def _generate_verifier(ident, password, salt):
""" Generate an SRP verifier from these log informations. """
logs = ident + ":" + password
logs_hash = sha1(logs.encode("ascii"))
x_content = salt + logs_hash
x_bytes = sha1(x_content)
x_int = int.from_bytes(x_bytes, "little")
verifier = pow(Srp.GENERATOR, x_int, Srp.MODULUS)
return verifier
def _generate_verifier(ident, password, salt):
""" Generate an SRP verifier from these log informations. """
logs = ident + ":" + password
logs_hash = sha1(logs.encode("ascii"))
x_content = salt + logs_hash
x_bytes = sha1(x_content)
x_int = int.from_bytes(x_bytes, "little")
verifier = pow(Srp.GENERATOR, x_int, Srp.MODULUS)
return verifier
def _generate_server_hash(self):
auth_seed = self.conn.shared_data["auth_seed"]
del self.conn.shared_data["auth_seed"]
to_hash = (self.account_name.encode("ascii") + bytes(4) +
int.to_bytes(self.client_seed, 4, "little") +
int.to_bytes(auth_seed, 4, "little") + self.session_key)
self.server_hash = sha1(to_hash)
def generate_client_proof(self, client_ephemeral, account):
assert self.server_ephemeral
assert self.session_key
modulus_bytes = int.to_bytes(Srp.MODULUS, 32, "little").rstrip(b"\x00")
modulus_hash = sha1(modulus_bytes)
gen_bytes = int.to_bytes(Srp.GENERATOR, 32, "little").rstrip(b"\x00")
gen_hash = sha1(gen_bytes)
xor_hash = b""
for m_byte, g_byte in zip(modulus_hash, gen_hash):
xor_hash += int.to_bytes(m_byte ^ g_byte, 1, "little")
client_eph = int.to_bytes(client_ephemeral, 32, "little")
server_eph = int.to_bytes(self.server_ephemeral, 32, "little")
to_hash = (xor_hash + sha1(account.name.encode("ascii")) +
account.srp_salt_as_bytes + client_eph + server_eph +
self.session_key)
self.client_proof = sha1(to_hash)
def generate_client_proof(self, client_ephemeral, account):
assert self.server_ephemeral
assert self.session_key
modulus_bytes = int.to_bytes(Srp.MODULUS, 32, "little").rstrip(b"\x00")
modulus_hash = sha1(modulus_bytes)
gen_bytes = int.to_bytes(Srp.GENERATOR, 32, "little").rstrip(b"\x00")
gen_hash = sha1(gen_bytes)
xor_hash = b""
for m_byte, g_byte in zip(modulus_hash, gen_hash):
xor_hash += int.to_bytes(m_byte^g_byte, 1, "little")
client_eph = int.to_bytes(client_ephemeral, 32, "little")
server_eph = int.to_bytes(self.server_ephemeral, 32, "little")
to_hash = ( xor_hash + sha1(account.name.encode("ascii")) +
account.srp_salt_as_bytes +
client_eph + server_eph + self.session_key )
self.client_proof = sha1(to_hash)
def _generate_server_hash(self):
auth_seed = self.conn.shared_data["auth_seed"]
del self.conn.shared_data["auth_seed"]
to_hash = ( self.account_name.encode("ascii") +
bytes(4) +
int.to_bytes(self.client_seed, 4, "little") +
int.to_bytes(auth_seed, 4, "little") +
self.session_key )
self.server_hash = sha1(to_hash)
def _generate_local_proof(self):
account_name = self.conn.account.name
session = AccountSessionManager.get_session(account_name)
if session is None:
LOG.warning("Reconnection proof: account wasn't logged in!")
return
challenge = self.conn.recon_challenge
to_hash = ( account_name.encode("ascii") + self.proof_data +
challenge + session.session_key_as_bytes )
self.local_proof = sha1(to_hash)
def _generate_local_proof(self):
account_name = self.conn.account.name
session = AccountSessionManager.get_session(account_name)
if session is None:
LOG.warning("Reconnection proof: account wasn't logged in!")
return
challenge = self.conn.recon_challenge
to_hash = (account_name.encode("ascii") + self.proof_data + challenge +
session.session_key_as_bytes)
self.local_proof = sha1(to_hash)
def generate_server_proof(self, client_ephemeral):
assert self.session_key
assert self.client_proof
client_eph = int.to_bytes(client_ephemeral, 32, "little")
to_hash = client_eph + self.client_proof + self.session_key
self.server_proof = sha1(to_hash)
def _scramble_a_b(big_int_a, big_int_b):
a_bytes = int.to_bytes(big_int_a, 32, "little")
b_bytes = int.to_bytes(big_int_b, 32, "little")
scramble_hash = sha1(a_bytes + b_bytes)
scramble = int.from_bytes(scramble_hash, "little")
return scramble
def generate_server_proof(self, client_ephemeral):
assert self.session_key
assert self.client_proof
client_eph = int.to_bytes(client_ephemeral, 32, "little")
to_hash = client_eph + self.client_proof + self.session_key
self.server_proof = sha1(to_hash)
def _scramble_a_b(big_int_a, big_int_b):
a_bytes = int.to_bytes(big_int_a, 32, "little")
b_bytes = int.to_bytes(big_int_b, 32, "little")
scramble_hash = sha1(a_bytes + b_bytes)
scramble = int.from_bytes(scramble_hash, "little")
return scramble