It’s been a while (I’ve been busy on another project, more on that soon, I hope), but finally…
I’ve updated the protocol slightly to correct a subtle bug in the secret splitting specification. You can find the latest versions and diffs here.
I’ve also finally got around to tidying the code up some (though there’s still plenty more to do), you can find an appspot server, a command line client and various libraries, all in Python, at nigori.googlecode.com. As always, patches are welcome!
The code does not fully reflect the draft protocol yet – in particular, it still uses a Schnorr signature where the draft calls for DSA.
If you want to play with the command-line client, I already have a server running on appspot. Here’s how … from the
client directory, run
$ ./client.sh nigori-server.appspot.com 80 register name password 200 OK $ ./client.sh nigori-server.appspot.com 80 authenticate name password 200 OK Replaying: this should fail 401 Unauthorized $ ./client.sh nigori-server.appspot.com 80 add user password name secret /usr/local/lib/python2.6/site-packages/Crypto/Util/randpool.py:40: RandomPool_DeprecationWarning: This application uses RandomPool, which is BROKEN in older releases. See http://www.pycrypto.org/randpool-broken RandomPool_DeprecationWarning) 200 OK Status: 200 OK Content-Type: text/html; charset=utf-8 Cache-Control: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Content-Length: 0 $ ./client.sh nigori-server.appspot.com 80 get user password name 0 at 1277559350.600000: secret
Not the most elegant interface in the world. Note that the server is experimental, I may break it, delete all the data, etc. Of course, you can run your own.
Note also that the whole protocol is experimental at this point, I wouldn’t rely on it to store your vital passwords just yet!