{ "info": { "author": "The Guardian Project", "author_email": "support@guardianproject.info", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Intended Audience :: Developers", "Intended Audience :: End Users/Desktop", "License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)", "Operating System :: MacOS :: MacOS X", "Operating System :: Microsoft :: Windows", "Operating System :: POSIX", "Topic :: Communications :: Chat", "Topic :: Software Development :: Libraries", "Topic :: Software Development :: Libraries :: Python Modules", "Topic :: Utilities" ], "description": "KeySync - One key for all of your chat apps\n===========================================\n\nThere are many chat apps that support OTR encryption for verifying messages.\nMany of us use multiple chat apps, including one for desktop and another for\nmobile, or one for Mac OS X and another for GNU/Linux or Windows. The trust\nrelationships are only stored locally in the app in a format that is specific\nto that app. Switching between all of them means that you have to manage your\ntrust relationships for each app that you use.\n\nKeySync addresses this problem by allowing you to sync your OTR identity and\ntrust relationships between multiple apps, which eliminates the need to\nre-establish those relationships on each new client/device. It currently works\nwith [ChatSecure] on Android, and [Pidgin], [Adium], and [Jitsi] on desktop.\n\nPlease note: KeySync does not make it easier to have simultaneous encrypted\nchats with the same account logged into multiple clients or devices. There\nare limitations in the OTR protocol that make this impossible.\n\n\nHow to sync\n-----------\n\nTo sync between ChatSecure and your desktop apps, plug in your phone or device\nvia USB and run the sync. Or you can manually copy the `otr_keystore.ofcaes`\nfile over to your device's SD Card, where ChatSecure looks for it. Using\nChatSecure, you will need to scan the QRCode that KeySync shows you in order\nto complete the sync. The `otr_keystore.ofcaes` file is encrypted to prevent\nyour private information from leaking out. That QRCode is the password to\nyour keystore, so do not share it with anyone.\n\nIf you have multiple chat apps that you use, or you are switching from one to\nanother, you can use KeySync to sync up the trust relationships between\nmultiple desktop apps. Here's how:\n\n1. quit all of the chat apps that you want to\n2. select whichever apps you want to sync\n3. then run the sync\n\nNow, open your chat apps and you should have synced trust! In case of\nproblems, it saved your original OTR files in place. They are named using a\nlong string of numbers that represent the time when they were backed up.\n\nThis is beta software, do not rely on it for strong identity verification. It\nis unlikely to mess up so bad as to produce compromised private keys, but\nanything is possible. Also, keep in mind that program is handling your\nprivate OTR keys, so make sure that you don't copy, send or email the\n`otr_keystore.ofcaes` file somewhere unsafe. All that said, testing\nand feedback is greatly appreciated, so we can get it to the point where we\ncan trust it.\n\n\nAdding apps to KeySync\n----------------------\n\nThis project has libraries for converting the various OTR file formats between\neach other. We have focused on the two major versions: [libotr] format and [otr4j],\nand then a few variants of those major formats. All OTR implementations can\nbe supported as long as they can be read and parsed by Python.\n\nKeySync has preliminary support for Gajim and IRSSI, and it has a modular\narchitecture to allow for expansion. If you want to add an app that is not\nalready included, you just need to make a single python file that converts\nbetween that app's OTR data format and the KeySync internal format (documented\nbelow).