示例#1
0
    def authTokenValidation(self, **kwargs):
        """Server Side LogIn Validation
        Receives a token signed by the user and validate it
        Security: Message from user ciphered with Server Public Key
        Session Management: Create a Session Key with DiffieHellman
        """
        message = ast.literal_eval(kwargs['message'])
        tokenSigned = ast.literal_eval(kwargs['token'])
        # Decipher the Message with Server Private Key
        receivedData = dm.decryptMessageReceived(message['data'].decode('hex'))
        receivedToken = dm.decryptMessageReceived(
            tokenSigned['data'].decode('hex'))
        """ ----------------- PAM -------------------- """
        user = receivedData['userID']
        auth = False
        path = DBmodule.getPubKeyPath()
        myPam = pam.pam_module(user)
        token = um.getUserToken(user).encode('base64')
        signed = receivedToken['token']
        if DBmodule.db_getLogIn(receivedData['userID'],
                                receivedData['password']) == 1:
            match = "Gambiarra"
        else:
            match = "Menos Gambiarra"

        myPam.setItems(path, token, signed, match)
        try:
            myPam.auth.authenticate()
        except PAM.error, resp:
            print 'Go away! (%s)' % resp
示例#2
0
 def logInUser(self, **kwargs):
     """Server Side logIn User
     User sends his username (Unique Identifier) and his password
     Security: Message from user ciphered with Server Public Key
     Session Management: Create a Public Key with DiffieHellman"""
     # Decipher the Message with Server Private Key
     receivedData = dm.decryptMessageReceived(kwargs['data'].decode('hex'))
     print receivedData['userID']
     # Verify if the user exists and has finished the regist process
     if DBmodule.db_registAuthenticate(receivedData['userID']) and \
         DBmodule.db_getLogIn(receivedData['userID'], receivedData['password']) == 1:
         # Create Session
         print receivedData['userID']
         print receivedData['password']
         serverSession = DiffieHellman.DiffieHellman()
         # Create challenge
         token = os.urandom(20)
         um.addSession(receivedData['userID'], serverSession, token)
         # Send to client the Token and the session public key
         tf = tempfile.NamedTemporaryFile(delete=True)
         pub_key = DBmodule.db_getUserPubKey(
             DBmodule.db_getUserID(receivedData['userID'])).decode('hex')
         security.encrypt_RSA(security.importkey_RSA(pub_key), token, tf)
         messageToSend = {
             'token': tf.read().encode('hex'),
             'session': serverSession.publicKey
         }
         return json.dumps(messageToSend)
     elif DBmodule.db_registNotAuthenticate(receivedData['userID']):
         return "REGIST_AGAIN"
     else:
         return "ERROR"