{ "info": { "author": "Krister Hedfors", "author_email": "krister@tripleaes.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Intended Audience :: Developers", "License :: OSI Approved :: GNU General Public License (GPL)", "Programming Language :: Python", "Topic :: Security :: Cryptography" ], "description": "*SecureTicketService* is used to create and validate *SecureTickets*.\n *SecureTickets* are light-weight symmetrically signed data sets with\n a limited lifestpan.\n\n The *key* passed to *SecureTicketService* is the password and the\n security relies heavily on its strength. It really should be a 32 byte\n random string as you gain integrity AND performance by using a key of\n 32 bytes length (it's padded or replaced by SHA256-hashes of itself\n to make it 32 bytes anyways).\n For your convenience, classmethod *create_random_key()* is provided:\n\n >>> key = SecureTicketService.create_random_key()\n >>> assert len(key) == 32\n >>> sts = SecureTicketService(key)\n\n A SecureTicket *ticket* which is successfully validated using\n ``SecureTicketService.validate_ticket()`` can only be created by\n someone who has knowledge of *key*. The entire contents of *ticket* is\n securely hashed using *key* and any change to *ticket* breaks the hash\n validation.\n\n >>> key = 'Io5IpK9ZTsKpG1ybaLCHkOH4kvHaTEO2imHvkqLVn7I='\n >>> sts = SecureTicketService(key.decode('base64'))\n >>> ticket = sts.create_ticket('someData')\n >>> ticket.data\n 'someData'\n >>> sts.validate_ticket(ticket)\n True\n >>> sts2 = SecureTicketService('someOtherKey')\n >>> sts2.validate_ticket(ticket)\n False\n\n **entropy**\n\n The optional second argument *entropy* to *create_ticket()*, which must be\n a string if supplied, cannot be obtained from a ticket; it's just\n concatinated together with the rest of ticket when the hash is created.\n The same *entropy* value must therefore be used in\n ``SecureTicketService.validate_hash()`` or else validation fails.\n\n >>> ticket = sts.create_ticket('someKey', 'someEntropy')\n >>> sts.validate_ticket(ticket)\n False\n >>> sts.validate_ticket(ticket, 'someEntropy')\n True\n\n **session**\n\n Many use cases for secure tickets involves (or should involve) the concept\n of a session to prevent various types of attacks. The optional second\n argument *session* to *SecureTicketService()* is used in the same manner as\n *entropy*, but is supplied during *SecureTicketService* instantiation\n instead of during ticket creation.\n\n >>> sts = SecureTicketService(key, 'someSessionIdentifier')\n \n **options**\n\n Encryption, serialization and compression of *ticket*'s contents is\n optional. Encrypted tickets will have all its data and metadata encrypted\n with the *key* supplied to *SecureTicketService*. Serialization allows\n complex data types in *data* instead of just strings. Compression\n (zlib) is useful if the *data* argument is inconveniently large.\n Options and their default values:\n\n * serialize=False\n * encrypt=False\n * compress=False\n\n Encrypted ticket attributes must be viewed through a *SecureTicketService*\n instance which provide transparent decryption:\n\n >>> key = SecureTicketService.create_random_key()\n >>> sts = SecureTicketService(key, serialize=1, compress=1, encrypt=1)\n >>> ticket = sts.create_ticket(['asd', 123], 'ee')\n >>> assert sts.get_data(ticket) == sts(ticket).data == ['asd', 123]\n\n DiffieHellman, DiffieHellmanClient, DiffieHellmanServer\n =======================================================\n *DiffieHellman* implements the Diffie Hellman key exchange algorithm.\n Variable names in the implementation match those from\n *Diffie-Hellman Key Agreement Method (RFC 2631)*, but in each method *xa* and\n *ya* are used for the secret and the exposed key parts in *self* while *xb*\n (which is never seen) and *yb* is the key parts of the other party.\n\n >>> a = DiffieHellman(psize=2048) # prime size defaults to 1536\n >>> b = DiffieHellman(psize=2048)\n >>> ZZa = a.calc_ZZ(b.ya) # ZZ is the negotiated secret\n >>> ZZb = b.calc_ZZ(a.ya)\n >>> ZZa == ZZb\n True\n >>> type(ZZa)\n \n >>> strZZ = tickets.crypto.util.long2str(ZZa)\n >>> type(strZZ)\n \n\n *DiffieHellmanClient* and *DiffieHellmanServer* implements a protocol by\n which two parties are able to perform a Diffie Hellman key exchange and\n to verify that the other party has successfully derived the same secret\n key.