\n\n\nReporting bugs\n--------------\n\nWe appreciate all feedback, be it bug reports, patches, pull requests, feature\nrequests, etc. Please add your bugs and requests to our issue tracker:\n\nhttps://dev.guardianproject.info/projects/keysync/issues\n\nEmail us at support@guardianproject.info with questions, problems, etc., or\njust to let us know that you are using KeySync and find it useful.\n\n\nINSTALL\n=======\n\nKeySync uses lots of Python modules to achieve a smooth syncing\nexperience. To see a complete list of python modules used on your\nplatform, see the `dependencies` list in setup.py. Here are some of\nthe key libraries:\n\n* BeautifulSoup 4 - http://www.crummy.com/software/BeautifulSoup\n* psutil - https://code.google.com/p/psutil\n* pure-python-otr - https://github.com/afflux/pure-python-otr\n* pyasn1 - http://pyasn1.sourceforge.net/\n* pycrypto - https://www.dlitz.net/software/pycrypto\n* pyjavaproperties - http://pypi.python.org/pypi/pyjavaproperties\n* pymtp - https://github.com/eighthave/pymtp\n* pyparsing - http://pyparsing.wikispaces.com\n* python-pgpdump - https://pypi.python.org/pypi/pgpdump\n* Python Imaging Library - http://www.pythonware.com/products/pil\n* qrcode - https://github.com/lincolnloop/python-qrcode\n* Tkinter - https://wiki.python.org/moin/TkInter\n\n\nDebian/Ubuntu/Mint/etc\n----------------------\n\nWe're working to get all packages into official Debian/Ubuntu/etc. releases,\nin the meantime you can install KeySync by adding our PPA (fingerprint\nF50EADDD2234F563):\n\n sudo add-apt-repository ppa:guardianproject/ppa\n sudo apt-get update\n sudo apt-get install keysync\n\nPPA URL: https://launchpad.net/~guardianproject/+archive/ppa\n\nIf you want to install the dependencies because you're going to develop\nKeySync, then install them manually with:\n\n sudo apt-get install python-pyparsing python-pyasn1 python-potr python-pymtp \\\n python-pyjavaproperties python-beautifulsoup python-qrcode libmtp-dev \\\n python-pgpdump python-crypto python-psutil python-tk python-imaging-tk\n\nFor Debian, you can try using the Ubuntu PPA, with something like oneiric for\nwheezy, and natty for squeeze:\n\n deb http://ppa.launchpad.net/guardianproject/ppa/ubuntu oneiric main\n\n\nMac OS X\n--------\n\nFor Mac OS X, you can download the binary app from our website:\nhttps://guardianproject.info\n\nYou use Brew, Fink, or MacPorts to install pip and virtualenv, then\nuse those tools to install KeySync (see the *pip+virtualenv install*\nsection):\n\n fink install pip-systempython26 virtualenv-systempython26\n sudo port install py27-pip py27-virtualenv\n\nFor homebrew, see: https://gist.github.com/pithyless/1208841\n\nOnce you have pip and virtualenv, then you can start to build the\nwhole thing. First follow the pip+virtualenv instructions below.\nThen come back here and do the following in your virtualenv:\n\n rm -rf build dist\n pip install py2app\n python setup.py py2app\n ls dist/\n\nIf you are using py2app older than 0.7.4 on Mac OS X 10.6, then you\nneed to patch py2app to make it work with python2.6:\n\n pip install --upgrade py2app\n patch env/lib/python2.6/site-packages/py2app/build_app.py py2app-python2.6.patch\n\n\nWindows\n-------\n\nFor Windows, you can download the binary app from our website:\nhttps://guardianproject.info\n\nBuild instructions for Windows are in win32/README.md in the source folder.\n\nFedora/Redhat/RPMs\n------------------\n\nInstall these build dependencies locally, then follow the instructions for\npip+virtualenv below:\n\n sudo yum install gmp-devel tk tkinter python-pillow python-pillow-tk\n\n\npip+virtualenv install\n------------------\n\nActivate your virtual python environment then run pip to install the dependencies:\n\n virtualenv ./env\n . env/bin/activate\n pip install -e .