Exemple #1
0
 def init_self_connection(self):
     #Add myself to neighbors
     ownNeighborEntry = Neighbor()
     ownNeighborEntry.ipAddress = self.hostname
     ownNeighborEntry.encryptionKey = self.key
     ownNeighborEntry.encryptionIV = self.iv
     #Connect to own socket
     tempNeighborList = {}
     tempNeighborList[self.hostname] = ownNeighborEntry
     self.onAPJoined(tempNeighborList)
Exemple #2
0
 def init_self_connection(self):
     #Add myself to neighbors
     ownNeighborEntry = Neighbor()
     ownNeighborEntry.ipAddress = self.hostname
     ownNeighborEntry.encryptionKey = self.key
     ownNeighborEntry.encryptionIV = self.iv
     #Connect to own socket
     tempNeighborList = {}
     tempNeighborList[self.hostname] = ownNeighborEntry
     self.onAPJoined(tempNeighborList)
Exemple #3
0
 def sendFloodingMessage(self, message, max_ttl, msg_type='data', sub_type='std', key=str(), iv=str(), nodeID="255.255.255.255"):
     self.log.debug("sendFloodingMessage()")
     if len(key) != 16 or len(iv)!=16:
         key = self.key
         iv = self.iv
         lasthop = self.hostname
     else:
         self.log.debug("sendFloodingMessage, last hop key = old keys")
         lasthop = 'old_keys'
         #self.key_material[lasthop] = (key, iv)
         oldKeyNeighbor = Neighbor()
         oldKeyNeighbor.encryptionKey = key
         oldKeyNeighbor.encryptionIV = iv
         oldKeyNeighbor.pubKey = self.pubKey
         self.globalNeighborList[lasthop] = oldKeyNeighbor
     self.log.debug("SendFlooding to: nodeID: %s, msg_type=%s" %(nodeID, msg_type))
     #Apply asymmetric encryption for unicast messages
     if nodeID != "255.255.255.255" and msg_type=="ctrl":
         #Apply enrcyption with public key of receiver
         if nodeID in self.globalNeighborList:
             self.log.debug('Additional public key encryption for unicast CTRL message to %s applied.' % (nodeID))
             oaep = PKCS1_OAEP.new(self.globalNeighborList[nodeID].pubKey)
             asssymEncMessage = oaep.encrypt(message)
             message = asssymEncMessage
         else:
             self.log.error('Unicast Message to neighbor %s cannot be sent, neighbor is not available in neighbor list' % (nodeID))
             self.sendingUserSpaceMessageEvent.set()
             return
     elif nodeID != "255.255.255.255" and msg_type=="data":
         if nodeID in self.globalNeighborList:
             self.log.debug('Additional symmetric key encryption for unicast STD message to %s applied.' % (nodeID))
             aes = AES.new(self.globalNeighborList[nodeID].unicastSendKey, AES.MODE_CFB, self.globalNeighborList[nodeID].unicastSendIv)
             enc_message = aes.encrypt(message)
             # to base64
             enc_message_b64 = base64.encodestring(enc_message)
             message = enc_message_b64
         else:
             self.log.error('Unicast Message to neighbor %s cannot be sent, neighbor is not available in neighbor list' % (nodeID))
             self.sendingUserSpaceMessageEvent.set()
             return
     #create signature:
     sig = self.security_helper.create_signature(message, self.rsaKey)
     # encrypt message
     aes = AES.new(key, AES.MODE_CFB, iv)
     enc_message = aes.encrypt(message)
     # to base64
     enc_message_b64 = base64.encodestring(enc_message)
     if msg_type != "ctrl":
         self.log.debug('Source message: plain=%s, encrypted_B64=%s, rec:=%s' % (message, enc_message_b64, nodeID))
     json_data = { 'host': self.hostname, 'lasthop': lasthop, 'id': self.local_id, 'rec': nodeID, 'ttl': max_ttl, 'msg_type' : msg_type, 'sub_type' : sub_type, 'msg': enc_message_b64, 'sig': sig }
     self.snd_socket.send_json(json_data)
     self.local_id = self.local_id + 1
Exemple #4
0
