def data_received(self, data): self.deserializer.update(data) for packet in self.deserializer.nextPackets(): if isinstance(packet, PlsHello): self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[0]))) self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[1]))) self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[2]))) print("\nReceived Server Hello. Trying to verify issuer...") if self.validate(self.incoming_cert): self.m.update(packet.__serialize__()) print(" Server Certificate Validated. Sending Client Key Exchange!\n") clientkey = PlsKeyExchange() randomvalue = os.urandom(16) #b'1234567887654321' print(type(randomvalue)) self.pkc = int.from_bytes(randomvalue, byteorder='big') clientkey.NoncePlusOne = packet.Nonce + 1 self.ns = packet.Nonce pub_key = self.incoming_cert[0].public_key() encrypted1 = pub_key.encrypt(randomvalue, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(),label=None)) print ("Encrypted String is: ",encrypted1) clientkey.PreKey = encrypted1 clkey = clientkey.__serialize__() print("Sent the Prekey to Server.") self.m.update(clkey) self.transport.write(clkey) if isinstance(packet, PlsKeyExchange): print("Received Server Key Exchange.") self.m.update(packet.__serialize__()) serverpriv = CipherUtil.loadPrivateKeyFromPemFile("/root/keys/client/sagar-client.key") decrypted = serverpriv.decrypt(packet.PreKey, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(), label=None)) print("Decrypted Pre-Master Secret: ", decrypted) self.pks = int.from_bytes(decrypted, byteorder='big') #==================================== #sending digest self.clientdigest = self.m.digest() print("Hash digest is: ", self.clientdigest) hdone = PlsHandshakeDone() hdone.ValidationHash = self.clientdigest hdone_s = hdone.__serialize__() print("Sent the PLS Handshake Done to server.") self.transport.write(hdone_s) if isinstance(packet, PlsHandshakeDone): print("\n\nReceived Server Handshake done message.") if (self.clientdigest == packet.ValidationHash): print("Digest verification done!") self.key_generator() plstransport = PLSStackingTransport(self, self.transport) higherTransport = StackingTransport(plstransport) self.higherProtocol().connection_made(higherTransport) if isinstance(packet, PlsData): print("=====================Recieved Data Packet from PLSServer ======================") self.ctr = 0 if self.mac_verification_engine(packet.Ciphertext, packet.Mac): print("=====================Pls Client Verification Successful. Decrypting=============") DecryptedPacket = self.decryption_engine(packet.Ciphertext) print("=======================Decryption DONE! =======Sending to HigherLayer===========") self.higherProtocol().data_received(DecryptedPacket) self.ctr = 0 else: self.ctr += 1 if self.ctr != 5: print("Verification Failed. Try Again. Failed {}").format(self.ctr) else: print("Verification failed 5 times. Killing Connection and Sending PlsClose.") # Creating and Sending PlsClose self.ctr = 0 Close = PlsClose() #Close.Error = "Closing Connection due to 5 Verification failures. Aggressive Close." serializeClose = Close.__serialize__() self.transport.write(serializeClose) self.transport.close() if isinstance(packet, PlsClose): print("==================Received PlsClose from Server======================== ") #self.connection_lost(self) self.transport.close()
def data_received(self, data): print("###SSL layer data received called!###") self.deserializer.update(data) for packet in self.deserializer.nextPackets(): #print(packet.Certs[0], packet.Certs[1], packet.Certs[2]) if isinstance(packet, PlsHello): self.incoming_cert.append( CipherUtil.getCertFromBytes(str.encode(packet.Certs[0]))) self.incoming_cert.append( CipherUtil.getCertFromBytes(str.encode(packet.Certs[1]))) self.incoming_cert.append( CipherUtil.getCertFromBytes(str.encode(packet.Certs[2]))) print( "\nReceived Client Hello packet. Trying to verify issuer..." ) #print(packet.Certs) if self.validate(self.incoming_cert): self.nc = packet.Nonce self.m = hashlib.sha1() self.m.update(packet.