def _create_new_verifier(u, p, pf):
"""Given a username, cleartext password, and a prime field, pick a
random salt and calculate the verifier. The salt, verifier tuple is
returned."""
s = random_string(saltlen)
n, g = pf
v = pow(g, private_key(u, s, p), n)
return (s, v)
def get(self, user):
self._read()
if not self.users.has_key(user):
raise KeyError
info = self.users[user]
if not info.has_key('secret'):
info['secret'] = random_string(20)
return info
def get(self, user):
self._read()
if not self.users.has_key(user):
raise KeyError
info = self.users[user]
if not info.has_key("secret"):
info["secret"] = random_string(20)
return info
def _create_new_verifier(u, p, pf):
"""Given a username, cleartext password, and a prime field, pick a
random salt and calculate the verifier. The salt, verifier tuple is
returned."""
s = random_string(saltlen)
n, g = pf
v = pow(g, private_key(u, s, p), n)
return (s, v)
def message_came_in(self, s, data):
try:
msg = bdecode(data)
except ValueError:
self.close(s)
raise NetworkError, 'garbage data'
if msg.has_key('error'):
raise ServerError, msg['error']
socket = self.socket[s]
srp = socket['srp']
if socket['state'] == 1:
K, m = self.auth.client_key(msg['s'], msg['B'], msg['u'],
srp['keys'])
socket['key'], socket['m_out'] = K, m
self._send_msg(s, {'m': socket['m_out'].digest()})
socket['state'] = 2
elif socket['state'] == 2:
socket['m_in'] = SRP.host_authenticator(socket['key'], srp['keys'][0], socket['m_out'].digest())
if socket['m_in'].digest() != msg['auth']:
raise ServerError, 'Bad host authentication'
return
self.nh.set_hmac(s, socket['m_in'], socket['m_out'])
self.rs.doneflag.set()
elif socket['state'] == 3:
self.socket[s]['hash'] = msg['hash']
self.rs.doneflag.set()
elif socket['state'] == 4:
self.close(s)
secret = crypt(msg['secret'], socket['key'])[0]
self.auth.save_secret(secret)
self.rs.doneflag.set()
elif socket['state'] == 5:
self.close(s)
self.rs.doneflag.set()
elif socket['state'] == 6:
if len(msg['salt']) < 20:
self._send_error(s, None, 'Bad salt length')
self.close(s)
raise NetworkError, 'Bad salt from server'
salt = random_string(20)
key = self.auth.session_key(salt, msg['salt'])
socket['m_in'] = hmac.new(key, '', sha)
key = self.auth.session_key(msg['salt'], salt)
socket['m_out'] = hmac.new(key, '', sha)
self._send_msg(s, {'auth': socket['m_in'].digest(),
'salt': salt})
socket['state'] = 7
elif socket['state'] == 7:
if msg['auth'] != socket['m_out'].digest():
self._send_error(s, None, 'Bad auth')
self.close(s)
raise NetworkError, 'Bad server auth'
self._req_mode(s, 1)
self.nh.set_hmac(s, socket['m_in'], socket['m_out'])
self.socket[s] = [{}, {}, {}, [], 1]
self.rs.doneflag.set()
else:
self.close(s)
def _secret_auth(self, s):
socket = self.socket[s]
socket['salt'] = random_string(20)
self._send_msg(s, {'salt': socket['salt']})
socket['state'] = 4
def _secret_auth(self, s):
socket = self.socket[s]
socket['salt'] = random_string(20)
self._send_msg(s, {'salt': socket['salt']})
socket['state'] = 4
def message_came_in(self, s, data):
try:
msg = bdecode(data)
except ValueError:
self.close(s)
raise NetworkError, 'garbage data'
if msg.has_key('error'):
raise ServerError, msg['error']
socket = self.socket[s]
srp = socket['srp']
if socket['state'] == 1:
K, m = self.auth.client_key(msg['s'], msg['B'], msg['u'],
srp['keys'])
socket['key'], socket['m_out'] = K, m
self._send_msg(s, {'m': socket['m_out'].digest()})
socket['state'] = 2
elif socket['state'] == 2:
socket['m_in'] = SRP.host_authenticator(socket['key'],
srp['keys'][0],
socket['m_out'].digest())
if socket['m_in'].digest() != msg['auth']:
raise ServerError, 'Bad host authentication'
return
self.nh.set_hmac(s, socket['m_in'], socket['m_out'])
self.rs.doneflag.set()
elif socket['state'] == 3:
self.socket[s]['hash'] = msg['hash']
self.rs.doneflag.set()
elif socket['state'] == 4:
self.close(s)
secret = crypt(msg['secret'], socket['key'])[0]
self.auth.save_secret(secret)
self.rs.doneflag.set()
elif socket['state'] == 5:
self.close(s)
self.rs.doneflag.set()
elif socket['state'] == 6:
if len(msg['salt']) < 20:
self._send_error(s, None, 'Bad salt length')
self.close(s)
raise NetworkError, 'Bad salt from server'
salt = random_string(20)
key = self.auth.session_key(salt, msg['salt'])
socket['m_in'] = hmac.new(key, '', sha)
key = self.auth.session_key(msg['salt'], salt)
socket['m_out'] = hmac.new(key, '', sha)
self._send_msg(s, {'auth': socket['m_in'].digest(), 'salt': salt})
socket['state'] = 7
elif socket['state'] == 7:
if msg['auth'] != socket['m_out'].digest():
self._send_error(s, None, 'Bad auth')
self.close(s)
raise NetworkError, 'Bad server auth'
self._req_mode(s, 1)
self.nh.set_hmac(s, socket['m_in'], socket['m_out'])
self.socket[s] = [{}, {}, {}, [], 1]
self.rs.doneflag.set()
else:
self.close(s)