 def sendFloodingMessage(self, message, max_ttl, msg_type='data', sub_type='std', key=str(), iv=str(), nodeID="255.255.255.255"):
     self.log.debug("sendFloodingMessage()")
     if len(key) != 16 or len(iv)!=16:
         key = self.key
         iv = self.iv
         lasthop = self.hostname
     else:
         self.log.debug("sendFloodingMessage, last hop key = old keys")
         lasthop = 'old_keys'
         #self.key_material[lasthop] = (key, iv)
         oldKeyNeighbor = Neighbor()
         oldKeyNeighbor.encryptionKey = key
         oldKeyNeighbor.encryptionIV = iv
         oldKeyNeighbor.pubKey = self.pubKey
         self.globalNeighborList[lasthop] = oldKeyNeighbor
     self.log.debug("SendFlooding to: nodeID: %s, msg_type=%s" %(nodeID, msg_type))
     #Apply asymmetric encryption for unicast messages
     if nodeID != "255.255.255.255" and msg_type=="ctrl":
         #Apply enrcyption with public key of receiver
         if nodeID in self.globalNeighborList:
             self.log.debug('Additional public key encryption for unicast CTRL message to %s applied.' % (nodeID))
             oaep = PKCS1_OAEP.new(self.globalNeighborList[nodeID].pubKey)
             asssymEncMessage = oaep.encrypt(message)
             message = asssymEncMessage
         else:
             self.log.error('Unicast Message to neighbor %s cannot be sent, neighbor is not available in neighbor list' % (nodeID))
             self.sendingUserSpaceMessageEvent.set()
             return
     elif nodeID != "255.255.255.255" and msg_type=="data":
         if nodeID in self.globalNeighborList:
             self.log.debug('Additional symmetric key encryption for unicast STD message to %s applied.' % (nodeID))
             aes = AES.new(self.globalNeighborList[nodeID].unicastSendKey, AES.MODE_CFB, self.globalNeighborList[nodeID].unicastSendIv)
             enc_message = aes.encrypt(message)
             # to base64
             enc_message_b64 = base64.encodestring(enc_message)
             message = enc_message_b64
         else:
             self.log.error('Unicast Message to neighbor %s cannot be sent, neighbor is not available in neighbor list' % (nodeID))
             self.sendingUserSpaceMessageEvent.set()
             return
     #create signature:
     sig = self.security_helper.create_signature(message, self.rsaKey)
     # encrypt message
     aes = AES.new(key, AES.MODE_CFB, iv)
     enc_message = aes.encrypt(message)
     # to base64
     enc_message_b64 = base64.encodestring(enc_message)
     if msg_type != "ctrl":
         self.log.debug('Source message: plain=%s, encrypted_B64=%s, rec:=%s' % (message, enc_message_b64, nodeID))
     json_data = { 'host': self.hostname, 'lasthop': lasthop, 'id': self.local_id, 'rec': nodeID, 'ttl': max_ttl, 'msg_type' : msg_type, 'sub_type' : sub_type, 'msg': enc_message_b64, 'sig': sig }
     self.snd_socket.send_json(json_data)
     self.local_id = self.local_id + 1
Exemple #5
0
    def receiveMessage(self, myCallback):
        self.log.debug('receiveMessage')
        # Socket to talk to server
        context = zmq.Context()
        socket = context.socket(zmq.SUB)
        socket.connect ("tcp://%s:%s" % (self.hostname, self.FWD_PORT))
        socket.setsockopt(zmq.SUBSCRIBE, "")
        while True:
            json_data = socket.recv_json()
            if json_data['host'] == self.hostname:
                continue
            #decode
            encoded = base64.decodestring(json_data['msg'])
            aes = AES.new(self.key, AES.MODE_CFB, self.iv)
            plain = aes.decrypt(encoded)
            sig = json_data['sig']
            if not self.security_helper.verify_signature(sig, plain, self.rsaKey):
                self.log.debug("Signature mismatch while checking own signature...")
                continue

