def resolve(n, q):
"""Resolve a single domain and return the RR"""
try:
grasp.ttprint("Resolving", n, q)
a = dns.resolver.query(n, q)
grasp.ttprint("Got", a)
return a
except:
return []
def run(self):
answer = self.nobj
shandle = self.shandle
grasp.ttprint("listened, answer", answer.name, answer.value)
grasp.tprint("Got message:", answer.value)
err = False
while not err:
err, stuff = grasp.grecv(asa_handle, shandle, 60000)
if not err:
grasp.tprint("Peer said", stuff)
tweet = input("Your message:")
err = grasp.gsend(asa_handle, shandle, tweet)
grasp.tprint("Send/recv error:", grasp.etext[err])
#all errors are fatal, the session is dead
grasp.tprint("End of session")
def run(self):
received_obj=self.nobj
snonce=self.snonce
grasp.tprint("Got request for QUADS keys")
if received_obj.dry:
endit(snonce,"Dry run not supported")
else:
#unwrap pledge's request
pledge_password = private_key.decrypt(
received_obj.value[0],
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
if pledge_password != password:
endit(snonce,"Incorrect password")
else:
#prepare pledge's public key
pub_key = serialization.load_pem_public_key(
received_obj.value[1],
backend=default_backend() )
#prepare the QUADS keys
chunk = cbor.dumps([key, iv])
grasp.tprint("Sending keys")
#encrypt chunk
received_obj.value = pub_key.encrypt(
chunk,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
grasp.ttprint("Sending",len(chunk),"bytes")
#send keys as negotiation step
err,temp,received_obj = grasp.negotiate_step(asa_nonce, snonce, received_obj, 1000)
grasp.ttprint("Negotiation step gave:", err, temp, received_obj)
if not err:
# the other end signalled End/Accept
grasp.tprint("Ended transfer")
else:
#other end rejected or loop count exhausted
if err==grasp.errors.loopExhausted:
# we need to signal the end
endit(snonce, grasp.etext[err])
else:
grasp.tprint("Failed:",grasp.etext[err])
def run(self):
answer=self.nobj
snonce=self.snonce
grasp.ttprint("listened, answer",answer.name, answer.value)
grasp.tprint("Got MUD URL", answer.value,
"from", ipaddress.IPv6Address(snonce.id_source))
if grasp.tname(answer.value)!="str":
endit(snonce, "Not a string")
elif answer.value[0:8]!="https://":
endit(snonce, "Not https: scheme")
#could do other sanity checks
else:
#sanity checks passed
#Now the MUD manager can process the URL
process_MUD_URL(answer.value)
#close the session normally (with no feedback to peer)
err = grasp.end_negotiate(asa_nonce, snonce, True)
if err:
grasp.tprint("end_negotiate error:",grasp.etext[err])
def check_sig(j,sig):
""" j is the MUD file (JSON) to be validated,
sig is the URL of the signature file,
return True if verified, else False."""
mfile = cwd+"/mud.mud"
file = open(mfile, "wb")
file.write(j)
file.close()
try:
pfile = cwd+"/p7s.p7s"
p7s = requests.get(sig).content
file = open(pfile, "wb")
file.write(p7s)
file.close()
except:
grasp.tprint("Couldn't fetch signature file")
return False
cmd = ['openssl', 'cms', '-verify', '-in',
pfile, '-inform', 'DER', '-content',
mfile, '-binary']
if 'CAfile' in globals():
cmd.append('-CAfile')
cmd.append(CAfile)
elif 'CApath' in globals():
cmd.append('-CApath')
cmd.append(CApath)
x = run(cmd)
grasp.ttprint(x)
try:
os.remove(mfile)
os.remove(pfile)
except:
pass
if x.returncode != 0:
return False
else:
return True
def run(self):
answer=self.nobj
snonce=self.snonce
answer.value, _cbor = detag(answer.value)
if _cbor:
grasp.tprint("CBOR value decoded")
grasp.tprint("Got request")
if answer.dry:
endit(snonce,"Dry run not supported")
return
# Check format of request & extract fields
try:
req = answer.value.get("@rfcXXXX")
except:
req = None
if not req:
endit(snonce,"Not RFCXXXX format")
return
grasp.tprint(req)
sel = req.get(cp.srv_element)
if not sel:
endit(snonce,"No service element")
return
msg_type = sel.get(cp.msg_type)
if msg_type != cp.describe_request:
endit(snonce,"Not describe_request")
return
srv_name = sel.get(cp.service)
if not srv_name:
endit(snonce,"No service name")
return
dom_name = sel.get(cp.domain)
if not dom_name:
endit(snonce,"No domain name")
return
# Construct DNS name
dns_name = "_"+srv_name+"."+dom_name
if dns_name[-1] != ".":
dns_name += "."
