def check_their_sig(self, enc_sig, sig_mac, usePrimes=False):
my_dh_key = self.dh_keys.get_my_cur_keyid()
if usePrimes:
cKey = self.dh_keys.cprime
m1Key = self.dh_keys.m1prime
m2Key = self.dh_keys.m2prime
else:
cKey = self.dh_keys.c
m1Key = self.dh_keys.m1
m2Key = self.dh_keys.m2
sig = OtrCrypt.aes_zero_ctr_crypt(cKey, enc_sig)
#print sig
byte_reader = ByteStreamReader(sig)
their_dsa_key = byte_reader.get_pubkey()
if their_dsa_key["cipher_code"] != list(OtrConstants["dsa_code_bytes"]):
return False
# now keyid
their_dh_keyid = _OT.bytes_to_int(byte_reader.get_int())
self.dh_keys.associate_their_keyid(their_dh_keyid)
# load their DSA public key - (y,g,p,q)
their_dsa_key_tup = (
_OT.mpi_to_int(their_dsa_key["y_mpi"]),
_OT.mpi_to_int(their_dsa_key["g_mpi"]),
_OT.mpi_to_int(their_dsa_key["p_mpi"]),
_OT.mpi_to_int(their_dsa_key["q_mpi"])
)
self.dsa_keys.load_their_key(their_dsa_key_tup)
# compute their M factor
self.compute_their_M_factor(usePrimes=usePrimes)
# now load their signed M factor
q_len = their_dsa_key["q_len"]
M_sig_r_factor = _OT.bytes_to_int(byte_reader.get_n_bytes(q_len))
M_sig_s_factor = _OT.bytes_to_int(byte_reader.get_n_bytes(q_len))
assert (byte_reader.consumed_all())
if not OtrDSA.verify(self.dsa_keys.their_public_key, self.their_M,
M_sig_r_factor, M_sig_s_factor):
logging.debug("DID NOT VERIFY")
return False
# now check their MAC
calc_sig_mac = OtrCrypt.get_sha256_hmac_160(m2Key, _OT.bytes_to_data(enc_sig))
if calc_sig_mac != sig_mac:
logging.debug( "MAC INCORRECT" )
#print enc_sig
#print calc_sig_mac
#print sig_mac
return False
# alright, looks like everything checks out
return True
def parse_vars(self):
body = self.jabber_msg.getBody()
assert(body[0:0+5] == "?OTR:")
assert(body[-1] == ".")
payload = body[5:-1]
bytes = self.payload_to_bytes(payload)
byte_reader = ByteStreamReader(bytes)
parsed_vars = byte_reader.parse_format(self.vars)
self.__dict__.update(parsed_vars)
if not byte_reader.consumed_all():
raise Exception('Invalid message format: not all bytes consumed')
if self.protocol_version != list(OtrConstants["version_2_bytes"]):
raise Exception('Invalid protocol version: %s' % str(self.protocol_version))
if self.message_type != self.code:
raise Exception('Invalid message type: expected %s, got %s' % (self.code, self.message_type))
def load_dsa_key(self):
assert self.can_replay('dsa_public_key')
assert self.can_replay('dsa_private_key')
key = self.data['dsa_public_key']
priv_key = self.data['dsa_private_key']
key_reader = ByteStreamReader(key)
p = _OT.mpi_to_int(key_reader.get_mpi())
q = _OT.mpi_to_int(key_reader.get_mpi())
g = _OT.mpi_to_int(key_reader.get_mpi())
y = _OT.mpi_to_int(key_reader.get_mpi())
assert (key_reader.consumed_all())
priv_key_reader = ByteStreamReader(priv_key)
x = _OT.mpi_to_int(priv_key_reader.get_mpi())
assert (priv_key_reader.consumed_all())
return DSA.construct((y,g,p,q,x))
