#print("!!!!!!!!!SENDING RST PACKET!!!!!!!!") self.Server_seqNum = pkt.seqNum + 1 self.send_rst(self.transport, self.seqNum, self.Server_seqNum) self.Client_state = self.CLI_INITIAL elif pkt.SYN == False and pkt.ACK == False and self.Client_state == self.CLI_ESTABLISHED and pkt.data != 0: self.seqNum = pkt.ackNum self.Server_seqNum = pkt.seqNum + len(pkt.data) RECV_BUFF = pkt.data print(RECV_BUFF) print( "\n!!!!!!!!!!!!!!!!!DATA PACKET RECIEVED!!!!!!!!!!!!!!!!!!!!\n" ) self.higherProtocol().data_received(pkt.data) #print("PAcket sent to higher layer") #Process the data packet recieved else: print("!!!!!SOMETHING!!!") else: #print("SOMETHING!!!") self.send_rtr(self.transport, self.seqNum, self.Server_seqNum) PIMPClientFactory = StackingProtocolFactory.CreateFactoryType( lambda: PIMPClientProtocol()) PIMPServerFactory = StackingProtocolFactory.CreateFactoryType( lambda: PIMPServerProtocol())
print(result) pkt = DataPacket(seq=self.send_next, data=self.send_data_buff[0:15000], hash=0) pkt.hash = binascii.crc32(pkt.__serialize__()) & 0xffffffff self.send_data_buff = self.send_data_buff[15000:] else: pkt = DataPacket( seq=self.send_next, data=self.send_data_buff[0:len(self.send_data_buff)], hash=0) pkt.hash = binascii.crc32(pkt.__serialize__()) & 0xffffffff self.send_data_buff = b"" if self.recv_next == 2**32: self.recv_next = 0 else: self.send_next += 1 self.send_packet = pkt self.send_packet_time = time.time() self.transport.write(pkt.__serialize__()) print("OUT: SEQ=" + str(pkt.seq)) # self.loop.create_task(self.wait_ack_timeout(pkt)) PassthroughClientFactory = StackingProtocolFactory.CreateFactoryType( lambda: POOP(mode="client")) PassthroughServerFactory = StackingProtocolFactory.CreateFactoryType( lambda: POOP(mode="server"))
if pkt.DEFINITION_IDENTIFIER == "crap.datapacket": if self.mode == "server": aesgcm = AESGCM(self.decB) try: decDataB = aesgcm.decrypt(self.ivA, pkt.data, None) except Exception as error: logger.debug("Server Decryption failed") self.ivA = (int.from_bytes(self.ivA, "big") + 1).to_bytes( 12, "big") self.higherProtocol().data_received(decDataB) if self.mode == "client": aesgcm = AESGCM(self.decA) try: decDataA = aesgcm.decrypt(self.ivB, pkt.data, None) except Exception as error: logger.debug("Client Decryption failed") self.ivB = (int.from_bytes(self.ivB, "big") + 1).to_bytes( 12, "big") self.higherProtocol().data_received(decDataA) SecureClientFactory = StackingProtocolFactory.CreateFactoryType( lambda: POOP(mode="client"), lambda: CRAP(mode="client")) SecureServerFactory = StackingProtocolFactory.CreateFactoryType( lambda: POOP(mode="server"), lambda: CRAP(mode="server"))
import playground from playground.network.common import StackingProtocolFactory, StackingProtocol, StackingTransport from .protocol import PoopClient, PoopServer PoopClientFactory = StackingProtocolFactory.CreateFactoryType(PoopClient) PoopServerFactory = StackingProtocolFactory.CreateFactoryType(PoopServer) connector = playground.Connector(protocolStack=(PoopClientFactory(), PoopServerFactory())) playground.setConnector('poop', connector)
print("transport_write") #self.key_iv() key = AESGCM.generate_key(bit_length=128) encData = AESGCM(self.enc).encrypt(self.iv,data,None) self.iv = self.increIv(self.iv) dataPacket = DataPacket(data=encData) self.transport.write(dataPacket.__serialize__()) print("crap encrypted and sent data") def data_received_duplex(self, packet): print("data_received_duplex") #self.key_iv() data = AESGCM(self.dec).decrypt(self.peer_iv, packet.data, None) self.peer_iv = self.increIv(self.peer_iv) self.higherProtocol().data_received(data) print("crap received and decrypted data") def transport_close(self): self.higherProtocol().connection_lost(None) self.transport.close() SecureClientFactory = StackingProtocolFactory.CreateFactoryType( lambda: PassthroughProtocol(mode="client"), lambda: Crap(mode="client") ) SecureServerFactory = StackingProtocolFactory.CreateFactoryType( lambda: PassthroughProtocol(mode="server"), lambda: Crap(mode="server") )
