def pack_handshake(message, crypto_dict, verbose = False): if verbose: print "\n" # Update AES session key try: crypto_dict["aes_session_keys"][crypto_dict["rsa_user_public_key_hash"]] = str(rand.rand_byte(32))[:32] crypto_dict["aes_session_ids"][crypto_dict["rsa_user_public_key_hash"]] = str(rand.rand_byte(32))[:32] except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rand ]: " + str(inst)] util.debug(verbose, "aes_session_key", crypto_dict["aes_session_keys"][crypto_dict["rsa_user_public_key_hash"]]) util.debug(verbose, "aes_session_id", crypto_dict["aes_session_ids"][crypto_dict["rsa_user_public_key_hash"]]) # Compile message server_message = message + ";" + crypto_dict["aes_session_keys"][crypto_dict["rsa_user_public_key_hash"]] + ";" + crypto_dict["aes_session_ids"][crypto_dict["rsa_user_public_key_hash"]]+ ";" for key in sorted(crypto_dict["candidates"].keys()): server_message += str(key) + ":" + str(crypto_dict["candidates"][key]) + "-" return util.pack_handshake_general(server_message, crypto_dict, "server", verbose)
def pack_message(message, crypto_dict, verbose = False): if verbose: print "\n" # Update AES session key try: crypto_dict["aes_session_ids"][crypto_dict["rsa_user_public_key_hash"]] = str(rand.rand_byte(32))[:32] except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rand ]: " + str(inst)] util.debug(verbose, "aes_session_id", crypto_dict["aes_session_ids"][crypto_dict["rsa_user_public_key_hash"]]) server_message = message + ";" + crypto_dict["aes_session_ids"][crypto_dict["rsa_user_public_key_hash"]] return util.pack_message_general(server_message, crypto_dict, "server", verbose)
def pack_handshake_general(message, crypto_dict, machine, verbose = False): if machine == "client": updated_nonce = "client_nonces" required_rsa_sign_key = "rsa_user_private_key" required_rsa_encrypt_key = "rsa_server_public_key" else: updated_nonce = "server_nonces" required_rsa_sign_key = "rsa_server_private_key" required_rsa_encrypt_key = "rsa_user_public_keys" # Update nonce try: crypto_dict[updated_nonce][crypto_dict["rsa_user_public_key_hash"]] = str(rand.rand_byte(32))[:32] except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rand ]: " + str(inst)] debug(verbose, updated_nonce, crypto_dict[updated_nonce][crypto_dict["rsa_user_public_key_hash"]]) # Compile message nonced_message = message + "," + crypto_dict["client_nonces"][crypto_dict["rsa_user_public_key_hash"]] + "," + crypto_dict["server_nonces"][crypto_dict["rsa_user_public_key_hash"]] + "," # Padding nonced_message to length of 128 while len(nonced_message) < padding_length: nonced_message += "." debug(verbose, "nonced_message", nonced_message) # Hash message try: message_hash = sha.sha256(nonced_message) hashed_message = nonced_message + "|" + message_hash except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> sha.sha256 ]: " + str(inst)] debug(verbose, "hashed_message", hashed_message) # Sign message try: message_signature = str(rsa.sign(crypto_dict[required_rsa_sign_key], message_hash)) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.sign ]: " + str(inst)] # Encode signature and append try: signed_message = hashed_message + "|" + base64.b64encode(message_signature) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64encode (signature) ]: " + str(inst)] debug(verbose, "signed_message", signed_message) num_message_parts = int(math.ceil( len(signed_message) / 256 )) + 1 if verbose: print debug_spacing + "Debug: Signed message must be split into " + str(num_message_parts) + " messages." # Encrypt message try: rsa_encrypted_messages = [] for i in range(0, num_message_parts): rsa_encrypted_messages.append(str(rsa.encrypt(crypto_dict[required_rsa_encrypt_key][crypto_dict["rsa_user_public_key_hash"]][0], signed_message[ (i * 256) : (i + 1) * 256 ]))) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.encrypt ]: " + str(inst)] # Encode message try: encoded_messages = [] for rsa_encrypted_message in rsa_encrypted_messages: encoded_messages.append(base64.b64encode(rsa_encrypted_message)) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64encode ]: " + str(inst)] encoded_message = "" for i in range(len(encoded_messages)): debug(verbose, "encoded_message ( Part " + str( i + 1 ) + " )", encoded_messages[i]) encoded_message += encoded_messages[i] + "|" encoded_message = encoded_message[:-1] debug(verbose, "encoded_message" , encoded_message) if verbose: print "\n" return [True, encoded_message]
def pack_message_general(message, crypto_dict, machine, verbose = False): if machine == "client": updated_nonce = "client_nonces" required_rsa_key = "rsa_user_private_key" else: updated_nonce = "server_nonces" required_rsa_key = "rsa_server_private_key" # Update machine's nonce try: crypto_dict[updated_nonce][crypto_dict["rsa_user_public_key_hash"]] = str(rand.rand_byte(32))[:32] except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rand ]: " + str(inst)] debug(verbose, updated_nonce, crypto_dict[updated_nonce][crypto_dict["rsa_user_public_key_hash"]]) # Compile message nonced_message = message + "," + crypto_dict["client_nonces"][crypto_dict["rsa_user_public_key_hash"]] + "," + crypto_dict["server_nonces"][crypto_dict["rsa_user_public_key_hash"]] + "," # Padding nonced_message to length of 128 while len(nonced_message) < padding_length: nonced_message += "." debug(verbose, "nonced_message", nonced_message) # Hash message try: message_hash = sha.sha256(nonced_message) hashed_message = nonced_message + "|" + message_hash except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> sha.sha256 ]: " + str(inst)] debug(verbose, "hashed_message", hashed_message) # Sign message try: message_signature = str(rsa.sign(crypto_dict[required_rsa_key], message_hash)) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.sign ]: " + str(inst)] # Encode signature and append try: signed_message = hashed_message + "|" + base64.b64encode(message_signature) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64encode (signature) ]: " + str(inst)] # Padding signed_message to length of 128 (AES encryption needs message to be a length of multiple 16) while len(signed_message) % 16 != 0: signed_message += "." debug(verbose, "signed_message", signed_message) # Encrypt message try: key = crypto_dict["aes_session_keys"][crypto_dict["rsa_user_public_key_hash"]] debug(verbose, "key", key) aes_encrypted_message = str(aes.aes_encrypt(key, signed_message)) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> aes.aes_encrypt ]: " + str(inst)] # Encode message try: encoded_message = base64.b64encode(aes_encrypted_message) except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64encode (encrypt) ]: " + str(inst)] debug(verbose, "encoded_message", encoded_message) if verbose: print "\n" return [True, encoded_message]