#Look for PTR record first
found_something = False
broken = False
a = resolve(dns_name,'PTR')
for r in a:
found_something = True
#extract the instance name
raw_name = str(r)
#decode Unicode escapes
fixed_name = fix_string(raw_name)
#remove bogus escapes
name = fixed_name.replace("\\","")
grasp.tprint("Got PTR name:",name)
grasp.ttprint("Raw name:",raw_name)
if name[-len(dns_name):] == dns_name:
inst_name = name[0:-len(dns_name)-1]
else:
inst_name = name
grasp.tprint("Instance name", inst_name)
#start new reply element
relement = new_relement()
grasp.ttprint("Answer is", answer)
relement[cp.outer][cp.sender_loop_count] = answer.loop_count
relement[cp.outer][cp.srv_element][cp.instance] = inst_name
relement[cp.outer][cp.srv_element][cp.service] = srv_name
relement[cp.outer][cp.srv_element][cp.domain] = dom_name
#look for other records
a = resolve(fixed_name,'SRV')
for r in a:
grasp.ttprint("Got SRV", str(r))
#parse SRV record to extract the fields
priority,weight,srv_port,srv_dom = str(r).split(' ')
grasp.ttprint("Got SRV domain", srv_dom)
relement[cp.outer][cp.srv_element][cp.priority] = int(priority)
relement[cp.outer][cp.srv_element][cp.weight] = int(weight)
srv_port = int(srv_port)
#look for address records & build locators
loc_l = []
a = resolve(srv_dom,'AAAA')
for r in a:
grasp.ttprint("Got AAAA", str(r))
srv_addr = ipaddress.IPv6Address(r)
loc = [grasp.O_IPv6_LOCATOR,srv_addr.packed,17,srv_port]
loc_l.append(["Internet", loc])
a = resolve(srv_dom,'A')
for r in a:
grasp.ttprint("Got A", str(r))
srv_addr = ipaddress.IPv4Address(r)
loc = [grasp.O_IPv4_LOCATOR,srv_addr.packed,17,srv_port]
loc_l.append(["Internet", loc])
loc_l.append(["Internet",[grasp.O_FQDN_LOCATOR,srv_dom,17,srv_port]])
#add locators to reply
relement[cp.outer][cp.srv_element][cp.clocator] = loc_l
a = resolve(name,'TXT')
for r in a:
grasp.tprint("Got TXT", r)
#Note that TXT records may include quotes
try:
k,v = str(r).split(' ')
if k[0]=='"':
k=k[1:-1]
if v[0]=='"':
v=v[1:-1]
grasp.ttprint("kv",k,v)
relement[cp.outer][cp.srv_element][cp.kvps] = {k:v}
except:
grasp.ttprint("Couldn't split", str(r))
pass
# The relement is now complete, send it as next negotiation step
grasp.tprint("Reply step", relement)
answer.value = relement
if _cbor:
answer.value=cbor.dumps(answer.value)
#send reply as negotiation step
err,temp,answer = grasp.negotiate_step(asa_nonce, snonce, answer, 1000)
grasp.ttprint("Negotiation step gave:", err, temp, answer)
if (not err) and temp==None:
grasp.tprint("Reply step succeeded")
elif not err:
answer.value, _ = detag(answer.value)
if _:
grasp.tprint("CBOR value decoded")
if answer.value !="ACK":
grasp.tprint("Unexpected reply: loop count", answer.loop_count,
"value",answer.value)
endit(snonce, "Unexpected reply")
broken = True
break
else:
#other end rejected or loop count exhausted
if err==grasp.errors.loopExhausted:
# we need to signal the end
endit(snonce, grasp.etext[err])
else:
grasp.tprint("Failed:",grasp.etext[err])
broken = True
break
#Sent all relements
if broken:
return
if not found_something:
#NXDOMAIN
endit(snonce, "Service not found")
else:
err = grasp.end_negotiate(asa_nonce, snonce, True)
if err:
grasp.tprint("end_negotiate error:",grasp.etext[err])
dns.resolver.default_resolver.nameservers = [ '2001:4860:4860::8888',
'2001:4860:4860::8844',
'8.8.8.8', '8.8.4.4' ]
grasp.tprint("Couldn't resolve test domain, switched to Google nameservers")
###################################
# Set up pretty printing
###################################
grasp.init_bubble_text("GetDNSSD2")
grasp.tprint("GetDNSSD2 is listening")
###################################
# Negotiate as listener for ever
###################################
while True:
# listen for negotiation request
err, snonce, answer = grasp.listen_negotiate(asa_nonce, obj1)
if err:
grasp.tprint("listen_negotiate error:",grasp.etext[err])
time.sleep(5) #to calm things if there's a looping error
else:
