Metadata-Version: 2.4
Name: siotls
Version: 0.0.3a0
Summary: Sans-IO Python implementation of the TLS 1.3 (RFC 8446) protocol stack
Author-email: Julien Castiaux <julien.castiaux@mailfence.com>
License-Expression: EUPL-1.2
Project-URL: Download, https://pypi.org/project/siotls/
Project-URL: Repository, https://codeberg.org/drlazor8/siotls
Classifier: Development Status :: 2 - Pre-Alpha
Classifier: Environment :: No Input/Output (Daemon)
Classifier: Intended Audience :: Developers
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Topic :: Internet
Classifier: Topic :: Security
Classifier: Typing :: Typed
Requires-Python: >=3.11
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: asn1crypto
Requires-Dist: idna
Requires-Dist: h11
Provides-Extra: dev
Requires-Dist: coverage; extra == "dev"
Requires-Dist: furo; extra == "dev"
Requires-Dist: isort==5.13.2; extra == "dev"
Requires-Dist: freezegun; extra == "dev"
Requires-Dist: mypy==1.16.1; extra == "dev"
Requires-Dist: parameterized; extra == "dev"
Requires-Dist: pre-commit; extra == "dev"
Requires-Dist: ruff==0.8.5; extra == "dev"
Requires-Dist: sphinx; extra == "dev"
Requires-Dist: sphinx-design; extra == "dev"
Provides-Extra: openssl
Requires-Dist: cryptography>=45; extra == "openssl"
Provides-Extra: hacl
Requires-Dist: pyhacl; extra == "hacl"
Dynamic: license-file

![pypi version badge](https://img.shields.io/pypi/v/siotls)
![coverage badge](./coverage-badge.svg)
![tests badge](./tests-badge.svg)

siotls
======

Sans-IO Python implementation of the TLS 1.3 (RFC 8446) protocol stack.

Disclaimer
----------

This project has not yet been reviewed by any security expert or cryptographer;
it is sure to be full of "landmines, dragons, and dinosaurs with laser guns,"
to cite the people at cryptography. In case you are one, please come and get in
touch with us!

While TLS 1.3 is excellent at giving guidance on how to set up and use the many
cryptography primitives in a safe way, there are still some important questions
that are left open. Questions such as "how many messages can we encrypt using
AES-CCM-8."

To help us navigate the rich world of secure communication, in addition to
[RFC8446 (TLS 1.3)](https://datatracker.ietf.org/doc/html/rfc8446) and the
documents it references, we also studied:

* https://safecurves.cr.yp.to/
* https://www.enisa.europa.eu/publications/algorithms-key-size-and-parameters-report-2014
* https://latacora.micro.blog/2018/04/03/cryptographic-right-answers.html
* https://cabforum.org/working-groups/server/baseline-requirements/documents/
* https://author-tools.ietf.org/api/iddiff?doc_1=rfc8446&url_2=https://tlswg.github.io/tls13-spec/draft-ietf-tls-rfc8446bis.txt
* https://letsencrypt.org/certificates/
* https://www.ccadb.org/

On certificate revocation:
* https://www.ssl.com/blogs/how-do-browsers-handle-revoked-ssl-tls-certificates/
* https://www.imperialviolet.org/posts-index.html search "revoc"
* https://scotthelme.co.uk/tag/ocsp/ & https://scotthelme.co.uk/tag/certificate-revocation/

Installation
------------

The package has not yet been published on PyPI, please download the source code
from main and build it using [`build`](https://build.pypa.io/en/latest/).
`build` creates artifacts under the `/dist` folder, the artifacts (`.whl`,
`.tar.gz` or `.zip`) can then be installed using `pip`.

Contributing
------------

Best it to start by opening an issue to discuss the things you wanna change or
improve. You can also just open a PR and write down everything in the PR
message.

### Installation

Clone the repository using git and place yourself inside the project root
directory. Create a new virtual environment and install the project in dev mode
inside.

    $ git clone https://github.com/Julien00859/siotls
    $ cd siotls
    $ python3 -m venv .env
    $ .env/bin/pip install -e .[dev]

Once all the dependencies downloaded and the project installed, you should be
able to run the unittests.

    $ .env/bin/python -m unittest

[`coverage`](https://coverage.readthedocs.io/en/latest/cmd.html) was installed
as part of the dev dependencies. It is a tool to compute the test coverage and
make sure that there is no blind spot. You run its `run` command once so it
gathers the information and then you print it out using its `html` command.

    $ .env/bin/coverage run --source src/ --branch -m unittest
    $ .env/bin/coverage html

Help us achieve a nice coverage!

### Tooling

For now we are only using ruff and isort. Don't loose too much time with those,
the maintainers are responsable for the housekeeping duty.

    $ ruff check src/ tests/
    $ isort --profile black -m 3 --ca src/ tests/
