Ejemplo n.º 1
0
    def __init__(self, client_key, server_key):
        self.client_key = client_key
        self.server_key = server_key

        self.server_key_fprint = crypto.public_key_fingerprint(self.server_key)
        self.client_key_fprint = crypto.public_key_fingerprint(self.client_key)

        self.client_guid = None
        self.server_guid = None
        self.expires = None
Ejemplo n.º 2
0
    def __init__(self, client_key, server_key):
        self.client_key = client_key
        self.server_key = server_key

        self.server_key_fprint = crypto.public_key_fingerprint(self.server_key)
        self.client_key_fprint = crypto.public_key_fingerprint(self.client_key)

        self.client_guid = None
        self.server_guid = None
        self.expires = None
Ejemplo n.º 3
0
    def __init__(self, client_key, server_key,
                 server_hello_url, server_confirm_url):
        self.key = client_key
        self.server_hello_url = server_hello_url
        self.server_confirm_url = server_confirm_url

        server_fp = crypto.public_key_fingerprint(server_key)
        self.server_id = ClientAuthenticator.Identity(server_key, server_fp)
        id_map = {self.server_id.fingerprint: self.server_id}

        self._hello_handler = HelloHandler(self.key, id_map)
        self._hello_response_handler = HelloResponseHandler(self.key, id_map)
        self._confirmation_handler = ConfirmationHandler(self.key, id_map)
Ejemplo n.º 4
0
def client_whatup_message(client_public_key):
    """
    Authentication Step 1

    Client sends a nonce to the server, along with a key fingerprint
    that identifies the client. The server has prior knowledge of the client's
    public key, and can look up the entire key given the fingerprint.


    Client: "What up, server?"
    """

    message = {"client_key_fingerprint": public_key_fingerprint(client_public_key),
               "client_guid": random_guid()}
    return message
Ejemplo n.º 5
0
def server_yaheard_message(client_guid, server_public_key, expires=None):
    """
    Authentication Step 2


    Server sends its own nonce back to the client, along with the nonce
    the client sends. Server also sends its own identity fingerprint.
    Optionally, the server may send an "expires" timestamp, after which
    the session key will no longer be honored.

    While not necessarily used for a key lookup on the client side, this
    mitigates a Man-In-The-Middle attack on the protocol, provided the
    client checks that the server's fingerprint matches the key the client
    is using to encrypt messages for the server.


    Server: "Yo dogg. Here's my nonce, ya heard?"
    """

    message = {"client_guid": client_guid,
               "server_guid": random_guid(),
               "expires": expires,
               "server_key_fingerprint": public_key_fingerprint(server_public_key)}
    return message
Ejemplo n.º 6
0
        key_path = settings.PQAUTH_SERVER_KEY
    except AttributeError:
        msg = "You must set settings.PQUATH_SERVER_KEY"
        raise ImproperlyConfigured(msg)

    key_password = None
    try:
        key_password = settings.PQAUTH_SERVER_KEY_PASSWORD
    except AttributeError:
        pass

    return load_key_file(key_path, key_password)


SERVER_KEY = load_server_key()
SERVER_KEY_FINGERPRINT = public_key_fingerprint(SERVER_KEY)

########NEW FILE########
__FILENAME__ = models
from django.contrib.auth.models import User
from django.db import models
from pqauth import crypto


class PublicKey(models.Model):
    user = models.ForeignKey(User, related_name="public_keys")

    # keys MD5-fingerprint to 47 characters, including colons for readability
    fingerprint = models.CharField(max_length=64, primary_key=True)
    ssh_key = models.TextField()
Ejemplo n.º 7
0
        key_path = settings.PQAUTH_SERVER_KEY
    except AttributeError:
        msg = "You must set settings.PQUATH_SERVER_KEY"
        raise ImproperlyConfigured(msg)

    key_password = None
    try:
        key_password = settings.PQAUTH_SERVER_KEY_PASSWORD
    except AttributeError:
        pass

    return load_key_file(key_path, key_password)


SERVER_KEY = load_server_key()
SERVER_KEY_FINGERPRINT = public_key_fingerprint(SERVER_KEY)

########NEW FILE########
__FILENAME__ = models
from django.contrib.auth.models import User
from django.db import models
from pqauth import crypto


class PublicKey(models.Model):
    user = models.ForeignKey(User, related_name="public_keys")

    # keys MD5-fingerprint to 47 characters, including colons for readability
    fingerprint = models.CharField(max_length=64, primary_key=True)
    ssh_key = models.TextField()