#got a new negotiation request; kick off a separate negotiator
#so that multiple requests can be handled in parallel
grasp.ttprint("Raw answer", answer.value)
negotiator(snonce, answer).start()
def run(self):
nobj = self.nobj
snonce = self.snonce
try:
nobj.value = cbor.loads(nobj.value)
grasp.tprint("CBOR value decoded")
_cbor = True
except:
_cbor = False
req_ipv = nobj.value[ipv]
#req_PD = nobj.value[PD]
req_plen = nobj.value[lgth]
if len(nobj.value) == lgth + 1:
nobj.value.append(None)
#grasp.tprint("Got request for IPv"+str(req_ipv)+"; PD=", req_PD, "length=", req_plen)
grasp.tprint("Got request for IPv" + str(req_ipv) + "; length=",
req_plen)
if nobj.dry:
grasp.tprint("Dry run (not handled by this implementation)")
result = True
reason = None
if len(ppool) == 0:
endit(snonce, "Prefix pool empty")
elif req_ipv == 6:
if req_plen < 32 or req_plen > subnet_max:
endit(snonce, "Prefix length out of range")
else:
pref = get_from_pool(req_plen)
if not pref:
#other end wants too much, we try to make an offer
while (not pref) and (req_plen < subnet_max):
req_plen += 1
pref = get_from_pool(req_plen)
if pref:
nobj.value = [6, req_plen, pref]
#nobj.value = [6, False, req_plen, pref]
grasp.tprint("Starting negotiation")
#we are offering the shortest prefix we can, so no
#negotiation loop can happen
grasp.tprint("Offering", prefstr(req_plen, pref))
if _cbor:
nobj.value = cbor.dumps(nobj.value)
err, temp, nobj = grasp.negotiate_step(
asa_nonce, snonce, nobj, 1000)
grasp.ttprint("Step gave:", err, temp, nobj)
if (not err) and temp == None:
grasp.tprint("Negotiation succeeded")
elif not err:
#we don't have enough resource, we will reject
insert_pool(req_plen, pref)
endit(snonce, "Insufficient resource")
else:
#other end rejected or loop count exhausted
insert_pool(req_plen, pref)
if err == grasp.errors.loopExhausted:
# we need to signal the end
endit(snonce, "Loop count exhausted")
else:
grasp.tprint("Failed:", grasp.etext[err])
#end of negotiation
else:
#got nothing suitable from pool
endit(snonce, "No prefix available")
elif req_ipv == 4:
if req_plen < 16 or req_plen > 32:
endit(snonce, "Prefix length out of range")
else:
pref = get4_from_pool(req_plen)
if pref:
nobj.value = [4, req_plen, pref[12:]]
#nobj.value = [4, False, req_plen, pref[12:]]
grasp.tprint("Starting negotiation")
#we are offering the shortest prefix we can, so no
#negotiation loop can happen
grasp.tprint("Offering", pref4str(req_plen, pref[12:]))
if _cbor:
nobj.value = cbor.dumps(nobj.value)
err, temp, nobj = grasp.negotiate_step(
asa_nonce, snonce, nobj, 1000)
grasp.ttprint("Step gave:", err, temp, nobj)
if (not err) and temp == None:
grasp.tprint("Negotiation succeeded")
elif not err:
#we don't have enough resource, we will reject
insert_pool(req_plen, pref)
endit(snonce, "Insufficient resource")
else:
#other end rejected or loop count exhausted
insert_pool(req_plen, pref)
if err == grasp.errors.loopExhausted:
# we need to signal the end
endit(snonce, "Loop count exhausted")
else:
grasp.tprint("Failed:", grasp.etext[err])
#end of negotiation
else:
#got nothing suitable from pool
endit(snonce, "No prefix available")
while True:
#start of a negotiating session
obj3.value = "Start"
#discover a peer
if failct > 3:
failct = 0
grasp.tprint("Flushing EX3 discovery")
_, ll = grasp.discover(asa_nonce, obj3, 1000, flush=True)
else:
_, ll = grasp.discover(asa_nonce, obj3, 1000)
if ll == []:
grasp.tprint("Discovery failed")
failct += 1
continue
grasp.ttprint("Discovered locator", ll[0].locator)
#attempt to negotiate
grasp.tprint("Session starting")
err, snonce, answer = grasp.req_negotiate(asa_nonce,
obj3,
ll[0],
None,
noloop=True)
if err == grasp.errors.noReply:
#session is available
err = False
while not err:
tweet = input("Your message:")
err = grasp.gsend(asa_nonce, snonce, tweet)
def run(self):
answer = self.nobj
snonce = self.snonce
answer.value, _cbor = detag(answer.value)
if _cbor:
grasp.tprint("CBOR value decoded")
