Exemplo n.º 1
0
def resolve(target):
  """Return the generation number for target.

  As a side effect, record any new calculated data to the git repository.
  """
  num = get_num(target)
  if num is not None:
    return num

  if git_tree(REF) is None:
    empty = git_mktree({})
    ref = run_git('commit-tree', '-m', 'Initial commit from git-number', empty)
    run_git('update-ref', REF, ref)

  with ScopedPool() as pool:
    available = pool.apply_async(git_tree, args=(REF,), kwds={'recurse': True})
    preload = set()
    rev_list = []

    with StatusPrinter('Loading commits: %d') as inc:
      for line in run_git('rev-list', '--topo-order', '--parents',
                         '--reverse', hexlify(target), '^'+REF).splitlines():
        toks = map(unhexlify, line.split())
        rev_list.append((toks[0], toks[1:]))
        preload.update(t[:PREFIX_LEN] for t in toks)
        inc()

    preload.intersection_update(
      unhexlify(k.replace('/', ''))
      for k in available.get().iterkeys()
    )
    preload.difference_update((x,) for x in get_num_tree.cache)

    if preload:
      preload_iter = pool.imap_unordered(preload_tree, preload)
      with StatusPrinter('Preloading nurbs: (%%d/%d)' % len(preload)) as inc:
        for prefix, tree in preload_iter:
          get_num_tree.cache[prefix,] = tree
          inc()

  get_num_tree.default_enabled = True


  for ref, pars in rev_list:
    num = set_num(ref, max(map(get_num, pars)) + 1 if pars else 0)

  finalize(hexlify(target))

  return num
Exemplo n.º 2
0
def handle_ClientHello(sess, pdx, rx):
    rb = e64bs(number.long_to_bytes(random.getrandbits(16 * 8))).rstrip()
    if sess is None:
        sess = hexlify(number.long_to_bytes(random.getrandbits(
            17 * 8))).decode() + '-' + e64bs(
                number.long_to_bytes(random.getrandbits(56 * 8)) +
                b'\0').rstrip()

    return ET.tostring(pdx).decode(), '''<?xml version="1.0" encoding="UTF-8"?>
<ServerHello xmlns="http://www.rsasecurity.com/rsalabs/otps/schemas/2005/12/ct-kip#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" SessionID="{sess}" Status="Continue" Version="1.0">
  <KeyType xmlns="">http://www.rsasecurity.com/rsalabs/otps/schemas/2005/09/otps-wst#SecurID-AES</KeyType>
  <EncryptionAlgorithm xmlns="">http://www.w3.org/2001/04/xmlenc#rsa-1_5</EncryptionAlgorithm>
  <EncryptionKey xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <ds:KeyValue xmlns="http://www.rsasecurity.com/rsalabs/otps/schemas/2005/12/ct-kip#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <ds:RSAKeyValue xmlns="http://www.rsasecurity.com/rsalabs/otps/schemas/2005/12/ct-kip#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <ds:Modulus>{mod}</ds:Modulus>
        <ds:Exponent>{exp}</ds:Exponent>
      </ds:RSAKeyValue>
    </ds:KeyValue>
  </EncryptionKey>
  <Payload xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <Nonce xmlns="">{rb}</Nonce>
  </Payload>
  <Extensions xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <Extension xmlns:ct-kip="http://www.rsasecurity.com/rsalabs/otps/schemas/2005/12/ct-kip#" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <Data>{rb}</Data>
    </Extension>
  </Extensions>
  <MacAlgorithm xmlns="">http://www.rsasecurity.com/rsalabs/otps/schemas/2005/11/ct-kip#ct-kip-prf-aes</MacAlgorithm>
</ServerHello>'''.format(sess=sess,
                         rb=rb,
                         mod=e64bs(number.long_to_bytes(pubk.n)).rstrip(),
                         exp=e64bs(number.long_to_bytes(pubk.e)).rstrip())
Exemplo n.º 3
0
def handle_ClientNonce(sess, pdx, rx):
    # Decrypt the ClientNonce (this will be the token secret)
    ct = d64b(rx.find('.//EncryptedNonce', ns).text)
    print("ENcrypted ClientNonce: {}".format(hexlify(ct)))
    print("DEcrypted ClientNonce: {}".format(hexlify(cipher.decrypt(ct))))

    tid = e64s('%012d' % random.randint(
        1, 999999999999)).rstrip()  # Random 12-digit decimal number, b64enc
    exp = '2019-01-01T00:00:00+00:00'  # ISO9601 datetime
    rmb = e64bs(number.long_to_bytes(random.getrandbits(
        16 * 8))).rstrip()  # random MAC bytes... urk

