Example #1
0
    def _requestTable(self, message):
        try:
            if message.sender != 'collector':
                return self.factory.fail("Unauthorized request for table by '%s'" % message.sender)
            if not message.signed:
                return self.factory.fail("Table Request message must be signed by collector")
            if not message.validateSignature():
                return self.factory.fail("Invalid signature on Table Request message")

            encKey = message['encrypted-session-key']
            myKey = app.keyManager.getMyKey()

            keyHex = myKey.privateEncrypt(encKey)
            key = SessionKey(int(keyHex, 16))
            logger.debug("Received session key from collector:")
            logger.debug(keyHex, False)

            table = self.factory.authNode.generateTable()
            encTable = key.encrypt(json.dumps(table))

            message = SecureMessage()
            message['encrypted-table'] = encTable
            message.sign()

            logger.split()
            self.sendMessage(message)


        except KeyError as e:
            return self.factory.fail("Get-Session-Key no: '%s' field found in message" % e)
Example #2
0
 def sendResults(self, voteCount, index, vote):
     message = SecureMessage()
     message.action = 'announce-results'
     message['vote-count'] = voteCount
     message['your-vote'] = {
         'index': index,
         'vote': vote
     }
     message.sign()
     self.sendMessage(message)
Example #3
0
    def _sendVote(self):
        encVote = self.factory.sessionKey.encrypt(self.factory.vote)

        logger.debug("Encrypting vote with session key:")
        logger.debug(encVote, False)
        logger.verbose("Sending encrypted vote to collector...")

        message = SecureMessage()
        message.action = "vote"
        message['vote'] = encVote
        message.sign()
        self.sendMessage(message)
Example #4
0
    def _sendCert(self):
        message = SecureMessage()
        message.action = 'get-session-key'
        message['certificate'] = self.factory.cert


        message.sign()
        
        #authKey = app.keyManager.findKey('authority')
        #message.encrypt(authKey)

        logger.debug("Sending certficate to authority")
        self.sendMessage(message)
Example #5
0
    def messageReceived(self, message):
        logger.debug("Message received from client")
        try:
            vote = message['vote']
            index = self.factory.receivedVote(self, vote)

            reply = SecureMessage()
            reply.action = 'set-index'
            reply['index'] = index
            reply.sign()

            logger.debug("Sending index to client")
            self.sendMessage(reply)
        except KeyError as e:
            return self.factory.fail("Malformed message received from client. No '%s' field" % e)
Example #6
0
    def sendIndex(self, index, sessionKey):
        message = SecureMessage()
        message.action = "set-index"

        pair = {
            'certificate': self.factory.cert,
            'index': index
        }

        pairString = json.dumps(pair)
        encPair = sessionKey.encrypt(pairString)

        message['certificate'] =  self.factory.cert
        message['pair'] = encPair

        logger.verbose("Sending certificate/index pair to Authority")
        self.sendMessage(message.sign())
        self.transport.loseConnection()
Example #7
0
    def _sendRequest(self):
        message = SecureMessage()

        sessionKeyFactory = SessionKeyFactory()
        sessionKey = sessionKeyFactory.createAESKey()
        self.factory.collectorNode.authKey = sessionKey

        logger.debug("Created session key for Authority connection:")
        logger.debug(sessionKey.hex(), False)

        authKey = app.keyManager.findKey("authority")
        encryptedKey = authKey.publicEncrypt(sessionKey.hex())
    
        message.action = "request-table"
        message['encrypted-session-key'] = encryptedKey
        message.sign()

        self.sendMessage(message)
Example #8
0
    def _getSessionKey(self, message):
        try:
            certificate = message['certificate']

            # Create Cert

            # This is not working
            #cert = m2c.X509.load_cert_string(certificate)
            # Stupid hack to get it working
            tmp = open('.tmp.cert', 'w')
            tmp.write(certificate)
            tmp.close()
            cert = m2c.X509.load_cert('.tmp.cert')

            if not self.factory.authNode.validateCert(cert):
                logger.info("Invalid Certificate received from %s" % self.transport.getPeer())
                reply = SecureMessage()
                reply['status'] = 'invalid'
            else:
                logger.verbose("Certificate validated")
                reply = SecureMessage()
                reply['status'] = 'ok'

                sessionKey = self.factory.authNode.generateSessionKey(cert)

                logger.verbose("Generated session key '%s'" % sessionKey.hex())
                logger.verbose("Sending session key to client..")

                publicKeyPem = cert.get_pubkey().get_rsa().as_pem()
                keyParser = KeyParser()
                publicKey = keyParser.parsePemPublic(publicKeyPem)
                encSessionKey = publicKey.publicEncrypt(sessionKey.hex())

                reply['encrypted-session-key'] = encSessionKey
            logger.split()
            self.sendMessage(reply.sign())

        except KeyError as e:
            return self.factory.fail("Get-Session-Key no: '%s' field found in message" % e)
Example #9
0
File: ca.py Project: ha-D/netsec
    def messageReceived(self, message):
        peer = self.transport.getPeer()
        #logger.debug("<%s:%s> Message Received:" % (peer.host, peer.port))
        #logger.debug(message, False)

        myKey = app.keyManager.getMyKey()

        if 'public-key' not in message:
            logger.warning("Faulty message received: no public-key found. Discarding...")
            return

        publicKey = message['public-key']
        cert = self.factory.cert.createCertificate(publicKey)

        logger.info("Certificate created for client <%s:%s>" % (peer.host, peer.port))
        logger.verbose(cert.as_text())

        reply = SecureMessage()
        reply['status'] = 'ok'
        reply['certificate'] = cert.as_pem()
        reply.sign()

        self.sendMessage(reply)