\n ./keysync\n\nFor a nice step-by-step HOWTO, see:\nhttp://exyr.org/2011/virtualenv-HOWTO/slides.html\n\n*Note*: Doesn't work on Windows! See win32/README.md\n\n\n=====\nUSAGE\n=====\n\nCurrently, the code allows for reading multiple file formats into a python\ndictionary form. The only export method currently activated is for ChatSecure\nformat in a file called otr_keystore.ofcaes. To use, point the `keysync`\nscript the app that you want to read OTR info from, and it will generate\n`otr_keystore` to send to ChatSecure on your Android device (run\n`keysync --help` to see all currently available options).\n\n keysync --input pidgin\n\n\n=======\nFORMATS\n=======\n\nlibotr\n------\n\nAdium:\n ~/Library/Application Support/Adium 2.0/Users/Default/otr.private_key\n ~/Library/Application Support/Adium 2.0/Users/Default/otr.fingerprints\n ~/Library/Application Support/Adium 2.0/Users/Default/Accounts.plist\n\n Uses the standard libotr files and overall file format for\n otr.private_key and otr.fingerprints. Account ID is stored as an\n integer which must be referenced from the Accounts.plist to get the\n actuall XMPP account name (e.g. me@jabber.org). Uses full word\n descriptive tags for the various protocols, e.g. libpurple-oscar-AIM,\n libpurple-Jabber, etc.\n\nPidgin\n GNU/Linux\n ~/.purple/otr.private_key\n ~/.purple/otr.fingerprints\n Windows\n %APPDATA%\\.purple\\otr.private_key\n %APPDATA%\\.purple\\otr.fingerprints\n\n Uses the standard libotr files and overall file format for\n otr.private_key and otr.fingerprints. Account IDs are used directly\n in the libotr files. XMPP/Jabber Account IDs include the \"Resource\"\n e.g. me@jabber.org/Resource or me@jabber.org/Pidgin.\n\nirssi\n ~/.irssi/otr/otr.key\n ~/.irssi/otr/otr.fp\n\n Uses the standard libotr file format and files, but names the files\n differently, basically abbreviated versions of the libotr names.\n Account IDs are used directly in the libotr files.\n\nxchat\n ~/.xchat2/otr/otr.key\n ~/.xchat2/otr/otr.fp\n\n Same as irssi\n\notr4j\n-----\n\nChatSecure:\n /data/data/info.guardianproject.otr.app.im/files/otr_keystore\n\n All OTR information is stored in a single Java .properties\n file. Private keys, public key fingerprints, and verification status\n are each individual properties. This format also includes the\n storage of the remote public keys, unlike libotr. [otr4j]\n implementations load the remote public key from the store rather\n than always getting it from the OTR session.\n\nJitsi:\n GNU/Linux\n ~/.jitsi/sip-communicator.properties\n ~/.jitsi/contactlist.xml\n Mac OS X\n ~/Library/Application Support/Jitsi/sip-communicator.properties\n ~/Library/Application Support/Jitsi/contactlist.xml\n Windows\n ~/Application Data/Jitsi/sip-communicator.properties\n ~/Application Data/Jitsi/contactlist.xml\n\n All app settings are stored in a single Java .properties file,\n including OTR information. Private keys, public key fingerprints,\n and verification status are each individual properties.\n\n\npure-python-otr\n---------------\n\npure-python-otr is pure python implementation of the OTR spec. It\nincludes newer features like Socialist Millionaire's Protocol. The\nprivate key is stored in a separate file per-account. The\nfingerprints are stored in the same tab-separated-value format as\n[libotr] but with a fingerprint file per-account.\n\nGajim:\n GNU/Linux:\n ~/.local/share/gajim/_SERVERNAME_.key3\n ~/.local/share/gajim/_SERVERNAME_.fpr\n ~/.config/gajim/config\n Windows:\n ~/Application Data/Gajim/\n\nThe private key is serialized in a custom format: p, q, g, y, x, written\nconsecutively to a file as MPIs. See\n[potr/compatcrypto/pycrypto.py](https://github.com/afflux/pure-python-otr/blob/master/src/potr/compatcrypto/pycrypto.py).