def post(self):
try:
conn = db_connect.connect()
conn.execute(" UPDATE Accounts SET Password =? WHERE User=?", (request.json['new'],str(request.json['user']),))
return Encryption.enc(str({'status':'change password'}),key)
except:
return Encryption.enc(str({'status':'fail ,sorry cant do this'}),key)
def decrypt(filename, password, magic, rsa):
'''
A method that decrypt text from image
Args:
filename (str) : The filename of the image
password (str) : Used to decrypt text
magic (str) : Used to retrieve text from image
Returns:
Text hided in image
'''
try:
image = ImageHandler(filename)
# Load image
data = image.load_image()
# Retrieve text
text = Steganography.retrieve_lsb(data, magic)
# Optional Decrypt
if not password is None:
print '[*] Decrypting text'
text = Encryption.decrypt_text(password, text)
if not rsa is None:
print '[*] Decrypting text'
text = Encryption.decrypt_rsa(text, rsa)
print '[*] Retrieved text: \n%s' % text
except Exception, e:
print str(e)
def checkdetails():
username = input("please enter your username: \n")
password = input("please enter your password: \n")
filename = "details.csv"
os.system("clear")
EncryptFunction.Decrypt(filename+".aes")
#reads csv file
with open(filename, "r") as details_file:
continueTo = False
reader = csv.reader(details_file, delimiter=",")
#reads each line which has a username and password and compares to use input
for line in reader:
if username == line[0] and password == line[1]:
continueTo = True
os.remove("details.csv")
if continueTo == False:
tryAgain = input("incorrect details, try again yes(1) or no(2) \n")
if tryAgain == '1':
checkdetails()
else:
EncryptFunction.Encrypt(filename)
os.remove(filename)
elif continueTo == True:
if "admin" in username:
os.system("clear")
AdminPanel(username, filename)
else:
os.system("clear")
UserPanel(username)
def __init__(self,
ginp_q=None,
gout_q=None,
host='127.0.0.1',
port=8878,
logF="DefaultServerLog.txt",
inP=sys.stdin,
outP=sys.stdout,
pfile='Password.txt'):
super(CClient, self).__init__()
self.addr = (host, port)
self.pfile = pfile
self.currentLoginInfo = ("", "")
self.loginInfos = {}
self.loadFile(pfile)
self.encryption = Encryption(self.currentLoginInfo[1])
self.logFile = logF
self.socket = socket(AF_INET, SOCK_STREAM)
self.socketConnected = False
self.stoped = False
self.outStream = outP
self.inStream = inP
self.inputThread = threading.Thread(target=self.winput)
self.inputThread.start()
#self.listenningSocket=socket(AF_INET,SOCK_STREAM)
#self.listenningSocket.bind((host,port))
#self.listenningSocket.listen(10)
self.ginp_q = ginp_q
self.gout_q = gout_q
def vehicle_check_flow(fuel, modelName, brand, buildDate):
""""Check if the vehicle is allowed, and act upon the decision"""
if (fuel == "Diesel") and int(buildDate) < 2001:
print(
"\nUw", brand, modelName,
"is een auto die op diesel rijdt en voor 2001 is gebouwd. \nDeze auto mag helaas de parkeergarage niet in."
)
else:
print("\nUw {0} {1} uit {2} mag de parkeergarage in. \nWelkom!".format(
brand, modelName, buildDate))
timeStampAsBytes = str(datetime.datetime.now()).encode()
plateDataAsBytes = plateData.encode()
encryptedPlate = Encryption.encrypt(plateDataAsBytes)
encryptedTimeStamp = Encryption.encrypt(timeStampAsBytes)
dataHolder = DataHolder.DataHolder(encryptedPlate, encryptedTimeStamp)
parkingId = DatabaseHandler.to_database(dataHolder)
leaveGarage = allow_only_bool_input(
"\nWilt u uitrijden? 'ja' of 'nee'.")
jsonItem = DatabaseHandler.from_database(parkingId, leaveGarage)
print(
"\nUw parkeerID is: {0} Uw kenteken: {1} Uw inrijtijd: {2}".format(
jsonItem.ParkingId,
Encryption.decrypt(jsonItem.EncryptedPlate),
(Encryption.decrypt(jsonItem.EncryptedTime))))
if leaveGarage:
print("U bent uit de database verwijderd. Tot ziens!")
