rewrite for Python 3 with types and linting, stable release

Syndace · Apr 4, 2020 · 339d61f · 339d61f
1 parent a38d9ec
commit 339d61f
Show file tree

Hide file tree

Showing 47 changed files with 3,151 additions and 1,227 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,11 +1,10 @@
+.eggs/
 build/
 dist/
 X3DH.egg-info/
-*.pyc
 
+*.pyc
 .pytest_cache/
+.mypy_cache/
 
 docs/_build/
-
-install.sh
-Makefile
diff --git a/.travis.yml b/.travis.yml
@@ -1,17 +1,39 @@
+os: linux
+dist: bionic
+
 language: python
 python:
-  - "2.7"
-  - "3.4"
-  - "3.5"
-  - "3.6"
+- "3.6"
+- "3.7"
+- "3.8"
+- "pypy3"
 
 env:
-  - CRYPTOGRAPHY_VERSION=2.2.2 # Most recent version on pip
-  - CRYPTOGRAPHY_VERSION=1.7.1 # Version in Debian 9's apt repositories
+- DEBIAN_DEPS=true
+- DEBIAN_DEPS=
+
+addons:
+  apt:
+    packages:
+    - libsodium23
+    - libsodium-dev
 
 install:
-  - pip install cryptography==$CRYPTOGRAPHY_VERSION
-  - pip install pytest
-  - python setup.py install
+- python -m pip install --upgrade pip setuptools wheel
+- python -m pip --version
+- python -m pip install --upgrade pytest pytest-asyncio pylint
+- if [ "$TRAVIS_PYTHON_VERSION" != "pypy3" ] && [ ! $DEBIAN_DEPS ]; then python -m pip install --upgrade mypy; fi
+- if [   $DEBIAN_DEPS ]; then python -m pip install --upgrade cryptography==2.6.1 libnacl==1.6.1 packaging==19.0; fi
+- if [ ! $DEBIAN_DEPS ]; then python -m pip install --upgrade cryptography        libnacl        packaging; fi
+- git clone https://github.com/Syndace/python-xeddsa.git -b stable
+- cd python-xeddsa/ && python -m pip install . && cd ../
+- rm -rf python-xeddsa/
+- python -m pip install .
 
-script: py.test
+script:
+- export MYPYPATH=stubs/
+- if [ "$TRAVIS_PYTHON_VERSION" != "pypy3" ] && [ ! $DEBIAN_DEPS ]; then python -m mypy --strict x3dh/; fi
+- if [ "$TRAVIS_PYTHON_VERSION" != "pypy3" ] && [ ! $DEBIAN_DEPS ]; then python -m mypy --strict tests/; fi
+- python -m pylint x3dh/
+- python -m pylint tests/*.py
+- python -m pytest
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 The MIT License
 
-Copyright (c) 2019 Tim Henkes (Syndace)
+Copyright (c) 2020 Tim Henkes (Syndace)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -19,4 +19,3 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
-
diff --git a/MANIFEST.in b/MANIFEST.in
@@ -0,0 +1 @@
+include x3dh/py.typed
diff --git a/README.md b/README.md
@@ -1,12 +1,22 @@
 [![PyPI](https://img.shields.io/pypi/v/X3DH.svg)](https://pypi.org/project/X3DH/)
 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/X3DH.svg)](https://pypi.org/project/X3DH/)
 [![Build Status](https://travis-ci.org/Syndace/python-x3dh.svg?branch=master)](https://travis-ci.org/Syndace/python-x3dh)
+[![Documentation Status](https://readthedocs.org/projects/python-x3dh/badge/?version=latest)](https://python-x3dh.readthedocs.io/en/latest/?badge=latest)
 
-# python-x3dh
-#### A python implementation of the Extended Triple Diffie-Hellman key agreement protocol.
+# python-x3dh #
 
-This python library offers an implementation of the Extended Triple Diffie-Hellman key agreement protocol (X3DH) as specified [here](https://signal.org/docs/specifications/x3dh/).
+A Python implementation of the [Extended Triple Diffie-Hellman key agreement protocol](https://signal.org/docs/specifications/x3dh/).
 
-The goal is to provide a configurable and independent implementation of the protocol, while keeping the structure close to the specification.
+## Installation ##
 
-This library was developed as part of [python-omemo](https://github.com/Syndace/python-omemo), a pretty cool end-to-end encryption protocol.
+python-x3dh depends on two system libraries, [libxeddsa](https://github.com/Syndace/libxeddsa) and [libsodium](https://download.libsodium.org/doc/).
+
+Install the latest release using pip (`pip install X3DH`) or manually from source by running `pip install .` (preferred) or `python setup.py install` in the cloned repository. The installation requires libsodium and the Python development headers to be installed. If a locally installed version of libxeddsa is available, [python-xeddsa](https://github.com/Syndace/python-xeddsa) (a dependency of python-x3dh) tries to use that. Otherwise it uses prebuilt binaries of the library, which are available for Linux, MacOS and Windows on the amd64 architecture. Set the `LIBXEDDSA_FORCE_LOCAL` environment variable to forbid the usage of prebuilt binaries.
+
+## Differences to the Specification ##
+
+In the X3DH specification, the identity key is a Curve25519/Curve448 key and [XEdDSA](https://www.signal.org/docs/specifications/xeddsa/) is used to create signatures with it. This library is a little more flexible regarding the identity key. First, you can choose whether to use a Curve25519/Curve448 or an Ed25519/Ed448 key pair for the identity key internally. Second, you can choose whether the public part of the identity key in the bundle is transferred as Curve25519/Curve448 or Ed25519/Ed448. Note that Curve448/Ed448 is currently not supported.
+
+## A Note on Dependencies ##
+
+python-x3dh currently depends on both [cryptography](https://cryptography.io/) and [libnacl](https://libnacl.readthedocs.io/), which are both libraries that offer cryptographic primitives and overlap quite a bit. The reason is that libnacl, which is used by [python-xeddsa](https://github.com/Syndace/python-xeddsa) too, doesn't support HKDF (yet) and cryptography doesn't support converting Ed25519 key pairs to Curve25519. The goal is to drop the dependency on cryptography as soon as libnacl gains support for HKDF.