def sendClientNewLicenseRequest(self, licenseRequest): """ @summary: Create new license request in response to server license request @param licenseRequest: {ServerLicenseRequest} @see: http://msdn.microsoft.com/en-us/library/cc241989.aspx @see: http://msdn.microsoft.com/en-us/library/cc241918.aspx """ #get server information serverRandom = licenseRequest.serverRandom.value s = Stream(licenseRequest.serverCertificate.blobData.value) serverCertificate = gcc.ServerCertificate() s.readType(serverCertificate) #generate crypto values clientRandom = rsa.random(256) preMasterSecret = rsa.random(384) masterSecret = sec.masterSecret(preMasterSecret, clientRandom, serverRandom) sessionKeyBlob = sec.masterSecret(masterSecret, serverRandom, clientRandom) self._macSalt = sessionKeyBlob[:16] self._licenseKey = sec.finalHash(sessionKeyBlob[16:32], clientRandom, serverRandom) #format message message = ClientNewLicenseRequest() message.clientRandom.value = clientRandom message.encryptedPreMasterSecret.blobData.value = rsa.encrypt( preMasterSecret[::-1], serverCertificate.certData.getPublicKey())[::-1] + "\x00" * 8 message.ClientMachineName.blobData.value = self._hostname + "\x00" message.ClientUserName.blobData.value = self._username + "\x00" self._transport.sendFlagged(sec.SecurityFlag.SEC_LICENSE_PKT, LicPacket(message))
def sendClientNewLicenseRequest(self, licenseRequest): """ @summary: Create new license request in response to server license request @param licenseRequest: {ServerLicenseRequest} @see: http://msdn.microsoft.com/en-us/library/cc241989.aspx @see: http://msdn.microsoft.com/en-us/library/cc241918.aspx """ #get server information serverRandom = licenseRequest.serverRandom.value if self._transport.getGCCServerSettings().SC_SECURITY.serverCertificate._is_readed: serverCertificate = self._transport.getGCCServerSettings().SC_SECURITY.serverCertificate else: s = Stream(licenseRequest.serverCertificate.blobData.value) serverCertificate = gcc.ServerCertificate() s.readType(serverCertificate) #generate crypto values clientRandom = rsa.random(256) preMasterSecret = rsa.random(384) masterSecret = sec.masterSecret(preMasterSecret, clientRandom, serverRandom) sessionKeyBlob = sec.masterSecret(masterSecret, serverRandom, clientRandom) self._macSalt = sessionKeyBlob[:16] self._licenseKey = sec.finalHash(sessionKeyBlob[16:32], clientRandom, serverRandom) #format message message = ClientNewLicenseRequest() message.clientRandom.value = clientRandom message.encryptedPreMasterSecret.blobData.value = rsa.encrypt(preMasterSecret[::-1], serverCertificate.certData.getPublicKey())[::-1] + "\x00" * 8 message.ClientMachineName.blobData.value = self._hostname + "\x00" message.ClientUserName.blobData.value = self._username + "\x00" self._transport.sendFlagged(sec.SecurityFlag.SEC_LICENSE_PKT, LicPacket(message))
def sendClientRandom(self): """ @summary: generate and send client random and init session keys """ #generate client random clientRandom = rsa.random(256) self._macKey, self._initialDecrytKey, self._initialEncryptKey = generateKeys( clientRandom, self.getGCCServerSettings().SC_SECURITY.serverRandom.value, self.getGCCServerSettings().SC_SECURITY.encryptionMethod.value) #initialize keys self._currentDecrytKey = self._initialDecrytKey self._currentEncryptKey = self._initialEncryptKey self._decryptRc4 = rc4.RC4Key(self._currentDecrytKey) self._encryptRc4 = rc4.RC4Key(self._currentEncryptKey) #verify certificate if not self.getGCCServerSettings( ).SC_SECURITY.serverCertificate.certData.verify(): log.warning("cannot verify server identity") #send client random encrypted with serverPublicKey = self.getGCCServerSettings( ).SC_SECURITY.serverCertificate.certData.getPublicKey() message = ClientSecurityExchangePDU() #reverse because bignum in little endian message.encryptedClientRandom.value = rsa.encrypt( clientRandom[::-1], serverPublicKey)[::-1] self.sendFlagged(SecurityFlag.SEC_EXCHANGE_PKT, message)
def sendClientRandom(self): """ @summary: generate and send client random and init session keys """ #generate client random clientRandom = rsa.random(256) self._macKey, self._initialDecrytKey, self._initialEncryptKey = generateKeys( clientRandom, self.getGCCServerSettings().SC_SECURITY.serverRandom.value, self.getGCCServerSettings().SC_SECURITY.encryptionMethod.value) #initialize keys self._currentDecrytKey = self._initialDecrytKey self._currentEncryptKey = self._initialEncryptKey self._decryptRc4 = rc4.RC4Key(self._currentDecrytKey) self._encryptRc4 = rc4.RC4Key(self._currentEncryptKey) #verify certificate if not self.getGCCServerSettings().SC_SECURITY.serverCertificate.certData.verify(): log.warning("cannot verify server identity") #send client random encrypted with serverPublicKey = self.getGCCServerSettings().SC_SECURITY.serverCertificate.certData.getPublicKey() message = ClientSecurityExchangePDU() #reverse because bignum in little endian message.encryptedClientRandom.value = rsa.encrypt(clientRandom[::-1], serverPublicKey)[::-1] self.sendFlagged(SecurityFlag.SEC_EXCHANGE_PKT, message)