def register_clicked(self):
username = self.username.text()
password = self.password.text()
if username == "":
self.showStatus("Username required!")
return
if password == "":
self.showStatus("Password required!")
return
self.register.setDisabled(True)
data = {
'header': 'Register',
'username': username,
'password': password
}
jsonObj = json.dumps(data)
msg = jsonObj.encode('utf-8')
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client.connect((host, port))
cipher = Encryption.encrypt(msg, key)
client.send(cipher)
cipher = client.recv(1024)
client.close()
msg = Encryption.decrypt(cipher, key)
jsonObj = msg.decode('utf-8')
data = json.loads(jsonObj)
if data['status'] == 200:
self.showError(
"<font color=#229954>Registration Successful</font>")
elif data['status'] == 201:
self.showError("<font color = 'red'>User Exists</font>")
self.register.setDisabled(False)
client.close()
def List_Passwords(self):
self.user_data_base = pd.read_csv(file_name)
self.app = self.user_data_base["App"]
self.login_id = self.user_data_base["LoginId"]
result = {"App": self.app, "Login Id": self.login_id}
result = pd.DataFrame(result, columns=["App", "Login Id"])
print(result)
en.encrypt(self.key, file_name)
def main():
while True:
userInput = getUserInput()
if isinstance(userInput, str):
result = Encryption.encode(userInput)
else:
result = Encryption.decode(userInput)
print(result)
print()
def authUser(uname, pwd):
pwdHash = Encryption.pwdHash(pwd)
if Database.isValid(uname,pwdHash):
token = Encryption.sessionToken()
#It's almost impossibly unlikely that we'll wind up with two identical tokens,
#but if we did, it would be a hard bug to find.
while token in validTokens:
token = Encryption.sessionToken()
validTokens[token] = uname
return token
return False
def authUser(uname, pwd):
pwdHash = Encryption.pwdHash(pwd)
if Database.isValid(uname,pwdHash):
token = Encryption.sessionToken()
#It's almost impossibly unlikely that we'll wind up with two identical tokens,
#but if we did, it would be a hard bug to find.
while not memcache.get(token) == None:
token = Encryption.sessionToken()
memcache.set(key=token, value=uname, time=KEY_STORE_TIME)
return token
return False
def encrypt(filename, text, password, magic, rsa):
'''
A method that hide text into image
Args:
filename (str) : The filename of the image
text (str) : Text or text file need to be hide in image
password (str) : Used to encrypt text
magic (str) : Used to hide text in image
Returns:
A image named new + filename, which with encrypted text in it
'''
# Check for file!
text = TextHandler(text).text
# Optional encrypt
if not password is None:
print '[*] Encrypting text'
text = Encryption.encrypt_text(password, text)
if not rsa is None:
print '[*] Encrypting text'
if rsa == 'new':
new_key = Encryption.gen_key()
Encryption.save_key(new_key, 'private_key.pem')
text = check_rsa_key(text, 'private_key.pem')
# text = Encryption.encrypt_rsa(text, 'private_key.pem')
else:
text = check_rsa_key(text, rsa)
# text = Encryption.encrypt_rsa(text, rsa)
if rsa is None:
text = text_ascii(text) + ENDBIT
try:
image = ImageHandler(filename)
# Load Image
d_old = image.load_image()
# Check if image can contain the data
check_space(text, d_old)
# get new data and save to image
d_new = Steganography.hide_lsb(d_old, magic, text)
image.save_image(d_new, 'new_' + filename)
except Exception, e:
print str(e)
def change_password(new_password, old_password):
