def create_user_session_encrypted(self, username, a_b64):
if (not database.userExists(username)):
raise TypeError("Username does not exist")
login_data = database.getLoginDataFromUser(username)
b_bytes, B_bytes, n_bytes, h_bytes = self.login_lib.generate_b(
base64.b64decode(login_data[1]))
currentSessions = database.getSessionsFromUser(username)
if (currentSessions is not None):
while (h_bytes in currentSessions):
b_bytes, B_bytes, n_bytes, h_bytes = self.login_lib.generate_b(
v)
database.newSession(
username, base64.b64encode(h_bytes),
base64.b64encode(self.crypto_lib.rsa_decrypt(a_b64)),
base64.b64encode(b_bytes), base64.b64encode(B_bytes), b'', b'')
return (base64.b64encode(B_bytes), base64.b64encode(n_bytes))
def validate_user_session(self, username, h_hex, mv_hex, deviceID):
if (not database.userExists(username)):
raise TypeError("Username does not exist")
h = self.login_lib.hexToBytes(h_hex)
session = database.getSessionInts(username, base64.b64encode(h))
if (session is None):
return "Session error"
login_data = database.getLoginDataFromUser(username)
sk, m1, m2 = self.login_lib.generate_sk(
username, base64.b64decode(session['a']),
base64.b64decode(session['b']), base64.b64decode(session['b2']),
base64.b64decode(login_data[0]), base64.b64decode(login_data[1]))
mv = self.login_lib.hexToBytes(mv_hex)
if (mv != m1):
raise TypeError("Invalid Password")
database.editSessionKey(username, base64.b64encode(h),
base64.b64encode(sk), deviceID)
return self.login_lib.bytesToHex(m2)
def validate_user_session_encrypted(self, username, h_b64, mv_b64,
deviceID):
if (not database.userExists(username)):
raise TypeError("Username does not exist")
session = database.getSessionInts(username, h_b64)
if (session is None):
return "Session error"
login_data = database.getLoginDataFromUser(username)
sk, m1, m2 = self.login_lib.generate_sk(
username, base64.b64decode(session['a']),
base64.b64decode(session['b']), base64.b64decode(session['b2']),
base64.b64decode(login_data[0]), base64.b64decode(login_data[1]))
mv = self.crypto_lib.rsa_decrypt(mv_hex)
if (mv != m1):
raise TypeError("Invalid Password")
database.editSessionKey(username, base64.b64encode(h),
base64.b64encode(sk), deviceID)
return base64.b64encode(m2)
def get_user_salt(self, username):
if (not database.userExists(username)):
raise TypeError("Username does not exist")
login_data = database.getLoginDataFromUser(username)
return self.login_lib.bytesToHex(base64.b64decode(login_data[0]))
def get_user_salt_b64(self, username):
if (not database.userExists(username)):
raise TypeError("Username does not exist")
login_data = database.getLoginDataFromUser(username)
return login_data[0]