def main(self): kpikeys = self.kpikeys users = [] while 1: while not self.dataReady("userevent"): yield 1 userid = self.recv("userevent") #to avoid duplicate entries try: users.index(userid) except ValueError: users.append(userid) users.sort() #obtain common keys idkeymap = kpikeys.getCommonKeys(users) sessionKey = self.getSessionKey() #notify the session key self.send(sessionKey, "notifykey") #encrypt the session key with common keys for ID, key in idkeymap.iteritems(): #packet structure - 8 bytes of ID and #16 bytes of encrypted session key idstr = struct.pack("!2L", 0, ID) cipher = xtea.xtea_encrypt(key, sessionKey[:8]) cipher = cipher + xtea.xtea_encrypt(key, sessionKey[8:16]) data = idstr + cipher self.send(data, "outbox") yield 1
def main(self): kpidb = self.kpidb while not self.dataReady("inbox"): yield 1 data = self.recv("inbox") #got userid padding, userid = struct.unpack( '!2L', xtea.xtea_decrypt(kpidb.getRootKey(), data)) #check if the user is valid if kpidb.isValidUser(userid) == False: #print "Invalid UserID" # todo shutdown return #generate a random number and encrypt it with user's key challenge = random.getrandbits(32) temp = struct.pack('!2L', 0, challenge) #look up user key from key database userkey = kpidb.getKPIKeys().getKey(userid) data = xtea.xtea_encrypt(userkey, temp) #print data, challenge, userkey self.send(data, "outbox") yield 1 while not self.dataReady("inbox"): yield 1 #got response to challenge data = self.recv("inbox") temp = xtea.xtea_decrypt(userkey, data) padding, response = struct.unpack('!2L', temp) #validate response if response == challenge + 1: self.send("SUCCESS", "outbox") yield 1 else: #print "authenication failure" return # shutdown #got OK ack while not self.dataReady("inbox"): yield 1 data = self.recv("inbox") if data == "OK": #print "received ack from client" pass else: return #shutdown #notify new user self.send(userid, "notifyuser") #subscribe to DataManagement backplane subscriber = subscribeTo("DataManagement") #make authenticator passthrough the data from DataManagement backplane self.link((subscriber, "outbox"), (self, "outbox"), passthrough=2) subscriber.activate() yield 1 while 1: yield 1
def main(self): blocksize = 8 #the format string used for padding fmtstr = '!'+ str(blocksize) +'s' #MAGIC_STRING indicates that its preceding block is not padded MAGIC_STRING = blocksize * chr(0x80) while 1: yield 1 if self.dataReady("keyevent"): self.key = self.recv("keyevent") #print "key recieved at the encryptor",self.key if self.dataReady("inbox"): data = self.recv("inbox") #drop the data until key is available if self.key == "\0": continue enc = '' i = 0 #do padding if less than block size #Pad with 0x80 followed by zero (null) bytes datalen = len(data) #if the data contains more than one block if datalen > blocksize: #encrypt all the blocks, there is no need for padding for i in range(0, datalen-blocksize, blocksize): block = data[i:i+blocksize] enc = enc + xtea.xtea_encrypt(self.key,block) i = i + blocksize #get the last block block = data[i:datalen] if len(block) == blocksize: enc = enc + xtea.xtea_encrypt(self.key,block) #if the last block contains 0x80 then add MAGIC_STRING #to avoid ambiguity if block.find(chr(0x80)) != -1: enc = enc + xtea.xtea_encrypt(self.key,MAGIC_STRING) else: #pad with 0x80 followed null bytes block = struct.pack(fmtstr, block + chr(0x80)) enc = enc + xtea.xtea_encrypt(self.key,block) self.send(enc, "outbox")
