def main(self):
kpidb = self.kpidb
while not self.dataReady("inbox"):
yield 1
data = self.recv("inbox")
#got userid
padding, userid = struct.unpack(
'!2L', xtea.xtea_decrypt(kpidb.getRootKey(), data))
#check if the user is valid
if kpidb.isValidUser(userid) == False:
#print "Invalid UserID" # todo shutdown
return
#generate a random number and encrypt it with user's key
challenge = random.getrandbits(32)
temp = struct.pack('!2L', 0, challenge)
#look up user key from key database
userkey = kpidb.getKPIKeys().getKey(userid)
data = xtea.xtea_encrypt(userkey, temp)
#print data, challenge, userkey
self.send(data, "outbox")
yield 1
while not self.dataReady("inbox"):
yield 1
#got response to challenge
data = self.recv("inbox")
temp = xtea.xtea_decrypt(userkey, data)
padding, response = struct.unpack('!2L', temp)
#validate response
if response == challenge + 1:
self.send("SUCCESS", "outbox")
yield 1
else:
#print "authenication failure"
return # shutdown
#got OK ack
while not self.dataReady("inbox"):
yield 1
data = self.recv("inbox")
if data == "OK":
#print "received ack from client"
pass
else:
return #shutdown
#notify new user
self.send(userid, "notifyuser")
#subscribe to DataManagement backplane
subscriber = subscribeTo("DataManagement")
#make authenticator passthrough the data from DataManagement backplane
self.link((subscriber, "outbox"), (self, "outbox"), passthrough=2)
subscriber.activate()
yield 1
while 1:
yield 1
def main(self):
blocksize = 8
#MAGIC_STRING indicates that its preceding block is not padded
MAGIC_STRING = blocksize * chr(0x80)
while 1:
yield 1
if self.dataReady("keyevent"):
self.key = self.recv("keyevent")
#print "key recieved at the decryptor",self.key
if self.dataReady("inbox") and self.key != "\0":
data = self.recv("inbox")
dec = ''
pad = True
datalen = len(data)
#Unpad last byte with 0x80 followed by zero (null) bytes
if datalen > blocksize:
k = 0
#if data contains more than two blocks
if datalen > 2 * blocksize:
#decrypt all the blocks
for i in range(0, datalen - 2 * blocksize, blocksize):
block = data[i:i + blocksize]
#since the data is not padding, append it to
#dec string
dec = dec + xtea.xtea_decrypt(self.key, block)
k = i + blocksize
#decrypt last two blocks
block1 = xtea.xtea_decrypt(self.key, data[k:k + blocksize])
block2 = xtea.xtea_decrypt(self.key,
data[k + blocksize:datalen])
#if the last block contains magic string
#it indicates that there is no padding for block1
dec = dec + block1
if block2 == MAGIC_STRING:
pad = False
else:
block = block2
else:
block = xtea.xtea_decrypt(self.key, data)
if pad == True:
#find the position of the last occurence of 0x80
rindex = block.rfind(chr(0x80))
if rindex != -1:
tmp = block[rindex:len(block)]
#if the substring is equal to 0x80 followed null bytes
pad = chr(0x80) + (len(block) - rindex - 1) * chr(0x00)
if (pad == tmp):
#remove padding
block = block[:rindex]
dec = dec + block
#print "decrypted data ",dec
self.send(dec, "outbox")
def main(self):
blocksize = 8
#MAGIC_STRING indicates that its preceding block is not padded
MAGIC_STRING = blocksize * chr(0x80)
while 1:
yield 1
if self.dataReady("keyevent"):
self.key = self.recv("keyevent")
#print "key recieved at the decryptor",self.key
if self.dataReady("inbox") and self.key != "\0":
data = self.recv("inbox")
dec = ''
pad = True
datalen = len(data)
#Unpad last byte with 0x80 followed by zero (null) bytes
if datalen > blocksize:
k = 0
#if data contains more than two blocks
if datalen > 2*blocksize:
#decrypt all the blocks
for i in range(0, datalen - 2*blocksize, blocksize):
block = data[i:i+blocksize]
#since the data is not padding, append it to
#dec string
dec = dec + xtea.xtea_decrypt(self.key,block)
k = i + blocksize
#decrypt last two blocks
block1 = xtea.xtea_decrypt(self.key,data[k:k+blocksize])
block2 = xtea.xtea_decrypt(self.key,data[k+blocksize:datalen])
#if the last block contains magic string
#it indicates that there is no padding for block1
dec = dec + block1
if block2 == MAGIC_STRING:
pad = False
else:
block = block2
else:
block = xtea.xtea_decrypt(self.key,data)
if pad == True:
#find the position of the last occurence of 0x80
rindex = block.rfind(chr(0x80))
if rindex != -1:
tmp = block[rindex:len(block)]
#if the substring is equal to 0x80 followed null bytes
pad = chr(0x80) + (len(block)-rindex-1)*chr(0x00)
if(pad == tmp):
#remove padding
block = block[:rindex]
dec = dec + block
