def handle_path_request(conn):
data = conn.recv(1024).decode('utf-8').rstrip()
if args.verbose:
print('[Status] Recieved path request from {}'.format(data))
pubkey = KEYPAIR.get_public_key().exportKey()
conn.sendall(pubkey)
data = conn.recv(2048).decode('utf-8').rstrip()
condata = KEYPAIR.extract_path_data(data)
path = random.sample(ROUTERS, 3)
if args.verbose:
print('[Status] Selected path: {}, {}, {}'.format(
path[0]['addr'], path[1]['addr'], path[2]['addr']))
rng = AESGenerator()
rng.reseed(condata[0])
aesmachine = AESProdigy(condata[0], rng.pseudo_random_data(16))
ciphertext = aesmachine.encrypt(json.dumps(path))
conn.sendall(ciphertext.encode('utf-8'))
conn.close()
def __init__(self):
self.path = []
self.gens = []
self.directorySymKey = stealth.get_random_key(16)
self.directoryGen = AESGenerator()
self.directoryGen.reseed(self.directorySymKey)
self.directoryPubKey = None
self.pubkeys = []
def decode(self, text, key):
gen = AESGenerator()
gen.reseed(key)
sec_key = gen.pseudo_random_data(16)
if self.mode == AES.MODE_CBC:
cipher = AES.new(pad_1_it(key), self.mode, sec_key)
else:
cipher = AES.new(sec_key, AES.MODE_ECB)
plain_text = cipher.decrypt(a2b_hex(text))
return plain_text.rstrip(b'\x00')
def obtain_splittings_and_schedules(input_peers, split_amount,
mixing_window_mins, seed):
prng_gen = SeedablePrngGenerator()
prng_gen.reseed(seed)
prng = StrongRandom(randfunc=prng_gen.pseudo_random_data)
for input_peer in input_peers:
input_peer['split'] = splitMixingAmount(split_amount, prng)
input_peer['schedule'] = defineStreamingSchedule(
len(input_peer['split']), mixing_window_mins, prng)
return
def encode(self, text, key):
gen = AESGenerator()
gen.reseed(key)
sec_key = gen.pseudo_random_data(self.BLOCK_SIZE)
if self.mode == AES.MODE_CBC:
cipher = AES.new(pad_1_it(key), self.mode, sec_key)
else:
cipher = AES.new(sec_key, AES.MODE_ECB)
rs = cipher.encrypt(pad_it(text))
# 转化为16进制字符串
return b2a_hex(rs)
def computeFinalPermutation(output_addresses, checksum):
# Compute hex presentation of checksum
seed = checksum.decode('hex')
""" Create a PRNG based on Crypto.random.random, but with seedable input
(instead of /dev/urandom). """
prng_input = SeedablePrngGenerator()
prng_input.reseed(seed)
log.debug('Seed: ' + seed.encode('hex'))
prng = StrongRandom(randfunc=prng_input.pseudo_random_data)
prng.shuffle(output_addresses)
return output_addresses
class OnionNodeSecurityEnforcer(object):
def __init__(self):
self.key = None
self.rng = AESGenerator()
def set_key(self, key):
self.key = key
self.set_seed(key)
def set_seed(self, seed):
self.rng.reseed(seed)
def peel_layer(self, cipher):
machine = AESProdigy(self.key, self.rng.pseudo_random_data(16))
return machine.decrypt(cipher)
def add_layer(self, message):
machine = AESProdigy(self.key, self.rng.pseudo_random_data(16))
return machine.encrypt(message)
def decrypt(self, cipher):
return self.keypair.decrypt(cipher)
def __init__(self):
self.key = None
self.rng = AESGenerator()
def set_path(self, pathdata):
for c in pathdata:
self.path.append((c["addr"], stealth.get_random_key(16), c["key"]))
self.gens = [AESGenerator() for i in range(len(self.path))]
for c in range(len(self.path)):
self.gens[c].reseed(self.path[c][1])
class OriginatorSecurityEnforcer(object):
def __init__(self):
self.path = []
self.gens = []
self.directorySymKey = stealth.get_random_key(16)
self.directoryGen = AESGenerator()
self.directoryGen.reseed(self.directorySymKey)
self.directoryPubKey = None
self.pubkeys = []
def set_path(self, pathdata):
for c in pathdata:
self.path.append((c["addr"], stealth.get_random_key(16), c["key"]))
self.gens = [AESGenerator() for i in range(len(self.path))]
for c in range(len(self.path)):
