def verifyMsgSign(self, msg, sign, session):
"如果验证成功则发送成功消息,否则发送验证失败并关闭该线程"
_cfg = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfg.GetKeyPath())
if _rsa.VerifyByPubkey(msg, sign, session.peername) == False:
msghead = self.packetMsg(MagicNum.MsgTypec.IDENTITYVERIFYFAILED, 0)
NetSocketFun.NetSocketSend(session.sockfd, msghead)
session.stop()
showmsg = "签名验证失败"
else:
#生成自己的会话密钥
from CryptoAlgorithms import HashBySha1
_hbs = HashBySha1.HashBySha1()
session.sessionkey = _hbs.GetHash(
str(session.dhkey.getKey(string.atol(msg))),
MagicNum.HashBySha1c.HEXADECIMAL)
if session.threadtype == CommonData.ThreadType.CONNECTAP:
msghead = self.packetMsg(MagicNum.MsgTypec.AUDITDHGENERATE, 0)
else:
msghead = self.packetMsg(
MagicNum.MsgTypec.AUDITRETURNDHGENERATE, 0)
NetSocketFun.NetSocketSend(session.sockfd, msghead)
showmsg = "生成会话密钥:" + session.sessionkey
self.sendViewMsg(CommonData.ViewPublisherc.MAINFRAME_APPENDTEXT,
showmsg, True)
def packMsgBody(self, fddata):
"将会话密钥与A组参数用公钥加密,将采样hash用私钥加密(签名)"
if fddata.GetData("threadtype") == CommonData.ThreadType.CONNECTAP:
_agroup = self.APgetAgroupHashAndParam(fddata)
elif fddata.GetData("threadtype") == CommonData.ThreadType.ACCETPNO:
_agroup = self.NOgetAgroupHashAndParam(fddata)
self.deltempFile(fddata)
_cfd = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfd.GetKeyPath())
msglist = (str(fddata.GetData("fddatakey")), ) + _agroup[0]
_plaintext = NetSocketFun.NetPackMsgBody(msglist)
_pubkeyMsg = _rsa.EncryptByPubkey(_plaintext.encode("ascii"),
fddata.GetData("peername"))
_hbs = HashBySha1.HashBySha1()
_sign = _rsa.SignByPrikey(
_hbs.GetHash(_agroup[1].encode("ascii"),
MagicNum.HashBySha1c.HEXADECIMAL))
msglist = [_pubkeyMsg, _sign, _agroup[1].encode("ascii")]
_msgbody = NetSocketFun.NetPackMsgBody(msglist)
showmsg = "发送采样结果:\n(1)A组参数:\n(帧总数,分组参数,帧间隔位数,混沌初值,分支参数)\n(".decode("utf8") + \
",".join(_agroup[0]) + ")\n(2)A组采样:".decode("utf8") + \
CommonData.MsgHandlec.SHOWPADDING.join(NetSocketFun.NetUnPackMsgBody(_agroup[1])) \
+ "\n(3)A组采样签名:".decode("utf8") + _sign
showmsg += "\nCP用AP的公钥加密采样参数A"
showmsg += "\nCP用其私钥加密比特串承诺值"
showmsg += "\nCP发送加密的A组参数和加密的比特串承诺值,以及公钥加密TID发送给AP"
showmsg += "\n等待文件验证..."
self.sendViewMsg(CommonData.ViewPublisherc.MAINFRAME_APPENDTEXT,
showmsg, True)
return _msgbody
def verifyMsgSign(self, msg, sign, fddata, th):
"如果验证成功则发送成功消息,否则发送验证失败并关闭该线程"
_cfg = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfg.GetKeyPath())
if _rsa.VerifyByPubkey(msg, sign, fddata.GetData("peername")) == False:
msghead = self.packetMsg(MagicNum.MsgTypec.IDENTITYVERIFYFAILED, 0)
fddata.SetData("outdata", msghead)
th.ModifyInToOut(fddata.GetData("sockfd"))
showmsg = "签名验证失败"
else:
#生成自己的会话密钥
from CryptoAlgorithms import HashBySha1
_hbs = HashBySha1.HashBySha1()
fddata.SetData(
"fddatakey",
_hbs.GetHash(
str(fddata.GetData("dhkey").getKey(string.atol(msg))),
MagicNum.HashBySha1c.HEXADECIMAL))
if fddata.GetData("threadtype") == CommonData.ThreadType.CONNECTAP:
msghead = self.packetMsg(MagicNum.MsgTypec.AUDITDHGENERATE, 0)
else:
msghead = self.packetMsg(
MagicNum.MsgTypec.AUDITRETURNDHGENERATE, 0)
fddata.SetData("outdata", msghead)
th.ModifyInToOut(fddata.GetData("sockfd"))
showmsg = "生成会话密钥:" + fddata.GetData("fddatakey")
self.sendViewMsg(CommonData.ViewPublisherc.MAINFRAME_APPENDTEXT,
showmsg, True)
def verifyMsgSign(self, msg, sign, fddata, th):
"如果验证成功则发送公钥,否则发送验证失败并关闭该线程"
_cfg = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfg.GetKeyPath())
if self.verify(_rsa, msg[0], sign[0], fddata) == False or self.verify(
_rsa, msg[1], sign[1], fddata) == False:
msghead = self.packetMsg(MagicNum.MsgTypec.IDENTITYVERIFYFAILED, 0)
fddata.SetData("outdata", msghead)
th.ModifyInToOut(fddata.GetData("sockfd"))
else:
#生成自己的会话密钥
