srptools

Tools to implement Secure Remote Password (SRP) authentication

These details have not been verified by PyPI

Project links

Homepage

Project description

https://github.com/idlesign/srptools

Description

Tools to implement Secure Remote Password (SRP) authentication

SRP is a secure password-based authentication and key-exchange protocol - a password-authenticated key agreement protocol (PAKE).

This package contains protocol implementation for Python 2 and 3.

You may import it into you applications and use its API or you may use srptools command-line utility (CLI):

CLI usage

Command-line utility requires click package to be installed.

Basic scenario:

> srptools get_user_data_triplet
> srptools server get_private_and_public
> srptools client get_private_and_public
> srptools client get_session_data
> srptools server get_session_data

Help is available:

> srptools --help

API usage

Preliminary step. Agree on communication details:

from srptools import SRPContext

context = SRPContext('alice', 'password123')
username, password_verifier, salt = context.get_user_data_triplet()
prime = context.prime
gen = context.generator

Simplified workflow:

from srptools import SRPContext, SRPServerSession, SRPClientSession

# Receive username from client and generate server public.
server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)
server_public = server_session.public

# Receive server public and salt and process them.
client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
client_session.process(server_public, salt)
# Generate client public and session key.
client_public = client_session.public

# Process client public and compare session keys.
server_session.process(client_public, salt)

assert server_session.key == client_session.key

Extended workflow

from srptools import SRPContext, SRPServerSession, SRPClientSession

# Receive username from client and generate server public.
server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)
server_public = server_session.public

# Receive server public and salt and process them.
client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
client_session.process(server_public, salt)
# Generate client public and session key proof.
client_public = client_session.public
client_session_key_proof = client_session.key_proof

# Process client public and verify session key proof.
server_session.process(client_public, salt)
assert server_session.verify_proof(client_session_key_proof)
# Generate session key proof hash.
server_session_key_proof_hash = client_session.key_proof_hash

# Verify session key proof hash received from server.
assert client_session.verify_proof(server_session_key_proof_hash)

Usage hints

srptools.constants contains basic constants which can be used with SRPContext for server and client to agree upon communication details.
.process() methods of session classes may raise SRPException in certain circumstances. Auth process on such occasions must be stopped.

.private attribute of session classes may be used to restore sessions:

server_private = server_session.private

# Restore session on new request.
server_session = SRPServerSession(context, password_verifier, private=server_private)

SRPContext is rather flexible, so you can implement some custom server/client session logic with its help.

Basic values are represented as hex strings but base64 encoded values are also supported:

server_public = server_session.public_b64

# Receive server public and salt and process them.
client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))
client_session.process(server_public, salt, base64=True)

# Use srptools.hex_from_b64() to represent base64 value as hex.
server_public_hex = hex_from_b64(server_public)

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

1.0.1

Sep 12, 2020

This version

1.0.0

Jan 20, 2019

0.2.0

Jun 18, 2017

0.1.1

Mar 12, 2017

0.1.0

Feb 11, 2017

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

srptools-1.0.0.tar.gz (15.3 kB view details)

Uploaded Jan 20, 2019 Source

Built Distribution

srptools-1.0.0-py2.py3-none-any.whl (14.4 kB view details)

Uploaded Jan 20, 2019 Python 2 Python 3

File details

Details for the file srptools-1.0.0.tar.gz.

File metadata

Download URL: srptools-1.0.0.tar.gz
Upload date: Jan 20, 2019
Size: 15.3 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: Python-urllib/2.7

File hashes

Hashes for srptools-1.0.0.tar.gz
Algorithm	Hash digest
SHA256	`5754f639ed1888f47c1185d74e8907ff9af4c0ccc1c8be2ef19339d0a1327f4d`
MD5	`6f5f24ed51d43d96888de25fa074c8c0`
BLAKE2b-256	`d75a7baeeafb8209ed4f243c0a7dda2f6d5843efba479b0c2ad6b793803e6c1b`

See more details on using hashes here.

File details

Details for the file srptools-1.0.0-py2.py3-none-any.whl.

File metadata

Download URL: srptools-1.0.0-py2.py3-none-any.whl
Upload date: Jan 20, 2019
Size: 14.4 kB
Tags: Python 2, Python 3
Uploaded using Trusted Publishing? No
Uploaded via: Python-urllib/2.7

File hashes

Hashes for srptools-1.0.0-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`3155194063f496f1950a55a1a757d2578771ace78dea35b1b1cc7f3e9e6bb9fc`
MD5	`1c27e5aa339454752c0392e6334a46e5`
BLAKE2b-256	`546db1d42918fc721545d6ba92e6a77e414bc5eda9f4c1c352d8836632499024`