def make_dhfield(self, modp_options, sigmai):
dhs = []
for modp in modp_options:
p = dh.primes[modp]
g = dh.generators[modp]
x = crypto.srand(2**(2 * self.n - 1), p - 1)
# FIXME this may be a source of performance issues
e = crypto.powmod(g, x, p)
self.xes[modp] = x
self.es[modp] = e
if sigmai:
dhs.append(
base64.b64encode(crypto.encode_mpi(e)).decode('utf-8'))
name = 'dhkeys'
else:
He = crypto.sha256(crypto.encode_mpi(e))
dhs.append(base64.b64encode(He).decode('utf-8'))
name = 'dhhashes'
return nbxmpp.DataField(name=name, typ='hidden', value=dhs)
def make_dhfield(self, modp_options, sigmai):
dhs = []
for modp in modp_options:
p = dh.primes[modp]
g = dh.generators[modp]
x = crypto.srand(2 ** (2 * self.n - 1), p - 1)
# FIXME this may be a source of performance issues
e = crypto.powmod(g, x, p)
self.xes[modp] = x
self.es[modp] = e
if sigmai:
dhs.append(base64.b64encode(crypto.encode_mpi(e)))
name = 'dhkeys'
else:
He = crypto.sha256(crypto.encode_mpi(e))
dhs.append(base64.b64encode(He))
name = 'dhhashes'
return nbxmpp.DataField(name=name, typ='hidden', value=dhs)
def respond_e2e_bob(self, form, negotiated, not_acceptable):
response = xmpp.Message()
feature = response.NT.feature
feature.setNamespace(xmpp.NS_FEATURE)
x = xmpp.DataForm(typ='submit')
x.addChild(node=xmpp.DataField(name='FORM_TYPE', value='urn:xmpp:ssn'))
x.addChild(node=xmpp.DataField(name='accept', value='true'))
for name in negotiated:
# some fields are internal and should not be sent
if not name in ('send_pubkey', 'recv_pubkey'):
x.addChild(
node=xmpp.DataField(name=name, value=negotiated[name]))
self.negotiated = negotiated
# the offset of the group we chose (need it to match up with the dhhash)
group_order = 0
self.modp = int(form.getField('modp').getOptions()[group_order][1])
x.addChild(node=xmpp.DataField(name='modp', value=self.modp))
g = dh.generators[self.modp]
p = dh.primes[self.modp]
self.n_o = base64.b64decode(form['my_nonce'])
dhhashes = form.getField('dhhashes').getValues()
self.negotiated['He'] = base64.b64decode(
dhhashes[group_order].encode('utf8'))
bytes = int(self.n / 8)
self.n_s = crypto.generate_nonce()
# n-bit random number
self.c_o = crypto.decode_mpi(crypto.random_bytes(bytes))
self.c_s = self.c_o ^ (2**(self.n - 1))
self.y = crypto.srand(2**(2 * self.n - 1), p - 1)
self.d = crypto.powmod(g, self.y, p)
to_add = {
'my_nonce': self.n_s,
'dhkeys': crypto.encode_mpi(self.d),
'counter': crypto.encode_mpi(self.c_o),
'nonce': self.n_o
}
for name in to_add:
b64ed = base64.b64encode(to_add[name])
x.addChild(node=xmpp.DataField(name=name, value=b64ed))
self.form_o = ''.join(
map(lambda el: xmpp.c14n.c14n(el), form.getChildren()))
self.form_s = ''.join(
map(lambda el: xmpp.c14n.c14n(el), x.getChildren()))
self.status = 'responded-e2e'
feature.addChild(node=x)
if not_acceptable:
response = xmpp.Error(response, xmpp.ERR_NOT_ACCEPTABLE)
feature = xmpp.Node(xmpp.NS_FEATURE + ' feature')
for f in not_acceptable:
n = xmpp.Node('field')
n['var'] = f
feature.addChild(node=n)
response.T.error.addChild(node=feature)
self.send(response)
def get_shared_secret(self, e, y, p):
if (not 1 < e < (p - 1)):
raise exceptions.NegotiationError, 'invalid DH value'
return crypto.sha256(crypto.encode_mpi(crypto.powmod(e, y, p)))
def respond_e2e_bob(self, form, negotiated, not_acceptable):
"""
4.3 esession response (bob)
"""
response = nbxmpp.Message()
feature = response.NT.feature
feature.setNamespace(nbxmpp.NS_FEATURE)
x = nbxmpp.DataForm(typ='submit')
x.addChild(node=nbxmpp.DataField(name='FORM_TYPE',
value='urn:xmpp:ssn'))
x.addChild(node=nbxmpp.DataField(name='accept', value='true'))
for name in negotiated:
# some fields are internal and should not be sent
if not name in ('send_pubkey', 'recv_pubkey'):
x.addChild(node=nbxmpp.DataField(name=name,
value=negotiated[name]))
self.negotiated = negotiated
# the offset of the group we chose (need it to match up with the dhhash)
group_order = 0