\n\n\nkeyczar\n-------\n\nKeyCzar stores keys in JSON files with two different formats: 0.5b and\n0.6b. It uses a special base64 encoding with a URL-safe alphabet:\n - replaces +\n _ replaces /\n\nhttp://code.google.com/p/keyczar/wiki/DsaPrivateKey\nhttp://code.google.com/p/keyczar/wiki/DsaPublicKey\n\n 0.6b\n public:\n \"q\": The DSA subprime\n \"p\": The DSA prime\n \"g\": The DSA base\n \"y\": The DSA public key exponent\n \"size\" : The size of the modulus in bits\n private:\n \"publicKey\": The JSON representation of the corresponding DsaPublicKey\n \"x\": The secret exponent of this private key\n \"size\" : The size of the modulus in bits\n\n 0.5b\n public:\n \"x509\": A WebSafeBase64 encoded X509 representation\n private:\n \"pkcs8\": A WebSafeBase64 encoded PKCS#8 representation of the private key\n \"publicKey\": A WebSafeBase64 encoding of the key's corresponding DsaPublicKey\n\n\nZRTP\n----\n\nA ZID record stores (caches) ZID (ZRTP ID) specific data that helps\nZRTP to achives its key continuity feature. Please refer to the ZRTP\nspecification to get detailed information about the ZID.\n\n ZRTP key types:\n 2048 bit Diffie-Helman values\n 3072 bit Diffie-Helman values\n 256 bit Diffie-Helman elliptic curve\n 384 bit Diffie-Helman elliptic curve\n\n\n\nIMPLEMENTATION\n==============\n\nHere are some notes on how things are implemented in KeySync.\n\nInternal key storage\n--------------------\n\nThe key idea in the implementation is to get everything into a common format\ninternally. That common format can then be handed to any class for a given\nprogram, which knows how to output it to the correct file format. The current\ninternal data format is a dict of dicts representing a key, called 'keydict'.\nSo first, you have a dict representing a given account with a given key\nassociated with it. This account name is used as the unique ID. Then the\nwhole collection of keys, both local private keys and remote public keys, are\ncollected in meta dict with the account name as the key and the whole dict as\nthe value. This format allows for easy merging, which enables syncing between\nfiles.\n\nSample structure in python dict notation:\n\n keydict = {\n 'userid': {\n 'fingerprint': 'ff66e8c909c4deb51cbd4a02b9e6af4d6af215f8',\n 'name': 'userid',\n 'protocol': 'IRC',\n 'resource': 'laptop', # the XMPP \"resource\"\n 'verification': 'verified', # or 'smp' for Socialist Millionares\n 'p': '

', # public part of the DSA key\n 'q': '', # public part of the DSA key\n 'g': '', # public part of the DSA key\n 'x': '', # core of private DSA key\n 'y': '', # core of public DSA key\n },\n 'userid2' : { ... },\n ...\n 'useridn' : { ... }\n }\n\n\nProtocol IDs\n------------\n\nUnfortunately each app has its own string IDs to represent the different IM\nprotocols. KeySync uses the Pidgin IDs internally. KeySync is currently\nfocused on the widely deployed common standards of XMPP and IRC. We welcome\ncontributions for working with the other protocols. These are the IDs that are\ncurrently working throughout:\n\nprpl-bonjour XMPP Bonjour (serverless XMPP with mDNS discovery)\nprpl-irc IRC (Internet Relay Chat)\nprpl-jabber XMPP (Jabber)\n\nHere is the full list of IDs from Pidgin:\nhttps://developer.pidgin.im/wiki/prpl_id\n\n\n[Adium]: https://adium.im/\n[ChatSecure]: https://chatsecure.org/\n[jitsi]: https://jitsi.org/\n[libotr]: https://otr.cypherpunks.ca/\n[otr4j]: https://github.com/otr4j/otr4j\n[pidgin]: https://pidgin.im/", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://guardianproject.info/apps/keysync", "keywords": null, "license": "GPLv3+", "maintainer": null, "maintainer_email": null, "name": "keysync", "package_url": "https://pypi.org/project/keysync/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/keysync/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://guardianproject.info/apps/keysync" }, "release_url": "https://pypi.org/project/keysync/0.2.2/", "requires_dist": null, "requires_python": null, "summary": "syncs OTR keys between different IM