{"id":15653083,"url":"https://github.com/idlesign/srptools","last_synced_at":"2025-04-09T22:19:28.961Z","repository":{"id":45372305,"uuid":"80431163","full_name":"idlesign/srptools","owner":"idlesign","description":"Tools to implement Secure Remote Password (SRP) authentication","archived":false,"fork":false,"pushed_at":"2022-01-28T06:13:58.000Z","size":54,"stargazers_count":31,"open_issues_count":2,"forks_count":6,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-04-02T20:09:26.314Z","etag":null,"topics":["authentication","python","rfc-2945","rfc-5054","security","srp"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/idlesign.png","metadata":{"files":{"readme":"README.rst","changelog":"CHANGELOG","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-01-30T14:59:42.000Z","updated_at":"2025-02-27T07:38:38.000Z","dependencies_parsed_at":"2022-07-18T09:09:12.244Z","dependency_job_id":null,"html_url":"https://github.com/idlesign/srptools","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/idlesign%2Fsrptools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/idlesign%2Fsrptools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/idlesign%2Fsrptools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/idlesign%2Fsrptools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/idlesign","download_url":"https://codeload.github.com/idlesign/srptools/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248119514,"owners_count":21050780,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","python","rfc-2945","rfc-5054","security","srp"],"created_at":"2024-10-03T12:44:38.884Z","updated_at":"2025-04-09T22:19:28.937Z","avatar_url":"https://github.com/idlesign.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"srptools\n========\nhttps://github.com/idlesign/srptools\n\n\n|release| |lic| |coverage|\n\n.. |release| image:: https://img.shields.io/pypi/v/srptools.svg\n :target: https://pypi.python.org/pypi/srptools\n\n.. |lic| image:: https://img.shields.io/pypi/l/srptools.svg\n :target: https://pypi.python.org/pypi/srptools\n\n.. |coverage| image:: https://img.shields.io/coveralls/idlesign/srptools/master.svg\n :target: https://coveralls.io/r/idlesign/srptools\n\n\nDescription\n-----------\n\n*Tools to implement Secure Remote Password (SRP) authentication*\n\nSRP is a secure password-based authentication and key-exchange protocol -\na password-authenticated key agreement protocol (PAKE).\n\nThis package contains protocol implementation for Python 2 and 3.\n\nYou may import it into you applications and use its API or you may use\n``srptools`` command-line utility (CLI):\n\n\nCLI usage\n---------\n\nCommand-line utility requires ``click`` package to be installed.\n\nBasic scenario:\n\n.. code-block::\n\n \u003e srptools get_user_data_triplet\n \u003e srptools server get_private_and_public\n \u003e srptools client get_private_and_public\n \u003e srptools client get_session_data\n \u003e srptools server get_session_data\n\nHelp is available:\n\n.. code-block::\n\n \u003e srptools --help\n\n\n\nAPI usage\n---------\n\nPreliminary step. Agree on communication details:\n\n.. code-block:: python\n\n from srptools import SRPContext\n\n context = SRPContext('alice', 'password123')\n username, password_verifier, salt = context.get_user_data_triplet()\n prime = context.prime\n gen = context.generator\n\n\nSimplified workflow:\n\n.. code-block:: python\n\n from srptools import SRPContext, SRPServerSession, SRPClientSession\n\n # Receive username from client and generate server public.\n server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)\n server_public = server_session.public\n\n # Receive server public and salt and process them.\n client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n client_session.process(server_public, salt)\n # Generate client public and session key.\n client_public = client_session.public\n\n # Process client public and compare session keys.\n server_session.process(client_public, salt)\n\n assert server_session.key == client_session.key\n\n\nExtended workflow\n\n.. code-block:: python\n\n from srptools import SRPContext, SRPServerSession, SRPClientSession\n\n # Receive username from client and generate server public.\n server_session = SRPServerSession(SRPContext(username, prime=prime, generator=gen), password_verifier)\n server_public = server_session.public\n\n # Receive server public and salt and process them.\n client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n client_session.process(server_public, salt)\n # Generate client public and session key proof.\n client_public = client_session.public\n client_session_key_proof = client_session.key_proof\n\n # Process client public and verify session key proof.\n server_session.process(client_public, salt)\n assert server_session.verify_proof(client_session_key_proof)\n # Generate session key proof hash.\n server_session_key_proof_hash = client_session.key_proof_hash\n\n # Verify session key proof hash received from server.\n assert client_session.verify_proof(server_session_key_proof_hash)\n\n\n\nUsage hints\n-----------\n\n* ``srptools.constants`` contains basic constants which can be used with ``SRPContext`` for server and client to agree\n upon communication details.\n* ``.process()`` methods of session classes may raise ``SRPException`` in certain circumstances. Auth process on\n such occasions must be stopped.\n* ``.private`` attribute of session classes may be used to restore sessions:\n .. code-block:: python\n\n server_private = server_session.private\n\n # Restore session on new request.\n server_session = SRPServerSession(context, password_verifier, private=server_private)\n\n* ``SRPContext`` is rather flexible, so you can implement some custom server/client session logic with its help.\n* Basic values are represented as hex strings but base64 encoded values are also supported:\n\n .. code-block:: python\n\n server_public = server_session.public_b64\n\n # Receive server public and salt and process them.\n client_session = SRPClientSession(SRPContext('alice', 'password123', prime=prime, generator=gen))\n client_session.process(server_public, salt, base64=True)\n\n # Use srptools.hex_from_b64() to represent base64 value as hex.\n server_public_hex = hex_from_b64(server_public)\n\n\nLinks\n-----\n* RFC 2945 - The SRP Authentication and Key Exchange System\n https://tools.ietf.org/html/rfc2945\n\n* RFC 5054 - Using the Secure Remote Password (SRP) Protocol for TLS Authentication\n https://tools.ietf.org/html/rfc5054\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fidlesign%2Fsrptools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fidlesign%2Fsrptools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fidlesign%2Fsrptools/lists"}