self.gens[c].reseed(self.path[c][1])
def get_path(self):
return self.path
# Creates public key encrypted JSON with symkey and next address/port
# depth is how far in the path the destination onion should be
# Ex, if you're establishing a connection with the second onion, set depth=2
# If you are communicating with the directory node, set depth=0
def create_symkey_msg(self, depth, next_addr, next_port):
msg = {}
if depth > 0:
sym = self.path[depth - 1][1]
pubkey = self.pubkeys[depth - 1]
else:
sym = self.directorySymKey
pubkey = self.directoryPubKey
msg["symkey"] = base64.b64encode(sym).decode('utf-8')
msg["addr"] = next_addr
msg["port"] = next_port
return pubkey.encrypt(json.dumps(msg))
# Creates symmetric key encrypted message
# depth is how many onion nodes it will be passed through
# Set depth=0 if talking to the directory node, depth=1 for the first node in the path...etc
def create_onion(self, depth, msg):
ciphertext = msg
if depth == 0:
machine = AESProdigy(self.directorySymKey,
self.directoryGen.pseudo_random_data(16))
ciphertext = machine.encrypt(ciphertext)
else:
if depth > len(self.path) + 1:
depth = len(self.path)
for c in range(
depth - 2, -1,
-1): #Never want to encrypt the destination's message
machine = AESProdigy(self.path[c][1],
self.gens[c].pseudo_random_data(16))
ciphertext = machine.encrypt(ciphertext)
return ciphertext
# Decrypts encryption layers from a response message
# Depth is how many onion nodes have encrypted the response
# Ex, if passed through all onion nodes, depth=amount of nodes in path
def decipher_response(self, depth, msg):
if depth < 1:
machine = AESProdigy(self.directorySymKey,
self.directoryGen.pseudo_random_data(16))
msg = machine.decrypt(msg)
else:
for c in range(depth):
machine = AESProdigy(self.path[c][1],
self.gens[c].pseudo_random_data(16))
msg = machine.decrypt(msg)
return msg
def set_pubkeys(self, keys):
self.pubkeys = keys
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# This script uses the "Python Cryptography Toolkit" from
# https://www.dlitz.net/software/pycrypto/ to generate reference data
# for inclusion in "generator_test.go"
import sys
import time
from Crypto.Random.Fortuna.FortunaGenerator import AESGenerator
from Crypto.Random.Fortuna.FortunaAccumulator import FortunaAccumulator
######################################################################
# part 1: test data for AESGenerator
rng = AESGenerator()
rng.reseed("\1\2\3\4")
sys.stdout.write("\tcorrect := []byte{")
for i, x in enumerate(rng.pseudo_random_data(100)):
if i % 15 == 0:
sys.stdout.write("\n\t\t")
else:
sys.stdout.write(" ")
sys.stdout.write("%d,"%ord(x))
sys.stdout.write("\n\t}\n")
sys.stdout.write("\tcorrect = []byte{")
for i, x in enumerate(rng.pseudo_random_data((1<<20) + 100)[-100:]):
if i % 15 == 0:
sys.stdout.write("\n\t\t")
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# This script uses the "Python Cryptography Toolkit" from
# https://www.dlitz.net/software/pycrypto/ to generate reference data
# for inclusion in "generator_test.go"
import sys
import time
from Crypto.Random.Fortuna.FortunaGenerator import AESGenerator
from Crypto.Random.Fortuna.FortunaAccumulator import FortunaAccumulator
######################################################################
# part 1: test data for AESGenerator
rng = AESGenerator()
rng.reseed("\1\2\3\4")
sys.stdout.write("\tcorrect := []byte{")
for i, x in enumerate(rng.pseudo_random_data(100)):
if i % 15 == 0:
sys.stdout.write("\n\t\t")
else:
sys.stdout.write(" ")
sys.stdout.write("%d," % ord(x))
sys.stdout.write("\n\t}\n")
sys.stdout.write("\tcorrect = []byte{")
for i, x in enumerate(rng.pseudo_random_data((1 << 20) + 100)[-100:]):
if i % 15 == 0:
sys.stdout.write("\n\t\t")