def data_received(self, data):
self.deserializer.update(data)
for packet in self.deserializer.nextPackets():
if isinstance(packet, PlsHello):
self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[0])))
self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[1])))
self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[2])))
print("\nReceived Server Hello. Trying to verify issuer...")
if self.validate(self.incoming_cert):
self.m.update(packet.__serialize__())
print(" Server Certificate Validated. Sending Client Key Exchange!\n")
clientkey = PlsKeyExchange()
randomvalue = os.urandom(16) #b'1234567887654321'
print(type(randomvalue))
self.pkc = int.from_bytes(randomvalue, byteorder='big')
clientkey.NoncePlusOne = packet.Nonce + 1
self.ns = packet.Nonce
pub_key = self.incoming_cert[0].public_key()
encrypted1 = pub_key.encrypt(randomvalue, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(),label=None))
print ("Encrypted String is: ",encrypted1)
clientkey.PreKey = encrypted1
clkey = clientkey.__serialize__()
print("Sent the Prekey to Server.")
self.m.update(clkey)
self.transport.write(clkey)
if isinstance(packet, PlsKeyExchange):
print("Received Server Key Exchange.")
self.m.update(packet.__serialize__())
serverpriv = CipherUtil.loadPrivateKeyFromPemFile("/root/keys/client/sagar-client.key")
decrypted = serverpriv.decrypt(packet.PreKey, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(), label=None))
print("Decrypted Pre-Master Secret: ", decrypted)
self.pks = int.from_bytes(decrypted, byteorder='big')
#====================================
#sending digest
self.clientdigest = self.m.digest()
print("Hash digest is: ", self.clientdigest)
hdone = PlsHandshakeDone()
hdone.ValidationHash = self.clientdigest
hdone_s = hdone.__serialize__()
print("Sent the PLS Handshake Done to server.")
self.transport.write(hdone_s)
if isinstance(packet, PlsHandshakeDone):
print("\n\nReceived Server Handshake done message.")
if (self.clientdigest == packet.ValidationHash):
print("Digest verification done!")
self.key_generator()
plstransport = PLSStackingTransport(self, self.transport)
higherTransport = StackingTransport(plstransport)
self.higherProtocol().connection_made(higherTransport)
if isinstance(packet, PlsData):
print("=====================Recieved Data Packet from PLSServer ======================")
self.ctr = 0
if self.mac_verification_engine(packet.Ciphertext, packet.Mac):
print("=====================Pls Client Verification Successful. Decrypting=============")
DecryptedPacket = self.decryption_engine(packet.Ciphertext)
print("=======================Decryption DONE! =======Sending to HigherLayer===========")
self.higherProtocol().data_received(DecryptedPacket)
self.ctr = 0
else:
self.ctr += 1
if self.ctr != 5:
print("Verification Failed. Try Again. Failed {}").format(self.ctr)
else:
print("Verification failed 5 times. Killing Connection and Sending PlsClose.")
# Creating and Sending PlsClose
self.ctr = 0
Close = PlsClose()
#Close.Error = "Closing Connection due to 5 Verification failures. Aggressive Close."
serializeClose = Close.__serialize__()
self.transport.write(serializeClose)
self.transport.close()
if isinstance(packet, PlsClose):
print("==================Received PlsClose from Server======================== ")
#self.connection_lost(self)
self.transport.close()
def data_received(self, data):
print("###SSL layer data received called!###")
self.deserializer.update(data)
for packet in self.deserializer.nextPackets():
#print(packet.Certs[0], packet.Certs[1], packet.Certs[2])
if isinstance(packet, PlsHello):
self.incoming_cert.append(
CipherUtil.getCertFromBytes(str.encode(packet.Certs[0])))
self.incoming_cert.append(
CipherUtil.getCertFromBytes(str.encode(packet.Certs[1])))
self.incoming_cert.append(
CipherUtil.getCertFromBytes(str.encode(packet.Certs[2])))
print(
"\nReceived Client Hello packet. Trying to verify issuer..."
