def verifyCloseConnection(crypto_dict, message): try: decode = base64.b64decode(message) key = crypto_dict["rsa_server_public_key"][crypto_dict["rsa_user_public_key_hash"]][0] return [True, rsa.unsign(key, decode)] except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: " + str(inst)]
def unpack_message_general(encoded_message, crypto_dict, machine, verbose = False): if machine == "client": verify_nonce = "client_nonces" updated_nonce = "server_nonces" required_rsa_key = "rsa_server_public_key" else: verify_nonce = "server_nonces" updated_nonce = "client_nonces" required_rsa_key = "rsa_user_public_keys" debug(verbose, "encoded_message", encoded_message) if machine != "client": # Strip User ID encoded_message = encoded_message.split(".") user_id = encoded_message[0] encoded_message = encoded_message[1] debug(verbose, "aes_session_id", user_id) # Decode message try: decoded_message = base64.b64decode(encoded_message) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64decode (encrypt) ]: " + str(inst)] if machine != "client": crypto_dict["rsa_user_public_key_hash"] = None for key in crypto_dict["aes_session_ids"]: value = crypto_dict["aes_session_ids"][key] if value == user_id: crypto_dict["rsa_user_public_key_hash"] = key break if crypto_dict["rsa_user_public_key_hash"] == None: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: User ID invalid"] # Decrypt message try: key = crypto_dict["aes_session_keys"][crypto_dict["rsa_user_public_key_hash"]] debug(verbose, "key", key) aes_decrypted_message = str(aes.aes_decrypt(key, decoded_message)) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> aes.decrypt ]: " + str(inst)] debug(verbose, "aes_decrypted_message", aes_decrypted_message) # Message Parsing try: rdmSplit = aes_decrypted_message.split("|") message_content, message_hash, message_signature = rdmSplit[0], rdmSplit[1], rdmSplit[2] # Remove any AES padding from signature message_signature = message_signature.strip(".") debug(verbose, "message_content", message_content) debug(verbose, "message_hash", message_hash) debug(verbose, "message_signature", message_signature) mcSplit = message_content.split(",") message, client_nonce, server_nonce = mcSplit[0], mcSplit[1], mcSplit[2] debug(verbose, "message", message) debug(verbose, "client_nonce", client_nonce) debug(verbose, "server_nonce", server_nonce) if machine != "client": temp = message.split(";") temp = temp[1] crypto_dict["rsa_user_public_key"] = crypto_dict["rsa_user_public_keys"][temp][0] if crypto_dict["rsa_user_public_keys"][temp][1]: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: user hash already voted"] except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> Message Parsing ]: " + str(inst)] # Decode signature try: message_signature_decoded = base64.b64decode(message_signature) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64decode (signature) ]: " + str(inst)] # Verify Signature try: if str(rsa.unsign(crypto_dict[required_rsa_key][crypto_dict["rsa_user_public_key_hash"]][0], message_signature_decoded)) != message_hash: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: signature verification failed"] elif verbose: print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: signature verification passed" except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.unsign (Signature Verification) ]: " + str(inst)] # Verify Hash try: if str(sha.sha256(message_content)) != message_hash: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: hash verification failed"] elif verbose: print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: hash verification passed" except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> sha.sha256 (Hash Verification) ]: " + str(inst)] # Verify Nonce if machine == "client": nonce = client_nonce nonce_updated = server_nonce else: nonce = server_nonce nonce_updated = client_nonce if nonce != crypto_dict[verify_nonce][crypto_dict["rsa_user_public_key_hash"]]: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: nonce verification failed"] elif verbose: print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: nonce verification passed" # Upadte crypto_dictionary crypto_dict[updated_nonce][crypto_dict["rsa_user_public_key_hash"]] = nonce_updated if verbose: print "\n" if machine == "client": return [True, message] else: try: encoded_public_key = base64.b64encode(crypto_dict[required_rsa_key][crypto_dict["rsa_user_public_key_hash"]][0].publickey().exportKey("PEM")) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64encode (Public Key) ]: " + str(inst)] return [True, [encoded_public_key, message, base64.b64encode(message_signature)]]
def unpack_handshake_general(encoded_message, crypto_dict, machine, verbose = False): if machine == "client": required_rsa_decrypt_key = "rsa_user_private_key" required_rsa_verify_key = "rsa_server_public_key" else: required_rsa_decrypt_key = "rsa_server_private_key" required_rsa_verify_key = "rsa_user_public_keys" debug(verbose, "encoded_message", encoded_message) # Split messages encoded_messages = encoded_message.split("|") # Decode message try: decoded_messages = [] for encoded_message in encoded_messages: decoded_messages.append(base64.b64decode(encoded_message)) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64decode (encrypt) ]: " + str(inst)] # Decrypt message try: rsa_decrypted_message = "" for decoded_message in decoded_messages: rsa_decrypted_message += str(rsa.decrypt(crypto_dict[required_rsa_decrypt_key], decoded_message)) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.decrypt ]: " + str(inst)] debug(verbose, "rsa_decrypted_message", rsa_decrypted_message) # Message Parsing try: rdmSplit = rsa_decrypted_message.split("|") message_content, message_hash, message_signature = rdmSplit[0], rdmSplit[1], rdmSplit[2] debug(verbose, "message_content", message_content) debug(verbose, "message_hash", message_hash) debug(verbose, "message_signature", message_signature) mcSplit = message_content.split(",") message, client_nonce, server_nonce = mcSplit[0], mcSplit[1], mcSplit[2] debug(verbose, "message", message) debug(verbose, "client_nonce", client_nonce) debug(verbose, "server_nonce", server_nonce) if machine != "client": temp = message.split(";") crypto_dict["rsa_user_public_key_hash"] = temp[1] debug(verbose, "rsa_user_public_key_hash", crypto_dict["rsa_user_public_key_hash"]) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> Message Parsing ]: " + str(inst)] # Decode signature try: message_signature = base64.b64decode(message_signature) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64decode (signature) ]: " + str(inst)] # Verify Signature try: if str(rsa.unsign(crypto_dict[required_rsa_verify_key][crypto_dict["rsa_user_public_key_hash"]][0], message_signature)) != message_hash: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: signature verification failed"] elif verbose: print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: signature verification passed" except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.unsign (Signature Verification) ]: " + str(inst)] # Verify Hash try: if str(sha.sha256(message_content)) != message_hash: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: hash verification failed"] elif verbose: print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: hash verification passed" except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> sha.sha256 (Hash Verification) ]: " + str(inst)] # Verify Nonce if machine == "client": if client_nonce != crypto_dict["client_nonces"][crypto_dict["rsa_user_public_key_hash"]]: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: nonce verification failed"] elif verbose: print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: nonce verification passed" # Upadte crypto_dictionary crypto_dict["server_nonces"][crypto_dict["rsa_user_public_key_hash"]] = server_nonce else: # Upadte crypto_dictionary crypto_dict["client_nonces"][crypto_dict["rsa_user_public_key_hash"]] = client_nonce if verbose: print "\n" return [True, message]