plizonczyk / noiseprotocol Goto Github PK
View Code? Open in Web Editor NEWNoise Protocol Framework - Python 3 implementation
License: MIT License
Noise Protocol Framework - Python 3 implementation
License: MIT License
Any full client server example in readme should help a lot...
Line 64 in ed4a452
pow(x, y[, z])
Return x to the power y; if z is present, return x to the power y, modulo z (computed more efficiently than pow(x, y) % z). The two-argument form pow(x, y) is equivalent to using the power operator: x**y.
For the first iteration - host autodoc-generated documentation on readthedocs.
New version of pyca/cryptography got released today. Required version should be bumped. Python 3.5 support should be working after fully switching to cryptography as crypto primitives source.
Attempting to use this, and there is serious lack of documentation associated w/ how to use it.
There isn't any docs on what the various ciphers and key pair options are. There isn't documentation on how to generate key pairs. Only via the examples is there even an example on how to use static keys.
The Rust version of Noise protocol snow contains additional test vectors. I've pulled them in and simply loaded as the other test vector files (the new ones are one layer deeper in the JSON file behind "vectors"
key, I've saved the list directly).
Previously, there were 104 and now there are 408. pytest
gave me 304 failures. This suggests some general problem, but the things I've checked so far (e.g. the structure of the test vectors, their keys etc.) look similar between the old snow test vectors and the new ones.
I'm going to take a deeper look.
I noticed the following deprecation warning when running a magic-wormhole test:
.../.tox/py35/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/x25519.py:35: CryptographyDeprecationWarning: public_bytes now requires encoding and format arguments. Support for calling without arguments will be removed in cryptography 2.7
I think this is coming from noise/backends/default/diffie_hellmans.py
, where it does return KeyPair25519(private_key, public_key, public_key.public_bytes())
. I'm guessing that cryptography
now wants additional arguments for the public_bytes()
call to specify the encoding.
The x25519
module is also imported by noise/backends/default/keypairs.py
, so maybe something will need to be patched in there too.
Cc'ing @reaperhulk to get a sense for how urgent this might or might not be.
I can appreciate requiring a specific version or newer, e.g. cryptography>=2.1.4
, but why prevent more recent versions from being used? The pin causes my project to downgrade cryptography
when I add noiseprotocol
, because the current release still has a pin on 2.1.3 . Making a new noiseprotocol
release will help, but it'll probably run into the same problem again in a month or two when they make a new cryptography
release.
Would you accept a PR to make that >=
?
thanks!
@plizonczyk firts of all, congrats for your code.
I ran the pytest and it is ok, but I got the sample in the main page (socket client and server in python) and the server crash when I connect with the client and I getting the bellow error in server side:
noise.exceptions.NoiseValidationError: Keypair s has to be set for chosen handshake pattern
I used Noise_IK_25519_AESGCM_SHA256 and others.
Previous releases, such as 0.3.0 had both a wheel and a tar.gz/zip source distributable.
0.3.1 only has a wheel uploaded to PyPI.
Compare:
https://pypi.org/project/noiseprotocol/0.3.0/#files
https://pypi.org/project/noiseprotocol/0.3.1/#files
This breaks pip install --no-binary :all: noiseprotocol
(or indeed pip installing anything that pulls in noiseprotocol
as a dependency)
Without any warranties.
If installed/run on python 3.4, it fails to work:
problem in noise.connection - ImportError: No module named 'typing'
(p) nmac,ttys022,~/github/noiseprotocol,549$python --version
Python 3.4.10
Either prevent installation on python 3.4, or add typing as a required dependency, as it appears that installing the pip module typing make things work.
As suggested by Trevor (@trevp), NoiseBuilder name is a bit off, as it's the main interface of the library.
Additionally, ed25519 and ed448 shall be renamed to x25519 and x448 respectively.
Filenames could be a little bit more explicit on their contents (e.g. "functions.py", "crypto.py" and "state.py")
I can't claim to fully understand the Noise protocol, but I think MAX_MESSAGE_LEN
should be 65535 - 16
.
The protocol specs say "A Noise transport message is simply an AEAD ciphertext that is less than or equal to 65535 bytes in length, and that consists of an encrypted payload plus 16 bytes of authentication data."
Indeed, if I encrypt a 65535-byte message, I get 65551 bytes out -- which fails to round-trip back through .decrypt()
. I will comment with a test-case.
Apparently OpenSSL finally supports x448/ed448 - https://github.com/openssl/openssl/blob/master/CHANGES#L47
Will require upgrading cryptography requirement to 2.2.x as that's where's OpenSSL 1.1.1 included.
I try to package this for Gentoo. Since we build everything from source and that did not seem to be available on pypi I tried to get it from github and noticed that the tags for the newest versions are missing.
noiseprotocol/noise/patterns.py
Line 63 in ed4a452
Having noiseprotocol
support Noise_XK_secp256k1_ChaChaPoly_SHA256
(the Lightning variant of Noise) would be very useful for developers looking to build Lightning Network related projects in Python.
See BOLT #8: Encrypted and Authenticated Transport for details.
As far as I know there are no Noise protocol frameworks in Python with support for Noise_XK_secp256k1_ChaChaPoly_SHA256
.
Sorry if these are already somehow implemented, but I need a handshake pattern either like X1X or X1X1 for the application i'm developing (where entity authentication is done using a database of known remote static pubkeys). Let me know if this is possible
Some guesses off the top of the head:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.