)
#print(packet.Certs)
if self.validate(self.incoming_cert):
self.nc = packet.Nonce
self.m = hashlib.sha1()
self.m.update(packet.__serialize__())
print("Certificate Validated. Sending Server hello!\n")
self.clientnonce = packet.Nonce
serverhello = PlsHello()
serverhello.Nonce = int.from_bytes(
os.urandom(8), byteorder='big') #12345678
self.ns = serverhello.Nonce
idcert = getIDCertsForAddr()
pubkey = getCertsForAddr()
root = getRootCertsForAddr()
serverhello.Certs = []
serverhello.Certs.append(idcert)
serverhello.Certs.append(pubkey)
serverhello.Certs.append(root)
srvhello = serverhello.__serialize__()
print("Sent Server Hello!\n")
self.m.update(srvhello)
self.transport.write(srvhello)
if isinstance(packet, PlsKeyExchange):
print("Received Client Key Exchange. Server Server Keys\n\n")
self.m.update(packet.__serialize__())
serverpriv = CipherUtil.loadPrivateKeyFromPemFile(
"/root/keys/server/sagar-server.key")
decrypted = serverpriv.decrypt(
packet.PreKey,
padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
print("Decrypted Pre-Master Secret: ", decrypted)
self.pkc = int.from_bytes(decrypted, byteorder='big')
#====================================
#Creating Server Pre-Master
serverkey = PlsKeyExchange()
randomvalue = os.urandom(16) #b'1234567887654321'
self.pks = int.from_bytes(randomvalue, byteorder='big')
serverkey.NoncePlusOne = self.clientnonce + 1
pub_key = self.incoming_cert[0].public_key()
encrypted1 = pub_key.encrypt(
randomvalue,
padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
print("Encrypted String is: ", encrypted1)
serverkey.PreKey = encrypted1
skey = serverkey.__serialize__()
print("Sent the Prekey to Client.\n\n")
self.m.update(skey)
self.transport.write(skey)
if isinstance(packet, PlsHandshakeDone):
print("Received Client Handshake done message.")
clientdigest = packet.ValidationHash
serverdigest = self.m.digest()
print("Hash digest is: ", serverdigest)
hdone = PlsHandshakeDone()
hdone.ValidationHash = serverdigest
if (serverdigest == clientdigest):
print("Digest verification done!")
# calling higher connection made since we have received the ACK
self.key_generator()
plstransport = PLSStackingTransport(self, self.transport)
higherTransport = StackingTransport(plstransport)
self.higherProtocol().connection_made(higherTransport)
hdone_s = hdone.__serialize__()
self.transport.write(hdone_s)
if isinstance(packet, PlsData):
print(
"=====================Recieved Data Packet from PLSClient======================"
)
self.ctr = 0
if self.mac_verification_engine(packet.Ciphertext, packet.Mac):
print(
"=====================Pls Client Verification Successful. Decrypting============="
)
DecryptedPacket = self.decryption_engine(packet.Ciphertext)
print(
"=======================Decryption DONE! =======Sending to HigherLayer==========="
)
self.higherProtocol().data_received(DecryptedPacket)
self.ctr = 0
else:
self.ctr += 1
if self.ctr != 5:
print("Verification Failed. Try Again. Failed {}"
).format(self.ctr)
else:
print(
"Verification failed 5 times. Killing Connection and Sending PlsClose."
)
self.ctr = 0
#Creating and Sending PlsClose
Close = PlsClose()
#Close.Error = "Closing Connection due to 5 Verification failures. Aggrresive Close"
serializeClose = Close.__serialize__()
self.transport.write(serializeClose)
self.transport.close()
if isinstance(packet, PlsClose):
print(
"==================Received PlsClose from Client======================== "
)
#self.connection_lost(self)
self.transport.close()
def data_received(self, data):
self.deserializer.update(data)
for packet in self.deserializer.nextPackets():
if isinstance(packet, PlsHello):
self.incoming_cert.append(
CipherUtil.getCertFromBytes(str.encode(packet.Certs[0])))
self.incoming_cert.append(
CipherUtil.getCertFromBytes(str.encode(packet.Certs[1])))
self.incoming_cert.append(
CipherUtil.getCertFromBytes(str.encode(packet.Certs[2])))
print("\nReceived Server Hello. Trying to verify issuer...")
