async def read_msg(self) -> bytes: header_data = await self.read(HEADER_LEN + MAC_LEN) header = self.decrypt_header(header_data) frame_size = self.get_frame_size(header) # The frame_size specified in the header does not include the padding to 16-byte boundary, # so need to do this here to ensure we read all the frame's data. read_size = roundup_16(frame_size) frame_data = await self.read(read_size + MAC_LEN) return self.decrypt_body(frame_data, frame_size)
async def read_msg(self) -> Tuple[protocol.Command, protocol._DecodedMsgType]: header_data = await self.read(HEADER_LEN + MAC_LEN) header = self.decrypt_header(header_data) frame_size = self.get_frame_size(header) # The frame_size specified in the header does not include the padding to 16-byte boundary, # so need to do this here to ensure we read all the frame's data. read_size = roundup_16(frame_size) frame_data = await self.read(read_size + MAC_LEN) msg = self.decrypt_body(frame_data, frame_size) cmd = self.get_protocol_command_for(msg) decoded_msg = cmd.decode(msg) self.logger.debug("Successfully decoded %s msg: %s", cmd, decoded_msg) return cmd, decoded_msg
def decrypt_body(self, data: bytes, body_size: int) -> bytes: read_size = roundup_16(body_size) if len(data) < read_size + MAC_LEN: raise ValueError('Insufficient body length; Got {}, wanted {}'.format( len(data), (read_size + MAC_LEN))) frame_ciphertext = data[:read_size] frame_mac = data[read_size:read_size + MAC_LEN] self.ingress_mac.update(frame_ciphertext) fmac_seed = self.ingress_mac.digest()[:MAC_LEN] self.ingress_mac.update(sxor(self.mac_enc(fmac_seed), fmac_seed)) expected_frame_mac = self.ingress_mac.digest()[:MAC_LEN] if not bytes_eq(expected_frame_mac, frame_mac): raise AuthenticationError('Invalid frame mac') return self.aes_dec.update(frame_ciphertext)[:body_size]