# When this function is called all the files should be
# in the CWD.
'''
call this function like:
for file_completed_number, file_name in change_password():
pass
'''
new_password, old_password = int(new_password), int(old_password)
files = all_encrypted_files()
copied_but_error = []
for num, file in enumerate(files, start=1):
try:
with open(file) as old_file:
old_data = old_file.read()
copy_file = "ocod-" + file
with open(copy_file, 'w') as copy_file:
copy_file.write(old_data)
except Exception as e:
print(e)
yield (-1, file)
# -1 means a copy could not be generated
else:
try:
with open(file, 'w') as new_file:
new_file.write(
Encryption.encrypt(
Encryption.decrypt(old_data, old_password),
new_password))
except Exception as e:
print(e)
copied_but_error.append(copy_file)
yield (-2, file)
# -2 means a copy WAS generated but a new file was not.
else:
yield (num, file)
for file in files:
file = "ocod-" + file
if file not in copied_but_error:
os.remove(file)
def post(self):
try:
conn = db_connect.connect()
user = request.json['user']
pas = request.json['pas']
query = conn.execute("select * from Accounts WHERE User=? and Active=?", (user,"True",))
result = {'data': [dict(zip(tuple (query.keys()) ,i)) for i in query.cursor]}
if not result['data']:
return Encryption.enc(str({'status':'Ufail'}),key)
password=result['data'][0]['Password']
if password==pas:
result= {'status':'success','Permissions':result['data'][0]['Permissions']}
return Encryption.enc(str(result),key)
return Encryption.enc(str({'status':'Pfail'}),key)
except:
return Encryption.enc(str({'status':'fail'}),key)
def post(self):
if self.get_argument("auth")=="PCBOSS":
requestType = self.get_argument("type")
if requestType == "add_user":
email = self.get_request("email")
password = self.get_argument("password")
first_name = self.get_argument("first_name")
last_name = self.get_argument("last_name")
if Database.addUser(email, Encryption.pwdHash(password), first_name, last_name):
self.write("Success")
else:
self.write("Failure")
elif requestType == "list_jobs":
self.write(str(Database.listJobs()))
elif requestType == "request_file":
filenum = self.get_argument("file_number")
self.write(str(Database.getJob(filenum)))
elif requestType == "update_job_status":
filenum = int(self.get_argument("file_number"))
status = self.get_argument("status")
Database.updateStatus(filenum, status)
elif requestType == "recent_file":
self.write(str(Database.mostRecentFile()))
elif requestType == "recent_file_timestamp":
self.write(str(Database.mostRecentTimestamp()))
elif requestType == "get_users":
self.write(str(Database.listUsers()))
elif requestType == "edit_user":
email = self.get_argument("email")
fname = self.get_argument("first_name")
lname = self.get_argument("last_name")
pword = self.get_argument("password")
Database.updateAccount(email, fname, lname, pword)
else:
self.write("Error: Unrecognized Request")
def whoAmI():
# Reads in the image from the sent file
image = Encryption.decode(request.files['image'])
# Finds and extracts the faces in the image
# Saves any found faces into a list called 'faces'
faces = Extractor.extractFaces(image, Extractor.detectFaces(image))
# Processes each found face
# Calculates and stores the grayscale version of the face,
# the difference face (how far it is from the average face),
# and the original face
# Saves a list of the IDs of the faces found in the image
ids = [0 for i in range(len(faces))]
i = 0
for face in faces:
grayFace = iManip.grayFace(image)
diffFace = CalcDiffFace.calc(grayFace)
diffFace = iManip.imageToVector(diffFace)
ids[i] = Database.Database.storeFace(grayFace, image, diffFace)
i += 1
# mostSimilars gets instantiated as a map so it can be returned in the request
mostSimilars = {}
# Creates a list of id's of the most similar person to each given face
for i in range(len(ids)):
mostSimilars[i] = CompareToPeople.compareToPeople(ID = i)
return mostSimilars
def hide():
msg = ""
passwd = ""
inputImg = ""
outputDir = ""
msg = messageEntry.get('1.0', END)
msg = msg[:-1]
if passwordState.get():
passwd = passwordEntry.get()
inputImg = printIImg["text"]
outputDir = printOImg["text"]
if (msg == "") or (passwordState.get() and
(passwd == "")) or (inputImg == "") or (outputDir
== ""):
messagebox.showerror("Error", "Incomplete information....")
textMsgRadio.invoke()
else:
if passwordState.get():
en = Encryption.Encrypt(msg, passwd)
msg = en.encryptMessage()
print(msg)
sn = Steganography.Steg()
sn.hide(inputImg, outputDir, msg)
messagebox.showinfo("Successfull", "Information is hidden....")
resetH()
def save(self):
'''Saves the summarised texts to the Summaries folder.