__serialize__()) print("Certificate Validated. Sending Server hello!\n") self.clientnonce = packet.Nonce serverhello = PlsHello() serverhello.Nonce = int.from_bytes( os.urandom(8), byteorder='big') #12345678 self.ns = serverhello.Nonce idcert = getIDCertsForAddr() pubkey = getCertsForAddr() root = getRootCertsForAddr() serverhello.Certs = [] serverhello.Certs.append(idcert) serverhello.Certs.append(pubkey) serverhello.Certs.append(root) srvhello = serverhello.__serialize__() print("Sent Server Hello!\n") self.m.update(srvhello) self.transport.write(srvhello) if isinstance(packet, PlsKeyExchange): print("Received Client Key Exchange. Server Server Keys\n\n") self.m.update(packet.__serialize__()) serverpriv = CipherUtil.loadPrivateKeyFromPemFile( "/root/keys/server/sagar-server.key") decrypted = serverpriv.decrypt( packet.PreKey, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) print("Decrypted Pre-Master Secret: ", decrypted) self.pkc = int.from_bytes(decrypted, byteorder='big') #==================================== #Creating Server Pre-Master serverkey = PlsKeyExchange() randomvalue = os.urandom(16) #b'1234567887654321' self.pks = int.from_bytes(randomvalue, byteorder='big') serverkey.NoncePlusOne = self.clientnonce + 1 pub_key = self.incoming_cert[0].public_key() encrypted1 = pub_key.encrypt( randomvalue, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) print("Encrypted String is: ", encrypted1) serverkey.PreKey = encrypted1 skey = serverkey.__serialize__() print("Sent the Prekey to Client.\n\n") self.m.update(skey) self.transport.write(skey) if isinstance(packet, PlsHandshakeDone): print("Received Client Handshake done message.") clientdigest = packet.ValidationHash serverdigest = self.m.digest() print("Hash digest is: ", serverdigest) hdone = PlsHandshakeDone() hdone.ValidationHash = serverdigest if (serverdigest == clientdigest): print("Digest verification done!") # calling higher connection made since we have received the ACK self.key_generator() plstransport = PLSStackingTransport(self, self.transport) higherTransport = StackingTransport(plstransport) self.higherProtocol().connection_made(higherTransport) hdone_s = hdone.__serialize__() self.transport.write(hdone_s) if isinstance(packet, PlsData): print( "=====================Recieved Data Packet from PLSClient======================" ) self.ctr = 0 if self.mac_verification_engine(packet.Ciphertext, packet.Mac): print( "=====================Pls Client Verification Successful. Decrypting=============" ) DecryptedPacket = self.decryption_engine(packet.Ciphertext) print( "=======================Decryption DONE! =======Sending to HigherLayer===========" ) self.higherProtocol().data_received(DecryptedPacket) self.ctr = 0 else: self.ctr += 1 if self.ctr != 5: print("Verification Failed. Try Again. Failed {}" ).format(self.ctr) else: print( "Verification failed 5 times. Killing Connection and Sending PlsClose." ) self.ctr = 0 #Creating and Sending PlsClose Close = PlsClose() #Close.Error = "Closing Connection due to 5 Verification failures. Aggrresive Close" serializeClose = Close.__serialize__() self.transport.write(serializeClose) self.transport.close() if isinstance(packet, PlsClose): print( "==================Received PlsClose from Client======================== " ) #self.connection_lost(self) self.transport.close()
def data_received(self, data): self.deserializer.update(data) for packet in self.deserializer.nextPackets(): if isinstance(packet, PlsHello): self.incoming_cert.append( CipherUtil.getCertFromBytes(str.encode(packet.Certs[0]))) self.incoming_cert.append( CipherUtil.getCertFromBytes(str.encode(packet.Certs[1]))) self.incoming_cert.append( CipherUtil.getCertFromBytes(str.encode(packet.Certs[2]))) print("\nReceived Server Hello. Trying to verify issuer...") if self.validate(self.incoming_cert): self.m.update(packet.__serialize__()) print( " Server Certificate Validated. Sending Client Key Exchange!