- a/README.txt +++ /dev/null @@ -1,33 +0,0 @@ - -This package provides an implementation of the Secure Remote -Password protocol (SRP). SRP is a cryptographically -strong authentication protocol for password-based, mutual -authentication over an insecure network connection. - -It consists of 3 modules: A pure Python implementation, A ctypes + -OpenSSL implementation, and a C extension module. The ctypes & -extension modules are approximately 10-20x faster than the pure Python -implementation and can take advantage of multiple CPUs. The extension -module will be used if available, otherwise the library will fall back -to the ctypes implementation followed by the pure Python -implementation. - -Note: The test_srp.py script prints the performance timings for each -combination of hash algorithm and prime number size. This may be of -use in deciding which pair of parameters to use in the unlikely -event that the defaults are unacceptable. - -Installation: - python setup.py install - -Validity & Performance Testing: - python setup.py build - python test_srp.py - -Documentation: - cd srp/doc - sphinx-build -b html . - - -** Note: The Sphinx documentation system is easy-installable: - easy-install sphinx diff --git a/debian/changelog b/debian/changelog index e726b0b..bafdffb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -python-srp (1.0.2-1) unstable; urgency=low +python-srp (1.0.4-1) unstable; urgency=low * Initial release. Closes: 699122 diff --git a/setup.py b/setup.py index a6bbfde..0c70540 100755 --- a/setup.py +++ b/setup.py @@ -38,14 +38,14 @@ please refer to the `srp module documentation`_. ext_modules = [ Extension('srp._srp', ['srp/_srp.c',], libraries = ['ssl',]), ] setup(name = 'srp', - version = '1.0.2', + version = '1.0.4', description = 'Secure Remote Password', author = 'Tom Cocagne', author_email = 'tom.cocagne@gmail.com', url = 'http://code.google.com/p/pysrp/', download_url = 'http://pypi.python.org/pypi/srp', long_description = long_description, - provides = 'srp', + provides = ['srp'], packages = ['srp'], package_data = {'srp' : ['doc/*.rst', 'doc/*.py']}, ext_modules = ext_modules, diff --git a/srp/_pysrp.py b/srp/_pysrp.py index ff907ea..91c8c31 100644 --- a/srp/_pysrp.py +++ b/srp/_pysrp.py @@ -313,7 +313,7 @@ class User (object): def get_username(self): - return self.username + return self.I def get_session_key(self): -- cgit v1.2.3