def _step_2_password_verification(self, sock, password, salt):
"""
Verify password.
:param sock:
:param password:
:param salt:
:return:
"""
pw_hash = self.crypto_service.compute_pw_hash(password, salt)
nonce = PacketOrganiser.genRandomNumber()
msg = PacketOrganiser.prepare_packet(pw_hash, nonce)
auth_2_msg = self.crypto_service.sym_encrypt(self.dh_key, msg)
sock.sendto(auth_2_msg, self.server_addr)
# step 3
recv_msg = util.get_one_response(sock, self.server_addr)
# print("Receive msg from {}: {}".format(self.server_addr, recv_msg))
dec_msg = self.crypto_service.sym_decrypt(self.dh_key, recv_msg)
n, msg_parts = PacketOrganiser.process_packet(dec_msg)
if n != nonce:
raise Exception(c.STEP_THREE_NONCE_FAIL_MSG)
auth_result = msg_parts[0]
if auth_result == c.AUTH_SUCCESS:
self.auth_success = True
elif auth_result == c.MSG_RESPONSE_WRONG_CR:
print(c.WRONG_CR_MSG)
return self.auth_success
def _step_2_password_verification(self, sock, password, salt):
"""
Verify password.
:param sock:
:param password:
:param salt:
:return:
"""
pw_hash = self.crypto_service.compute_pw_hash(password, salt)
nonce = PacketOrganiser.genRandomNumber()
msg = PacketOrganiser.prepare_packet(pw_hash, nonce)
auth_2_msg = self.crypto_service.sym_encrypt(self.dh_key, msg)
sock.sendto(auth_2_msg, self.server_addr)
# step 3
recv_msg = util.get_one_response(sock, self.server_addr)
# print("Receive msg from {}: {}".format(self.server_addr, recv_msg))
dec_msg = self.crypto_service.sym_decrypt(self.dh_key, recv_msg)
n, msg_parts = PacketOrganiser.process_packet(dec_msg)
if n != nonce:
raise Exception(c.STEP_THREE_NONCE_FAIL_MSG)
auth_result = msg_parts[0]
if auth_result == c.AUTH_SUCCESS:
self.auth_success = True
elif auth_result == c.MSG_RESPONSE_WRONG_CR:
print(c.WRONG_CR_MSG)
return self.auth_success
def _step_1_dh_key_establish(self, sock, chl, k, ind, username):
"""
DH contribution exchange
:param sock:
:param chl:
:param k:
:param ind:
:return:
"""
ans = self.ra.compute_answer(chl, k)
dh_pri_key = self.crypto_service.get_dh_pri_key()
dh_pub_key = self.crypto_service.get_dh_pub_key(dh_pri_key)
msg_to_send_parts = [dh_pub_key, username, ""]
nonce = PacketOrganiser.genRandomNumber()
msg_to_send = PacketOrganiser.prepare_packet(msg_to_send_parts,
nonce=nonce,
add_time=False)
enc_msg_to_send = self.crypto_service.rsa_encrypt(msg_to_send)
auth_1_msg_parts = [ans, ind, enc_msg_to_send]
auth_1_msg = PacketOrganiser.prepare_packet(auth_1_msg_parts,
add_time=False)
sock.sendto(auth_1_msg, self.server_addr)
recv_msg = util.get_one_response(sock, self.server_addr)
# print("Receive msg from {}, length: {}".format(self.server_addr, len(recv_msg)))
_, msg_sign = PacketOrganiser.process_packet(recv_msg)
if msg_sign[0] == c.MSG_RESPONSE_WRONG_CR:
print(c.WRONG_CR_MSG)
return
elif msg_sign[0] == c.MSG_RESPONSE_USER_EXISTS:
print(c.USER_ALREADY_LOGIN_MSG)
return
else:
msg, sign, _ = msg_sign
if not self.crypto_service.rsa_verify(msg,
sign): # TODO for testing
raise Exception(c.STEP_ONE_FAIL_MSG)
_, pub_enc_salt = PacketOrganiser.process_packet(msg)
other_pub_key, enc_salt, _ = pub_enc_salt
other_pub_key = int(other_pub_key)
self.dh_key = self.crypto_service.get_dh_secret(
dh_pri_key, other_pub_key)
dec_salt_pack = self.crypto_service.sym_decrypt(
self.dh_key, enc_salt)
n1, salt_parts = PacketOrganiser.process_packet(dec_salt_pack)
salt = salt_parts[0]
if n1 == nonce:
return salt
def _step_1_dh_key_establish(self, sock, chl, k, ind, username):
"""
DH contribution exchange
:param sock:
:param chl:
:param k:
:param ind:
:return:
"""
ans = self.ra.compute_answer(chl, k)
dh_pri_key = self.crypto_service.get_dh_pri_key()
dh_pub_key = self.crypto_service.get_dh_pub_key(dh_pri_key)
msg_to_send_parts = [dh_pub_key, username, ""]
nonce = PacketOrganiser.genRandomNumber()
msg_to_send = PacketOrganiser.prepare_packet(msg_to_send_parts, nonce=nonce, add_time=False)
enc_msg_to_send = self.crypto_service.rsa_encrypt(msg_to_send)
auth_1_msg_parts = [ans, ind, enc_msg_to_send]
auth_1_msg = PacketOrganiser.prepare_packet(auth_1_msg_parts, add_time=False)
sock.sendto(auth_1_msg, self.server_addr)
recv_msg = util.get_one_response(sock, self.server_addr)
# print("Receive msg from {}, length: {}".format(self.server_addr, len(recv_msg)))
_, msg_sign = PacketOrganiser.process_packet(recv_msg)
if msg_sign[0] == c.MSG_RESPONSE_WRONG_CR:
print(c.WRONG_CR_MSG)
return
elif msg_sign[0] == c.MSG_RESPONSE_USER_EXISTS:
print(c.USER_ALREADY_LOGIN_MSG)
return
else:
msg, sign, _ = msg_sign
if not self.crypto_service.rsa_verify(msg, sign): # TODO for testing
raise Exception(c.STEP_ONE_FAIL_MSG)
_, pub_enc_salt = PacketOrganiser.process_packet(msg)
other_pub_key, enc_salt, _ = pub_enc_salt
other_pub_key = int(other_pub_key)
self.dh_key = self.crypto_service.get_dh_secret(dh_pri_key, other_pub_key)
dec_salt_pack = self.crypto_service.sym_decrypt(self.dh_key, enc_salt)
n1, salt_parts = PacketOrganiser.process_packet(dec_salt_pack)
salt = salt_parts[0]
if n1 == nonce:
return salt
def get_good_nonce(dict):
nonce = PacketOrganiser.genRandomNumber()
while nonce in dict:
nonce = PacketOrganiser.genRandomNumber()
return nonce
def get_good_nonce(dict):
nonce = PacketOrganiser.genRandomNumber()
while nonce in dict:
nonce = PacketOrganiser.genRandomNumber()
return nonce