def SRPAuth(sock, user, passphrase = None):
"""Perform an SRP authentication on a socket. Return the session key
if authentication was successful, or raise an exception if it was not.
The other end of the socket must be ready to receive the SRP
commands."""
if not passphrase:
passphrase = getpass.getpass('Enter passphrase for %s: ' % user)
# Send the USER command.
sock.send('USER %s\n' % user)
# Get the client-side keys and send the public one.
keys = SRP.client_begin(user)
A = keys[0]
sock.send(encode_long(A))
# Read the response.
file = sock.makefile('rb')
line = file.readline()
if line[0:3] != 'KEY':
raise SRP.NoSuchUser, line
s = read_string(file)
B = read_long(file)
u = read_long(file)
# Now calculate the session key and send the proof.
K, m = SRP.client_key(user, passphrase, s, B, u, keys)
sock.send(encode_string(m))
line = file.readline()
if line[0:3] != 'AOK':
raise SRP.AuthFailure, line
# Authenticate the host.
m1 = SRP.host_authenticator(K, A, m)
m = read_string(file)
if m != m1:
raise SRP.AuthFailure, "Host authentication failed."
# All done, return the session key.
return K
def SRPAuth(sock, user, passphrase=None):
"""Perform an SRP authentication on a socket. Return the session key
if authentication was successful, or raise an exception if it was not.
The other end of the socket must be ready to receive the SRP
commands."""
if not passphrase:
passphrase = getpass.getpass('Enter passphrase for %s: ' % user)
# Send the USER command.
sock.send('USER %s\n' % user)
# Get the client-side keys and send the public one.
keys = SRP.client_begin(user)
A = keys[0]
sock.send(encode_long(A))
# Read the response.
file = sock.makefile('rb')
line = file.readline()
if line[0:3] != 'KEY':
raise SRP.NoSuchUser, line
s = read_string(file)
B = read_long(file)
u = read_long(file)
# Now calculate the session key and send the proof.
K, m = SRP.client_key(user, passphrase, s, B, u, keys)
sock.send(encode_string(m))
line = file.readline()
if line[0:3] != 'AOK':
raise SRP.AuthFailure, line
# Authenticate the host.
m1 = SRP.host_authenticator(K, A, m)
m = read_string(file)
if m != m1:
raise SRP.AuthFailure, "Host authentication failed."
# All done, return the session key.
return K
def client_key(self, s, B, u, keys):
use_agent = True
if self.pwid is None:
use_agent = False
elif not self._query_agent_for_id(self.pwid):
use_agent = False
if use_agent:
func = self._private_key
arg = None
else:
self._get_password()
func = SRP.private_key
arg = self.password
K, m = SRP.client_key(self.user, arg, s, B, u, keys, func)
return K, m