_dhkey = DiffieHellman.DiffieHellman(string.atol(msg[0]))
from CryptoAlgorithms import HashBySha1
_hbs = HashBySha1.HashBySha1()
fddata.SetData(
"fddatakey",
_hbs.GetHash(str(_dhkey.getKey(string.atol(msg[1]))),
MagicNum.HashBySha1c.HEXADECIMAL))
_dhpubkey = str(_dhkey.getPubkey())
msglist = [_dhpubkey, _rsa.SignByPrikey(_dhpubkey)]
msgbody = NetSocketFun.NetPackMsgBody(msglist)
msghead = self.packetMsg(MagicNum.MsgTypec.SENDDHPUBKEY,
len(msgbody))
fddata.SetData("outdata", msghead + msgbody)
th.ModifyInToOut(fddata.GetData("sockfd"))
def getDhpAndga(self,session):
"获取迪菲赫尔慢公钥和大素数"
p = DiffieHellman.GetBigPrime()
session.dhkey = DiffieHellman.DiffieHellman(p)
_cfg = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfg.GetKeyPath())
_dhpubkey = str(session.dhkey.getPubkey())
return str(p) , _dhpubkey ,_rsa.SignByPrikey(str(p)),_rsa.SignByPrikey(_dhpubkey)
def getDhpAndga(self, fddata):
"获取迪菲赫尔慢公钥和大素数"
p = DiffieHellman.GetBigPrime()
fddata.SetData("dhkey", DiffieHellman.DiffieHellman(p))
_cfg = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfg.GetKeyPath())
_dhpubkey = str(fddata.GetData("dhkey").getPubkey())
return str(p), _dhpubkey, _rsa.SignByPrikey(
str(p)), _rsa.SignByPrikey(_dhpubkey)
def verifySignleSign(self, sampling, sign, session):
"验证C组特征提取是否符合收到的C组签名"
_cfd = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfd.GetKeyPath())
_hbs = HashBySha1.HashBySha1()
return _rsa.VerifyByPubkey(
_hbs.GetHash(sampling.encode("ascii"),
MagicNum.HashBySha1c.HEXADECIMAL), sign,
session.peername)
def handleDhkeyAndCgroupParam(self, msglist, session):
"验证接收到的会话密钥是否相同,如果相同则获取C组参数和hash"
_cfd = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfd.GetKeyPath())
_plaintext = _rsa.DecryptByPrikey(msglist[0])
_plist = NetSocketFun.NetUnPackMsgBody(_plaintext)
if session.sessionkey == _plist[0]:
self.__cparam = _plist[1:]
self.__csign = msglist[1]
self.__chash = msglist[2]
return True
else:
showmsg = "会话密钥验证失败:会话密钥:" + session.sessionkey
self.sendViewMsg(CommonData.ViewPublisherc.MAINFRAME_APPENDTEXT,
showmsg, True)
return False
def packMsgBody(self, session):
"将会话密钥与A组参数用公钥加密,将特征提取hash用私钥加密(签名)"
if session.threadtype == CommonData.ThreadType.CONNECTAP:
_agroup = self.APgetAgroupHashAndParam(session)
elif session.threadtype == CommonData.ThreadType.ACCETPNO:
_agroup = self.NOgetAgroupHashAndParam(session)
import os
_dir = session.filename
_meidaPath = self.__mediapath + "/auditserver/" + _dir[-_dir[::-1].
index("/"):]
filesize = float(os.path.getsize(_meidaPath)) / (1024 * 1024)
showmsg = "特征提取完成:\n(1)I帧总数:" + self.getFrameNum(_dir[-_dir[::-1].index("/"):]) + \
"\n(2)文件大小(MB):" + str(filesize)
self.sendViewMsg(CommonData.ViewPublisherc.MAINFRAME_APPENDTEXT,
showmsg, True)
self.deltempFile(session)
_cfd = ConfigData.ConfigData()
_rsa = Rsa.Rsa(_cfd.GetKeyPath())
msglist = (str(session.sessionkey), ) + _agroup[0]
_plaintext = NetSocketFun.NetPackMsgBody(msglist)
_pubkeyMsg = _rsa.EncryptByPubkey(_plaintext.encode("ascii"),
session.peername)
_hbs = HashBySha1.HashBySha1()
_sign = _rsa.SignByPrikey(
_hbs.GetHash(_agroup[1].encode("ascii"),
MagicNum.HashBySha1c.HEXADECIMAL))
msglist = [_pubkeyMsg, _sign, _agroup[1].encode("ascii")]
_msgbody = NetSocketFun.NetPackMsgBody(msglist)
showmsg = "发送特征提取结果:\n(1)A组参数:\n(帧总数,分组参数,帧间隔位数,混沌初值,分支参数)\n(".decode("utf8") + \
",".join(_agroup[0]) + ")\n(2)A组特征提取:".decode("utf8") + \
CommonData.MsgHandlec.SHOWPADDING.join(NetSocketFun.NetUnPackMsgBody(_agroup[1])) \
+ "\n(3)A组特征提取签名:".decode("utf8") + _sign
showmsg += "\nCP用AP的公钥加密特征提取参数A"
showmsg += "\nCP用其私钥加密比特串承诺值"
showmsg += "\nCP发送加密的A组参数和加密的比特串承诺值,以及公钥加密TID发送给AP"
showmsg += "\n等待文件验证..."
self.sendViewMsg(CommonData.ViewPublisherc.MAINFRAME_APPENDTEXT,
showmsg, True)
return _msgbody