def verifyCloseConnection(crypto_dict, message): try: decode = base64.b64decode(message) key = crypto_dict["rsa_server_public_key"][crypto_dict["rsa_user_public_key_hash"]][0] return [True, rsa.unsign(key, decode)] except Exception as inst: return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: " + str(inst)]
def unpack_message_general(encoded_message, crypto_dict, machine, verbose = False):
if machine == "client":
verify_nonce = "client_nonces"
updated_nonce = "server_nonces"
required_rsa_key = "rsa_server_public_key"
else:
verify_nonce = "server_nonces"
updated_nonce = "client_nonces"
required_rsa_key = "rsa_user_public_keys"
debug(verbose, "encoded_message", encoded_message)
if machine != "client":
# Strip User ID
encoded_message = encoded_message.split(".")
user_id = encoded_message[0]
encoded_message = encoded_message[1]
debug(verbose, "aes_session_id", user_id)
# Decode message
try:
decoded_message = base64.b64decode(encoded_message)
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64decode (encrypt) ]: " + str(inst)]
if machine != "client":
crypto_dict["rsa_user_public_key_hash"] = None
for key in crypto_dict["aes_session_ids"]:
value = crypto_dict["aes_session_ids"][key]
if value == user_id:
crypto_dict["rsa_user_public_key_hash"] = key
break
if crypto_dict["rsa_user_public_key_hash"] == None:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: User ID invalid"]
# Decrypt message
try:
key = crypto_dict["aes_session_keys"][crypto_dict["rsa_user_public_key_hash"]]
debug(verbose, "key", key)
aes_decrypted_message = str(aes.aes_decrypt(key, decoded_message))
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> aes.decrypt ]: " + str(inst)]
debug(verbose, "aes_decrypted_message", aes_decrypted_message)
# Message Parsing
try:
rdmSplit = aes_decrypted_message.split("|")
message_content, message_hash, message_signature = rdmSplit[0], rdmSplit[1], rdmSplit[2]
# Remove any AES padding from signature
message_signature = message_signature.strip(".")
debug(verbose, "message_content", message_content)
debug(verbose, "message_hash", message_hash)
debug(verbose, "message_signature", message_signature)
mcSplit = message_content.split(",")
message, client_nonce, server_nonce = mcSplit[0], mcSplit[1], mcSplit[2]
debug(verbose, "message", message)
debug(verbose, "client_nonce", client_nonce)
debug(verbose, "server_nonce", server_nonce)
if machine != "client":
temp = message.split(";")
temp = temp[1]
crypto_dict["rsa_user_public_key"] = crypto_dict["rsa_user_public_keys"][temp][0]
if crypto_dict["rsa_user_public_keys"][temp][1]:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: user hash already voted"]
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> Message Parsing ]: " + str(inst)]
# Decode signature
try:
message_signature_decoded = base64.b64decode(message_signature)
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64decode (signature) ]: " + str(inst)]
# Verify Signature
try:
if str(rsa.unsign(crypto_dict[required_rsa_key][crypto_dict["rsa_user_public_key_hash"]][0], message_signature_decoded)) != message_hash:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: signature verification failed"]
elif verbose:
print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: signature verification passed"
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.unsign (Signature Verification) ]: " + str(inst)]
# Verify Hash
try:
if str(sha.sha256(message_content)) != message_hash:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: hash verification failed"]
elif verbose:
print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: hash verification passed"
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> sha.sha256 (Hash Verification) ]: " + str(inst)]
# Verify Nonce
if machine == "client":
nonce = client_nonce
nonce_updated = server_nonce
else:
nonce = server_nonce
nonce_updated = client_nonce
if nonce != crypto_dict[verify_nonce][crypto_dict["rsa_user_public_key_hash"]]:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: nonce verification failed"]
elif verbose:
print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: nonce verification passed"
# Upadte crypto_dictionary
crypto_dict[updated_nonce][crypto_dict["rsa_user_public_key_hash"]] = nonce_updated
if verbose:
print "\n"
if machine == "client":
return [True, message]
else:
try:
encoded_public_key = base64.b64encode(crypto_dict[required_rsa_key][crypto_dict["rsa_user_public_key_hash"]][0].publickey().exportKey("PEM"))
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64encode (Public Key) ]: " + str(inst)]
return [True, [encoded_public_key, message, base64.b64encode(message_signature)]]
def unpack_handshake_general(encoded_message, crypto_dict, machine, verbose = False):
if machine == "client":
required_rsa_decrypt_key = "rsa_user_private_key"
required_rsa_verify_key = "rsa_server_public_key"
else:
required_rsa_decrypt_key = "rsa_server_private_key"
required_rsa_verify_key = "rsa_user_public_keys"
debug(verbose, "encoded_message", encoded_message)
# Split messages
encoded_messages = encoded_message.split("|")
# Decode message
try:
decoded_messages = []
for encoded_message in encoded_messages:
decoded_messages.append(base64.b64decode(encoded_message))
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64decode (encrypt) ]: " + str(inst)]
# Decrypt message
try:
rsa_decrypted_message = ""
for decoded_message in decoded_messages:
rsa_decrypted_message += str(rsa.decrypt(crypto_dict[required_rsa_decrypt_key], decoded_message))
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.decrypt ]: " + str(inst)]
debug(verbose, "rsa_decrypted_message", rsa_decrypted_message)
# Message Parsing
try:
rdmSplit = rsa_decrypted_message.split("|")
message_content, message_hash, message_signature = rdmSplit[0], rdmSplit[1], rdmSplit[2]
debug(verbose, "message_content", message_content)
debug(verbose, "message_hash", message_hash)
debug(verbose, "message_signature", message_signature)
mcSplit = message_content.split(",")
message, client_nonce, server_nonce = mcSplit[0], mcSplit[1], mcSplit[2]
debug(verbose, "message", message)
debug(verbose, "client_nonce", client_nonce)
debug(verbose, "server_nonce", server_nonce)
if machine != "client":
temp = message.split(";")
crypto_dict["rsa_user_public_key_hash"] = temp[1]
debug(verbose, "rsa_user_public_key_hash", crypto_dict["rsa_user_public_key_hash"])
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> Message Parsing ]: " + str(inst)]
# Decode signature
try:
message_signature = base64.b64decode(message_signature)
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> base64.b64decode (signature) ]: " + str(inst)]
# Verify Signature
try:
if str(rsa.unsign(crypto_dict[required_rsa_verify_key][crypto_dict["rsa_user_public_key_hash"]][0], message_signature)) != message_hash:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: signature verification failed"]
elif verbose:
print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: signature verification passed"
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> rsa.unsign (Signature Verification) ]: " + str(inst)]
# Verify Hash
try:
if str(sha.sha256(message_content)) != message_hash:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: hash verification failed"]
elif verbose:
print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: hash verification passed"
except Exception as inst:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " -> sha.sha256 (Hash Verification) ]: " + str(inst)]
# Verify Nonce
if machine == "client":
if client_nonce != crypto_dict["client_nonces"][crypto_dict["rsa_user_public_key_hash"]]:
return [False, "Error [ " + str(inspect.stack()[0][3]) + " ]: nonce verification failed"]
elif verbose:
print debug_spacing + "Debug [ " + str(inspect.stack()[0][3]) + " ]: nonce verification passed"
# Upadte crypto_dictionary
crypto_dict["server_nonces"][crypto_dict["rsa_user_public_key_hash"]] = server_nonce
else:
# Upadte crypto_dictionary
crypto_dict["client_nonces"][crypto_dict["rsa_user_public_key_hash"]] = client_nonce
if verbose:
print "\n"
return [True, message]