grasp.tprint("Got request for", answer.value)
if answer.dry:
endit(snonce, "Dry run not supported")
else:
reply = []
reply_size = 0
#Look for PTR record first
a = resolve(answer.value, 'PTR')
for r in a:
#extract the name
raw_name = str(r)
#decode Unicode escapes
fixed_name = fix_string(raw_name)
#remove bogus escapes
name = fixed_name.replace("\\", "")
grasp.tprint("Got PTR name:", name)
grasp.ttprint("Raw name:", raw_name)
#remember where we are in the list
reply_mark = len(reply)
#add RR to reply
reply.append('PTR ' + name)
#look for other records
a = resolve(fixed_name, 'SRV')
for r in a:
srv_reply = []
grasp.ttprint("Got SRV", str(r))
srv_reply.append('SRV ' + str(r))
#parse SRV record to extract the domain
_, _, _, domain = str(r).split(' ')
grasp.ttprint("Got domain", domain)
#look for address records
a = resolve(domain, 'AAAA')
for r in a:
grasp.ttprint("Got AAAA", str(r))
srv_reply.append('AAAA ' + str(r))
a = resolve(domain, 'A')
for r in a:
grasp.ttprint("Got A", str(r))
srv_reply.append('A ' + str(r))
#add RRs to reply
reply.append(srv_reply)
a = resolve(name, 'TXT')
for r in a:
grasp.ttprint("Got TXT", str(r))
#Note that TXT records may include quotes
reply.append('TXT ' + str(r))
#fragment before reaching 2000 bytes
_l = len(cbor.dumps(reply))
if _l > reply_size + 1900:
#getting big, mark to fragment before previous PTR
grasp.tprint("Fragmenting before", _l)
reply_size += (_l + 5)
reply.insert(reply_mark, 'MORE')
#reply is now a (possibly empty) list of RRs
if len(reply):
grasp.tprint("Found", reply)
else:
reply = ['NXDOMAIN']
grasp.tprint("No record in DNS")
#grasp.tprint("Object length",sys.getsizeof(reply),"bytes")
#creply=cbor.dumps(reply)
#grasp.tprint("CBOR length",len(creply),"bytes")
while len(reply):
if 'NXDOMAIN' in reply:
piece = []
reply = []
elif 'MORE' in reply:
grasp.tprint("Oversized reply fragmented")
mx = reply.index('MORE') + 1
piece = reply[:mx]
reply = reply[mx:]
else:
piece = reply
reply = []
answer.value = piece
if _cbor:
answer.value = cbor.dumps(answer.value)
#send reply as negotiation step
err, temp, answer = grasp.negotiate_step(
asa_nonce, snonce, answer, 1000)
grasp.ttprint("Negotiation step gave:", err, temp, answer)
if (not err) and temp == None:
grasp.tprint("Reply step succeeded")
elif not err:
answer.value, _ = detag(answer.value)
if _:
grasp.tprint("CBOR value decoded")
if not len(reply):
grasp.tprint("Unexpected reply: loop count",
answer.loop_count, "value", answer.value)
endit(snonce, "Unexpected reply")
else:
#other end rejected or loop count exhausted
reply = [] #to get us out of the loop
if err == grasp.errors.loopExhausted:
# we need to signal the end
endit(snonce, grasp.etext[err])
else:
grasp.tprint("Failed:", grasp.etext[err])
def run(self):
answer = self.nobj
snonce = self.snonce
try:
answer.value = cbor.loads(answer.value)
grasp.tprint("CBOR value decoded")
_cbor = True
except:
_cbor = False
grasp.ttprint("listened, answer", answer.name, answer.value)
grasp.tprint("Got request for", answer.value[0], answer.value[1])
if answer.dry:
grasp.tprint("Dry run")
result = True
reason = None
if answer.value[0] != "NZD":
endit(snonce, "Invalid currency")
elif answer.value[1] > reserves / 2:
#other end wants too much, we need to negotiate
proffer = int(reserves / 2)
step = 1
concluded = False
grasp.tprint("Starting negotiation")
while not concluded:
#proffer some resource
grasp.tprint("Offering NZD", proffer)
answer.value[1] = proffer
if _cbor:
answer.value = cbor.dumps(answer.value)
err, temp, answer = grasp.negotiate_step(
asa_nonce, snonce, answer, 1000)
grasp.ttprint("Step", step, "gave:", err, temp, answer)
step += 1
if (not err) and temp == None:
concluded = True
grasp.tprint("Negotiation succeeded")
elif not err:
try:
answer.value = cbor.loads(answer.value)
grasp.tprint("CBOR value decoded")
except:
pass
grasp.tprint("Loop count", answer.loop_count, "request",
answer.value[1])
#maybe wait (for no particular reason)