self.pt.stop_shutdown_timer() # do shutdown logger.debug('{} side calling higherProtocol.connection_lost().'.format(self._mode)) self.higherProtocol().connection_lost('Connection closed by the server.') logger.debug('{} side calling self.transport.close()'.format(self._mode)) self.transport.close() # def connection_lost(self, exc): # logger.debug("{} POOP connection lost. Shutting down higher layer.".format(self._mode)) # p = ShutdownPacket() # max_seq = None # for seq in iter(self.pt.send_buf): # if max_seq is None or seq >= max_seq: # max_seq = seq # p.last_valid_sequence = self.pt.max_seq # logger.debug( # '{} side sending packet:\n' # 'syn: {}\n' # 'ack: {}\n' # 'status: {}\n' # 'error: {}\n' # 'last_valid_sequence: {}'.format(self._mode, p.SYN, p.ACK, p.status, p.error, p.last_valid_sequence)) # self.higherProtocol().connection_lost(exc) PoopHandshakeClientFactory = StackingProtocolFactory.CreateFactoryType(PoopHandshakeClientProtocol) PoopHandshakeServerFactory = StackingProtocolFactory.CreateFactoryType(PoopHandshakeServerProtocol) # test pass ID f7fd308456c51527cb302ba992457eebbb7c495595e366e8703690f0a391aa42
else: pass def sendClose(self): pass class PLSClientProtocol(PLSProtocol): def connection_made(self, transport): super().connection_made(transport) address, port = transport.get_extra_info("sockname") mykey, mychain = cert_factory.get_credentials(address) peeraddress = transport.get_extra_info("peername")[0] self.mycert(mykey, mychain, peeraddress) self.sendHello() class PLSServerProtocol(PLSProtocol): def connection_made(self, transport): super().connection_made(transport) address, port = transport.get_extra_info("sockname") mykey, mychain = cert_factory.get_credentials(address) peeraddress = transport.get_extra_info("peername")[0] self.mycert(mykey, mychain, peeraddress) self.state = self.SER_LISTEN PLSClientFactory = StackingProtocolFactory.CreateFactoryType(PLSClientProtocol) PLSServerFactory = StackingProtocolFactory.CreateFactoryType(PLSServerProtocol)
import playground from .pimp import PIMPServerFactory, PIMPClientFactory from .protocol import PLSRoastClient, PLSRoastServer from playground.network.common import StackingProtocolFactory pimpConnector = playground.Connector(protocolStack=(PIMPClientFactory(), PIMPServerFactory())) playground.setConnector("pimp", pimpConnector) playground.setConnector("lab1_GoldenNuggetNetSec2019", pimpConnector) pimpConnector = playground.getConnector("pimp") pimpClientType = pimpConnector.getClientStackFactory() pimpServerType = pimpConnector.getServerStackFactory() PlsClientFactory = StackingProtocolFactory.CreateFactoryType( pimpClientType, PLSClientProtocol) PlsServerFactory = StackingProtocolFactory.CreateFactoryType( pimpServerType, PLSServerProtocol) plsConnector = playground.Connector(protocolStack=(PlsClientFactory(), PlsServerFactory())) playground.setConnector("pls_roast", plsConnector)
import playground from .pls import PLSServerFactory, PLSClientFactory from playground.network.common import StackingProtocolFactory pimpConnector = playground.getConnector("pimp") pimpClientType = pimpConnector.getClientStackFactory() pimpServerType = pimpConnector.getServerStackFactory() PLSClientFact = StackingProtocolFactory.CreateFactoryType( pimpClientType, PLSClientFactory) PLSServerFact = StackingProtocolFactory.CreateFactoryType( pimpServerType, PLSServerFactory) plsConnector = playground.Connector(protocolStack=(PLSClientFactory(), PLSServerFactory())) playground.setConnector("pls_roast", plsConnector) #playground.setConnector("lab1_GoldenNuggetNetSec2019", pimpConnector)