Encodes saved files in UTF-8 Format - non-UTF-8 characters cannot be
saved.
Attributes:
summaryNumber: The number of previous summaries + 1
completeName: File name in the format of Summary_#_date.txt
Raises:
Exception: Any errors flagged and printed
'''
try:
summaryNumber = str(v.settings["noOfSummaries"])
completeName = ("Summary_#" + summaryNumber + "_" + v.date +
".txt")
with open(os.path.join('Summaries', completeName),
"w",
encoding="utf-8") as file:
file.write(E.encrypt(self.summary))
v.settings["noOfSummaries"] += 1
v.save()
except Exception as e:
print(e)
def retrieve():
msgR = ""
passwdR = ""
inputImgR = ""
inputImgR = printIImgR["text"]
if passwordStateR.get():
passwdR = passwordEntryR.get()
if (passwordStateR.get() and (passwdR == "")) or (inputImgR == ""):
messagebox.showerror("Error", "Incomplete information....")
else:
sn = Steganography.Steg()
try:
msgR = sn.retr(inputImgR)
if passwordStateR.get():
en = Encryption.Encrypt(msgR, passwdR)
msgR = en.decryptMessage()
if (msgR == "!-)=~"):
messagebox.showarning("Warning",
"Incorrect password or image....")
else:
messageEntryR.delete('1.0', END)
messageEntryR.insert(tk.END, msgR)
messagebox.showinfo("Successfull",
"Information is retrieved....")
except:
messagebox.showerror("Error", "Incorrect password or image....")
resetR()
def CreateNewClient(self, connectionSocket, addr):
usename = connectionSocket.recv(2048).decode('utf-8')
en = Encryption(usename)
pwd = connectionSocket.recv(2048)
pwd = en.DecryptString(pwd)
en.LoadKey(pwd)
if self.validation.LoginCheck(usename, pwd) != 1:
connectionSocket.close()
return
# print(usename,pwd)
connectionSocket.send('OK'.encode('utf-8'))
newThread = threading.Thread(target=self.commandLine,
args=(connectionSocket, addr))
self.clients[addr] = [newThread, connectionSocket, None, None, en]
newThread.start()
def post(self):
conn = db_connect.connect()
try:
Name = request.json['User']
Password = request.json['Password']
Perm = request.json['perm']
if len(Name)<=1 or len(Password)<6 or Name.count("select")!=0:
return Encryption.enc(str({'status':'hacker'}),key)
query = conn.execute("select * from Accounts WHERE User=?", (str(Name),))
result = {'data': [dict(zip(tuple (query.keys()) ,i)) for i in query.cursor]}
if not result['data']:
conn.execute("insert into Accounts values('{0}','{1}','{2}','{3}')".format(Name,Password,Perm,'True'))
conn.execute("insert into LVL values('{0}','{1}')".format(Name,"1"))
return Encryption.enc(str({'status':'success'}),key)
return Encryption.enc(str({'status':'fail'}),key)
except:
return Encryption.enc(str({'status':'fail'}),key)
def testRSA(self):
# RSA Demonstration
# Generate new key pair
ks1 = e.RsaKey() # class object
publicKey = ks1.getPublicKey()
# Generate keys using exising public key
ks2 = e.RsaKey(publicKey)
message_byte = b"RSA Test message"
# Encryption
msg = ks2.encrypt(message_byte)
# Decryption
msg = ks1.decrypt(msg)
self.assertEqual(msg, message_byte, "TestRSA: Message different")
def testAES(self):
# AES Demonstration
# Generate new keys
ks3 = e.AesKey()
key = ks3.getKey()
# Generate key from exising symmetric key
ks4 = e.AesKey(key)
message_byte = b"AES Test message"
# Encryption
msg = ks3.encrypt(message_byte)
# Decryption
msg = ks4.decrypt(msg)
self.assertEqual(msg, message_byte, "TestAES: message different")
def downloadMeanFace():
ID = request.form['id']
person = Database.Database.getPerson(ID)
if person.faces != 0:
image = Database.Database.getMeanFace(ID)
return Encryption.encode(image)
else:
return "There are no faces associated with that person"
def Edit(filename):
#decrypts the csv file so the user can delete an account
bufferSize = 64 * 1024
password = input("Enter the password for the file to decrypt it: \n")
pyAesCrypt.decryptFile(filename + ".aes", filename, password, bufferSize)
os.remove(filename + ".aes")
#prompts user to choose what they would like to edit
passOrUser = input(
"Would you like to edit a username(1), password(2) or both(3)")
#reads csv file data into a pandas data frame
df = pd.read_csv(filename)
print(df)
if int(passOrUser) == 1:
editUsername = input("Enter the username you want to edit: \n")
newUsername = input("Enter the new username: \n")
#stores the index of the current username
index = df.loc[df['username'] == editUsername].index[0]
#stores current password
password = df.loc[index, 'password']
#creates a new row with index, new username and current password
newRow = df.loc[index] = [newUsername, password]
#adds the row to the dataframe at a specific index
df.append(newRow)
#stores dataframe in the csv file
df.to_csv(filename, index=False)
#code is the same for each condition but structured slightly differently for a different purpose
elif int(passOrUser) == 2:
editPassword = input("Enter the password you want to edit: \n")
newPassword = input("Enter the new password: \n")
index = df.loc[df['password'] == editPassword].index[0]
username = df.loc[index, 'username']
newRow = df.loc[index] = [username, newPassword]
df.append(newRow)
df.to_csv(filename, index=False)
elif int(passOrUser) == 3:
editUsername = input("Enter the username you want to edit: \n")
newUsername = input("Enter the new username: \n")
newPassword = input("Enter the new password: \n")
index = df.loc[df['username'] == editUsername].index[0]
newRow = df.loc[index] = [newUsername, newPassword]
df.append(newRow)
df.to_csv(filename, index=False)
#re-encrypts the csv file
EncryptionFunction.Encrypt("details.csv")
os.remove(filename)
DoAgain()
def addEntry(self, creationRequest):
password = self.passwordGenerator.generatePassword(
creationRequest.length)
encryptedPassword = Encryption.encrypt(password)
entry = PasswordGenerator.Entry(creationRequest.url,
creationRequest.login,
encryptedPassword,
creationRequest.date)
self.database.saveEntry(entry)
def Add_Password(self):
self.user_data_base = pd.read_csv("Database.csv")
self.user_data = {
"App": self.app,
"LoginId": self.login_id,
"Password": self.password
}
#partial_data_base = self.user_data_base[self.user_data_base["App"] == self.app]
#print(type(partial_data_base))
#print(existing_login
self.user_data_base = self.user_data_base.append(self.user_data,
ignore_index=True)
self.user_data_base.to_csv("Database.csv", index=False)
print(
f"{bcolors.OKBLUE}{self.app} is added to the database{bcolors.ENDC}"
)
en.encrypt(self.key, file_name)
def Identify_User(self):
try:
try:
self.data.user_data_base = pd.read_csv(file_name)
self.data.password = getpass.getpass("MasterPassword: "******"{bcolors.FAIL}Incorrect Password{bcolors.ENDC}")
return False
sys.exit()
except KeyboardInterrupt:
print(f"{bcolors.FAIL}User Interrupt!{bcolors.ENDC}")
sys.exit()
def check_rsa_key(text, filename):
succes = False
while not succes:
e_data = Encryption.encrypt_rsa(text, filename)
new = ''.join(map(lambda char: '{:08b}'.format(ord(char)), e_data))
succes = True
for i in range(0, len(new), 8):
if new[i:i + 8] == '00000000':
succes = False
return map(int, new) + ENDBIT
def post(Self):
conn = db_connect.connect()
User = request.json['user']
if 'Date' in request.json.keys():
Date = request.json['Date']
else:
Date=datetime.datetime.now().strftime("%Y-%m-%d")
query = conn.execute("select * from SpeechTasks where Date=? and User=?",(Date,User,))
result = {'data': [dict(zip(tuple (query.keys()) ,i)) for i in query.cursor]}
return Encryption.enc(str(result),key)
def default_data_admin(self): # Method for creating default data
encryption = encryp.Encryption()
secure_admin_pass = encryption.encrypt_data(
'password') # encrypt default password
self.c.execute(
"INSERT OR IGNORE INTO admininfo(adminid, adminname, password) VALUES (?, ?, ?)",
('admin', 'defaultname', secure_admin_pass))
self.conn.commit()
def logout_clicked(self):
data = {'header': 'Logout'}
jsonObj = json.dumps(data)
msg = jsonObj.encode('utf-8')
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client.connect((host, port))
cipher = Encryption.encrypt(msg, KEY)
client.send(cipher)
cipher = client.recv(1024)
msg = Encryption.decrypt(cipher, KEY)
jsonObj = msg.decode('utf-8')
data = json.loads(jsonObj)
if data['header'] == 'OK':
self.home = Home()
self.home.show()
self.close()
else:
self.statusBar().showMessage("Error!")