modp_f = form.getField('modp')
if not modp_f:
return
self.modp = int(modp_f.getOptions()[group_order][1])
x.addChild(node=nbxmpp.DataField(name='modp', value=self.modp))
g = dh.generators[self.modp]
p = dh.primes[self.modp]
self.n_o = base64.b64decode(form['my_nonce'])
dhhashes_f = form.getField('dhhashes')
if not dhhashes_f:
return
dhhashes = dhhashes_f.getValues()
self.negotiated['He'] = base64.b64decode(dhhashes[group_order].encode(
'utf8'))
bytes = int(self.n / 8)
self.n_s = crypto.generate_nonce()
# n-bit random number
self.c_o = crypto.decode_mpi(crypto.random_bytes(bytes))
self.c_s = self.c_o ^ (2 ** (self.n - 1))
self.y = crypto.srand(2 ** (2 * self.n - 1), p - 1)
self.d = crypto.powmod(g, self.y, p)
to_add = {'my_nonce': self.n_s,
'dhkeys': crypto.encode_mpi(self.d),
'counter': crypto.encode_mpi(self.c_o),
'nonce': self.n_o}
for name in to_add:
b64ed = base64.b64encode(to_add[name])
x.addChild(node=nbxmpp.DataField(name=name, value=b64ed))
self.form_o = ''.join(nbxmpp.c14n.c14n(el, self._is_buggy_gajim()) for \
el in form.getChildren())
self.form_s = ''.join(nbxmpp.c14n.c14n(el, self._is_buggy_gajim()) for \
el in x.getChildren())
self.status = 'responded-e2e'
feature.addChild(node=x)
if not_acceptable:
response = nbxmpp.Error(response, nbxmpp.ERR_NOT_ACCEPTABLE)
feature = nbxmpp.Node(nbxmpp.NS_FEATURE + ' feature')
for f in not_acceptable:
n = nbxmpp.Node('field')
n['var'] = f
feature.addChild(node=n)
response.T.error.addChild(node=feature)
self.send(response)
def get_shared_secret(self, e, y, p):
if (not 1 < e < (p - 1)):
raise NegotiationError('invalid DH value')
return crypto.sha256(crypto.encode_mpi(crypto.powmod(e, y, p)))
def respond_e2e_bob(self, form, negotiated, not_acceptable):
response = xmpp.Message()
feature = response.NT.feature
feature.setNamespace(xmpp.NS_FEATURE)
x = xmpp.DataForm(typ="submit")
x.addChild(node=xmpp.DataField(name="FORM_TYPE", value="urn:xmpp:ssn"))
x.addChild(node=xmpp.DataField(name="accept", value="true"))
for name in negotiated:
# some fields are internal and should not be sent
if not name in ("send_pubkey", "recv_pubkey"):
x.addChild(node=xmpp.DataField(name=name, value=negotiated[name]))
self.negotiated = negotiated
# the offset of the group we chose (need it to match up with the dhhash)
group_order = 0
self.modp = int(form.getField("modp").getOptions()[group_order][1])
x.addChild(node=xmpp.DataField(name="modp", value=self.modp))
g = dh.generators[self.modp]
p = dh.primes[self.modp]
self.n_o = base64.b64decode(form["my_nonce"])
dhhashes = form.getField("dhhashes").getValues()
self.negotiated["He"] = base64.b64decode(dhhashes[group_order].encode("utf8"))
bytes = int(self.n / 8)
self.n_s = crypto.generate_nonce()
# n-bit random number
self.c_o = crypto.decode_mpi(crypto.random_bytes(bytes))
self.c_s = self.c_o ^ (2 ** (self.n - 1))
self.y = crypto.srand(2 ** (2 * self.n - 1), p - 1)
self.d = crypto.powmod(g, self.y, p)
to_add = {
"my_nonce": self.n_s,
"dhkeys": crypto.encode_mpi(self.d),
"counter": crypto.encode_mpi(self.c_o),
"nonce": self.n_o,
}
for name in to_add:
b64ed = base64.b64encode(to_add[name])
x.addChild(node=xmpp.DataField(name=name, value=b64ed))
self.form_o = "".join(map(lambda el: xmpp.c14n.c14n(el), form.getChildren()))
self.form_s = "".join(map(lambda el: xmpp.c14n.c14n(el), x.getChildren()))
self.status = "responded-e2e"
feature.addChild(node=x)
if not_acceptable:
response = xmpp.Error(response, xmpp.ERR_NOT_ACCEPTABLE)
feature = xmpp.Node(xmpp.NS_FEATURE + " feature")
for f in not_acceptable:
n = xmpp.Node("field")
n["var"] = f
feature.addChild(node=n)
response.T.error.addChild(node=feature)
self.send(response)
def get_shared_secret(self, e, y, p):
if not 1 < e < (p - 1):
raise exceptions.NegotiationError, "invalid DH value"
return crypto.sha256(crypto.encode_mpi(crypto.powmod(e, y, p)))