            if json_data['rec'] != "255.255.255.255" and json_data['rec'] == self.hostname and json_data['msg_type'] == "ctrl":
                assymEncrMessage = plain
                plain = self.security_helper.decrypt_with_private_key(self.rsaKey, assymEncrMessage)
                self.log.debug('Received unicast CTRL message from: %s with subtype %s' % (json_data['host'], json_data['sub_type']))

            elif json_data['rec'] != "255.255.255.255" and json_data['rec'] == self.hostname and json_data['msg_type'] == "data":
                if json_data['rec'] in self.globalNeighborList:
                    plain_encoded = base64.decodestring(plain)
                    if self.globalNeighborList[json_data['host']].unicastRecKey == str():
                        self.log.warn('Unicast Message from neighbor %s could not be decoded, no unicast key available' % (json_data['rec']))
                        continue
                    aes = AES.new(self.globalNeighborList[json_data['host']].unicastRecKey, AES.MODE_CFB, self.globalNeighborList[json_data['host']].unicastRecIv)
                    plain = aes.decrypt(plain_encoded)
                    self.log.debug('Unicast Message from neighbor %s decoded' % (json_data['rec']))

            self.log.debug('rx plain |%s|' % (plain))
            self.processingNeighborMessageEvent.set()
            json_data['msg'] = unicode(plain, errors='ignore')
            #If the message is a control message
            if json_data['msg_type'] == 'ctrl':
                self.log.debug("Received CTRL Message")
                timestampKCM = int(time.time())
                #if the message is a key change message
                if json_data['sub_type'] == 'kcm':
                    self.log.debug("Received CTRL Message waiting for sendingUserSpaceMessageEvent")
                    self.sendingUserSpaceMessageEvent.wait()
                    self.log.debug("Received CTRL Message waiting for sendingUserCtrlMessageEvent")
                    self.sendingUserCtrlMessageEvent.wait()
                    self.log.debug("Received CTRL Message waiting for processingProbeRequestEvent")
                    self.processingProbeRequestEvent.wait()
                    self.log.debug("Received CTRL Message waiting for processingChangeKeysEvent")
                    self.processingChangeKeysEvent.wait()
                    self.log.debug("Received CTRL Message waiting for processingNeighborMessageEvent")
                    self.processingNeighborMessageEvent.wait()
                    self.log.debug("Received CTRL Message clearing processingNeighborUpdateEvent")
                    self.processingNeighborUpdateEvent.clear()
                    self.log.debug("Received CTRL Message running....")
                    plain_splitted = json_data['msg'].split('|')
                    freq = int(plain_splitted[0])
                    ssid = plain_splitted[1]
                    ipAddress = plain_splitted[2]