programs", "version": "0.2.2" }, "last_serial": 1726729, "releases": { "(latest release)": [ { "comment_text": "syncs OTR keys between different IM programs", "digests": { "md5": "2c047a44ead6a078e2abd6c99dfb964a", "sha256": "27036eb1a7bae1d842ca9e99c48333f61c0c4dac459b0042290cb27ab4f4f30b" }, "downloads": -1, "filename": "keysync-0.2.1.1.tar.gz", "has_sig": true, "md5_digest": "2c047a44ead6a078e2abd6c99dfb964a", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 1620047, "upload_time": "2014-07-07T20:29:08", "url": "https://files.pythonhosted.org/packages/1e/bb/a8fd71aeb995c4b13832f261c85e711069c570a6580111a7364da923a5bd/keysync-0.2.1.1.tar.gz" } ], "0.1.1": [ { "comment_text": "", "digests": { "md5": "9f5fb1b76b6676b4ea1e2831d8600850", "sha256": "b339e77734a01585a1d05b44c04e2bfb58b50fa2676910cbfa87f52d92cd57ec" }, "downloads": -1, "filename": "KeySync-0.1.1.dmg", "has_sig": true, "md5_digest": "9f5fb1b76b6676b4ea1e2831d8600850", "packagetype": "bdist_dmg", "python_version": "2.6", "requires_python": null, "size": 9794027, "upload_time": "2013-10-09T02:50:38", "url": "https://files.pythonhosted.org/packages/23/75/1d1aa182c95b4d0eebb3622d54fe46b7b99d1ff89701f77c7b6cc7e032c6/KeySync-0.1.1.dmg" } ], "0.2": [ { "comment_text": "", "digests": { "md5": "665d6a0c57129270eaa1b2dfb7736b23", "sha256": "243704234358c23e1e1512ae1e2f1dda6530d32e59592980c5f62f76667e582f" }, "downloads": -1, "filename": "keysync-0.2.tar.gz", "has_sig": true, "md5_digest": "665d6a0c57129270eaa1b2dfb7736b23", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 1528034, "upload_time": "2013-10-26T01:22:33", "url": "https://files.pythonhosted.org/packages/65/66/90f1122d3d412bbc2544fe2eb94aff7697d28f5ab62f7a974c76b7dd79a0/keysync-0.2.tar.gz" } ], "0.2.0beta3": [ { "comment_text": "", "digests": { "md5": "7ee1a3f8ccb6380cd583d36c99e9cee9", "sha256": "8cbe93d2b4caa7d6c82270b10841f57b831c7dc52f747073c1d05b7374a7dc65" }, "downloads": -1, "filename": "keysync-0.2.0beta3.tar.gz", "has_sig": true, "md5_digest": "7ee1a3f8ccb6380cd583d36c99e9cee9", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 51490, "upload_time": "2013-10-17T15:03:14", "url": "https://files.pythonhosted.org/packages/53/d7/36aa911886e412739b38cd48b0e8510d5a180586398c447c58d09e4df077/keysync-0.2.0beta3.tar.gz" } ], "0.2.1": [ { "comment_text": "", "digests": { "md5": "b3d6309af62b091577dc657084c7bca1", "sha256": "a836f3812e010d9158b10ad276bc87ae2cea9a151b047b625a7115026b402696" }, "downloads": -1, "filename": "keysync-0.2.1.tar.gz", "has_sig": true, "md5_digest": "b3d6309af62b091577dc657084c7bca1", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 1520673, "upload_time": "2014-07-07T19:21:04", "url": "https://files.pythonhosted.org/packages/e9/6d/44179fc779234d0bd32af395811708fe3f415fd627c22b7067e33f38b72b/keysync-0.2.1.tar.gz" } ], "0.2.1.1": [], "0.2.2": [ { "comment_text": "", "digests": { "md5": "98d68aa650bd8508110dcb7198b17b1b", "sha256": "c9897665eceac678f5a4794c4a33c5be184bfc20e741a935cb49c7556a9cf3f5" }, "downloads": -1, "filename": "keysync-0.2.2.tar.gz", "has_sig": true, "md5_digest": "98d68aa650bd8508110dcb7198b17b1b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 1621737, "upload_time": "2015-09-17T14:29:25", "url": "https://files.pythonhosted.org/packages/3d/c7/6eb601fdade881ca2a047b40e6a5739c6ddfaeaf83b57fa1a554160c3b0e/keysync-0.2.2.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "98d68aa650bd8508110dcb7198b17b1b", "sha256": "c9897665eceac678f5a4794c4a33c5be184bfc20e741a935cb49c7556a9cf3f5" }, "downloads": -1, "filename": "keysync-0.2.2.tar.gz", "has_sig": true, "md5_digest": "98d68aa650bd8508110dcb7198b17b1b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 1621737, "upload_time": "2015-09-17T14:29:25", "url": "https://files.pythonhosted.org/packages/3d/c7/6eb601fdade881ca2a047b40e6a5739c6ddfaeaf83b57fa1a554160c3b0e/keysync-0.2.2.tar.gz" } ] }