if grasp._prng.randint(1, 10) % 2:
err1 = grasp.negotiate_wait(asa_nonce, snonce, wt)
grasp.tprint("Tried wait:", grasp.etext[err1])
time.sleep(
10
) # if wt<10000 this tests anomaly handling by the peer
grasp.tprint("Woke up")
if proffer < 0.6 * reserves:
proffer += 10
if proffer > answer.value[1]:
proffer = answer.value[
1] - 1 #always be a little mean
else:
#we don't have enough resource, we will reject
result = False
#randomly choose English or Russian error message
if reserves % 2:
reason = "Insufficient funds"
else:
reason = u"Недостаточно средств"
endit(snonce, reason)
concluded = True
else:
#other end rejected or loop count exhausted
concluded = True
result = False
if err == grasp.errors.loopExhausted:
# we need to signal the end
endit(snonce, grasp.etext[err])
elif err == grasp.errors.declined and answer != "":
grasp.tprint("Declined:", answer)
else:
grasp.tprint("Failed:", grasp.etext[err])
#end of negotiation loop
pass
#out of negotiation loop
else: #we can accept the initially requested value
grasp.tprint("Request accepted")
err = grasp.end_negotiate(asa_nonce, snonce, True)
if err:
grasp.tprint("end_negotiate error:", grasp.etext[err])
def get_dns_info(service, dom):
"""Obtain and return all DNS-SD records for a service and domain"""
global obj3
global failct
#start of a negotiating session
obj3.loop_count = 20 #allows for some fragmentation
obj3.dry = False #dry run not allowed
req_elem = new_relement()
req_elem[cp.outer][cp.sender_loop_count] = obj3.loop_count
req_elem[cp.outer][cp.srv_element][cp.service] = service
req_elem[cp.outer][cp.srv_element][cp.domain] = dom
obj3.value = req_elem
# As a random test, use CBOR (Tag 24) format for value (should work)
if not grasp._prng.randint(0, 3):
_cbor = True
else:
_cbor = False
grasp.tprint("Asking for", obj3.value, "; Tag 24", _cbor)
#discover a peer
if failct > 3:
failct = 0
grasp.tprint("Flushing", obj3.name, "discovery")
_, ll = grasp.discover(asa_nonce, obj3, 1000, flush=True)
else:
_, ll = grasp.discover(asa_nonce, obj3, 1000)
if ll == []:
grasp.tprint("Discovery failed")
failct += 1
return
grasp.ttprint("Discovered locator", ll[0].locator)
#attempt to negotiate
if _cbor:
#CBORise the value
obj3.value = cbor.dumps(obj3.value)
reply = []
err, snonce, answer = grasp.req_negotiate(asa_nonce, obj3, ll[0], None)
if err:
if err == grasp.errors.declined and answer != "":
_e = answer
else:
_e = grasp.etext[err]
grasp.tprint("req_negotiate error:", _e)
failct += 1
grasp.tprint("Fail count", failct)
time.sleep(5) #to calm things if there's a looping error
elif (not err) and snonce:
grasp.ttprint("requested, session_nonce:", snonce, "answer", answer)
_found_cbor = False
if _cbor:
answer.value, _found_cbor = detag(answer.value)
grasp.tprint("First reply:", prettify(answer.value))
if _cbor != _found_cbor:
#Anomaly, get me out of here
grasp.tprint("CBOR anomaly 1 - missing segment?")
grasp.end_negotiate(asa_nonce,
snonce,
False,
reason="CBOR anomaly 1 - missing segment?")
else:
#Received first answer
looping = True
while looping:
#need to go again
answer.value = "ACK"
grasp.tprint("Sending ACK for more")
answer.loop_count += 2 #allow an extra round trip
if _cbor:
#CBORise the value
answer.value = cbor.dumps(answer.value)
err, temp, answer = grasp.negotiate_step(
asa_nonce, snonce, answer, 5000)
if err:
grasp.tprint("negotiate_step error:", grasp.etext[err])
looping = False
elif not temp:
#end of replies
looping = False
else:
if _cbor:
answer.value, _found_cbor = detag(answer.value)
if _cbor != _found_cbor:
#anomaly, get me out of here
looping = False
grasp.end_negotiate(
asa_nonce,
snonce,
False,
reason="CBOR anomaly 2 - missing segment?")
grasp.tprint("CBOR anomaly 2 - missing segment?")
return
grasp.tprint("Next reply:", prettify(answer.value))
grasp.tprint("End of replies")
else:
#immediate end, strange
grasp.tprint("Unexpected reply", answer.value)
#end of a negotiating session
time.sleep(5) #to keep things calm...