class CRAP(StackingProtocol): def __init__(self, mode): super().__init__() msg = "{} CRAP init".format(mode) printx(msg) self._mode = mode self.status = 0 self.higher_transport = None self.deserializer = CrapPacketType.Deserializer( errHandler=ErrorHandleClass()) self.shared_secret = None self.man = Crypto_manager() # generate EC key # self.nonce = os.urandom(32) # todo: fix this self.nonce = random.randrange(10000) self.key = self.man.generate_EC_key() # get CA's pubk with open("keyfile/CA_pubk.pem", "rb") as file: self.CA_pubk = self.man.unpemfy_public_key(file.read()) # get key for cert # get cert and generate signature pubK_pem = self.man.pemfy_public_key(self.key.public_key()) if self._mode == "client": with open("keyfile/A_key.pem", "rb") as file: self.sign_key = self.man.unpemfy_private_key(file.read()) with open("keyfile/A_cert.pem", "rb") as file: self.cert_pem = file.read() self.cert = self.man.unpemfy_cert(self.cert_pem) self.sig = self.man.generate_RSA_signature( self.sign_key, pubK_pem) else: with open("keyfile/B_key.pem", "rb") as file: self.sign_key = self.man.unpemfy_private_key(file.read()) with open("keyfile/B_cert.pem", "rb") as file: self.cert_pem = file.read() self.cert = self.man.unpemfy_cert(self.cert_pem) self.sig = self.man.generate_RSA_signature( self.sign_key, pubK_pem) def connection_made(self, transport): info = "{} CRAP: connection made".format(self._mode) print(info) logger.debug(info) self.transport = transport self.higher_transport = CRAPTransport(transport) self.higher_transport.connect_protocol(self) if self._mode == "client": # client send first packet public_key_pem = self.man.pemfy_public_key(self.key.public_key()) pkt = HandshakePacket( status=0, pk=public_key_pem, signature=self.sig, cert=self.cert_pem, nonce=self.nonce) self.send_pkt(pkt) print("CRAP: client sent first pkt") def send_error_handshake_pkt(self): pkt = HandshakePacket(status=2) self.send_pkt(pkt) def send_pkt(self, pkt): self.transport.write(pkt.__serialize__()) def data_received(self, buffer): print("{} CRAP: recv a buffer".format(self._mode)) self.deserializer.update(buffer) for pkt in self.deserializer.nextPackets(): pkt_type = pkt.DEFINITION_IDENTIFIER if pkt_type == HandshakePacket().DEFINITION_IDENTIFIER: # check unexpected pkt if pkt.status == 2: self.send_error_handshake_pkt() print("BUG CRAP: recv a error handshake pkt") return elif self.status == "SUCCESS": self.send_error_handshake_pkt() print("BUG CRAP: recv a handshake pkt when status is SUCCESS") return # two cases if self._mode == "client": try: # verify cert and sig get EC_pubk self.verify_pkt_cert_and_sig(pkt) # verify nonce self.verify_pkt_nonce(pkt) except Exception as e: print("{} CRAP HANDSHAKE ERROR: exception when verifying cert, sig, or nonce, it says: {}".format( self._mode, e)) self.send_error_handshake_pkt() return # generate shared secret self.shared_secret = self.man.get_EC_derived_key( self.key, self.peer_EC_pubk) print("CRAP {}: shared key generated".format(self._mode)) # send response pkt nonce_sig = self.man.generate_RSA_signature( self.sign_key, pkt.nonce) self.send_pkt(HandshakePacket( status=1, nonceSignature=nonce_sig)) continue else: # tow cases if pkt.status == 0: # verify cert and sig, get EC_pubk try: self.verify_pkt_cert_and_sig(pkt) except Exception as e: print("{} CRAP HANDSHAKE