                    self.log.debug("Received key change message (KCM): ssid: %s, freq: %s " % (str(ssid), str(freq)))
                    if (json_data["host"] in self.globalNeighborList):
                        newNeighborEntry = Neighbor()
                        newNeighborEntry.ipAddress = ipAddress
                        newNeighborEntry.freq = freq
                        newNeighborEntry.ssid = ssid
                        newNeighborEntry.timestampLastKCM = timestampKCM
                        self.globalNeighborList = self.parsing_helper.parse_existing_neighbor(newNeighborEntry, self.globalNeighborList)
                        self.rescan_neighbor(freq, ssid, ipAddress, 10)
                    self.processingNeighborUpdateEvent.set()
                #if the message is a request unicast key message
                elif json_data['sub_type'] == 'ruk':
                    self.log.debug("Received request for unicast key (RUK) CTRL Message")
                    #generate unicast symmetric key and send them back.
                    if (json_data["host"] in self.globalNeighborList):
                        if len(self.globalNeighborList[json_data["host"]].unicastRecKey)>2:
                            retMsg = json.dumps({"key" : str(self.globalNeighborList[json_data["host"]].unicastRecKey.encode('hex')), "iv" : str(self.globalNeighborList[json_data["host"]].unicastRecIv.encode('hex'))})
                            self.sendCtrlToNeighbor(retMsg, "nuk", str(), str(), json_data["host"])
                        else:
                            keys = self.security_helper.generateSymmetricKeys()
                            retMsg = json.dumps({"key" : str(keys['keyHexStr']), "iv" : str(keys['ivHexStr'])})
                            self.sendCtrlToNeighbor(retMsg, "nuk", str(), str(), json_data["host"])
                            self.globalNeighborList[json_data["host"]].unicastRecKey = keys['key']
                            self.globalNeighborList[json_data["host"]].unicastRecIv = keys['iv']
                    else:
                        self.log.warn("Unkown neighbor requested symmetric unicast keys")
                elif json_data['sub_type'] == 'nuk':
                    self.log.debug("Received new unicast key (NUK) CTRL Message")
                    if (json_data["host"] in self.globalNeighborList):
                        nukMsg = json.loads(json_data['msg'])
                        self.globalNeighborList[json_data["host"]].unicastSendKey = nukMsg["key"].decode('hex')
                        self.globalNeighborList[json_data["host"]].unicastSendIv = nukMsg["iv"].decode('hex')
                        self.globalNeighborList[json_data["host"]].waitingForUnicastKeys.set()

            else:
                myCallback(json_data)
Exemple #6
0
    def receiveMessage(self, myCallback):
        self.log.debug('receiveMessage')
        # Socket to talk to server
        context = zmq.Context()
        socket = context.socket(zmq.SUB)
        socket.connect ("tcp://%s:%s" % (self.hostname, self.FWD_PORT))
        socket.setsockopt(zmq.SUBSCRIBE, "")
        while True:
            json_data = socket.recv_json()
            if json_data['host'] == self.hostname:
                continue
            #decode
            encoded = base64.decodestring(json_data['msg'])
            aes = AES.new(self.key, AES.MODE_CFB, self.iv)
            plain = aes.decrypt(encoded)
            sig = json_data['sig']
            if not self.security_helper.verify_signature(sig, plain, self.rsaKey):
                self.log.debug("Signature mismatch while checking own signature...")
                continue

            if json_data['rec'] != "255.255.255.255" and json_data['rec'] == self.hostname and json_data['msg_type'] == "ctrl":
                assymEncrMessage = plain
                plain = self.security_helper.decrypt_with_private_key(self.rsaKey, assymEncrMessage)
                self.log.debug('Received unicast CTRL message from: %s with subtype %s' % (json_data['host'], json_data['sub_type']))

            elif json_data['rec'] != "255.255.255.255" and json_data['rec'] == self.hostname and json_data['msg_type'] == "data":
                if json_data['rec'] in self.globalNeighborList:
                    plain_encoded = base64.decodestring(plain)
                    if self.globalNeighborList[json_data['host']].unicastRecKey == str():
                        self.log.warn('Unicast Message from neighbor %s could not be decoded, no unicast key available' % (json_data['rec']))
                        continue
                    aes = AES.new(self.globalNeighborList[json_data['host']].unicastRecKey, AES.MODE_CFB, self.globalNeighborList[json_data['host']].unicastRecIv)
                    plain = aes.decrypt(plain_encoded)
                    self.log.debug('Unicast Message from neighbor %s decoded' % (json_data['rec']))

