Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add one-time authentication functions #101

Closed
wants to merge 10 commits into from
Closed

Add one-time authentication functions #101

wants to merge 10 commits into from

Conversation

skion
Copy link

@skion skion commented Aug 13, 2014

This exposes NaCL's one-time authentication functions under nacl.onetime. Since by definition this is one-time authentication, I avoided classes (and hence state) in the top-level API for now, but am very much open for comments or suggestions if there is any upstream interest.

In [1]: import nacl.onetime, nacl.utils

In [2]: key = nacl.utils.random(32)

In [3]: msg = b"Foo"

In [4]: a = nacl.onetime.generate(msg, key)

In [5]: len(a)
Out[5]: 16

In [6]: nacl.onetime.verify(a, msg, key)
Out[6]: True

In [7]: msg = "Bar"

In [8]: nacl.onetime.verify(a, msg, key)
---------------------------------------------------------------------------
BadSignatureError                         Traceback (most recent call last)
<ipython-input-8-d2ff9f304af4> in <module>()
----> 1 nacl.onetime.verify(a, msg, key)

/home/pieter/envs/qauth/local/lib/python2.7/site-packages/PyNaCl-0.3.0_onetimeauth-py2.7-linux-x86_64.egg/nacl/onetime.pyc in verify(authenticator, message, key, encoder)
     65                          KEY_SIZE)
     66 
---> 67     return nacl.c.crypto_onetimeauth_verify(authenticator, message, key)

/home/pieter/envs/qauth/local/lib/python2.7/site-packages/PyNaCl-0.3.0_onetimeauth-py2.7-linux-x86_64.egg/nacl/c/crypto_onetimeauth.pyc in crypto_onetimeauth_verify(authenticator, message, k)
     51     if lib.crypto_onetimeauth_verify(authenticator,
     52                                      message, len(message), k) != 0:
---> 53         raise BadSignatureError("Authenticator was forged or corrupt")
     54 
     55     return True

BadSignatureError: Authenticator was forged or corrupt

@coveralls
Copy link

Coverage Status

Coverage decreased (-5.67%) when pulling feb4f60 on skion:onetimeauth into 61cc9f2 on pyca:master.

@alex
Copy link
Member

alex commented Aug 13, 2014

Thanks for working on this! It needs tests and documentation before this is merge ready though.

@skion
Copy link
Author

skion commented Aug 13, 2014

Before doing that, do you see anything bad in the suggested API?

@alex
Copy link
Member

alex commented Aug 13, 2014

I think the API is probably fine, but I'm not super familiar with one-time-authenitcators so I'd love to see the docs to make sure the whole thing makes sense end-to-end :-)

@coveralls
Copy link

Coverage Status

Coverage increased (+0.06%) when pulling 73d854f on skion:onetimeauth into 61cc9f2 on pyca:master.

@alex
Copy link
Member

alex commented Aug 15, 2014

It looks like the tests are failing due to some flake8 issues right now.

@coveralls
Copy link

Coverage Status

Coverage increased (+0.06%) when pulling 1d035d5 on skion:onetimeauth into 61cc9f2 on pyca:master.

@reaperhulk
Copy link
Member

Closing since we let this sit around for over 2 years (ugh, sorry about that). If you're still interested in landing this please rebase and I'll prioritize reviewing it.

@reaperhulk reaperhulk closed this Dec 18, 2016
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 7, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@skion @coveralls @alex @reaperhulk