\n\n The protocol follows the common Diffie Hellman scheme, but additionally\n includes generation and validation of SHA256-HMAC digests, using the\n negotiated key, of some of the negotiation messages. This is in a sense\n similar to the well known TCP three way handshake.\n\n >>> c = DiffieHellmanClient(asize=256) # asize should be 256 for aes128\n >>> s = DiffieHellmanServer() # will adapt to client in 'hello' phase\n >>> A = c.client_hello()\n >>> B = s.server_hello(A)\n >>> C = c.client_verify(B)\n >>> s.server_verify(C)\n True\n >>> c.negotiated_key == s.negotiated_key\n True\n >>> type(c.negotiated_key)\n ", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "http://tripleaes.com/wp/pytickets", "keywords": "ticket tickets encrypt secure sign signed ignature hash hashed", "license": "GPL", "maintainer": null, "maintainer_email": null, "name": "pytickets", "package_url": "https://pypi.org/project/pytickets/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/pytickets/", "project_urls": { "Download": "UNKNOWN", "Homepage": "http://tripleaes.com/wp/pytickets" }, "release_url": "https://pypi.org/project/pytickets/0.9.2.1/", "requires_dist": null, "requires_python": null, "summary": "pyTickets are light-weight symmetrically signed data containers with optional encryption, serialization and compression of their contents. Now includes an *alpha* DiffieHellman implementation. Do not trust it yet :-)", "version": "0.9.2.1" }, "last_serial": 798164, "releases": { "0.9.0": [ { "comment_text": "", "digests": { "md5": "4421dc35fb2842345fd117ea857a7ac6", "sha256": "32c14fef639057a8f46bd940e77ec6033713a93e3885d82d793e94431b495e43" }, "downloads": -1, "filename": "pytickets-0.9.0.tar.gz", "has_sig": false, "md5_digest": "4421dc35fb2842345fd117ea857a7ac6", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 19405, "upload_time": "2012-01-11T23:30:00", "url": "https://files.pythonhosted.org/packages/08/a9/c5b0dbc7ec74bc4c9b4391de248178285faf6fde2430280cb1bd231ba03b/pytickets-0.9.0.tar.gz" } ], "0.9.1": [ { "comment_text": "", "digests": { "md5": "a3d00ec26e0f609e8cd5bef8c06d4464", "sha256": "ca1de935c38604bcb934d4995ea5df83a8f37c709b89e5f440b13712f62ce743" }, "downloads": -1, "filename": "pytickets-0.9.1.tar.gz", "has_sig": false, "md5_digest": "a3d00ec26e0f609e8cd5bef8c06d4464", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 18697, "upload_time": "2012-01-13T23:48:11", "url": "https://files.pythonhosted.org/packages/23/f4/8d7a6b99bd07987d988cacd64a6297751272e3259faaa5fc940ffc53ee90/pytickets-0.9.1.tar.gz" } ], "0.9.2": [ { "comment_text": "", "digests": { "md5": "35b484f65acd9e5cc750949ce0e667a7", "sha256": "5811ecb84c3681c870def2dde865a22b3b28e2fcc2ec0fa0ead7b781bf8d1541" }, "downloads": -1, "filename": "pytickets-0.9.2.tar.gz", "has_sig": false, "md5_digest": "35b484f65acd9e5cc750949ce0e667a7", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 19006, "upload_time": "2012-01-15T01:16:06", "url": "https://files.pythonhosted.org/packages/d1/7a/3555ff562465db853e21ceae6c992aa9b7ea1ded9e955eebbf96cba88c2b/pytickets-0.9.2.tar.gz" } ], "0.9.2.1": [ { "comment_text": "", "digests": { "md5": "ec59fda2d9bfc4da3e4409963ab0b3d3", "sha256": "3e149416175b8f36054ab95ef5e32579498144459ebf7a0f4ba522daab19a6fd" }, "downloads": -1, "filename": "pytickets-0.9.2.1.tar.gz", "has_sig": false, "md5_digest": "ec59fda2d9bfc4da3e4409963ab0b3d3", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 24209, "upload_time": "2012-01-17T08:03:49", "url": "https://files.pythonhosted.org/packages/77/f2/5cc94cd9664935249752605c4361106c7297d0ef9e5c9fde20a927c1b193/pytickets-0.9.2.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "ec59fda2d9bfc4da3e4409963ab0b3d3", "sha256": "3e149416175b8f36054ab95ef5e32579498144459ebf7a0f4ba522daab19a6fd" }, "downloads": -1, "filename": "pytickets-0.9.2.1.tar.gz", "has_sig": false, "md5_digest": "ec59fda2d9bfc4da3e4409963ab0b3d3", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 24209, "upload_time": "2012-01-17T08:03:49", "url": "https://files.pythonhosted.org/packages/77/f2/5cc94cd9664935249752605c4361106c7297d0ef9e5c9fde20a927c1b193/pytickets-0.9.2.1.tar.gz" } ] }