QApplication.processEvents()
def Decrypt():
# Get the private key, the public key and the cipher text
d = GetPrivateKey()
n = Encryption.GetPubKey()
c = GetCipher()
#apply the algorithm to get the encoded plain text
DecryptedCipher = []
for i in range(len(c)):
DecryptedCipher.append(KeySetup.ModExponentiation(c[i], d, n[0]))
return DecryptedCipher
def delete_from_file(path, title):
title = Encryption.encrypt_text(title, auth.SEED)
content = ReadFromFile(path)
for i in range(0, len(content)):
if content[i] == title:
del content[i]
break
writer = open(path, "w")
for movie in content:
writer.write(movie)
writer.close()
# -*- coding: utf-8 -*-
#主程序
import NetworkOpt
import time
import getpass
import Encryption
if __name__ == "__main__":
login_info = tuple()
logout_info = tuple()
user_id = input('请输入帐号:')
user_passwd = '0' + Encryption.encrypted_pwd(getpass.getpass('请输入密码:'))
connection_status,bras_address,user_ip = NetworkOpt.getConnectionInfo()
try:
while(True):
connection_status,info1,info2 = NetworkOpt.getConnectionInfo()
if connection_status == 302:
print('正在登录...')
login_info = NetworkOpt.login(user_id,user_passwd,bras_address,user_ip)
elif connection_status == 200:
print('在线中...')
else:
print('异常!')
for element in login_info:
print(element)
time.sleep(5)
except KeyboardInterrupt as e:
print('正在登出...')
def updateAccount(token, fname, lname, pwd=False):
if pwd:
pwdHash = Encryption.pwdHash(pwd)
Database.updateAccount(getUser(token), fname, lname, pwdHash)
else:
Database.updateAccount(getUser(token), fname, lname)
def authUpload(ID, CADFile, filedesc):
#todo: figure out how to authenticate the file
encFile = Encryption.encryptFile(CADFile)
Database.storeFile(getUser(ID), encFile, filedesc)
def getEncryption(self, proxy):
if self.client_keypair_generate == TRUE and self.server_keypair_generate == TRUE:
raise ValueError, 'client_keypair_generate and server_keypair_generate are both enabled. '\
'Key generation cannot work on both sides at the same time.'
