def read_encrypted(self):
"""
Reads received encrypted data and than decrypts using the AES key
"""
encrypted_data = []
if self.AESObject:
if self.connected():
data = ""
try:
if self.mode == MODE_SERVER:
encrypted_data = self.client.recv(2048)
elif self.mode == MODE_CLIENT:
encrypted_data = self.socket.recv(2048)
except socket.error:
pass
if len(encrypted_data) > 0:
data = self.AESObject.decrypt(encrypted_data)
sha = data[:32]
data = data[32:]
if not vpncrypto.sha256(data) == sha:
print(
"Received message could not be verified! Integrity problems."
)
self.finish()
else:
data = "".encode()
try:
if data.decode() == "f#":
self.finish()
except UnicodeDecodeError:
pass
return data
def read_encrypted(self):
"""
Reads received encrypted data and than decrypts using the AES key
"""
encrypted_data = []
if self.AESObject:
if self.connected():
data = ""
try:
if self.mode == MODE_SERVER:
encrypted_data = self.client.recv(2048)
elif self.mode == MODE_CLIENT:
encrypted_data = self.socket.recv(2048)
except socket.error:
pass
if len(encrypted_data) > 0:
data = self.AESObject.decrypt(encrypted_data)
sha = data[:32]
data = data[32:]
if not vpncrypto.sha256(data) == sha:
print("Received message could not be verified! Integrity problems.")
self.finish()
else: data = "".encode()
try:
if data.decode() == "f#":
self.finish()
except UnicodeDecodeError:
pass
return data
def write_encrypted(self, data):
"""
Sends encrypted data through the socket
"""
if self.AESObject:
if self.connected():
data = vpncrypto.sha256(data) + data
encrypted_data = self.AESObject.encrypt(data)
if self.mode == MODE_SERVER:
self.client.send(encrypted_data)
elif self.mode == MODE_CLIENT:
self.socket.send(encrypted_data)
time.sleep(0.1)
def write_encrypted(self, data):
"""
Sends encrypted data through the socket
"""
if self.AESObject:
if self.connected():
data = vpncrypto.sha256(data) + data
encrypted_data = self.AESObject.encrypt(data)
if self.mode == MODE_SERVER:
self.client.send(encrypted_data)
elif self.mode == MODE_CLIENT:
self.socket.send(encrypted_data)
time.sleep(0.1)
def auth(self):
print("Authenticating connection...")
"""
"""
if self.mode == MODE_SERVER:
SPuK = self.publickey.exportKey()
print("Waiting for nonce rs1 and client's public key...")
message = self.read()
rs1 = message
print("Received nonce rs1:",
binascii.hexlify(rs1).decode().upper(), "Length:", len(rs1))
print("Received client's public key!")
temp_aes1 = vpncrypto.AESCipher(
vpncrypto.sha256(rs1 + self.sharedsecret.encode()))
rs2 = bytes(os.urandom(4))
print("Generated nonce rs2:",
binascii.hexlify(rs1).decode().upper(), "Length:", len(rs2))
challenge1 = rs2 + temp_aes1.encrypt(
"server".encode() + rs1 + self.int2bytes(self.DH_public_key))
print(
"Sending challenge1 = rs2+E(CPuK,sha(rs1||sharedsecret)+g^b mod p)..."
)
self.write(challenge1)
temp_aes2 = vpncrypto.AESCipher(
vpncrypto.sha256(rs2 + self.sharedsecret.encode()))
print(
"Waiting for client's response E(SPuK,sha(rs2||sharedsecret)+g^a mod p)..."
)
challenge2 = self.read()
if len(challenge2) > 0:
decrypted = temp_aes2.decrypt(
challenge2
) #TODO: BYTES PROBLEMS "server" tem que temanho?
message = decrypted[:6]
rs2_client = decrypted[6:10]
DH_client_key = decrypted[10:]
if (message == "client".encode() and rs2_client == rs2):
print("Client authenticated!")
integer = self.bytes2int(DH_client_key)
real_aes_key = self.gen_AES_key(integer)
#************************************||************************
#destroy b
self.DH_private_key = 0
#**************************************************************
print("AES key aquired")
self.AESObject = vpncrypto.AESCipher(
vpncrypto.sha256(self.int2bytes(real_aes_key)))
print("AES object created")
else:
print("Client not authenticated!")
self.finish()
elif self.mode == MODE_CLIENT:
CPuK = self.publickey.exportKey()
rs1 = bytes(os.urandom(4))
print("Generated nonce rs1:",
binascii.hexlify(rs1).decode().upper(), "Length:", len(rs1))
print("Sending nonce rs1...")
self.write(rs1)
print("Nonce sent!")
temp_aes1 = vpncrypto.AESCipher(
vpncrypto.sha256(rs1 + self.sharedsecret.encode()))
print(
"Waiting for server's response rs2+E(CPuK,sha(rs1||sharedsecret)+g^b mod p)..."