if self.validate(self.incoming_cert):
self.m.update(packet.__serialize__())
print(
" Server Certificate Validated. Sending Client Key Exchange!\n"
)
clientkey = PlsKeyExchange()
randomvalue = b'1234567887654321'
print(type(randomvalue))
self.pkc = randomvalue.decode()
clientkey.NoncePlusOne = packet.Nonce + 1
self.ns = packet.Nonce
pub_key = self.incoming_cert[0].public_key()
encrypted1 = pub_key.encrypt(
randomvalue,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
print("Encrypted String is: ", encrypted1)
clientkey.PreKey = encrypted1
clkey = clientkey.__serialize__()
print("Sent the Prekey to Server.")
self.m.update(clkey)
self.transport.write(clkey)
if isinstance(packet, PlsKeyExchange):
print("Received Server Key Exchange.")
self.m.update(packet.__serialize__())
serverpriv = CipherUtil.loadPrivateKeyFromPemFile(
"/root/keys/client/sagar-client.key")
decrypted = serverpriv.decrypt(
packet.PreKey,
padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
print("Decrypted Pre-Master Secret: ", decrypted)
self.pks = decrypted.decode()
#====================================
#sending digest
self.clientdigest = self.m.digest()
print("Hash digest is: ", self.clientdigest)
hdone = PlsHandshakeDone()
hdone.ValidationHash = self.clientdigest
hdone_s = hdone.__serialize__()
print("Sent the PLS Handshake Done to server.")
self.transport.write(hdone_s)
if isinstance(packet, PlsHandshakeDone):
print("\n\nReceived Server Handshake done message.")
if (self.clientdigest == packet.ValidationHash):
print("Digest verification done!")
self.key_generator()
def data_received(self, data):
print("###SSL layer data received called!###")
self.deserializer.update(data)
for packet in self.deserializer.nextPackets():
#print(packet.Certs[0], packet.Certs[1], packet.Certs[2])
if isinstance(packet, PlsHello):
self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[0])))
self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[1])))
self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[2])))
print("\nReceived Client Hello packet. Trying to verify issuer...")
#print(packet.Certs)
if self.validate(self.incoming_cert):
self.nc = packet.Nonce
self.m = hashlib.sha1()
self.m.update(packet.__serialize__())
print("Certificate Validated. Sending Server hello!\n")
self.clientnonce = packet.Nonce
serverhello = PlsHello()
serverhello.Nonce = 12345678
self.ns = serverhello.Nonce
idcert = getIDCertsForAddr()
pubkey = getCertsForAddr()
root = getRootCertsForAddr()
serverhello.Certs = []
serverhello.Certs.append(idcert)
serverhello.Certs.append(pubkey)
serverhello.Certs.append(root)
srvhello = serverhello.__serialize__()
print("Sent Server Hello!\n")
self.m.update(srvhello)
self.transport.write(srvhello)
if isinstance(packet, PlsKeyExchange):
print("Received Client Key Exchange. Server Server Keys\n\n")
self.m.update(packet.__serialize__())
serverpriv = CipherUtil.loadPrivateKeyFromPemFile("/root/keys/server/sagar-server.key")
decrypted = serverpriv.decrypt(packet.PreKey, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(), label=None))
print("Decrypted Pre-Master Secret: ", decrypted)
self.pkc = decrypted.decode()
#====================================
#Creating Server Pre-Master
serverkey = PlsKeyExchange()
randomvalue = b'1234567887654321'
self.pks = randomvalue.decode()
serverkey.NoncePlusOne = self.clientnonce + 1
pub_key = self.incoming_cert[0].public_key()
encrypted1 = pub_key.encrypt(randomvalue, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(), label=None))
print("Encrypted String is: ", encrypted1)
serverkey.PreKey = encrypted1
skey = serverkey.__serialize__()
print("Sent the Prekey to Client.\n\n")
self.m.update(skey)
self.transport.write(skey)
if isinstance(packet, PlsHandshakeDone):
print("Received Client Handshake done message.")
clientdigest = packet.ValidationHash
serverdigest = self.m.digest()
print("Hash digest is: ", serverdigest)
hdone = PlsHandshakeDone()
hdone.ValidationHash = serverdigest
if (serverdigest == clientdigest):
print("Digest verification done!")
self.key_generator()
hdone_s = hdone.__serialize__()
self.transport.write(hdone_s)