if not self.isEncryptionUsed():
return Encryption(client_security=SSL_NONE, server_security=SSL_NONE)
if not hasattr(self, "client_connection_security"):
self.client_connection_security = SSL_NONE
if not hasattr(self, "server_connection_security"):
self.server_connection_security = SSL_NONE
client_method = ENCRYPTION_METHOD_SSLV23
server_method = ENCRYPTION_METHOD_SSLV23
if hasattr(self, "client_ssl_method"):
if self.client_ssl_method == SSL_METHOD_SSLV23:
client_method = ENCRYPTION_METHOD_SSLV23
elif self.client_ssl_method == SSL_METHOD_SSLV3:
client_method = ENCRYPTION_METHOD_SSLV3
elif self.client_ssl_method == SSL_METHOD_TLSV1:
client_method = ENCRYPTION_METHOD_TLSV1
elif self.client_ssl_method == SSL_METHOD_ALL:
client_method = ENCRYPTION_METHOD_SSLV23
else:
client_method = 5 #Bad method
if hasattr(self, "server_ssl_method"):
if self.server_ssl_method == SSL_METHOD_SSLV23:
server_method = ENCRYPTION_METHOD_SSLV23
elif self.server_ssl_method == SSL_METHOD_SSLV3:
server_method = ENCRYPTION_METHOD_SSLV3
elif self.server_ssl_method == SSL_METHOD_TLSV1:
server_method = ENCRYPTION_METHOD_TLSV1
elif self.server_ssl_method == SSL_METHOD_ALL:
server_method = ENCRYPTION_METHOD_SSLV23
else:
server_method = 5 #Bad method
encryption = Encryption(client_security=self.client_connection_security, server_security=self.server_connection_security, client_method=client_method, server_method=server_method)
encryption.settings.client_handshake["verify_cert_ext"] = self.client_handshake["verify_cert_ext"]
encryption.settings.server_handshake["verify_cert_ext"] = self.server_handshake["verify_cert_ext"]
if self.client_connection_security > SSL_NONE:
if hasattr(self, "client_cert") and type(self.client_cert) == types.StringType:
self.client_cert_file = self.client_cert
if hasattr(self, "client_key") and type(self.client_key) == types.StringType:
self.client_key_file = self.client_key
if hasattr(self, "client_keypair_files"):
self.client_cert_file = self.client_keypair_files[0]
self.client_key_file = self.client_keypair_files[1]
if hasattr(self, "client_cagroup_directories"):
self.client_ca_directory = self.client_cagroup_directories[0]
self.client_crl_directory = self.client_cagroup_directories[1]
if hasattr(self, "client_verify_cagroup_directories"):
self.client_verify_ca_directory = self.client_verify_cagroup_directories[0]
self.client_verify_crl_directory = self.client_verify_cagroup_directories[1]
if hasattr(self, "client_cert_file"):
log(proxy.session.session_id, SSL_DEBUG, 6, "Compatibility feature, processing client_cert_file; value='%s'" % self.client_cert_file)
proxy.tls.client_local_certificate = self.readPEM(self.client_cert_file)
if hasattr(self, "client_key_file"):
log(proxy.session.session_id, SSL_DEBUG, 6, "Compatibility feature, processing client_key_file; value='%s'" % self.client_key_file)
proxy.tls.client_local_privatekey = self.readPEM(self.client_key_file)
if hasattr(self, "client_ca_directory"):
log(proxy.session.session_id, SSL_DEBUG, 6, "Compatibility feature, processing client_ca_directory; value='%s'" % self.client_ca_directory)
#self.readHashDir(self.client_local_ca_list, self.client_ca_directory)
self.readHashDir(encryption.settings.client_local_ca_list, self.client_ca_directory)
if hasattr(self, "client_crl_directory"):
log(proxy.session.session_id, SSL_DEBUG, 6, "Compatibility feature, processing client_crl_directory; value='%s'" % self.client_crl_directory)
#self.readHashDir(self.client_local_crl_list, self.client_crl_directory)
self.readHashDir(encryption.settings.client_local_crl_list, self.client_crl_directory)
if self.client_keypair_generate:
if self.handshake_seq != SSL_HSO_SERVER_CLIENT:
raise ValueError, "For client-side keypair generation, the handshake order"\
" must be SSL_HSO_SERVER_CLIENT."