def main(self): kpidb = self.kpidb while not self.dataReady("inbox"): yield 1 data = self.recv("inbox") #got userid padding,userid = struct.unpack('!2L', xtea.xtea_decrypt(kpidb.getRootKey(),data)) #check if the user is valid if kpidb.isValidUser(userid) == False: #print "Invalid UserID" # todo shutdown return #generate a random number and encrypt it with user's key challenge = random.getrandbits(32) temp = struct.pack('!2L',0, challenge) #look up user key from key database userkey = kpidb.getKPIKeys().getKey(userid) data = xtea.xtea_encrypt(userkey, temp) #print data, challenge, userkey self.send(data, "outbox") yield 1 while not self.dataReady("inbox"): yield 1 #got response to challenge data = self.recv("inbox") temp = xtea.xtea_decrypt(userkey,data) padding, response = struct.unpack('!2L', temp) #validate response if response == challenge + 1: self.send("SUCCESS", "outbox") yield 1 else: #print "authenication failure" return # shutdown #got OK ack while not self.dataReady("inbox"): yield 1 data = self.recv("inbox") if data == "OK": #print "received ack from client" pass else: return #shutdown #notify new user self.send(userid, "notifyuser") #subscribe to DataManagement backplane subscriber = subscribeTo("DataManagement") #make authenticator passthrough the data from DataManagement backplane self.link( (subscriber, "outbox"), (self, "outbox"), passthrough=2) subscriber.activate() yield 1 while 1: yield 1
def main(self): #encrypt user id with root key userid = self.kpiuser.getID() data = xtea.xtea_encrypt(self.kpiuser.getRootKey(), struct.pack('!2L',0, userid)) self.send(data, "outbox") yield 1 while not self.dataReady("inbox"): yield 1 data = self.recv("inbox") #receive challenge temp = xtea.xtea_decrypt(self.kpiuser.getUserKey(), data) padding, challenge = struct.unpack('!2L',temp) response = challenge+1 #sending response encrypted with my key data = xtea.xtea_encrypt(self.kpiuser.getUserKey(), struct.pack('!2L',0, response)) self.send(data, "outbox") yield 1 while not self.dataReady("inbox"): yield 1 data = self.recv("inbox") if data == "SUCCESS": #print "authentication success" pass else: #print "authenication failure" return #shutdown #Send OK ack to authenticator self.send("OK", "outbox") yield 1 #decode data #the depacketizer has to modes #reading header or reading body buffer = '' KEY = 0x20 DATA = 0x30 READ_HEADER = 1 READ_BODY = 2 HEADER_LEN = 8 mode = READ_HEADER HEADER_SIZE = 8 while 1: while self.dataReady("inbox"): data = self.recv("inbox") buffer = buffer + data if mode == READ_HEADER : if len(buffer) >= HEADER_SIZE: mode = READ_BODY header = buffer[:HEADER_SIZE] packetType, data2read = struct.unpack("!2L", header) #Bug fix - previously was reading less #data from buffer -> body = buffer[HEADER_SIZE:data2read] #this caused the client to be slower in receiving data body = buffer[HEADER_SIZE:HEADER_SIZE+data2read] #read the body if data2read <= len(body): mode = READ_HEADER if packetType == KEY: #key packet structure #8 bytes - key ID with which session key was encrypted #16 bytes of encrypted session key padding,ID = struct.unpack("!2L", body[:8]) try: key = self.kpiuser.getKey(ID) #i have the key for the ID enckey = body[8:data2read] part1 = xtea.xtea_decrypt(key, enckey[:8]) part2 = xtea.xtea_decrypt(key, enckey[8:16]) sessionkey = part1 + part2 self.send(sessionkey, "notifykey") except KeyError: pass #the key is not for me elif packetType == DATA: #print "decoded data", body self.send(body, "encout") # remove the header + data read buffer = buffer[(data2read+HEADER_SIZE):len(buffer)] else: #remove header buffer = buffer[HEADER_SIZE:len(buffer)] elif mode == READ_BODY: body = buffer[:data2read] #data2read = data2read - len(buffer) #read all the data if data2read <= len(body): mode = READ_HEADER if packetType == KEY: #key packet structure #8 bytes - key ID with which session key was encrypted #16 bytes of encrypted session key padding,ID = struct.unpack("!2L", body[:8]) try: key = self.kpiuser.getKey(ID) enckey = body[8:data2read] part1 = xtea.xtea_decrypt(key, enckey[:8]) part2 = xtea.xtea_decrypt(key, enckey[8:16]) sessionkey = part1 + part2 self.send(sessionkey, "notifykey") except KeyError: pass #the key is not for me elif packetType == DATA: self.send(body, "encout") # remove the data read buffer = buffer[data2read:len(buffer)] yield 1