コード例 #1
0
def main():
    server_address = ('localhost', 9999)  # authentication server address
    ss_id = '1efeggrvv'  # id of service server
    ss_address = ('localhost', 5000)  # address of service server
    tgt_path = 'tgt'
    data_path = 'data.json'

    login = input('login: '******'password: '******'utf-8')
    # create key from hash of password
    m = hashlib.sha256()
    m.update(password)
    key_c = DesKey(m.digest()[:8])

    with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as sock:
        is_authenticated = is_auth(data_path, tgt_path)
        # Loop while we are not authorized
        while True:
            # skip authentication if we already have tgt
            if is_authenticated:
                with open('data.json') as f1, open('tgt', 'rb') as f2:
                    data = json.load(f1)
                    tgt = f2.read()
            else:
                # AS_REQ
                as_req(sock, server_address, login, key_c)
                # AS_REP
                data, tgt = as_rep(sock, key_c, tgt_path, data_path)

            key_c_tgs, tgs_address, p1 = data
            # key_c_tgs is a string key
            key_c_tgs = DesKey(key_c_tgs.encode('utf-8'))
            # tgs_address is a list (need a tuple)
            tgs_address = tuple(tgs_address)
        # TGS_REQ
            tgs_req(sock, tgs_address, login, ss_id, tgt, key_c_tgs)
        # TGS_REP
            tgs_rep_data = tgs_rep(sock, key_c_tgs)
            if tgs_rep_data:
                break
            else:
                is_authenticated = False

        data_tgs, st = tgs_rep_data
        key_c_ss, ss, p2 = data_tgs
        # key_c_ss is a string key
        key_c_ss = DesKey(key_c_ss.encode('utf-8'))
    # SS_REQ
        t4 = int(dt.datetime.utcnow().timestamp())
        ss_req(sock, ss_address, login, t4, st, key_c_ss)
    # SS_REP
        t_c1 = sock.recv(1024)
        t_c1 = int(key_c_ss.decrypt(t_c1))
        if t_c1 - t4 == 1:
            print('Success authorization :)')
        else:
            print('Server is not authorized!')
コード例 #2
0
 def handle(self):
     data = self.request[0].strip()
     socket = self.request[1]
     print("{} wrote:".format(self.client_address[0]))
     print(data)
     if data == b'TGS_REQ':
         tgt = socket.recv(1024)
         ss = socket.recv(1024).decode('utf-8')
         aut1 = socket.recv(1024)
         if ss not in services:
             socket.sendto(b'Error: invalid ss_id', self.client_address)
             return
         tgt = K_TGS.decrypt(tgt)
         c1, key_c_tgs, p1, t_kdc = json.loads(tgt)
         key_c_tgs = DesKey(key_c_tgs.encode('utf-8'))
         aut1 = key_c_tgs.decrypt(aut1)
         aut1 = json.loads(aut1)
         c2, t_c = aut1
         t_c = dt.datetime.fromtimestamp(t_c)
         t_kdc = dt.datetime.fromtimestamp(t_kdc)
         delta = (t_c - t_kdc).total_seconds()
         print(c1, c2, delta, p1)
         # TGS_REP
         if c1 == c2 and delta / 3600 < p1:
             key_c_ss = ''.join(
                 secrets.choice(string.ascii_letters + string.digits)
                 for _ in range(8))
             p2 = 10  # hours
             data_c_tgs = json.dumps([key_c_ss, ss, p2]).encode('utf-8')
             data_c_tgs = key_c_tgs.encrypt(data_c_tgs)
             socket.sendto(data_c_tgs, self.client_address)
             t3 = int(dt.datetime.utcnow().timestamp())
             tgs = json.dumps([c1, ss, t3, p2, key_c_ss]).encode('utf-8')
             tgs = K_SS.encrypt(tgs)
             socket.sendto(tgs, self.client_address)
         else:
             socket.sendto(b'Error: Unauthorized', self.client_address)