From df477f67f50cfbbd6ed189ea983a2c991e4cb143 Mon Sep 17 00:00:00 2001 From: Tom Cocagne Date: Fri, 1 Apr 2011 00:14:29 -0400 Subject: Documentation updates for 1.0 --- README.txt | 30 ++++++++++++++++++++++-------- doc/srp.rst | 16 ++++++++-------- setup.py | 51 ++++++++++++++++++++++++++++++++++++++++++--------- 3 files changed, 72 insertions(+), 25 deletions(-) diff --git a/README.txt b/README.txt index 83cee01..54929b3 100644 --- a/README.txt +++ b/README.txt @@ -1,19 +1,33 @@ -This package provides a Python Implementation of the Secure Remote -Password Protocol. It consists of 3 modules: A pure Python -implementation, A ctypes + OpenSSL implementation, and a C extension -module. The ctypes & extension modules are approximately 10-20x faster -than the pure Python implementation and can take advantage of multiple -CPUs. The extension module will be used if available, otherwise the -library will fall back to the ctypes implementation followed by the -pure Python implementation. +This package provides an implementation of the Secure Remote +Password protocol (SRP). SRP is a cryptographically +strong authentication protocol for password-based, mutual +authentication over an insecure network connection. +It consists of 3 modules: A pure Python implementation, A ctypes + +OpenSSL implementation, and a C extension module. The ctypes & +extension modules are approximately 10-20x faster than the pure Python +implementation and can take advantage of multiple CPUs. The extension +module will be used if available, otherwise the library will fall back +to the ctypes implementation followed by the pure Python +implementation. + +Note: The test_srp.py script prints the performance timings for each +combination of hash algorithm and prime number size. This may be of +use in deciding which pair of parameters to use in the unlikely +event that the defaults are unacceptable. Installation: python setup.py install +Validity & Performance Testing: + python setup.py build + python test_srp.py Documentation: cd doc sphinx-build -b html . + +** Note: The Sphinx documentation system is easy-installable: + easy-install sphinx diff --git a/doc/srp.rst b/doc/srp.rst index df0c1e9..9cdd967 100644 --- a/doc/srp.rst +++ b/doc/srp.rst @@ -9,7 +9,7 @@ .. sectionauthor:: Tom Cocagne -The Secure Remote Password Protocol (SRP) is a cryptographically +The Secure Remote Password protocol (SRP) is a cryptographically strong authentication protocol for password-based, mutual authentication over an insecure network connection. Successful SRP authentication requires both sides of the connection to have knowledge @@ -19,13 +19,13 @@ process. This key may be used to protect network traffic via symmetric key encryption. SRP offers security and deployment advantages over other -challenge-response protocols in that it does not require trusted key -servers or certificate infrastructures (as do Kerberos and -SSL). Instead, small verification keys derived from each user's -password are stored and used by each SRP server -application. Consequently, SRP provides a near-ideal solution for many -applications requiring simple and secure password authentication -that does not rely on a properly configured, external infrastructure. +challenge-response protocols, such as Kerberos and SSL, in that it +does not require trusted key servers or certificate infrastructures. +Instead, small verification keys derived from each user's password are +stored and used by each SRP server application. SRP provides a +near-ideal solution for many applications requiring simple and secure +password authentication that does not rely on an external +infrastructure. Another favorable aspect of the SRP protocol is that compromized verification keys are of little value to an attacker. Possesion of a diff --git a/setup.py b/setup.py index dc32ff2..500b6ec 100755 --- a/setup.py +++ b/setup.py @@ -3,19 +3,52 @@ from distutils.core import setup from distutils.extension import Extension + +long_description = ''' + +This package provides an implementation of the Secure Remote Password +protocol (SRP). SRP is a cryptographically strong authentication +protocol for password-based, mutual authentication over an insecure +network connection. + +Unlike other common challenge-response autentication protocols, such +as Kereros and SSL, SRP does not rely on an external infrastructure +of trusted key servers or certificate management. Instead, SRP server +applications use verification keys derived from each user's password +to determine the authenticity of a network connection. + +SRP provides mutual-authentication in that successful authentication +requires that both sides of the connection must have knowledge of the +user's password. If the client side lacks the user's password or the +server side lacks the proper verification key, the authentication will +fail. + +Unlike SSL, SRP does not directly encrypt all data flowing through +the authenticated connection. However, successful authentication does +result in a cryptographically strong shared key that can be used +for symmetric-key encryption. + +For a full description of the pysrp package and the SRP protocol, +please refer to the `srp module documentation`_. + +.. _`srp module documentation`: http://packages.python.org/pysrp + +''' + py_modules = ['_pysrp', '_ctsrp', 'srp'] ext_modules = [ Extension('_srp', ['_srp.c',], libraries = ['ssl',]), ] -setup(name = 'srp', - version = '1.0', - description = 'Secure Remote Password Protocol', - author = 'Tom Cocagne', - author_email = 'tom.cocagne@gmail.com', - url = 'http://code.google.com/p/pysrp/', - py_modules = py_modules, - ext_modules = ext_modules, - classifiers=[ +setup(name = 'srp', + version = '1.0', + description = 'Secure Remote Password', + author = 'Tom Cocagne', + author_email = 'tom.cocagne@gmail.com', + url = 'http://code.google.com/p/pysrp/', + long_description = long_description, + py_modules = py_modules, + ext_modules = ext_modules, + classifiers = [ 'Development Status :: 5 - Production/Stable', 'Intended Audience :: Developers', 'License :: OSI Approved :: BSD License', -- cgit v1.2.3