else:
encryption.settings.client_handshake["setup_key"] = (SSL_HS_POLICY, self.generateKeyClient)
if self.server_connection_security > SSL_NONE:
if hasattr(self, "server_cert") and type(self.server_cert) == types.StringType:
self.server_cert_file = self.server_cert
if hasattr(self, "server_key") and type(self.server_key) == types.StringType:
self.server_key_file = self.server_key
if hasattr(self, "server_keypair_files"):
self.server_cert_file = self.server_keypair_files[0]
self.server_key_file = self.server_keypair_files[1]
if hasattr(self, "server_cagroup_directories"):
self.server_ca_directory = self.server_cagroup_directories[0]
self.server_crl_directory = self.server_cagroup_directories[1]
if hasattr(self, "server_verify_cagroup_directories"):
self.server_verify_ca_directory = self.server_verify_cagroup_directories[0]
self.server_verify_crl_directory = self.server_verify_cagroup_directories[1]
if hasattr(self, "server_cert_file"):
log(proxy.session.session_id, SSL_DEBUG, 6, "Compatibility feature, processing server_cert_file; value='%s'" % self.server_cert_file)
proxy.tls.server_local_certificate = self.readPEM(self.server_cert_file)
if hasattr(self, "server_key_file"):
log(proxy.session.session_id, SSL_DEBUG, 6, "Compatibility feature, processing server_key_file; value='%s'" % self.server_key_file)
proxy.tls.server_local_privatekey = self.readPEM(self.server_key_file)
if hasattr(self, "server_ca_directory"):
log(proxy.session.session_id, SSL_DEBUG, 6, "Compatibility feature, processing server_ca_directory; value='%s'" % self.server_ca_directory)
#self.readHashDir(self.server_local_ca_list, self.server_ca_directory)
self.readHashDir(encryption.settings.server_local_ca_list, self.server_ca_directory)
if hasattr(self, "server_crl_directory"):
log(proxy.session.session_id, SSL_DEBUG, 6, "Compatibility feature, processing server_crl_directory; value='%s'" % self.server_crl_directory)
#self.readHashDir(self.server_local_crl_list, self.server_crl_directory)
self.readHashDir(encryption.settings.server_local_crl_list, self.server_crl_directory)
if self.server_keypair_generate:
if self.handshake_seq != SSL_HSO_CLIENT_SERVER:
raise ValueError, "For server-side keypair generation, the handshake order"\
" must be SSL_HSO_CLIENT_SERVER."
else:
encryption.settings.server_handshake["setup_key"] = (SSL_HS_POLICY, self.generateKeyServer)
if hasattr(self, "handshake_seq"):
encryption.settings.handshake_seq = self.handshake_seq
if hasattr(self, "handshake_timeout"):
encryption.settings.handshake_timeout = self.handshake_timeout
if hasattr(self, "permit_invalid_certificates"):
encryption.settings.client_permit_invalid_certificates = self.permit_invalid_certificates
encryption.settings.server_permit_invalid_certificates = self.permit_invalid_certificates
if hasattr(self, "permit_missing_crl"):
encryption.settings.client_permit_missing_crl = self.permit_missing_crl
encryption.settings.server_permit_missing_crl = self.permit_missing_crl
if hasattr(self, "client_verify_type"):
encryption.settings.client_verify_type = self.client_verify_type
if hasattr(self, "client_disable_proto_sslv3"):
encryption.settings.client_disable_proto_sslv3 = self.client_disable_proto_sslv3
if hasattr(self, "client_disable_proto_tlsv1"):
encryption.settings.client_disable_proto_tlsv1 = self.client_disable_proto_tlsv1
if hasattr(self, "client_ssl_cipher"):
encryption.settings.client_ssl_cipher = self.client_ssl_cipher
if hasattr(self, "client_verify_ca_directory"):
encryption.settings.client_verify_ca_directory = self.client_verify_ca_directory
if hasattr(self, "client_verify_crl_directory"):
encryption.settings.client_verify_crl_directory = self.client_verify_crl_directory
if hasattr(self, "client_verify_depth"):
encryption.settings.client_verify_depth = self.client_verify_depth
if hasattr(self, "server_verify_type"):
encryption.settings.server_verify_type = self.server_verify_type
if hasattr(self, "server_check_subject"):
encryption.settings.server_check_subject = self.server_check_subject
if hasattr(self, "server_disable_proto_sslv3"):
encryption.settings.server_disable_proto_sslv3 = self.server_disable_proto_sslv3
if hasattr(self, "server_disable_proto_tlsv1"):
encryption.settings.server_disable_proto_tlsv1 = self.server_disable_proto_tlsv1
if hasattr(self, "server_ssl_cipher"):
encryption.settings.server_ssl_cipher = self.server_ssl_cipher
if hasattr(self, "server_verify_ca_directory"):
encryption.settings.server_verify_ca_directory = self.server_verify_ca_directory
if hasattr(self, "server_verify_crl_directory"):
encryption.settings.server_verify_crl_directory = self.server_verify_crl_directory
if hasattr(self, "server_verify_depth"):
encryption.settings.server_verify_depth = self.server_verify_depth
if not encryption.setup():
raise Exception, "Encryption.setup() returned error;"
return encryption
