def format_key(key):
bytes = list(OtrConstants["dsa_code_bytes"])
bytes.extend(_OT.int_to_mpi(key.p))
bytes.extend(_OT.int_to_mpi(key.q))
bytes.extend(_OT.int_to_mpi(key.g))
bytes.extend(_OT.int_to_mpi(key.y))
return bytes
def compute_c_and_m_factors(self, my_keyid=None, their_keyid=None):
#Write the value of s as a minimum-length MPI, as specified above
# (4-byte big-endian len, len-byte big-endian value).
# Let this (4+len)-byte value be "secbytes".
self.secbytes = _OT.int_to_mpi(self.make_shared_key(my_keyid, their_keyid))
#For a given byte b, define h2(b) to be the 256-bit output of the SHA256 hash of the
# (5+len) bytes consisting of the byte b, followed by secbytes.
#Let ssid be the first 64 bits of h2(0x00).
self.ssid = OtrCrypt.h2(0x00, self.secbytes)[0:0+8]
#Let c be the first 128 bits of h2(0x01), and let c' be the second 128 bits of h2(0x01).
t = OtrCrypt.h2(0x01, self.secbytes)
self.c = t[0:0+16]
if self.authing: self.replay.check('c', self.c)
self.cprime = t[16:16+16]
if self.authing: self.replay.check('cp', self.cprime)
#Let m1 be h2(0x02).
self.m1 = OtrCrypt.h2(0x02, self.secbytes)
if self.authing: self.replay.check('m1', self.m1)
#Let m2 be h2(0x03).
self.m2 = OtrCrypt.h2(0x03, self.secbytes)
if self.authing: self.replay.check('m2', self.m2)
#Let m1' be h2(0x04).
self.m1prime = OtrCrypt.h2(0x04, self.secbytes)
if self.authing: self.replay.check('m1p', self.m1prime)
#Let m2' be h2(0x05).
self.m2prime = OtrCrypt.h2(0x05, self.secbytes)
if self.authing: self.replay.check('m2p', self.m2prime)
def encrypt_data_message(self, msg): #global memo # encrypt the message counter = _OT.zero_pad(_OT.int_to_bytes(self.ctr), 8) enc_msg = OtrCrypt.aes_ctr_crypt(self.send_aes_key, msg, self.ctr) memo.enc_msg = enc_msg flags = [0x00] #memo.flags = flags # generate T = (my_keyid, their_keyid, next_dh, ctr, AES-CTR_ek,ctr(msg)) T = [0,2,3, flags[0]] # protocol version and msg code # my_keyid sender_keyid = _OT.zero_pad(_OT.int_to_bytes(self.my_sess_keyid), 4) #memo.sender_keyid = sender_keyid T.extend( sender_keyid ) # their_keyid recipient_keyid = _OT.zero_pad(_OT.int_to_bytes(self.their_sess_keyid), 4) #memo.recipient_keyid = recipient_keyid T.extend( recipient_keyid ) # next_dh next_dh = _OT.int_to_mpi(self.next_dh) #memo.next_dh = next_dh T.extend( next_dh ) # ctr #memo.counter = counter T.extend( counter ) # enc_msg T.extend( _OT.bytes_to_data(enc_msg) ) #memo.T = T # compute MAC_mk(T) authenticator = OtrCrypt.get_sha1_hmac(self.send_mac_key, T) #memo.authenticator = authenticator #memo.old_mac_keys = self.old_mac_keys #memo.send_mac_key = self.send_mac_key #memo.recv_mac_key = self.recv_mac_key #memo.send_aes_key = self.send_aes_key #memo.recv_aes_key = self.recv_aes_key #memo.secbytes = self.secbytes #memo.sender_factor = self.my_public_factor_to_mpi(self.my_sess_keyid) #print "SENDER" #for x in sorted(self.my_public_factors.keys()): # print (x, self.my_public_factor_to_mpi(x)) #r = raw_input() #memo.recipient_factor = self.their_public_factor_to_mpi(self.their_sess_keyid) return (flags, sender_keyid, recipient_keyid, next_dh, counter, _OT.bytes_to_data(enc_msg), authenticator, _OT.bytes_to_data(self.old_mac_keys))
def our_shared_key_to_mpi(self, my_keyid, their_keyid=None): return _OT.int_to_mpi(self.make_shared_key(my_keyid, their_keyid))
def their_public_factor_to_mpi(self, keyid=None): if not (keyid is None): return _OT.int_to_mpi(self.their_public_factors[keyid]) else: return _OT.int_to_mpi(self.their_public_factor_temp)
def my_public_factor_to_mpi(self, keyid=None): if not (keyid is None): return _OT.int_to_mpi(self.my_public_factors[keyid]) else: return _OT.int_to_mpi(self.my_public_factors[self.my_cur_keyid])
