Пример #1
0
    def make_identity(self, form, dh_i):
        if self.negotiated['send_pubkey']:
            if self.negotiated['sign_algs'] == (XmlDsig + 'rsa-sha256'):
                pubkey = secrets.secrets().my_pubkey(self.conn.name)
                fields = (pubkey.n, pubkey.e)

                cb_fields = [
                    base64.b64encode(crypto.encode_mpi(f)) for f in fields
                ]

                pubkey_s = b'<RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#"'
                '><Modulus>%s</Modulus><Exponent>%s</Exponent></RSAKeyValue>' % \
                    tuple(cb_fields)
        else:
            pubkey_s = b''

        form_s2 = ''.join(nbxmpp.c14n.c14n(el, self._is_buggy_gajim()) for el \
            in form.getChildren())

        old_c_s = self.c_s
        content = self.n_o + self.n_s + crypto.encode_mpi(dh_i) + pubkey_s + \
            self.form_s.encode('utf-8') + form_s2.encode('utf-8')

        mac_s = self.hmac(self.ks_s, content)

        if self.negotiated['send_pubkey']:
            signature = self.sign(mac_s)

            sign_s = '<SignatureValue xmlns="http://www.w3.org/2000/09/xmldsig#">'
            '%s</SignatureValue>' % base64.b64encode(signature)

            if self.negotiated['send_pubkey'] == 'hash':
                b64ed = base64.b64encode(self.hash(pubkey_s))
                pubkey_s = '<fingerprint>%s</fingerprint>' % b64ed

            id_s = self.encrypt(pubkey_s + sign_s)
        else:
            id_s = self.encrypt(mac_s)

        m_s = self.hmac(self.km_s, crypto.encode_mpi(old_c_s) + id_s)

        if self.status == 'requested-e2e' and self.sas_algs == 'sas28x5':
            # we're alice; check for a retained secret
            # if none exists, prompt the user with the SAS
            self.sas = crypto.sas_28x5(m_s, self.form_o.encode('utf-8'))

            if self.sigmai:
                # FIXME save retained secret?
                self.check_identity(tuple)

        return (nbxmpp.DataField(name='identity',
                                 value=base64.b64encode(id_s).decode('utf-8')),
                nbxmpp.DataField(name='mac',
                                 value=base64.b64encode(m_s).decode('utf-8')))
Пример #2
0
    def make_identity(self, form, dh_i):
        if self.negotiated['send_pubkey']:
            if self.negotiated['sign_algs'] == (XmlDsig + 'rsa-sha256'):
                pubkey = secrets.secrets().my_pubkey(self.conn.name)
                fields = (pubkey.n, pubkey.e)

                cb_fields = [base64.b64encode(crypto.encode_mpi(f)) for f in
                    fields]

                pubkey_s = b'<RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#"'
                '><Modulus>%s</Modulus><Exponent>%s</Exponent></RSAKeyValue>' % \
                    tuple(cb_fields)
        else:
            pubkey_s = b''

        form_s2 = ''.join(nbxmpp.c14n.c14n(el, self._is_buggy_gajim()) for el \
            in form.getChildren())

        old_c_s = self.c_s
        content = self.n_o + self.n_s + crypto.encode_mpi(dh_i) + pubkey_s + \
            self.form_s.encode('utf-8') + form_s2.encode('utf-8')

        mac_s = self.hmac(self.ks_s, content)

        if self.negotiated['send_pubkey']:
            signature = self.sign(mac_s)

            sign_s = '<SignatureValue xmlns="http://www.w3.org/2000/09/xmldsig#">'
            '%s</SignatureValue>' % base64.b64encode(signature)

            if self.negotiated['send_pubkey'] == 'hash':
                b64ed = base64.b64encode(self.hash(pubkey_s))
                pubkey_s = '<fingerprint>%s</fingerprint>' % b64ed

            id_s = self.encrypt(pubkey_s + sign_s)
        else:
            id_s = self.encrypt(mac_s)

        m_s = self.hmac(self.km_s, crypto.encode_mpi(old_c_s) + id_s)

        if self.status == 'requested-e2e' and self.sas_algs == 'sas28x5':
            # we're alice; check for a retained secret
            # if none exists, prompt the user with the SAS
            self.sas = crypto.sas_28x5(m_s, self.form_o.encode('utf-8'))

            if self.sigmai:
                # FIXME save retained secret?
                self.check_identity(tuple)

        return (nbxmpp.DataField(name='identity',
            value=base64.b64encode(id_s).decode('utf-8')),
            nbxmpp.DataField(name='mac',
            value=base64.b64encode(m_s).decode('utf-8')))
Пример #3
0
    def make_identity(self, form, dh_i):
        if self.negotiated["send_pubkey"]:
            if self.negotiated["sign_algs"] == (XmlDsig + "rsa-sha256"):
                pubkey = secrets.secrets().my_pubkey(self.conn.name)
                fields = (pubkey.n, pubkey.e)

