def _safecookie_authchallenge(self, reply):
"""
Callback on AUTHCHALLENGE SAFECOOKIE
"""
if self._cookie_data is None:
raise RuntimeError("Cookie data not read.")
kw = parse_keywords(reply.replace(' ', '\n'))
server_hash = base64.b16decode(kw['SERVERHASH'])
server_nonce = base64.b16decode(kw['SERVERNONCE'])
# FIXME put string in global. or something.
expected_server_hash = hmac_sha256(
"Tor safe cookie authentication server-to-controller hash",
self._cookie_data + self.client_nonce + server_nonce
)
if not compare_via_hash(expected_server_hash, server_hash):
raise RuntimeError(
'Server hash not expected; wanted "%s" and got "%s".' %
(base64.b16encode(expected_server_hash),
base64.b16encode(server_hash))
)
client_hash = hmac_sha256(
"Tor safe cookie authentication controller-to-server hash",
self._cookie_data + self.client_nonce + server_nonce
)
client_hash_hex = base64.b16encode(client_hash)
return self.queue_command('AUTHENTICATE %s' % client_hash_hex)
def _safecookie_authchallenge(self, reply):
"""
Callback on AUTHCHALLENGE SAFECOOKIE
"""
if self._cookie_data is None:
raise RuntimeError("Cookie data not read.")
kw = parse_keywords(reply.replace(' ', '\n'))
server_hash = base64.b16decode(kw['SERVERHASH'])
server_nonce = base64.b16decode(kw['SERVERNONCE'])
# FIXME put string in global. or something.
expected_server_hash = hmac_sha256(
"Tor safe cookie authentication server-to-controller hash",
self._cookie_data + self.client_nonce + server_nonce
)
if not compare_via_hash(expected_server_hash, server_hash):
raise RuntimeError(
'Server hash not expected; wanted "%s" and got "%s".' %
(base64.b16encode(expected_server_hash),
base64.b16encode(server_hash))
)
client_hash = hmac_sha256(
"Tor safe cookie authentication controller-to-server hash",
self._cookie_data + self.client_nonce + server_nonce
)
client_hash_hex = base64.b16encode(client_hash)
return self.queue_command('AUTHENTICATE %s' % client_hash_hex)
