According to PEP440, a comma in a version specifier behaves as a logical AND,
so the previous "~=3.5,~=3.6" is equivalent to just "~=3.6", which excludes
python3.5.
This patch replaces it with "~=3.5", which is equivalent to ">=3.5, ==3.*",
so it includes 3.5, 3.6, 3.7, and beyond (but not 4.0).
* Allowed '/' in protocol name
* Added SymmetricState.GetHandshakeHash()
* Added CipherState.SetNonce()
* Unittests to ensure that each of above is working
Closes#3
* 2.1 version of pyca/cryptography got released. Version bumped
* Python 3.5 support reintroduced, as we are now using BLAKE from
Cryptography, not hashlib
* Removed hashlib references, uncommented Cryptography references.
* Enum fix for python 3.5 compat
Closes#9
First shot at documentation. Just to check if they work with
ReadTheDocs.
Also, added dev_requirements.txt with packages required for development
of package.
Refs #8
- Added readme
- Updated setup.py
- Removed pytest from requirements, added version of cryptography
package
- Small improvements in code:
noise/noise_protocol.py:
* removed unused one_way variable
noise/patterns.py
* fixed has_pre_messages - no longer a variable, but method - and now
works properly
noise/state.py
* SymmetricState now holds reference to CipherState.
tests/vectors/*:
- removed noise-c-basic.txt test vectors
tests/test_vectors.py:
- removed workarounds related to noise-c test vectors
noise/builder.py:
- added some more type hinting
noise/state.py:
- CipherState is now consistent in raising NoiseMaxNonceError
and using MAX_NONCE constant for encrypt and decrypt methods
noise/functions.py:
- Keypair constructors now guarded from invalid length of given
public/private bytes
- _25519_generate_keypair now returns proper class instance
requirements.txt:
- specified versions of packages that are compatible with currently used source code
Cryptography ships with OpenSSL 1.0.2g when it's installed against
python3.7. Old OpenSSL is largely incompatible with this package.
Testing (and any required development for ensuring compatibility) will
be turned on again when Cryptography wheel for python3.7 will ship with
new OpenSSL
noise/builder.py:
- Added guard for data length in decrypt
- Handling InvalidTag exception when AEAD fails
- New NoiseInvalidMessage exception class
noise/exceptions.py
- Three new exception classes
noise/noise_protocol.py
- Implemented rest of validation, now checks for required keypairs, setting initiator/responder role, warns if ephemeral keypairs are set.
noise/patterns.py:
- added name field to every Pattern with pattern name
- added get_required_keypairs method that returns list of keypairs required for given handshake pattern
noise/state.py
- new NoiseMaxNonceError exception
Overall: some TODOs resolved
This commit introduces an example of interoperability of this library
with Wireguard. The script is responsible for performing a Noise
handshake between localhost and Wireguard test server. Then, ICMP echo
request is sent and ICMP echo reply is retrieved. Lastly, Wireguard
keepalive packet is sent.
Example utilises Noise messages wrapped in Wireguard's packet
format.
noise/builder.py
- Added methods for rekeying cipherstates
- Added method for getting handshake hash (for channel binding)
noise/functions.py
- Added default rekey behavior and set it for AESGCM and ChaCha20
noise/constants.py
- Added MAX_NONCE
noise/state.py
- Added rekey method to CipherState
- Removed writing to noise_protocol instance in SymmetricState.
NoiseProtocol fills the appropriate field by taking the data from
HandshakeState now.
noise/__init__.py
- __all__ containing builder module
noise/builder.py
- NoiseBuilder class providing interface for use with other apps. Allows
for setting up all required data for Noise protocol, using appropriate
methods. Enforces proper path of handshake execution
noise/constants.py
- Added maximum Noise message length constant
noise/exceptions.py
- A few exceptions created for proper signaling of errors
noise/noise_protocol.py
- handshake_done does proper cleanup now
- new validation method that should be ran before starting handshake
(checks presence of prerequisites for current settings)
- new HandshakeState initialization method
noise/state.py
- Modified read_message and write_message methods of HandshakeState to
operate on bytes/bytearray as message/payload and bytearray as
message_buffer/payload_buffer. It is application's responsibility to
provide data in this form, underlying Noise code doesn't do buffer
reading/writing anymore.
tests/test_vectors.py
- Changed tests to comply with new code
noise/noise_protocol.py
* PSKs should be now delivered to NoiseProtocol while initialising
* New field `is_psk_handshake` in NoiseProtocol
noise/patterns.py
* Fixed erronenous super call in OneWayPattern
* Changed class variables to instance variables in Patterns, fixes
things.
noise/state.py
* Added missing mix_key_and_hash to SymmetricState
* Added required calls when in PSK handshake (TOKEN_E and TOKEN_PSK),
both in write_message and read_message of HandshakeState
tests/test_vectors.py
* Enabled PSK tests, some minor fixes to make them work