                cb_fields = map(lambda f: base64.b64encode(crypto.encode_mpi(f)), fields)

                pubkey_s = '<RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#"'
                "><Modulus>%s</Modulus><Exponent>%s</Exponent></RSAKeyValue>" % tuple(cb_fields)
        else:
            pubkey_s = ""

        form_s2 = "".join(map(lambda el: xmpp.c14n.c14n(el), form.getChildren()))

        old_c_s = self.c_s
        content = self.n_o + self.n_s + crypto.encode_mpi(dh_i) + pubkey_s + self.form_s + form_s2

        mac_s = self.hmac(self.ks_s, content)

        if self.negotiated["send_pubkey"]:
            signature = self.sign(mac_s)

            sign_s = '<SignatureValue xmlns="http://www.w3.org/2000/09/xmldsig#">'
            "%s</SignatureValue>" % base64.b64encode(signature)

            if self.negotiated["send_pubkey"] == "hash":
                b64ed = base64.b64encode(self.hash(pubkey_s))
                pubkey_s = "<fingerprint>%s</fingerprint>" % b64ed

            id_s = self.encrypt(pubkey_s + sign_s)
        else:
            id_s = self.encrypt(mac_s)

        m_s = self.hmac(self.km_s, crypto.encode_mpi(old_c_s) + id_s)

        if self.status == "requested-e2e" and self.sas_algs == "sas28x5":
            # we're alice; check for a retained secret
            # if none exists, prompt the user with the SAS
            self.sas = crypto.sas_28x5(m_s, self.form_o)

            if self.sigmai:
                # XXX save retained secret?
                self.check_identity(lambda: ())

        return (
            xmpp.DataField(name="identity", value=base64.b64encode(id_s)),
            xmpp.DataField(name="mac", value=base64.b64encode(m_s)),
        )
Пример #4
0
    def verify_identity(self, form, dh_i, sigmai, i_o):
        m_o = base64.b64decode(form['mac'])
        id_o = base64.b64decode(form['identity'])

        m_o_calculated = self.hmac(self.km_o,
                                   crypto.encode_mpi(self.c_o) + id_o)

        if m_o_calculated != m_o:
            raise exceptions.NegotiationError, 'calculated m_%s differs from received m_%s' % (
                i_o, i_o)

        if i_o == 'a' and self.sas_algs == 'sas28x5':
            # we don't need to calculate this if there's a verified retained secret
            # (but we do anyways)
            self.sas = crypto.sas_28x5(m_o, self.form_s)

        if self.negotiated['recv_pubkey']:
            plaintext = self.decrypt(id_o)
            parsed = xmpp.Node(node='<node>' + plaintext + '</node>')

            if self.negotiated['recv_pubkey'] == 'hash':
                fingerprint = parsed.getTagData('fingerprint')

                # XXX find stored pubkey or terminate session
                raise 'unimplemented'
            else:
                if self.negotiated['sign_algs'] == (XmlDsig + 'rsa-sha256'):
                    keyvalue = parsed.getTag(name='RSAKeyValue',
                                             namespace=XmlDsig)

                    n, e = map(
                        lambda x: crypto.decode_mpi(
                            base64.b64decode(keyvalue.getTagData(x))),
                        ('Modulus', 'Exponent'))
                    eir_pubkey = RSA.construct((n, long(e)))

                    pubkey_o = xmpp.c14n.c14n(keyvalue)
                else:
                    # XXX DSA, etc.
                    raise 'unimplemented'

            enc_sig = parsed.getTag(name='SignatureValue',
                                    namespace=XmlDsig).getData()
            signature = (crypto.decode_mpi(base64.b64decode(enc_sig)), )
        else:
            mac_o = self.decrypt(id_o)
            pubkey_o = ''

        c7l_form = self.c7lize_mac_id(form)

        content = self.n_s + self.n_o + crypto.encode_mpi(dh_i) + pubkey_o

        if sigmai:
            self.form_o = c7l_form
            content += self.form_o
        else:
            form_o2 = c7l_form
            content += self.form_o + form_o2

        mac_o_calculated = self.hmac(self.ks_o, content)

        if self.negotiated['recv_pubkey']:
            hash = crypto.sha256(mac_o_calculated)

            if not eir_pubkey.verify(hash, signature):
                raise exceptions.NegotiationError, 'public key signature verification failed!'