            self.log.debug('rx plain |%s|' % (plain))
            self.processingNeighborMessageEvent.set()
            json_data['msg'] = unicode(plain, errors='ignore')
            #If the message is a control message
            if json_data['msg_type'] == 'ctrl':
                self.log.debug("Received CTRL Message")
                timestampKCM = int(time.time())
                #if the message is a key change message
                if json_data['sub_type'] == 'kcm':
                    self.log.debug("Received CTRL Message waiting for sendingUserSpaceMessageEvent")
                    self.sendingUserSpaceMessageEvent.wait()
                    self.log.debug("Received CTRL Message waiting for sendingUserCtrlMessageEvent")
                    self.sendingUserCtrlMessageEvent.wait()
                    self.log.debug("Received CTRL Message waiting for processingProbeRequestEvent")
                    self.processingProbeRequestEvent.wait()
                    self.log.debug("Received CTRL Message waiting for processingChangeKeysEvent")
                    self.processingChangeKeysEvent.wait()
                    self.log.debug("Received CTRL Message waiting for processingNeighborMessageEvent")
                    self.processingNeighborMessageEvent.wait()
                    self.log.debug("Received CTRL Message clearing processingNeighborUpdateEvent")
                    self.processingNeighborUpdateEvent.clear()
                    self.log.debug("Received CTRL Message running....")
                    plain_splitted = json_data['msg'].split('|')
                    freq = int(plain_splitted[0])
                    ssid = plain_splitted[1]
                    ipAddress = plain_splitted[2]

                    self.log.debug("Received key change message (KCM): ssid: %s, freq: %s " % (str(ssid), str(freq)))
                    if (json_data["host"] in self.globalNeighborList):
                        newNeighborEntry = Neighbor()
                        newNeighborEntry.ipAddress = ipAddress
                        newNeighborEntry.freq = freq
                        newNeighborEntry.ssid = ssid
                        newNeighborEntry.timestampLastKCM = timestampKCM
                        self.globalNeighborList = self.parsing_helper.parse_existing_neighbor(newNeighborEntry, self.globalNeighborList)
                        self.rescan_neighbor(freq, ssid, ipAddress, 10)
                    self.processingNeighborUpdateEvent.set()
                #if the message is a request unicast key message
                elif json_data['sub_type'] == 'ruk':
                    self.log.debug("Received request for unicast key (RUK) CTRL Message")
                    #generate unicast symmetric key and send them back.
                    if (json_data["host"] in self.globalNeighborList):
                        if len(self.globalNeighborList[json_data["host"]].unicastRecKey)>2:
                            retMsg = json.dumps({"key" : str(self.globalNeighborList[json_data["host"]].unicastRecKey.encode('hex')), "iv" : str(self.globalNeighborList[json_data["host"]].unicastRecIv.encode('hex'))})
                            self.sendCtrlToNeighbor(retMsg, "nuk", str(), str(), json_data["host"])
                        else:
                            keys = self.security_helper.generateSymmetricKeys()
                            retMsg = json.dumps({"key" : str(keys['keyHexStr']), "iv" : str(keys['ivHexStr'])})
                            self.sendCtrlToNeighbor(retMsg, "nuk", str(), str(), json_data["host"])
                            self.globalNeighborList[json_data["host"]].unicastRecKey = keys['key']
                            self.globalNeighborList[json_data["host"]].unicastRecIv = keys['iv']
                    else:
                        self.log.warn("Unkown neighbor requested symmetric unicast keys")
                elif json_data['sub_type'] == 'nuk':
                    self.log.debug("Received new unicast key (NUK) CTRL Message")
                    if (json_data["host"] in self.globalNeighborList):
                        nukMsg = json.loads(json_data['msg'])
                        self.globalNeighborList[json_data["host"]].unicastSendKey = nukMsg["key"].decode('hex')
                        self.globalNeighborList[json_data["host"]].unicastSendIv = nukMsg["iv"].decode('hex')
                        self.globalNeighborList[json_data["host"]].waitingForUnicastKeys.set()

            else:
                myCallback(json_data)