\n" ) clientkey = PlsKeyExchange() randomvalue = b'1234567887654321' print(type(randomvalue)) self.pkc = randomvalue.decode() clientkey.NoncePlusOne = packet.Nonce + 1 self.ns = packet.Nonce pub_key = self.incoming_cert[0].public_key() encrypted1 = pub_key.encrypt( randomvalue, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) print("Encrypted String is: ", encrypted1) clientkey.PreKey = encrypted1 clkey = clientkey.__serialize__() print("Sent the Prekey to Server.") self.m.update(clkey) self.transport.write(clkey) if isinstance(packet, PlsKeyExchange): print("Received Server Key Exchange.") self.m.update(packet.__serialize__()) serverpriv = CipherUtil.loadPrivateKeyFromPemFile( "/root/keys/client/sagar-client.key") decrypted = serverpriv.decrypt( packet.PreKey, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) print("Decrypted Pre-Master Secret: ", decrypted) self.pks = decrypted.decode() #==================================== #sending digest self.clientdigest = self.m.digest() print("Hash digest is: ", self.clientdigest) hdone = PlsHandshakeDone() hdone.ValidationHash = self.clientdigest hdone_s = hdone.__serialize__() print("Sent the PLS Handshake Done to server.") self.transport.write(hdone_s) if isinstance(packet, PlsHandshakeDone): print("\n\nReceived Server Handshake done message.") if (self.clientdigest == packet.ValidationHash): print("Digest verification done!") self.key_generator()
def data_received(self, data): print("###SSL layer data received called!###") self.deserializer.update(data) for packet in self.deserializer.nextPackets(): #print(packet.Certs[0], packet.Certs[1], packet.Certs[2]) if isinstance(packet, PlsHello): self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[0]))) self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[1]))) self.incoming_cert.append(CipherUtil.getCertFromBytes(str.encode(packet.Certs[2]))) print("\nReceived Client Hello packet. Trying to verify issuer...") #print(packet.Certs) if self.validate(self.incoming_cert): self.nc = packet.Nonce self.m = hashlib.sha1() self.m.update(packet.__serialize__()) print("Certificate Validated. Sending Server hello!\n") self.clientnonce = packet.Nonce serverhello = PlsHello() serverhello.Nonce = 12345678 self.ns = serverhello.Nonce idcert = getIDCertsForAddr() pubkey = getCertsForAddr() root = getRootCertsForAddr() serverhello.Certs = [] serverhello.Certs.append(idcert) serverhello.Certs.append(pubkey) serverhello.Certs.append(root) srvhello = serverhello.__serialize__() print("Sent Server Hello!\n") self.m.update(srvhello) self.transport.write(srvhello) if isinstance(packet, PlsKeyExchange): print("Received Client Key Exchange. Server Server Keys\n\n") self.m.update(packet.__serialize__()) serverpriv = CipherUtil.loadPrivateKeyFromPemFile("/root/keys/server/sagar-server.key") decrypted = serverpriv.decrypt(packet.PreKey, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(), label=None)) print("Decrypted Pre-Master Secret: ", decrypted) self.pkc = decrypted.decode() #==================================== #Creating Server Pre-Master serverkey = PlsKeyExchange() randomvalue = b'1234567887654321' self.pks = randomvalue.decode() serverkey.NoncePlusOne = self.clientnonce + 1 pub_key = self.incoming_cert[0].public_key() encrypted1 = pub_key.encrypt(randomvalue, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(), label=None)) print("Encrypted String is: ", encrypted1) serverkey.PreKey = encrypted1 skey = serverkey.__serialize__() print("Sent the Prekey to Client.\n\n") self.m.update(skey) self.transport.write(skey) if isinstance(packet, PlsHandshakeDone): print("Received Client Handshake done message.") clientdigest = packet.ValidationHash serverdigest = self.m.digest() print("Hash digest is: ", serverdigest) hdone = PlsHandshakeDone() hdone.ValidationHash = serverdigest if (serverdigest == clientdigest): print("Digest verification done!") self.key_generator() hdone_s = hdone.__serialize__() self.transport.write(hdone_s)