    pdr = '''<?xml version="1.0"?>\n<ProvisioningData><PinType>0</PinType><AddPIN>1</AddPIN></ProvisioningData>'''
    r = '''<?xml version="1.0" encoding="UTF-8"?>
<ServerFinished xmlns="http://www.rsasecurity.com/rsalabs/otps/schemas/2005/12/ct-kip#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" SessionID="{sess}" Status="Success" Version="1.0">
  <TokenID xmlns="">{tid}</TokenID>
  <KeyID xmlns="">{tid}</KeyID>
  <KeyExpiryDate xmlns="">{exp}</KeyExpiryDate>
  <ServiceID xmlns="">RSA CT-KIP</ServiceID>
  <UserID xmlns=""/>
  <Extensions xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <Extension xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Critical="true">
      <OTPFormat>Decimal</OTPFormat>
      <OTPLength>8</OTPLength>
      <OTPMode xmlns="http://www.rsasecurity.com/rsalabs/otps/schemas/2005/12/ct-kip#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <Time xmlns="http://www.rsasecurity.com/rsalabs/otps/schemas/2005/12/ct-kip#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" TimeInterval="60"/>
      </OTPMode>
    </Extension>
  </Extensions>
  <Mac xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" MacAlgorithm="http://www.rsasecurity.com/rsalabs/otps/schemas/2005/12/ct-kip#ct-kip-prf-aes">
    {rmb}
  </Mac>
</ServerFinished>'''.format(tid=e64s(tid).rstrip(),
                            exp=exp,
                            sess=sess,
                            rmb=rmb)

    return pdr, r
Exemplo n.º 4
0
    def serverFinished(self, session_id, server_nonce, client_none=None):
        # generate and encrypt client nonce
        if client_none is None:
            client_nonce = random.getrandbits(16 * 8)
        cipher = PKCS1_OAEP.new(self.server_pubkey)
        client_nonce = client_nonce.to_bytes(16, byteorder='big')
        encrypted_client_nonce = cipher.encrypt(client_nonce)

        print(
            "Generated client nonce:\n\tplaintext: {}\n\tencrypted: {}".format(
                hexlify(client_nonce), hexlify(encrypted_client_nonce)))

        # send second request
        req2_filled = req2_tmpl.format(
            session_id=session_id,
            encrypted_client_nonce=e64bs(encrypted_client_nonce),
            server_nonce=e64bs(server_nonce))

        if self.verbose:
            print(req2_filled)

        req2 = self.soap.make_ClientRequest('ServerFinished', pd, req2_filled)
        raw_res2 = self.s.send(self.s.prepare_request(req2))
        if self.verbose:
            print(raw_res2)
        pd_res2, res2 = self.soap.parse_ServerResponse(raw_res2)

        if self.verbose:
            print(res2)

        # get stuff from response
        key_id = d64b(res2.find('TokenID').text)
        token_id = d64b(res2.find('KeyID').text)
        key_exp = res2.find('KeyExpiryDate').text
        mac = d64b(res2.find('Mac').text)

        return (key_id, token_id, key_exp, mac)
Exemplo n.º 5
0
def main():
  force = '-f' in sys.argv
  if force:
    sys.argv.remove('-f')

  StatusPrinter.ENABLED = True

  target = hexlify(parse_one_committish())
  print 'Got Target: %s' % target
  fix_head(target)
  run_git('reset', '-q', target)

  if force:
    force_checkout(git_tree(target, recurse=True))
  else:
    fancy_checkout()
Exemplo n.º 6
0
def main():
    p = argparse.ArgumentParser()
    p.add_argument('-v', '--verbose', action='count')
    p.add_argument('url')
    p.add_argument('activation_code')
    args = p.parse_args()

    client = CtKipClient(args.url, args.activation_code, args.verbose)
    session_id, server_nonce, pubk = client.startService()

    print("Got server nonce and RSA pubkey:\n{}\n{}".format(
        hexlify(server_nonce),
        pubk.exportKey('PEM').decode()))

    key_id, token_id, key_exp, mac = client.serverFinished(
        session_id, server_nonce)

    print("Got key ID, token ID, key expiration date, and MAC:"
          "\nKeyID: {}\nTokenID: {}\nExpiration: {}\nMAC: {}".format(
              key_id, token_id, key_exp, mac))
Exemplo n.º 7
0
pd_res1, res1 = soap.parse_ServerResponse(raw_res1)
if args.verbose:
    print(res1)

session_id = res1.attrib['SessionID']
k = res1.find('.//{http://www.w3.org/2000/09/xmldsig#}RSAKeyValue')
mod = number.bytes_to_long(d64sb(k.find(
  '{http://www.w3.org/2000/09/xmldsig#}Modulus').text))
exp = number.bytes_to_long(d64sb(k.find(
  '{http://www.w3.org/2000/09/xmldsig#}Exponent').text))
pubk = RSA.construct( (int(mod), int(exp)) )
pl = res1.find('.//Payload')
server_nonce = d64sb(pl.find('Nonce').text)

print("Got server nonce and RSA pubkey:\n{}\n{}".format(
    hexlify(server_nonce), pubk.exportKey('PEM').decode()))

# generate and encrypt client nonce
client_nonce = bytearray([random.getrandbits(8) for i in range(16)])
cipher = PKCS1_OAEP.new(pubk)
encrypted_client_nonce = cipher.encrypt(hexlify(client_nonce))
print("Generated client nonce:\n\tplaintext: {}\n\tencrypted: {}".format(
    hexlify(client_nonce), hexlify(encrypted_client_nonce)))

# send second request
req2_filled = req2_tmpl.format(
  session_id=session_id, encrypted_client_nonce=hexlify(encrypted_client_nonce).decode(),
  server_nonce=hexlify(server_nonce).decode())
req2 = soap.make_ClientRequest('ServerFinished', pd, req2_filled)
pd_res2, res2 = soap.parse_ServerResponse(s.send(s.prepare_request(req2)))