Skip to main content

Cryptol client for the Cryptol RPC server

Project description

Cryptol Python Client

In-development Python client for Cryptol. Currently tested on Linux and MacOS -- at present there may be some minor issues running the Python Client in a Windows environment that need to be addressed (e.g., some Python process management methods are not cross-OS-compatible).

This Cryptol client depends on the cryptol-remote-api server.

TL;DR Steps to running Cryptol Python scripts

  1. Clone the repo
git clone https://github.com/GaloisInc/cryptol.git
  1. Enter the repo
cd cryptol
  1. Initialize git submodules
git submodule update --init
  1. Navigate to the python client
cd cryptol-remote-api/python
  1. Install and setup some version of the cryptol-remote-api server and update any relevant environment variables as needed (see cryptol.connect() documentation for the various ways a server can be connected to). E.g., here is how the docker image of the server might be used:
$ docker run --name=cryptol-remote-api -d \
  -v $PWD/tests/cryptol/test-files:/home/cryptol/tests/cryptol/test-files \
  -p 8080:8080 \
  ghcr.io/galoisinc/cryptol-remote-api:nightly-portable
$ export CRYPTOL_SERVER_URL="http://localhost:8080/"
  1. Install the Python client (requires Python v3.7 or newer -- we recommend using poetry to install the package):
$ poetry install 
  1. Run tests or individual scripts:
$ poetry run python -m unittest discover tests/cryptol
$ poetry run python tests/cryptol/test_salsa20.py

Python Client Installation (via Poetry)

First, clone the repository and submodules.

$ git clone https://github.com/GaloisInc/cryptol.git
$ cd cryptol
$ git submodule update --init

Then, use poetry to install the python client from the cryptol-remote-api/python directory:

$ cd cryptol-remote-api/python
$ poetry install

Cryptol server

To run the verification scripts a cryptol-remote-api server must be available, either as a local executable or running in docker image listening on a port.

Connecting with a server in a script

Connecting to a server in a Python script is accomplished via the cryptol.connect method. Its accompanying Python doc strings describe the various ways it can be used. Below is a brief summary:

cryptol.connect(), when provided no arguments, will attempt the following in order:

  1. If the environment variable CRYPTOL_SERVER is set and refers to an executable, it is assumed to be a cryptol-remote-api executable and will be used for the duration of the script.
  2. If the environment variable CRYPTOL_SERVER_URL is set, it is assumed to be the URL for a running Cryptol server in http mode and will be connected to. (N.B., this can be a local server or a server running in a docker image.)
  3. If an executable cryptol-remote-api is available on the PATH it is assumed to be a Cryptol server and will be used for the duration of the script.

Additional arguments and options are documented with the function.

Notably, the reset_server keyword can be used to connect to a running server and reset it, ensuring states from previous scripts have been cleared. E.g., cryptol.connect(reset_server=True).

Acquiring a Cryptol Server

There are several ways a server executable can be obtained.

Server executables

An executable of the server is now included in each release of Cryptol.

Nightly server builds can be found as Artifacts of the Nightly Builds github action. I.e., go to the Nightly Builds Github Action, click on a successful build, scroll to the bottom and under Artifacts a Linux, Windows, and MacOS tarball will be listed.

Nightly Docker images of the server can be found under the Packages section of the Cryptol github repository.

Server docker images

Release docker images for the Cryptol server are distributed with Cryptol releases; nightly Cryptol servers are available under the Packages section of the Cryptol repository.

These images are set up to run as HTTP cryptol-remote-api servers, e.g.:

docker run --name=cryptol-remote-api -d \
  -p 8080:8080 \
  ghcr.io/galoisinc/cryptol-remote-api:nightly-portable

The -v option to docker run can be used to load files into the docker server's working directory so they can be loaded into the server at the request of python scripts. E.g., -v PATH_TO_FILES:/home/cryptol/files/ will upload the contents of the host machine's directory PATH_TO_FILES to the /home/cryptol/files/ directory in the docker container, which corresponds to the relative path files/ for the Cryptol server. (If desired, it can be useful to place files in a location in the Docker container such that the same relative paths in scripts refer to the same files in the host machine and docker container.)

Building from Source

If this repository is checked out and the build directions are successfully run, cabal v2-exec which cryptol-remote-api should indicate where the server executable has been stored by cabal.

Alternatively cabal v2-install cryptol-remote-api should install the server executable into the user's ~/.cabal/bin directory (or similar), which (if configured properly) should then appear as cryptol-remote-api in a user's PATH.

Running Python Cryptol scripts

Once the server is setup and any path variables are setup as desired, the Python (>= v3.7) client can be installed using poetry as follows:

$ cd cryptol-remote-api/python
$ poetry install

Then the tests or individual scripts can be run as follows:

$ poetry run python -m unittest discover tests/cryptol
$ poetry run python tests/cryptol/test_cryptol_api.py

If leveraging environment variables is undesirable, the scripts themselves can specify a command to launch the server, e.g.:

cryptol.connect(COMMAND)

where COMMAND is a command to launch a new Cryptol server in socket mode.

Or a server URL can be specified directly in the script, e.g.:

cryptol.connect(url=URL)

There is a step-by-step example here.

Running Cryptol Scripts from a clean server state

To ensure any previous server state is cleared when running a Cryptol Python script against a persistent server (e.g., one running in HTTP mode in a different process), the reset_server keyword can be passed to cryptol.connect(). E.g.,

cryptol.connect(url="http://localhost:8080/", reset_server=True)

will connect to a Cryptol server running at http://localhost:8080/ and will guarantee any previous state on the server is cleared.

Supported Python Versions

Currently, cryptol-remote-api officially supports python 3.12. The cryptol-remote-api Docker image currently uses Python 3.10 and will be updated in issue #1661.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cryptol-3.2.0.tar.gz (32.2 kB view details)

Uploaded Source

Built Distribution

cryptol-3.2.0-py3-none-any.whl (37.2 kB view details)

Uploaded Python 3

File details

Details for the file cryptol-3.2.0.tar.gz.

File metadata

  • Download URL: cryptol-3.2.0.tar.gz
  • Upload date:
  • Size: 32.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.8.2 CPython/3.12.4 Darwin/22.6.0

File hashes

Hashes for cryptol-3.2.0.tar.gz
Algorithm Hash digest
SHA256 8a18a118b97f0cb35d4509b5a060ff76b300380e6c1e76acf6e72600769de9a7
MD5 72388a6d2730e409c01d946d2329c54f
BLAKE2b-256 f1229453fab0882ae072af491537487d76dce4eef8f1fb717fed808fa93256c7

See more details on using hashes here.

File details

Details for the file cryptol-3.2.0-py3-none-any.whl.

File metadata

  • Download URL: cryptol-3.2.0-py3-none-any.whl
  • Upload date:
  • Size: 37.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.8.2 CPython/3.12.4 Darwin/22.6.0

File hashes

Hashes for cryptol-3.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 4753bbf22aeef13af09dfb1342613ccf3a573f0355775d25e16fe51d2039c860
MD5 b8172188f49e8b9a7ed540039909b1fb
BLAKE2b-256 b0d7b5a546ea2dee7771da971fad9f73e4778f189d714883b91a9b8f2cc2b901

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page