return
def run(self):
requested_obj = self.nobj
snonce = self.snonce
requested_obj.value, _cbor = detag(requested_obj.value)
if _cbor:
grasp.tprint("CBOR value decoded")
grasp.tprint("Got request for", requested_obj.value)
if requested_obj.dry:
endit(snonce, "Dry run not supported")
else:
try:
file = open(requested_obj.value, "rb")
except Exception as e:
grasp.tprint("File open error")
endit(snonce, str(e))
return
chunk = True
grasp.tprint("Starting transfer")
while chunk:
chunk = file.read(1024)
grasp.ttprint("Sending", len(chunk), "bytes")
requested_obj.value = chunk
#bump the loop count for next chunk
requested_obj.loop_count += 1
if _cbor:
requested_obj.value = cbor.dumps(requested_obj.value)
#send chunk as negotiation step
err, temp, requested_obj = grasp.negotiate_step(
asa_nonce, snonce, requested_obj, 1000)
grasp.ttprint("Negotiation step gave:", err, temp,
requested_obj)
if (not err) and temp == None:
# the other end signalled End/Accept
grasp.tprint("Ended transfer")
elif not err:
requested_obj.value, _ = detag(requested_obj.value)
if _:
grasp.ttprint("CBOR value decoded")
if (not len(chunk)) or (requested_obj.value != 'ACK'):
# we got a reply after EOF, or a bad ACK
grasp.tprint("Unexpected reply: loop count",
requested_obj.loop_count, "value",
requested_obj.value)
endit(snonce, "Unexpected reply")
break
else:
#other end rejected or loop count exhausted
if err == grasp.errors.loopExhausted:
# we need to signal the end
endit(snonce, grasp.etext[err])
else:
grasp.tprint("Failed:", grasp.etext[err])
break
file.close()
def get_file(fn):
"""Get a single file"""
global requested_obj
global failct
global directory
#start of a negotiating session
requested_obj.value = fn
requested_obj.loop_count = 10 #allows for some fragmentation
#prepare file path for result
try:
#strip C:/brian/docs for xfer from Windows to Linux
_, fpath = fn.split("C:/brian/docs/")
except:
fpath = directory + fn
grasp.tprint("Asking for", requested_obj.value)
#discover a peer
if failct > 3:
failct = 0
grasp.tprint("Flushing", requested_obj.name, "discovery")
_, ll = grasp.discover(asa_nonce, requested_obj, 1000, flush=True)
else:
_, ll = grasp.discover(asa_nonce, requested_obj, 1000)
if ll == []:
grasp.tprint("Discovery failed")
failct += 1
return
grasp.ttprint("Discovered locator", ll[0].locator)
#attempt to negotiate
reply = b''
err, snonce, received_obj = grasp.req_negotiate(asa_nonce, requested_obj,
ll[0], 5000)
if err:
if err == grasp.errors.declined and received_obj != "":
_e = received_obj
else:
_e = grasp.etext[err]
grasp.tprint("req_negotiate error:", _e)
failct += 1
grasp.tprint("Fail count", failct)
elif (not err) and snonce:
grasp.ttprint("requested, session_nonce:", snonce, "received_obj",
received_obj)
grasp.ttprint("Received reply", received_obj.value)
looping = True
first = True
while looping:
grasp.ttprint("received_obj is", received_obj.value)
if first and (received_obj.value == b''):
grasp.tprint("File not found")
looping = False
elif received_obj.value == b'':
#got the last block
looping = False
file.close()
err = grasp.end_negotiate(asa_nonce, snonce, True)
if not err:
grasp.tprint("Transfer succeeded")
else:
grasp.tprint("end_negotiate error:", grasp.etext[err])
elif len(received_obj.value):
if first:
file = open(fpath, "wb")
grasp.tprint("Starting transfer")
#write a block and go again
file.write(received_obj.value)
received_obj.value = "ACK"
received_obj.loop_count += 1
grasp.ttprint("Sending ACK for more")
err, temp, received_obj = grasp.negotiate_step(
asa_nonce, snonce, received_obj, 1000)
if err:
if err == grasp.errors.declined and received_obj != "":
_e = received_obj
else:
_e = grasp.etext[err]
grasp.tprint("negotiate_step error:", _e)
looping = False
grasp.ttprint("Reply to ACK:", err, temp, received_obj)
first = False
else:
#immediate end, strange
grasp.tprint("Unexpected reply", received_obj.value)
#end of a negotiating session
time.sleep(5) #to keep things calm...
return
def get_file():
"""Get key file"""
global keys_obj
global failct
global private_key
#look for quadski
err, results = grasp.get_flood(asa_nonce, flood_obj)
if not err:
# results contains all the unexpired tagged objectives
# but really there should only be one...
if results == []:
grasp.tprint("Found no value for",flood_obj.name)
time.sleep(10) #pause for something to change...
