def __init__(self, source, private_key, remote_public_key):
self.private_key = private_key
# The CipherProperties() protocol buffer specifying the session keys, that
# we send to the other end point. It will be encrypted using the RSA private
# key.
self.cipher = rdf_flows.CipherProperties(
name=self.cipher_name,
key=rdf_crypto.EncryptionKey.GenerateKey(length=self.key_size),
metadata_iv=rdf_crypto.EncryptionKey.GenerateKey(
length=self.key_size),
hmac_key=rdf_crypto.EncryptionKey.GenerateKey(
length=self.key_size),
hmac_type="FULL_HMAC")
serialized_cipher = self.cipher.SerializeToString()
self.cipher_metadata = rdf_flows.CipherMetadata(source=source)
# Sign this cipher.
self.cipher_metadata.signature = self.private_key.Sign(
serialized_cipher)
# Now encrypt the cipher.
stats_collector_instance.Get().IncrementCounter("grr_rsa_operations")
self.encrypted_cipher = remote_public_key.Encrypt(serialized_cipher)
# Encrypt the metadata block symmetrically.
_, self.encrypted_cipher_metadata = self.Encrypt(
self.cipher_metadata.SerializeToString(), self.cipher.metadata_iv)
def VerifyMessageSignature(self, unused_response_comms,
packed_message_list, cipher, cipher_verified,
api_version, remote_public_key):
"""Verify the message list signature.
This is the way the messages are verified in the client.
In the client we also check that the nonce returned by the server is correct
(the timestamp doubles as a nonce). If the nonce fails we deem the response
unauthenticated since it might have resulted from a replay attack.
Args:
packed_message_list: The PackedMessageList rdfvalue from the server.
cipher: The cipher belonging to the remote end.
cipher_verified: If True, the cipher's signature is not verified again.
api_version: The api version we should use.
remote_public_key: The public key of the source.
Returns:
An rdf_flows.GrrMessage.AuthorizationState.
Raises:
DecryptionError: if the message is corrupt.
"""
# This is not used atm since we only support a single api version (3).
_ = api_version
result = rdf_flows.GrrMessage.AuthorizationState.UNAUTHENTICATED
if cipher_verified or cipher.VerifyCipherSignature(remote_public_key):
stats_collector_instance.Get().IncrementCounter(
"grr_authenticated_messages")
result = rdf_flows.GrrMessage.AuthorizationState.AUTHENTICATED
# Check for replay attacks. We expect the server to return the same
# timestamp nonce we sent.
if packed_message_list.timestamp != self.timestamp:
result = rdf_flows.GrrMessage.AuthorizationState.UNAUTHENTICATED
if not cipher.cipher_metadata:
# Fake the metadata
cipher.cipher_metadata = rdf_flows.CipherMetadata(
source=packed_message_list.source)
return result