)
challenge1 = self.read()
rs2 = challenge1[:4]
check = challenge1[4:]
decrypted = temp_aes1.decrypt(
check) #TODO: BYTES PROBLEMS "server" tem que temanho?
message = decrypted[:6]
rs1_server = decrypted[6:10]
DH_server_key = decrypted[10:]
if (message == "server".encode() and rs1_server == rs1):
print("Server authenticated!")
DH_server_key = self.bytes2int(DH_server_key)
real_aes_key = self.gen_AES_key(DH_server_key)
temp_aes2 = vpncrypto.AESCipher(
vpncrypto.sha256(rs2 + self.sharedsecret.encode()))
challenge2 = temp_aes2.encrypt(
"client".encode() + rs2 +
self.int2bytes(self.DH_public_key))
self.write(challenge2)
print("Challenge 2 sent")
print("******************************")
print("******************************")
print(len(challenge2))
print("******************************")
print("******************************")
#**********************************************************************
#destroy a
self.DH_private_key = 0
#**********************************************************************
print("AES key aquired")
self.AESObject = vpncrypto.AESCipher(
vpncrypto.sha256(self.int2bytes(real_aes_key)))
print("AES object created")
else:
print("Server not authenticated!")
self.finish()
def auth(self):
print("Authenticating connection...")
"""
"""
if self.mode == MODE_SERVER:
SPuK = self.publickey.exportKey()
print("Waiting for nonce rs1 and client's public key...")
message = self.read()
rs1 = message
print("Received nonce rs1:", binascii.hexlify(rs1).decode().upper(), "Length:", len(rs1))
print("Received client's public key!")
temp_aes1 = vpncrypto.AESCipher(vpncrypto.sha256(rs1+self.sharedsecret.encode()))
rs2 = bytes(os.urandom(4))
print("Generated nonce rs2:", binascii.hexlify(rs1).decode().upper(), "Length:", len(rs2))
challenge1 = rs2+temp_aes1.encrypt("server".encode()+rs1+self.int2bytes(self.DH_public_key))
print("Sending challenge1 = rs2+E(CPuK,sha(rs1||sharedsecret)+g^b mod p)...")
self.write(challenge1)
temp_aes2 = vpncrypto.AESCipher(vpncrypto.sha256(rs2+self.sharedsecret.encode()))
print("Waiting for client's response E(SPuK,sha(rs2||sharedsecret)+g^a mod p)...")
challenge2 = self.read()
if len(challenge2) > 0:
decrypted = temp_aes2.decrypt(challenge2) #TODO: BYTES PROBLEMS "server" tem que temanho?
message = decrypted[:6]
rs2_client = decrypted[6:10]
DH_client_key = decrypted[10:]
if (message == "client".encode() and rs2_client == rs2):
print("Client authenticated!")
integer = self.bytes2int(DH_client_key)
real_aes_key = self.gen_AES_key(integer)
#************************************||************************
#destroy b
self.DH_private_key = 0
#**************************************************************
print ("AES key aquired")
self.AESObject = vpncrypto.AESCipher(vpncrypto.sha256(self.int2bytes(real_aes_key)))
print ("AES object created")
else:
print("Client not authenticated!")
self.finish()
elif self.mode == MODE_CLIENT:
CPuK = self.publickey.exportKey()
rs1 = bytes(os.urandom(4))
print("Generated nonce rs1:", binascii.hexlify(rs1).decode().upper(), "Length:", len(rs1))
print("Sending nonce rs1...")
self.write(rs1)
print("Nonce sent!")
temp_aes1 = vpncrypto.AESCipher(vpncrypto.sha256(rs1+self.sharedsecret.encode()))
print("Waiting for server's response rs2+E(CPuK,sha(rs1||sharedsecret)+g^b mod p)...")
challenge1 = self.read()
rs2 = challenge1[:4]
check = challenge1[4:]
decrypted = temp_aes1.decrypt(check) #TODO: BYTES PROBLEMS "server" tem que temanho?
message = decrypted[:6]
rs1_server = decrypted[6:10]
DH_server_key = decrypted[10:]
if (message == "server".encode() and rs1_server == rs1):
print("Server authenticated!")
DH_server_key = self.bytes2int(DH_server_key)
real_aes_key = self.gen_AES_key(DH_server_key)
temp_aes2 = vpncrypto.AESCipher(vpncrypto.sha256(rs2+self.sharedsecret.encode()))
challenge2 = temp_aes2.encrypt("client".encode()+rs2+self.int2bytes(self.DH_public_key))
self.write(challenge2)
print("Challenge 2 sent")
print("******************************")
print("******************************")
print(len(challenge2))
print("******************************")
print("******************************")
#**********************************************************************
#destroy a
self.DH_private_key = 0
#**********************************************************************
print ("AES key aquired")
self.AESObject = vpncrypto.AESCipher(vpncrypto.sha256(self.int2bytes(real_aes_key)))
print ("AES object created")
else:
print("Server not authenticated!")
self.finish()