return
else:
grasp.tprint("Found value for",flood_obj.name)
# recover quadski's public key
quadski_pub_key = serialization.load_pem_public_key(
results[0].objective.value,
backend=default_backend() )
else:
grasp.tprint("get_flood failed", grasp.etext[err])
return #not this time
#set up objective value
ciphertext = quadski_pub_key.encrypt(
password,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
keys_obj.value = [ciphertext,pem]
#start of negotiating session
grasp.tprint("Asking for keys")
#discover a peer
if failct > 3:
failct = 0
grasp.tprint("Flushing", keys_obj.name, "discovery")
_, ll = grasp.discover(asa_nonce, keys_obj, 1000, flush = True)
else:
_, ll = grasp.discover(asa_nonce, keys_obj, 1000)
if ll==[]:
grasp.tprint("Discovery failed")
failct += 1
return
grasp.ttprint("Discovered locator", ll[0].locator)
#attempt to negotiate
err, snonce, received_obj = grasp.req_negotiate(asa_nonce, keys_obj, ll[0], 5000)
if err:
if err==grasp.errors.declined and received_obj!="":
_e = received_obj
else:
_e = grasp.etext[err]
grasp.tprint("Negotiation error:", _e)
failct += 1
grasp.tprint("Fail count", failct)
if _e == "Incorrect password":
get_pass()
return
elif (not err) and snonce:
grasp.ttprint("requested, session_nonce:",snonce,"received_obj",received_obj)
grasp.ttprint("Received raw reply",received_obj.value)
grasp.ttprint("received_obj is", received_obj.value)
if received_obj.value == b'':
grasp.tprint("Keys not found")
else:
grasp.ttprint("Starting transfer")
#decrypt block
plaintext = private_key.decrypt(
received_obj.value,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
keys = cbor.loads(plaintext)
key = keys[0]
iv = keys[1]
file = open(r"quadsk.py","w")
file.write("key="+str(key)+"\n")
file.write("iv="+str(iv)+"\n")
file.close()
grasp.tprint("quadsk.py saved OK")
err = grasp.end_negotiate(asa_nonce, snonce, True)
if err:
grasp.tprint("end_negotiate error:",grasp.etext[err])
else:
#immediate end, strange
grasp.tprint("Unexpected reply", received_obj.value)
#end of a negotiating session
time.sleep(10) #pause for something to change...
return
def get_dns_info(dom):
"""Obtain and return all DNS-SD records for a domain"""
global obj3
global failct
#start of a negotiating session
obj3.value = dom
obj3.loop_count = 10 #allows for some fragmentation
# As a random test, use CBOR (Tag 24) format for value (should work)
if not grasp._prng.randint(0, 3):
_cbor = True
else:
_cbor = False
# As a random test, request dry run (should fail)
if not grasp._prng.randint(0, 7):
obj3.dry = True # random error for testing purposes
else:
obj3.dry = False
grasp.tprint("Asking for", obj3.value, "; dry run", obj3.dry, "; Tag 24",
_cbor)
#discover a peer
if failct > 3:
failct = 0
grasp.tprint("Flushing", obj3.name, "discovery")
_, ll = grasp.discover(asa_nonce, obj3, 1000, flush=True)
else:
_, ll = grasp.discover(asa_nonce, obj3, 1000)
if ll == []:
grasp.tprint("Discovery failed")
failct += 1
return
grasp.ttprint("Discovered locator", ll[0].locator)
#attempt to negotiate
if _cbor:
#CBORise the value
obj3.value = cbor.dumps(obj3.value)
reply = []
err, snonce, answer = grasp.req_negotiate(asa_nonce, obj3, ll[0], None)
if err:
if err == grasp.errors.declined and answer != "":
_e = answer
else:
_e = grasp.etext[err]
grasp.tprint("req_negotiate error:", _e)
failct += 1
grasp.tprint("Fail count", failct)
time.sleep(5) #to calm things if there's a looping error
elif (not err) and snonce:
grasp.ttprint("requested, session_nonce:", snonce, "answer", answer)
_found_cbor = False
if _cbor:
answer.value, _found_cbor = detag(answer.value)
grasp.ttprint("Received reply", answer.value)
if _cbor != _found_cbor:
#Anomaly, get me out of here
grasp.tprint("CBOR anomaly 1 - missing segment?")
grasp.end_negotiate(asa_nonce,
snonce,
False,
reason="CBOR anomaly 1 - missing segment?")
elif not grasp._prng.randint(0, 7):
#######################################################
# As a random test of robustness, send a bogus response
answer.value = "rubbish"
grasp.tprint("Sending rubbish")
if _cbor:
#CBORise the value
answer.value = cbor.dumps(answer.value)
err, temp, answer = grasp.negotiate_step(asa_nonce, snonce, answer,
1000)
grasp.ttprint("Reply to rubbish:", err, temp, answer)
_found_cbor = False
if _cbor and (not err):
answer.value, _found_cbor = detag(answer.value)
if (not err) and temp == None:
grasp.tprint("Unexpected answer:", answer.value)
elif (not err) and _cbor != _found_cbor:
grasp.tprint("CBOR anomaly 2 - missing segment?")
