def key_get_exchange(self): nonce = '\0' * self.nonce_bytes authpkt = nacl.crypto_stream_xor(data, nonce, self.key) try: peer_dhpk = nacl.crypto_sign_open(authpkt, self.peer_public_key) except Exception: print("Invalid signature from peer \"%s\" from %s" % \ (name, addr[0])) sys.exit(0) if self.kex_init: self.key = nacl.crypto_scalarmult(self.dhsk, peer_dhpk) self.nonce_prefix = nacl.crypto_auth(config.get("netshrink", "nonce_prefix"), self.key)[:23-self.nonce_bytes] self.dhsk = None self.kex_init = False return dhpk, dhsk = nacl.crypto_box_keypair() authpkt = nacl.crypto_sign(dhpk, self.secret_key) crypted_data = nonce_out + nacl.crypto_stream_xor(authpkt, '\x01' + self.nonce_prefix + nonce, self.key) mac = nacl.crypto_auth(crypted_data, self.key)[:self.mac_bytes] c_sendto(self.sock, mac + crypted_data, self.addr) self.key = nacl.crypto_scalarmult(dhsk, peer_dhpk) print("New key is %s"%repr(self.key))
def __init__(self, sock, addr, peer_name, peer_public_key, peer_dhpk): global config self.sock = sock self.addr = addr self.peer_name = peer_name self.peer_public_key = peer_public_key self.name, self.public_key, self.secret_key = load_identity() dhpk, self.dhsk = nacl.crypto_box_keypair() self.kex_init = False self.key = nacl.crypto_scalarmult(self.dhsk, peer_dhpk) self.dhsk = None self.mac_bytes = config.getint("netshrink","mac_bytes") if self.mac_bytes > 32: self.mac_bytes = 32 self.nonce_bytes = config.getint("netshrink","nonce_bytes") if self.nonce_bytes > 8: self.nonce_bytes = 8 if self.nonce_bytes: self.nonce_prefix = nacl.crypto_auth(config.get("netshrink", "nonce_prefix"), self.key)[:23-self.nonce_bytes] else: self.nonce_prefix = nacl.crypto_auth(config.get("netshrink", "nonce_prefix"), self.key)[:23] self.nonce = 0 authpkt = b'\0' authpkt += self.name + b'\0' authpkt += nacl.crypto_sign(dhpk, self.secret_key) c_sendto(self.sock, authpkt, self.addr)
def __init__(self, sock, addr): self.sock = sock self.addr = addr self.name, self.public_key, self.secret_key = load_identity() dhpk, self.dhsk = nacl.crypto_box_keypair() self.mac_bytes = config.getint("netshrink","mac_bytes") if self.mac_bytes > 32: self.mac_bytes = 32 self.nonce_bytes = config.getint("netshrink","nonce_bytes") if self.nonce_bytes > 8: self.nonce_bytes = 8 self.nonce = 0 self.peer_nonce = 0 self.kex_init = False authpkt = b'\0' + self.name.encode("utf8") + b'\0' authpkt += nacl.crypto_sign(dhpk, self.secret_key) c_sendto(self.sock, authpkt, self.addr) while True: data, inaddr = c_recvfrom(self.sock, 4096) if int(data[0]) != 0: print("Ignoring garbage data from %s" % inaddr[0]) continue name_end = data.find(b'\0', 1) self.peer_name = data[1:name_end].encode("utf8") kexpkt = data[name_end+1:] if not peer_exists(self.name): print("Peer \"%s\" is unknown, but you are whitelisted." % \ self.peer_name) print("Please run addpeer/getpeer to authenticate.") sys.exit(0) self.peer_public_key = get_peer_public_key(self.peer_name) try: peer_dhpk = nacl.crypto_sign_open(kexpkt, self.peer_public_key) except Exception: print("Invalid signature from peer \"%s\" from %s" % \ (self.peer_name, inaddr[0])) sys.exit(0) break print("Accepted connection from peer \"%s\" from %s" % \ (self.peer_name, addr[0])) self.key = nacl.crypto_scalarmult(self.dhsk, peer_dhpk) self.dhsk = None if self.nonce_bytes: self.nonce_prefix = nacl.crypto_auth(config.get("netshrink", "nonce_prefix"), self.key)[:23-self.nonce_bytes] else: self.nonce_prefix = nacl.crypto_auth(config.get("netshrink", "nonce_prefix"), self.key)[:23] print("len of nonce_prefix is %d"%len(self.nonce_prefix)) for i in xrange(260): self.send("Hello there")
def key_exchange(self): self.peer_nonce = 0 self.kex_init = True nonce_out = '\0' * self.nonce_bytes dhpk, self.dhsk = nacl.crypto_box_keypair() authpkt = nacl.crypto_sign(dhpk, self.secret_key) crypted_data = nonce_out + nacl.crypto_stream_xor(authpkt, '\x01' + self.nonce_prefix + nonce_out, self.key) mac = nacl.crypto_auth(crypted_data, self.key)[:self.mac_bytes] c_sendto(self.sock, mac + crypted_data, self.addr)
def send(self, data): if self.nonce_bytes: self.nonce += 1 nonce_out = struct.pack("!Q", self.nonce)[-self.nonce_bytes:] else: nonce_out = '' crypted_data = nonce_out + nacl.crypto_stream_xor(data, '\x01' + self.nonce_prefix + nonce_out, self.key) mac = nacl.crypto_auth(crypted_data, self.key)[:self.mac_bytes] c_sendto(self.sock, mac + crypted_data, self.addr) if nonce_out == '\xff' * self.nonce_bytes: # about to wrap around self.nonce = 0 #nonce 0 should only be used for key exchanges
def raw_recv(self, data): if self.mac_bytes > 0: mac = data[:self.mac_bytes] if not nacl.crypto_auth(data[self.mac_bytes:], self.key)[:self.mac_bytes] == mac: print("Failed MAC verification") return if self.nonce_bytes: nonce_in = data[self.mac_bytes:self.mac_bytes+self.nonce_bytes] else: nonce_in = '' if nonce_in == '\0' * self.nonce_bytes: #print("Key re-exchange time! In") #self.key_get_exchange(data[self.mac_bytes+self.nonce_bytes:]) # Disabled because I am incompetent at key re-exchanges return nonce = '\0' + self.nonce_prefix # 1 if client, 0 if server nonce += data[self.mac_bytes:self.mac_bytes+self.nonce_bytes] in_data = data[self.mac_bytes+self.nonce_bytes:] self.recv(nacl.crypto_stream_xor(in_data, nonce, self.key))