def format_key(key): bytes = list(OtrConstants["dsa_code_bytes"]) bytes.extend(_OT.int_to_mpi(key.p)) bytes.extend(_OT.int_to_mpi(key.q)) bytes.extend(_OT.int_to_mpi(key.g)) bytes.extend(_OT.int_to_mpi(key.y)) return bytes
def compute_c_and_m_factors(self, my_keyid=None, their_keyid=None): #Write the value of s as a minimum-length MPI, as specified above # (4-byte big-endian len, len-byte big-endian value). # Let this (4+len)-byte value be "secbytes". self.secbytes = _OT.int_to_mpi(self.make_shared_key(my_keyid, their_keyid)) #For a given byte b, define h2(b) to be the 256-bit output of the SHA256 hash of the # (5+len) bytes consisting of the byte b, followed by secbytes. #Let ssid be the first 64 bits of h2(0x00). self.ssid = OtrCrypt.h2(0x00, self.secbytes)[0:0+8] #Let c be the first 128 bits of h2(0x01), and let c' be the second 128 bits of h2(0x01). t = OtrCrypt.h2(0x01, self.secbytes) self.c = t[0:0+16] if self.authing: self.replay.check('c', self.c) self.cprime = t[16:16+16] if self.authing: self.replay.check('cp', self.cprime) #Let m1 be h2(0x02). self.m1 = OtrCrypt.h2(0x02, self.secbytes) if self.authing: self.replay.check('m1', self.m1) #Let m2 be h2(0x03). self.m2 = OtrCrypt.h2(0x03, self.secbytes) if self.authing: self.replay.check('m2', self.m2) #Let m1' be h2(0x04). self.m1prime = OtrCrypt.h2(0x04, self.secbytes) if self.authing: self.replay.check('m1p', self.m1prime) #Let m2' be h2(0x05). self.m2prime = OtrCrypt.h2(0x05, self.secbytes) if self.authing: self.replay.check('m2p', self.m2prime)
def encrypt_data_message(self, msg): #global memo # encrypt the message counter = _OT.zero_pad(_OT.int_to_bytes(self.ctr), 8) enc_msg = OtrCrypt.aes_ctr_crypt(self.send_aes_key, msg, self.ctr) memo.enc_msg = enc_msg flags = [0x00] #memo.flags = flags # generate T = (my_keyid, their_keyid, next_dh, ctr, AES-CTR_ek,ctr(msg)) T = [0,2,3, flags[0]] # protocol version and msg code # my_keyid sender_keyid = _OT.zero_pad(_OT.int_to_bytes(self.my_sess_keyid), 4) #memo.sender_keyid = sender_keyid T.extend( sender_keyid ) # their_keyid recipient_keyid = _OT.zero_pad(_OT.int_to_bytes(self.their_sess_keyid), 4) #memo.recipient_keyid = recipient_keyid T.extend( recipient_keyid ) # next_dh next_dh = _OT.int_to_mpi(self.next_dh) #memo.next_dh = next_dh T.extend( next_dh ) # ctr #memo.counter = counter T.extend( counter ) # enc_msg T.extend( _OT.bytes_to_data(enc_msg) ) #memo.T = T # compute MAC_mk(T) authenticator = OtrCrypt.get_sha1_hmac(self.send_mac_key, T) #memo.authenticator = authenticator #memo.old_mac_keys = self.old_mac_keys #memo.send_mac_key = self.send_mac_key #memo.recv_mac_key = self.recv_mac_key #memo.send_aes_key = self.send_aes_key #memo.recv_aes_key = self.recv_aes_key #memo.secbytes = self.secbytes #memo.sender_factor = self.my_public_factor_to_mpi(self.my_sess_keyid) #print "SENDER" #for x in sorted(self.my_public_factors.keys()): # print (x, self.my_public_factor_to_mpi(x)) #r = raw_input() #memo.recipient_factor = self.their_public_factor_to_mpi(self.their_sess_keyid) return (flags, sender_keyid, recipient_keyid, next_dh, counter, _OT.bytes_to_data(enc_msg), authenticator, _OT.bytes_to_data(self.old_mac_keys))
def our_shared_key_to_mpi(self, my_keyid, their_keyid=None): return _OT.int_to_mpi(self.make_shared_key(my_keyid, their_keyid))
def their_public_factor_to_mpi(self, keyid=None): if not (keyid is None): return _OT.int_to_mpi(self.their_public_factors[keyid]) else: return _OT.int_to_mpi(self.their_public_factor_temp)
def my_public_factor_to_mpi(self, keyid=None): if not (keyid is None): return _OT.int_to_mpi(self.my_public_factors[keyid]) else: return _OT.int_to_mpi(self.my_public_factors[self.my_cur_keyid])