elif not err:
grasp.tprint("Loop count", answer.loop_count,
"unexpected answer", answer.value)
err = grasp.end_negotiate(asa_nonce,
snonce,
False,
reason="Unexpected answer")
if err:
grasp.tprint("end_negotiate error:", grasp.etext[err])
else:
#other end rejected
if err == grasp.errors.declined and answer != "":
_e = answer
else:
_e = grasp.etext[err]
grasp.tprint("Peer reject:", _e)
# End of random test of robustness
#######################################################
else:
#Received answer
looping = True
while looping:
grasp.ttprint("Answer is", answer.value)
if 'MORE' in answer.value:
#need to go again
reply += answer.value[:answer.value.index('MORE')]
answer.value = "ACK"
grasp.tprint("Sending ACK for more")
if _cbor:
#CBORise the value
answer.value = cbor.dumps(answer.value)
err, temp, answer = grasp.negotiate_step(
asa_nonce, snonce, answer, 1000)
if err:
grasp.tprint("negotiate_step error:", grasp.etext[err])
looping = False
elif _cbor:
answer.value, _found_cbor = detag(answer.value)
if _cbor != _found_cbor:
#anomaly, get me out of here
looping = False
grasp.end_negotiate(
asa_nonce,
snonce,
False,
reason="CBOR anomaly - missing segment?")
grasp.tprint("CBOR anomaly 3 - missing segment?")
grasp.ttprint("Reply to ACK:", err, temp, answer)
else:
looping = False
reply += answer.value
err = grasp.end_negotiate(asa_nonce, snonce, True)
if not err:
if len(reply):
grasp.tprint("Query succeeded", reply)
else:
grasp.tprint("Empty result")
else:
grasp.tprint("end_negotiate error:", grasp.etext[err])
else:
#immediate end, strange
grasp.tprint("Unexpected reply", answer.value)
#end of a negotiating session
time.sleep(5) #to keep things calm...
return
else: #we can accept the initially requested value
grasp.tprint("Request accepted")
err = grasp.end_negotiate(asa_nonce, snonce, True)
if err:
grasp.tprint("end_negotiate error:", grasp.etext[err])
#end of a negotiating session
###################################
# Negotiate EX3 as listener for ever
###################################
obj3.value = ["NZD", 0]
grasp.tprint("Ready to negotiate EX3 as listener")
grasp.ttprint(
"(Note: Cyrillic test case fails in a Windows console window, OK in IDLE window.)"
)
grasp.init_bubble_text("Briggs")
while True:
#start of a negotiating session
#create a random amount of resource and a random waiting time
reserves = grasp._prng.randint(100, 400)
wt = grasp._prng.randint(9000, 20000)
grasp.tprint("Reserves: $", reserves, "Wait:", wt, "ms")
#attempt to listen for negotiation
err, snonce, answer = grasp.listen_negotiate(asa_nonce, obj3)
if err:
def dump_some():
grasp.dump_all(partial=True)
time.sleep(5)
dump_some()
###################################
# Negotiate EX3 as initiator for ever
###################################
grasp.tprint("Ready to negotiate EX3 as requester")
grasp.ttprint(
"(Note: Cyrillic test case fails in a Windows console window, OK in IDLE window.)"
)
failct = 0
grasp.init_bubble_text("Gray (old API)")
while True:
#start of a negotiating session
iwant = _prng.randint(10, 500) # random requested value
limit = int(0.7 * iwant)
obj3.value = ["NZD", iwant]
obj3.loop_count = _prng.randint(4, 20) # random loop count
#if not iwant%5:
if iwant & 4:
obj3.dry = True # signal a dry run at random
else:
while True:
#start of a negotiating session
obj3.value = "Start"
#discover a peer
if failct > 3:
failct = 0
grasp.tprint("Flushing EX3 discovery")
_, ll = grasp.discover(asa_handle, obj3, 1000, flush = True)
else:
_, ll = grasp.discover(asa_handle, obj3, 1000)
if ll==[]:
grasp.tprint("Discovery failed")
failct += 1
continue
grasp.ttprint("Discovered locator", ll[0].locator)
#attempt to negotiate
grasp.tprint("Session starting")
err, shandle, answer = grasp.req_negotiate(asa_handle, obj3, ll[0], None, noloop=True)
if err == grasp.errors.noReply:
#session is available
err = False
while not err:
tweet = input("Your message:")
err = grasp.gsend(asa_handle, shandle, tweet)
if not err:
err, reply = grasp.grecv(asa_handle, shandle, 60000)
if not err:
grasp.tprint("Peer replied:", reply)
dump_some()
###################################
# Negotiate MUDURL as initiator to send URL
###################################
grasp.init_bubble_text(asa_name)
grasp.tprint("Ready to negotiate", obj_name, "as requester")
failct = 0
while True:
obj3.value = input("Enter sample MUD URL:")
#########this tests an error case##########
if obj3.value == "magic":
obj3.value = 987654321
grasp.ttprint("Starting discovery for", obj_name)
#discover a peer
if failct > 3:
failct = 0
grasp.tprint("Flushing discovery")
_, ll = grasp.discover(asa_nonce, obj3, 1000, flush=True)
else:
_, ll = grasp.discover(asa_nonce, obj3, 1000)
if ll == []:
grasp.tprint("Discovery failed")
failct += 1
continue
grasp.ttprint("Discovered locator", ll[0].locator)
#attempt to negotiate
grasp.ttprint("Trying request for:", obj3.value)
