def data_received(self, data): self.deserializer.update(data) for packet in self.deserializer.nextPackets(): if isinstance(packet, PlsHello): self.incoming_cert.append( CipherUtil.getCertFromBytes(packet.Certs[0])) self.incoming_cert.append( CipherUtil.getCertFromBytes(packet.Certs[1])) self.incoming_cert.append( CipherUtil.getCertFromBytes(packet.Certs[2])) print("\nReceived Server Hello. Beginning Validation.") if self.validate(self.incoming_cert): self.m.update(packet.__serialize__()) print( " Server Certificate Validated. Sending Client Key Exchange!\n" ) clientkey = PlsKeyExchange() randomvalue = os.urandom( 16) # Example bytes:- b'1234567887654321' self.pkc = int.from_bytes(randomvalue, byteorder='big') clientkey.NoncePlusOne = packet.Nonce + 1 self.ns = packet.Nonce pub_key = self.incoming_cert[0].public_key() encrypted1 = pub_key.encrypt( randomvalue, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) #print ("Encrypted String is: ",encrypted1) clientkey.PreKey = encrypted1 clkey = clientkey.__serialize__() print("Sent the Prekey to Server.") self.m.update(clkey) self.transport.write(clkey) if isinstance(packet, PlsKeyExchange): print("Received Server Key Exchange.") self.m.update(packet.__serialize__()) myprivatekey = getPrivateKeyForAddr( "20174.1.666.46" ) #This hardcoded IP address must the peerAddress serverpriv = CipherUtil.getPrivateKeyFromPemBytes(myprivatekey) decrypted = serverpriv.decrypt( packet.PreKey, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) #print("Decrypted Pre-Master Secret: ", decrypted) self.pks = int.from_bytes(decrypted, byteorder='big') #==================================== #sending digest self.clientdigest = self.m.digest() #print("Hash digest is: ", self.clientdigest) hdone = PlsHandshakeDone() hdone.ValidationHash = self.clientdigest hdone_s = hdone.__serialize__() print("Sent the PLS Handshake Done to server.") self.transport.write(hdone_s) if isinstance(packet, PlsHandshakeDone): print("\n\nReceived Server Handshake done message.") if (self.clientdigest == packet.ValidationHash): print("Digest verification done!") self.key_generator() plstransport = PLSStackingTransport(self, self.transport) higherTransport = StackingTransport(plstransport) self.higherProtocol().connection_made(higherTransport) if isinstance(packet, PlsData): print( "#######################Recieved Data Packet from PLSServer ############################" ) self.ctr = 0 if self.mac_verification_engine(packet.Ciphertext, packet.Mac): DecryptedPacket = self.decryption_engine(packet.Ciphertext) self.higherProtocol().data_received(DecryptedPacket) self.ctr = 0 else: self.ctr += 1 if self.ctr != 5: print("Verification Failed. Try Again. Failed {}" ).format(self.ctr) else: print( "Verification failed 5 times. Killing Connection and Sending PlsClose." ) # Creating and Sending PlsClose self.ctr = 0 Close = PlsClose() #Close.Error = "Closing Connection due to 5 Verification failures. Aggressive Close." serializeClose = Close.__serialize__() self.transport.write(serializeClose) self.transport.close() if isinstance(packet, PlsClose): print( "#####################Received PlsClose from Server###########################" ) self.transport.close()
def data_received(self, data): print( "####################SSL layer data received called!#####################" ) self.deserializer.update(data) for packet in self.deserializer.nextPackets(): if isinstance(packet, PlsHello): self.incoming_cert.append( CipherUtil.getCertFromBytes(packet.Certs[0])) self.incoming_cert.append( CipherUtil.getCertFromBytes(packet.Certs[1])) self.incoming_cert.append( CipherUtil.getCertFromBytes(packet.Certs[2])) print("\nReceived Client Hello packet. Beginning Validation.") if self.validate(self.incoming_cert): self.nc = packet.Nonce self.m = hashlib.sha1() self.m.update(packet.__serialize__()) print("Certificate Validated. Sending Server hello!\n") self.clientnonce = packet.Nonce serverhello = PlsHello() serverhello.Nonce = int.from_bytes( os.urandom(8), byteorder='big') #12345678 self.ns = serverhello.Nonce idcert = getCertsForAddr(self.address) pubkey = getCertsForAddr(self.splitaddr) root = getRootCert() serverhello.Certs = [] serverhello.Certs.append(idcert) serverhello.Certs.append(pubkey) serverhello.Certs.append(root) srvhello = serverhello.__serialize__() print("Sent Server Hello!\n") self.m.update(srvhello) self.transport.write(srvhello) if isinstance(packet, PlsKeyExchange): print("Received Client Key Exchange. Server Server Keys\n\n") self.m.update(packet.__serialize__()) myprivatekey = getPrivateKeyForAddr(self.address) serverpriv = CipherUtil.getPrivateKeyFromPemBytes(myprivatekey) decrypted = serverpriv.decrypt( packet.PreKey, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) #print("Decrypted Pre-Master Secret: ", decrypted) self.pkc = int.from_bytes(decrypted, byteorder='big') #==================================== #Creating Server Pre-Master serverkey = PlsKeyExchange() randomvalue = os.urandom(16) #b'1234567887654321' self.pks = int.from_bytes(randomvalue, byteorder='big') serverkey.NoncePlusOne = self.clientnonce + 1 pub_key = self.incoming_cert[0].public_key() encrypted = pub_key.encrypt( randomvalue, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) #print("Encrypted String is: ", encrypted) serverkey.PreKey = encrypted skey = serverkey.__serialize__() print("Sent the Prekey to Client.\n\n") self.m.update(skey) self.transport.write(skey) if isinstance(packet, PlsHandshakeDone): print("Received Client Handshake done message.") clientdigest = packet.ValidationHash serverdigest = self.m.digest() #print("Hash digest is: ", serverdigest) hdone = PlsHandshakeDone() hdone.ValidationHash = serverdigest if (serverdigest == clientdigest): print("Digest verification done!") # calling higher connection made since we have received the ACK self.key_generator() plstransport = PLSStackingTransport(self, self.transport) higherTransport = StackingTransport(plstransport) self.higherProtocol().connection_made(higherTransport) hdone_s = hdone.__serialize__() self.transport.write(hdone_s) if isinstance(packet, PlsData): print( "##################Recieved Data Packet from PLSClient###########################" ) self.ctr = 0 if self.mac_verification_engine(packet.Ciphertext, packet.Mac): DecryptedPacket = self.decryption_engine(packet.Ciphertext) self.higherProtocol().data_received(DecryptedPacket) self.ctr = 0 else: self.ctr += 1 if self.ctr != 5: print("Verification Failed. Try Again. Failed {}" ).format(self.ctr) else: print( "Verification failed 5 times. Killing Connection and Sending PlsClose." ) self.ctr = 0 #Creating and Sending PlsClose Close = PlsClose() #Close.Error = "Closing Connection due to 5 Verification failures. Aggrresive Close" serializeClose = Close.__serialize__() self.transport.write(serializeClose) self.transport.close() if isinstance(packet, PlsClose): print( "######################Received PlsClose from Client######################### " ) #self.connection_lost(self) self.transport.close()