#print "decrypted data ",dec
self.send(dec, "outbox")
def main(self):
kpidb = self.kpidb
while not self.dataReady("inbox"):
yield 1
data = self.recv("inbox")
#got userid
padding,userid = struct.unpack('!2L',
xtea.xtea_decrypt(kpidb.getRootKey(),data))
#check if the user is valid
if kpidb.isValidUser(userid) == False:
#print "Invalid UserID" # todo shutdown
return
#generate a random number and encrypt it with user's key
challenge = random.getrandbits(32)
temp = struct.pack('!2L',0, challenge)
#look up user key from key database
userkey = kpidb.getKPIKeys().getKey(userid)
data = xtea.xtea_encrypt(userkey, temp)
#print data, challenge, userkey
self.send(data, "outbox")
yield 1
while not self.dataReady("inbox"):
yield 1
#got response to challenge
data = self.recv("inbox")
temp = xtea.xtea_decrypt(userkey,data)
padding, response = struct.unpack('!2L', temp)
#validate response
if response == challenge + 1:
self.send("SUCCESS", "outbox")
yield 1
else:
#print "authenication failure"
return # shutdown
#got OK ack
while not self.dataReady("inbox"):
yield 1
data = self.recv("inbox")
if data == "OK":
#print "received ack from client"
pass
else:
return #shutdown
#notify new user
self.send(userid, "notifyuser")
#subscribe to DataManagement backplane
subscriber = subscribeTo("DataManagement")
#make authenticator passthrough the data from DataManagement backplane
self.link( (subscriber, "outbox"), (self, "outbox"), passthrough=2)
subscriber.activate()
yield 1
while 1:
yield 1
def main(self):
#encrypt user id with root key
userid = self.kpiuser.getID()
data = xtea.xtea_encrypt(self.kpiuser.getRootKey(),
struct.pack('!2L',0, userid))
self.send(data, "outbox")
yield 1
while not self.dataReady("inbox"):
yield 1
data = self.recv("inbox")
#receive challenge
temp = xtea.xtea_decrypt(self.kpiuser.getUserKey(), data)
padding, challenge = struct.unpack('!2L',temp)
response = challenge+1
#sending response encrypted with my key
data = xtea.xtea_encrypt(self.kpiuser.getUserKey(),
struct.pack('!2L',0, response))
self.send(data, "outbox")
yield 1
while not self.dataReady("inbox"):
yield 1
data = self.recv("inbox")
if data == "SUCCESS":
#print "authentication success"
pass
else:
#print "authenication failure"
return #shutdown
#Send OK ack to authenticator
self.send("OK", "outbox")
yield 1
#decode data
#the depacketizer has to modes
#reading header or reading body
buffer = ''
KEY = 0x20
DATA = 0x30
READ_HEADER = 1
READ_BODY = 2
HEADER_LEN = 8
mode = READ_HEADER
HEADER_SIZE = 8
while 1:
while self.dataReady("inbox"):
data = self.recv("inbox")
buffer = buffer + data
if mode == READ_HEADER :
if len(buffer) >= HEADER_SIZE:
mode = READ_BODY
header = buffer[:HEADER_SIZE]
packetType, data2read = struct.unpack("!2L", header)
#Bug fix - previously was reading less
#data from buffer -> body = buffer[HEADER_SIZE:data2read]
#this caused the client to be slower in receiving data
body = buffer[HEADER_SIZE:HEADER_SIZE+data2read]
#read the body
if data2read <= len(body):
mode = READ_HEADER
if packetType == KEY:
#key packet structure
#8 bytes - key ID with which session key was encrypted
#16 bytes of encrypted session key
padding,ID = struct.unpack("!2L", body[:8])
try:
key = self.kpiuser.getKey(ID)
#i have the key for the ID
enckey = body[8:data2read]
part1 = xtea.xtea_decrypt(key, enckey[:8])
part2 = xtea.xtea_decrypt(key, enckey[8:16])
sessionkey = part1 + part2
self.send(sessionkey, "notifykey")
except KeyError:
pass #the key is not for me
elif packetType == DATA:
#print "decoded data", body
self.send(body, "encout")
# remove the header + data read
buffer = buffer[(data2read+HEADER_SIZE):len(buffer)]
else:
#remove header
buffer = buffer[HEADER_SIZE:len(buffer)]
elif mode == READ_BODY:
body = buffer[:data2read]
#data2read = data2read - len(buffer)
#read all the data
if data2read <= len(body):
mode = READ_HEADER
if packetType == KEY:
#key packet structure
#8 bytes - key ID with which session key was encrypted
#16 bytes of encrypted session key
padding,ID = struct.unpack("!2L", body[:8])
try:
key = self.kpiuser.getKey(ID)
enckey = body[8:data2read]
part1 = xtea.xtea_decrypt(key, enckey[:8])
part2 = xtea.xtea_decrypt(key, enckey[8:16])
sessionkey = part1 + part2
self.send(sessionkey, "notifykey")
except KeyError:
pass #the key is not for me
elif packetType == DATA:
self.send(body, "encout")
# remove the data read
buffer = buffer[data2read:len(buffer)]
yield 1