        elif mac_o_calculated != mac_o:
            raise exceptions.NegotiationError, 'calculated mac_%s differs from received mac_%s' % (
                i_o, i_o)
Пример #5
0
    def verify_identity(self, form, dh_i, sigmai, i_o):
        m_o = base64.b64decode(form['mac'])
        id_o = base64.b64decode(form['identity'])

        m_o_calculated = self.hmac(self.km_o, crypto.encode_mpi(self.c_o) + id_o)

        if m_o_calculated != m_o:
            raise NegotiationError('calculated m_%s differs from received m_%s' %
                    (i_o, i_o))

        if i_o == 'a' and self.sas_algs == 'sas28x5':
            # we don't need to calculate this if there's a verified retained secret
            # (but we do anyways)
            self.sas = crypto.sas_28x5(m_o, self.form_s)

        if self.negotiated['recv_pubkey']:
            plaintext = self.decrypt(id_o)
            parsed = nbxmpp.Node(node='<node>' + plaintext + '</node>')

            if self.negotiated['recv_pubkey'] == 'hash':
                # fingerprint = parsed.getTagData('fingerprint')
                # FIXME find stored pubkey or terminate session
                raise NotImplementedError()
            else:
                if self.negotiated['sign_algs'] == (XmlDsig + 'rsa-sha256'):
                    keyvalue = parsed.getTag(name='RSAKeyValue', namespace=XmlDsig)

                    n, e = (crypto.decode_mpi(base64.b64decode(
                            keyvalue.getTagData(x))) for x in ('Modulus', 'Exponent'))
                    eir_pubkey = RSA.construct((n, long(e)))

                    pubkey_o = nbxmpp.c14n.c14n(keyvalue, self._is_buggy_gajim())
                else:
                    # FIXME DSA, etc.
                    raise NotImplementedError()

            enc_sig = parsed.getTag(name='SignatureValue',
                    namespace=XmlDsig).getData()
            signature = (crypto.decode_mpi(base64.b64decode(enc_sig)), )
        else:
            mac_o = self.decrypt(id_o)
            pubkey_o = ''

        c7l_form = self.c7lize_mac_id(form)

        content = self.n_s + self.n_o + crypto.encode_mpi(dh_i) + pubkey_o

        if sigmai:
            self.form_o = c7l_form
            content += self.form_o
        else:
            form_o2 = c7l_form
            content += self.form_o + form_o2

        mac_o_calculated = self.hmac(self.ks_o, content)

        if self.negotiated['recv_pubkey']:
            hash_ = crypto.sha256(mac_o_calculated)

            if not eir_pubkey.verify(hash_, signature):
                raise NegotiationError('public key signature verification failed!')

        elif mac_o_calculated != mac_o:
            raise NegotiationError('calculated mac_%s differs from received mac_%s'
                    % (i_o, i_o))
Пример #6
0
    def verify_identity(self, form, dh_i, sigmai, i_o):
        m_o = base64.b64decode(form["mac"])
        id_o = base64.b64decode(form["identity"])

        m_o_calculated = self.hmac(self.km_o, crypto.encode_mpi(self.c_o) + id_o)

        if m_o_calculated != m_o:
            raise exceptions.NegotiationError, "calculated m_%s differs from received m_%s" % (i_o, i_o)

        if i_o == "a" and self.sas_algs == "sas28x5":
            # we don't need to calculate this if there's a verified retained secret
            # (but we do anyways)
            self.sas = crypto.sas_28x5(m_o, self.form_s)

        if self.negotiated["recv_pubkey"]:
            plaintext = self.decrypt(id_o)
            parsed = xmpp.Node(node="<node>" + plaintext + "</node>")

            if self.negotiated["recv_pubkey"] == "hash":
                fingerprint = parsed.getTagData("fingerprint")

                # XXX find stored pubkey or terminate session
                raise "unimplemented"
            else:
                if self.negotiated["sign_algs"] == (XmlDsig + "rsa-sha256"):
                    keyvalue = parsed.getTag(name="RSAKeyValue", namespace=XmlDsig)

                    n, e = map(
                        lambda x: crypto.decode_mpi(base64.b64decode(keyvalue.getTagData(x))), ("Modulus", "Exponent")
                    )
                    eir_pubkey = RSA.construct((n, long(e)))

                    pubkey_o = xmpp.c14n.c14n(keyvalue)
                else:
                    # XXX DSA, etc.
                    raise "unimplemented"

            enc_sig = parsed.getTag(name="SignatureValue", namespace=XmlDsig).getData()
            signature = (crypto.decode_mpi(base64.b64decode(enc_sig)),)
        else:
            mac_o = self.decrypt(id_o)
            pubkey_o = ""

        c7l_form = self.c7lize_mac_id(form)

        content = self.n_s + self.n_o + crypto.encode_mpi(dh_i) + pubkey_o

        if sigmai:
            self.form_o = c7l_form
            content += self.form_o
        else:
            form_o2 = c7l_form
            content += self.form_o + form_o2

        mac_o_calculated = self.hmac(self.ks_o, content)

        if self.negotiated["recv_pubkey"]:
            hash = crypto.sha256(mac_o_calculated)

            if not eir_pubkey.verify(hash, signature):
                raise exceptions.NegotiationError, "public key signature verification failed!"

        elif mac_o_calculated != mac_o:
            raise exceptions.NegotiationError, "calculated mac_%s differs from received mac_%s" % (i_o, i_o)