def _decryptResponse(self, encryptedResponse, resolverCert, clientNonce):
resolverMagic = encryptedResponse[:8]
if resolverMagic != self.DNSCRYPT_RESOLVER_MAGIC:
raise Exception("Invalid encrypted response: bad resolver magic")
nonce = encryptedResponse[8:32]
if nonce[0:int(self.DNSCRYPT_NONCE_SIZE / 2)] != clientNonce:
raise Exception("Invalid encrypted response: bad nonce")
cleartext = libnacl.crypto_box_open(encryptedResponse[32:], nonce,
resolverCert.publicKey,
self._privateKey)
cleartextBytes = bytes(cleartext)
idx = len(cleartextBytes) - 1
while idx > 0:
if cleartextBytes[idx] != 0:
break
idx -= 1
if idx == 0 or cleartextBytes[idx] != 128:
raise Exception("Invalid encrypted response: invalid padding")
idx -= 1
paddingLen = len(cleartextBytes) - idx
return cleartext[:idx + 1]
def decrypt(pk, offer):
my_private = b64decode(pk)
her_public = b64decode(offer['pk'][0])
msg = libnacl.crypto_box_open(b64decode(offer['message'][0]),
b64decode(offer['n'][0]), her_public,
my_private)
return json.loads(msg)
def test_box(self):
msg = b'Are you suggesting coconuts migrate?'
# run 1
nonce1 = libnacl.utils.rand_nonce()
pk1, sk1 = libnacl.crypto_box_keypair()
pk2, sk2 = libnacl.crypto_box_keypair()
enc_msg = libnacl.crypto_box(msg, nonce1, pk2, sk1)
self.assertNotEqual(msg, enc_msg)
clear_msg = libnacl.crypto_box_open(enc_msg, nonce1, pk1, sk2)
self.assertEqual(clear_msg, msg)
# run 2
nonce2 = libnacl.utils.rand_nonce()
pk3, sk3 = libnacl.crypto_box_keypair()
pk4, sk4 = libnacl.crypto_box_keypair()
enc_msg2 = libnacl.crypto_box(msg, nonce2, pk4, sk3)
self.assertNotEqual(msg, enc_msg2)
clear_msg2 = libnacl.crypto_box_open(enc_msg2, nonce2, pk3, sk4)
self.assertEqual(clear_msg2, msg)
# Check bits
self.assertNotEqual(nonce1, nonce2)
self.assertNotEqual(enc_msg, enc_msg2)
def decrypt(self, s):
"""Decrypt a secrets structure ``s`` with our private key."""
key = None
nonce = binascii.a2b_base64(s['nonce'])
sender = binascii.a2b_base64(s['sender'])
secret = s['keys'].get(self.publicKeyBase64)
if secret is None:
print repr(self.publicKeyBase64), 'not in', s['keys'].keys()
raise ValueError('This node is not in the list of recipients')
box = binascii.a2b_base64(secret)
key = libnacl.crypto_box_open(box, nonce, sender, self.privateKey)
box = binascii.a2b_base64(s['secret'])
return libnacl.crypto_secretbox_open(box, nonce, key)
def test_010_hello_packet(self):
""" Verify that the hello packet is properly build. """
data = self.crypt.crypto_hello()
identifier, = struct.unpack("<8s", data[:8])
self.assertEqual(identifier.decode('ascii'), "oqQN2kaH")
clientshorttermpk, = struct.unpack("<32s", data[8:40])
self.assertEqual(clientshorttermpk, self.crypt.clientshorttermpk)
allzero, = struct.unpack("<64s", data[40:104])
self.assertEqual(allzero, bytearray(64))
nonce, = struct.unpack("<Q", data[104:112])
self.assertEqual(nonce, self.crypt.nonce)
self.assertTrue(nonce % 2 == 1)
nonceexpanded = struct.pack("<16sQ", b"splonebox-client", nonce)
clear_msg = libnacl.crypto_box_open(data[112:], nonceexpanded,
self.crypt.clientshorttermpk,
self.serverlongtermsk)
self.assertEqual(clear_msg, bytearray(64))
def _decryptResponse(self, encryptedResponse, resolverCert, clientNonce):
resolverMagic = encryptedResponse[:8]
if resolverMagic != self.DNSCRYPT_RESOLVER_MAGIC:
raise Exception("Invalid encrypted response: bad resolver magic")
nonce = encryptedResponse[8:32]
if nonce[0:self.DNSCRYPT_NONCE_SIZE / 2] != clientNonce:
raise Exception("Invalid encrypted response: bad nonce")
cleartext = libnacl.crypto_box_open(encryptedResponse[32:], nonce, resolverCert.publicKey, self._privateKey)
idx = len(cleartext) - 1
while idx > 0:
if cleartext[idx] != '\x00':
break
idx -= 1
if idx == 0 or cleartext[idx] != '\x80':
raise Exception("Invalid encrypted response: invalid padding")
idx -= 1
paddingLen = len(cleartext) - idx
return cleartext[:idx+1]
def pubkey_decrypt(self,data,nonce,pk,sk):
return libnacl.crypto_box_open(data,nonce,pk,sk)
def pubkey_decrypt(self, data, nonce, pk, sk):
return libnacl.crypto_box_open(data, nonce, pk, sk)
def test_crypto_init_functional(self):
# generate hello packet
data = self.crypt.crypto_hello()
# extract key and generate cookie response
extracted_key, = struct.unpack("<32s", data[8:40])
identifier = struct.pack("<8s", b"rZQTd2nC")
nonce = libnacl.randombytes(16)
nonce_expanded = struct.pack("<8s16s", b"splonePK", nonce)
cookie = libnacl.randombytes(96)
payload = b''.join([self.servershorttermpk, cookie])
box = libnacl.crypto_box(payload, nonce_expanded,
extracted_key,
self.serverlongtermsk)
data = b''.join([identifier, nonce, box])
# generate initiate-packet from cookiepacket
self.crypt.crypto_initiate(data)
# test if the crypto is able to decrypt a server message
identifier = struct.pack("<8s", b"rZQTd2nM")
server_nonce = self.crypt.crypto_random_mod(281474976710656)
server_nonce += 0 if server_nonce % 2 == 0 else 1
nonce_expanded = struct.pack("<16sQ", b"splonebox-server",
server_nonce)
payload = libnacl.randombytes(96)
length = struct.pack("<Q", 56 + len(payload))
length_boxed = libnacl.crypto_box(length, nonce_expanded,
extracted_key,
self.servershorttermsk)
server_nonce += 2
nonce_expanded = struct.pack("<16sQ", b"splonebox-server",
server_nonce)
box = libnacl.crypto_box(payload, nonce_expanded,
extracted_key,
self.servershorttermsk)
msg = b"".join([identifier, struct.pack("<Q", server_nonce - 2),
length_boxed, box])
extr = self.crypt.crypto_read(msg)
self.assertEqual(extr, payload)
# test if the crypto is able to encrypt a message properly
payload = libnacl.randombytes(96)
data = self.crypt.crypto_write(payload)
identifier, = struct.unpack("<8s", data[:8])
nonce, = struct.unpack("<Q", data[8:16])
nonceexpanded = struct.pack("<16sQ", b"splonebox-client", nonce)
length = libnacl.crypto_box_open(data[16:40], nonceexpanded,
self.crypt.clientshorttermpk,
self.servershorttermsk)
nonceexpanded = struct.pack("<16sQ", b"splonebox-client", nonce+2)
plaintext = libnacl.crypto_box_open(data[40:],
nonceexpanded,
self.crypt.clientshorttermpk,
self.servershorttermsk)
self.assertEqual(plaintext, payload)