def __init__(self):
self._client_keys = {}
self._server_keys = {}
self._as_tgs = des.get_random_key()
self._tgs_id = des.get_random_key()
self._as = AS(self._client_keys, self._as_tgs, self._tgs_id)
self._tgs = TGS(self._server_keys, self._as_tgs, self._tgs_id)
def get_ticket(clid):
print("\n\n" + "=" * 30 + format("REQUEST TO AS(clid={})").format(clid) +
"=" * 30)
if clid not in client_keys:
print("\nERROR :FAILD TO FOUND CLIENT")
exit(1)
clkey = client_keys[clid]
print("K_c: {}".format(clkey))
tm = int(time.time())
print("now: {}".format(tm))
C_TGS = des.get_random_key()
print("GENERATE K_c_tgs key: {}".format(C_TGS))
TGT = pack("QQQQQ", clid, TGS_ID, tm, TICKET_LENGHT, C_TGS)
print("\npacked TGT(clid, TGS_ID, now, TICKET_LENGHT, C_TGS): {}\n".format(
TGT))
TGT_enc = des.encrypt(TGT, AS_TGS)
print("\nencrypted TGT x K_as_tgs: {}\n".format(TGT_enc))
responce = bytearray()
responce.append(len(TGT_enc) // 256)
responce.append(len(TGT_enc) % 256)
responce = responce + TGT_enc + pack("Q", C_TGS)
print("\n Packed responce(TGT_enc, K_c_tgs): {}\n".format(responce))
res = des.encrypt(responce, clkey)
print(
"\n Encrypted responce([TGT_enc, K_c_tgs] x K_c): {} \n".format(res))
print("=" * 60)
print()
return res
def check_des_double(text):
print('----------------- Double DES -----------------', end='\n\n')
print('Text:')
print(text, end='\n\n')
key1 = des.get_random_key()
key2 = des.get_random_key()
print(f'Keys: key1 = {key1}, key2 = {key2}', end='\n\n')
encrypted_text = des.encrypt_double(text.encode('utf-8'), key1, key2)
print('Encrypted text:')
print(encrypted_text, end='\n\n')
decrypted_text = des.decrypt_double(encrypted_text, key1, key2).decode('utf-8')
print('Decrypted text:')
print(decrypted_text, end='\n\n')
print('----------------------------------------------', end='\n\n')
def get_ticket(TGT_enc, AUTH_enc, server_id):
print("\n\n" + "=" * 30 + format("REQUEST TO TGS") + "=" * 30)
print("INPUT TGT x K_as_tgs: {}\n".format(TGT_enc))
print("INPUT AUTH x K_c_tgs: {}\n".format(AUTH_enc))
print("SERVER_ID: {}".format(server_id))
TGT = des.decrypt(TGT_enc, AS_TGS)
print("\ndecrypted TGT: {}\n".format(TGT))
clid, tgs_id, tm1, ticket_length, C_TGS = unpack("QQQQQ", TGT)
print("UNPACK")
print("Client ID: ", clid)
print("tgs_id: ", tgs_id)
print("ticket time: ", tm1)
print("ticket time length: ", ticket_length)
print("K_c_tgs: ", C_TGS)
if server_id not in server_keys:
print("ERROR: INVALID SERVER")
exit(1)
now = int(time.time())
if now - tm1 > ticket_length or tgs_id != TGS_ID:
print("ERROR: INVALID TIME")
exit(1)
AUTH = des.decrypt(AUTH_enc, C_TGS)
clid2, tm2 = unpack("QQ", AUTH)
if now - tm2 > ticket_length or clid != clid2:
print("ERROR: INVALID TIME")
exit(1)
K_c_ss = des.get_random_key()
print("GEnerated K_c_ss: ", K_c_ss)
TGS = pack("QQQQQ", clid, server_id, now, SERVER_TICKET_LENGHT, K_c_ss)
print("\npacked TGS: \n", TGS)
TGS_enc = des.encrypt(TGS, server_keys[server_id])
print("\nEncrypted TGS: \n", TGS_enc)
responce = bytearray()
responce.append(len(TGS_enc) // 256)
responce.append(len(TGS_enc) % 256)
responce = responce + TGS_enc + pack("Q", K_c_ss)
print("\nPacked responce( TGS x K_ss_tgs, K_c_ss): \n", responce)
res = des.encrypt(responce, C_TGS)
print("\nResponce x K_c_tgs: \n", res)
print("=" * 60)
print()
return res
def get_ticket(self, client_id):
print(f'KDC(AS): Request from client with id={client_id}')
print(f'KDC(AS): Received client id={client_id}', end='\n\n')
if client_id not in self._client_keys:
raise AuthorizationError(f'Client is not registered')
tm = int(time.time())
k_c_tgs = des.get_random_key()
tgt = struct.pack("QQQQQ", client_id, self._tgs_id, tm, self._ticket_len, k_c_tgs)
tgt = des.encrypt(tgt, self._as_tgs)
response = bytearray(tgt + struct.pack("Q", k_c_tgs))
response = des.encrypt(response, self._client_keys[client_id])
return response
def get_ticket(self, tgt, aut, server_id):
tgt = des.decrypt(tgt, self._as_tgs)
client_id, tgs_id, tm1, ticket_length, c_tgs = struct.unpack(
"QQQQQ", tgt)
print(f'KDC(TGS): Request from client with id={client_id}')
print(
f'KDC(TGS): Received tgt={tgt}, aut={aut}, server id={server_id}',
end='\n\n')
if server_id not in self._server_keys:
raise AuthorizationError(
f'Server with id={server_id} is not registered')
now = int(time.time())
if now - tm1 > ticket_length:
raise TimeLimitError('Time of ticket is over')
if tgs_id != self._id:
raise AuthenticationError('TGS ids are not equal')
aut = des.decrypt(aut, c_tgs)
copy_client_id, tm2 = struct.unpack("QQ", aut)
if now - tm2 > ticket_length:
raise TimeLimitError('Time of ticket is over')
if client_id != copy_client_id:
raise AuthenticationError('Client ids are not equal')
k_c_ss = des.get_random_key()
tgs = struct.pack("QQQQQ", client_id, server_id, now, self._ticket_len,
k_c_ss)
tgs = des.encrypt(tgs, self._server_keys[server_id])
response = bytearray(tgs + struct.pack("Q", k_c_ss))
response = des.encrypt(response, c_tgs)
return response
def _register(self, db):
new_id = random.randint(0, 255)
key = des.get_random_key()
db[new_id] = key
return new_id, key
def register():
clid = random.randrange(0, 256, 1)
key = des.get_random_key()
client_keys[clid] = key
return clid, key
def register():
serv_id = random.randrange(0, 256, 1)
key = des.get_random_key()
server_keys[serv_id] = key
return serv_id, key