def _requestTable(self, message): try: if message.sender != 'collector': return self.factory.fail("Unauthorized request for table by '%s'" % message.sender) if not message.signed: return self.factory.fail("Table Request message must be signed by collector") if not message.validateSignature(): return self.factory.fail("Invalid signature on Table Request message") encKey = message['encrypted-session-key'] myKey = app.keyManager.getMyKey() keyHex = myKey.privateEncrypt(encKey) key = SessionKey(int(keyHex, 16)) logger.debug("Received session key from collector:") logger.debug(keyHex, False) table = self.factory.authNode.generateTable() encTable = key.encrypt(json.dumps(table)) message = SecureMessage() message['encrypted-table'] = encTable message.sign() logger.split() self.sendMessage(message) except KeyError as e: return self.factory.fail("Get-Session-Key no: '%s' field found in message" % e)
def sendResults(self, voteCount, index, vote): message = SecureMessage() message.action = 'announce-results' message['vote-count'] = voteCount message['your-vote'] = { 'index': index, 'vote': vote } message.sign() self.sendMessage(message)
def _sendVote(self): encVote = self.factory.sessionKey.encrypt(self.factory.vote) logger.debug("Encrypting vote with session key:") logger.debug(encVote, False) logger.verbose("Sending encrypted vote to collector...") message = SecureMessage() message.action = "vote" message['vote'] = encVote message.sign() self.sendMessage(message)
def _sendCert(self): message = SecureMessage() message.action = 'get-session-key' message['certificate'] = self.factory.cert message.sign() #authKey = app.keyManager.findKey('authority') #message.encrypt(authKey) logger.debug("Sending certficate to authority") self.sendMessage(message)
def messageReceived(self, message): logger.debug("Message received from client") try: vote = message['vote'] index = self.factory.receivedVote(self, vote) reply = SecureMessage() reply.action = 'set-index' reply['index'] = index reply.sign() logger.debug("Sending index to client") self.sendMessage(reply) except KeyError as e: return self.factory.fail("Malformed message received from client. No '%s' field" % e)
def sendIndex(self, index, sessionKey): message = SecureMessage() message.action = "set-index" pair = { 'certificate': self.factory.cert, 'index': index } pairString = json.dumps(pair) encPair = sessionKey.encrypt(pairString) message['certificate'] = self.factory.cert message['pair'] = encPair logger.verbose("Sending certificate/index pair to Authority") self.sendMessage(message.sign()) self.transport.loseConnection()
def _sendRequest(self): message = SecureMessage() sessionKeyFactory = SessionKeyFactory() sessionKey = sessionKeyFactory.createAESKey() self.factory.collectorNode.authKey = sessionKey logger.debug("Created session key for Authority connection:") logger.debug(sessionKey.hex(), False) authKey = app.keyManager.findKey("authority") encryptedKey = authKey.publicEncrypt(sessionKey.hex()) message.action = "request-table" message['encrypted-session-key'] = encryptedKey message.sign() self.sendMessage(message)
def _getSessionKey(self, message): try: certificate = message['certificate'] # Create Cert # This is not working #cert = m2c.X509.load_cert_string(certificate) # Stupid hack to get it working tmp = open('.tmp.cert', 'w') tmp.write(certificate) tmp.close() cert = m2c.X509.load_cert('.tmp.cert') if not self.factory.authNode.validateCert(cert): logger.info("Invalid Certificate received from %s" % self.transport.getPeer()) reply = SecureMessage() reply['status'] = 'invalid' else: logger.verbose("Certificate validated") reply = SecureMessage() reply['status'] = 'ok' sessionKey = self.factory.authNode.generateSessionKey(cert) logger.verbose("Generated session key '%s'" % sessionKey.hex()) logger.verbose("Sending session key to client..") publicKeyPem = cert.get_pubkey().get_rsa().as_pem() keyParser = KeyParser() publicKey = keyParser.parsePemPublic(publicKeyPem) encSessionKey = publicKey.publicEncrypt(sessionKey.hex()) reply['encrypted-session-key'] = encSessionKey logger.split() self.sendMessage(reply.sign()) except KeyError as e: return self.factory.fail("Get-Session-Key no: '%s' field found in message" % e)
def messageReceived(self, message): peer = self.transport.getPeer() #logger.debug("<%s:%s> Message Received:" % (peer.host, peer.port)) #logger.debug(message, False) myKey = app.keyManager.getMyKey() if 'public-key' not in message: logger.warning("Faulty message received: no public-key found. Discarding...") return publicKey = message['public-key'] cert = self.factory.cert.createCertificate(publicKey) logger.info("Certificate created for client <%s:%s>" % (peer.host, peer.port)) logger.verbose(cert.as_text()) reply = SecureMessage() reply['status'] = 'ok' reply['certificate'] = cert.as_pem() reply.sign() self.sendMessage(reply)