ERROR: exception when verifying cert or sig it says: \"{}\"".format( self._mode, e)) self.send_error_handshake_pkt() return # send hello, challenge, responce pkt nonce_sig = self.man.generate_RSA_signature( self.sign_key, pkt.nonce) public_EC_key_pem = self.man.pemfy_public_key( self.key.public_key()) self.send_pkt(HandshakePacket(status=1, nonceSignature=nonce_sig, pk=public_EC_key_pem, signature=self.sig, cert=self.cert_pem, nonce=self.nonce)) continue else: # verify nonce try: self.verify_pkt_nonce(pkt) except Exception as e: print("{} CRAP HANDSHAKE ERROR: exception when verifying once it says: \"{}\"".format( self._mode, e)) self.send_error_handshake_pkt() return # generate shared secret self.shared_secret = self.man.get_EC_derived_key( self.key, self.peer_EC_pubk) print("CRAP {}: shared key generated".format(self._mode)) continue def verify_pkt_cert_and_sig(self, pkt): pkt_cert = self.man.unpemfy_cert(pkt.cert) cert_pubk = self.man.get_public_key_from_cert(pkt_cert) pkt_EC_pubk = self.man.unpemfy_public_key(pkt.pk) # verify cert, then trust cert_pubk self.man.verify_cert(self.CA_pubk, pkt_cert) print("{} CRAP: passed cert verify".format(self._mode)) # verify sig, then trust pkt_EC_pubk(pkt.pk) # TODO: define date self.man.verify_RSA_signature(cert_pubk, pkt.signature, pkt.pk) print("{} CRAP: passed sig verify".format(self._mode)) self.peer_cert_pubk = cert_pubk self.peer_EC_pubk = pkt_EC_pubk def verify_pkt_nonce(self, pkt): # TODO: change back! self.man.verify_RSA_signature( self.peer_cert_pubk, pkt.nonceSignature, self.nonce) def connection_lost(self, exc): logger.debug( "{} CRAP connection lost. Shutting down higher layer.". format(self._mode)) self.higherProtocol().connection_lost(exc) CRAPClientFactory = StackingProtocolFactory.CreateFactoryType( lambda: POOP(mode="client"), lambda: CRAP(mode="client")) CRAPServerFactory = StackingProtocolFactory.CreateFactoryType( lambda: POOP(mode="server"), lambda: CRAP(mode="server"))
self.transport = transport # logger.debug("{} passthrough connection made. Calling connection made higher.".format(self._mode)) # higher_transport = HandshakeTransport(transport) # self.higherProtocol().connection_made(higher_transport) if (self._mode == "client"): self.SYN = random.randint(0, 254) self.ACK = random.randint(1, 254) packet = HandshakePacket(SYN=self.SYN, status=HandshakePacket.NOT_STARTED) packetBytes = packet.__serialize__() logger.debug('Sending:\n' + 'Info: \n' + 'SYN: ' + str(packet.SYN) + '\n' + 'ack: ' + str(packet.ACK) + '\n' + 'status: ' + str(packet.status) + '\n' + 'error: ' + str(packet.error) + '\n') self.transport.write(packetBytes) def connection_lost(self, exc): # logger.debug("{} passthrough connection lost. Shutting down higher layer.".format(self._mode)) self.higherProtocol().connection_lost(exc) HandshakeClientFactory = StackingProtocolFactory.CreateFactoryType( lambda: HandshakeProtocol(mode="client")) HandshakeServerFactory = StackingProtocolFactory.CreateFactoryType( lambda: HandshakeProtocol(mode="server"))
import playground from .protocol import CrapProtocol from .poop.protocol import PoopHandshakeClientProtocol, PoopHandshakeServerProtocol from playground.network.common import StackingProtocolFactory ClientFactory = StackingProtocolFactory.CreateFactoryType( PoopHandshakeClientProtocol, lambda: CrapProtocol(mode="client")) ServerFactory = StackingProtocolFactory.CreateFactoryType( PoopHandshakeServerProtocol, lambda: CrapProtocol(mode="server")) Connector = playground.Connector(protocolStack=(ClientFactory(), ServerFactory())) playground.setConnector("crap", Connector) playground.setConnector("CRAP", Connector)