def _start_puzzle(self, ssid): """ Handle the puzzle. Read puzzle from the SSID encrypted with first PreImage, return Puzzle encrypted with first PreImage """ self.startPuzzleTime = time.time() bitSize = ssid.getBitSize() if (bitSize == 0): # No Puzzle required! Connect to network! logging.info("Required Puzzle Size is 0! Not solving Puzzle!") return self.request[1] else: recvhash = bytearray(ssid.getHash()) # received "Hash" logging.debug("Received Hash: %s length: %s" % (recvhash, len(recvhash))) hash2 = bytearray(self.request[1]) # expected Answer logging.debug("Expected hash: %s length: %s" % (hash2, len(hash2))) puzzle = sofi_crypt.xorDecode( recvhash, hash2 ) # decode the received Hash with the expected Hash, this gives us the puzzle. logging.debug("Puzzle received: %s with length: %s" % (puzzle, len(puzzle))) p = sofi_puzzle.mk_preimage_puzzle() start = time.clock() solution = p.solvePuzzleS( puzzle, bitSize=bitSize) # Solve the received Puzzle self.solution = solution logging.debug("Puzzle solved in %.06f seconds." % (time.clock() - start)) logging.debug("Calculated Puzzle Solution: %s" % solution) solEnc = sofi_crypt.xorDecode( solution, hash2 ) # encode the solution with the expected Hash. This is the final ssid. logging.debug("Final search Hash: %s" % solEnc) self.endPuzzleTime = time.time() return solEnc
def _start_search(self, target="NOTHING",service=0,private=False,password=None,bitSize=5): """ Search the specified target, ie. do a scan through wpa_supplicant. """ self.startbuildScanTime = time.time() if(self.state == IDLE or self.state == CONNECTED): self._remove_old_nets() if(private==False): self.request = self._trippleHash(self._sanitize(target)) logging.info("Publicly searching for: "+ target) else: logging.debug("Privately searching for: %s with password: %s" %(target ,password)) if(password != None): logging.info("Privately searching for: %s" %target) self.request = self._trippleHash(self._sanitize(target)) self.request[2] = sofi_crypt.xorDecode(self.request[2],password) self.request[1] = sofi_crypt.xorDecode(self.request[1],password) self.request[0] = sofi_crypt.xorDecode(self.request[0],password) #Encrypt Hash with Secret #Set MAC known to requested User FIXME in future VERSION else: logging.error("No Password specified in private search!") self.ComId = random.randint(0,255) self.start_time = time.time() ssid = sofi_ssid.ssid(hashString=self.request[2],private=private,request=True,service=service,Comid=self.ComId) self.nId = self.wpa.wpa_supplicant_connect(ssid.toString(), pwd=None) self.state = WAITING_FOR_RESPONSE self._start_timeout() self.endbuildScanTime = time.time() self.startScanDiscoverTime = time.time() return True else: logging.info("Already searching for another file. Please wait for timeout...") return False
def _start_puzzle(self,ssid): """ Handle the puzzle. Read puzzle from the SSID encrypted with first PreImage, return Puzzle encrypted with first PreImage """ self.startPuzzleTime = time.time() bitSize = ssid.getBitSize() if(bitSize == 0): # No Puzzle required! Connect to network! logging.info("Required Puzzle Size is 0! Not solving Puzzle!") return self.request[1] else: recvhash = bytearray(ssid.getHash()) # received "Hash" logging.debug("Received Hash: %s length: %s" %(recvhash,len(recvhash))) hash2 = bytearray(self.request[1]) # expected Answer logging.debug("Expected hash: %s length: %s" %(hash2,len(hash2))) puzzle = sofi_crypt.xorDecode(recvhash, hash2) # decode the received Hash with the expected Hash, this gives us the puzzle. logging.debug("Puzzle received: %s with length: %s" %(puzzle,len(puzzle))) p = sofi_puzzle.mk_preimage_puzzle() start = time.clock() solution = p.solvePuzzleS(puzzle,bitSize=bitSize) # Solve the received Puzzle self.solution = solution logging.debug("Puzzle solved in %.06f seconds." %(time.clock()-start)) logging.debug("Calculated Puzzle Solution: %s" %solution) solEnc = sofi_crypt.xorDecode(solution, hash2) # encode the solution with the expected Hash. This is the final ssid. logging.debug("Final search Hash: %s" %solEnc) self.endPuzzleTime = time.time() return solEnc
def _start_search(self, target="NOTHING", service=0, private=False, password=None, bitSize=5): """ Search the specified target, ie. do a scan through wpa_supplicant. """ self.startbuildScanTime = time.time() if (self.state == IDLE or self.state == CONNECTED): self._remove_old_nets() if (private == False): self.request = self._trippleHash(self._sanitize(target)) logging.info("Publicly searching for: " + target) else: logging.debug("Privately searching for: %s with password: %s" % (target, password)) if (password != None): logging.info("Privately searching for: %s" % target) self.request = self._trippleHash(self._sanitize(target)) self.request[2] = sofi_crypt.xorDecode( self.request[2], password) self.request[1] = sofi_crypt.xorDecode( self.request[1], password) self.request[0] = sofi_crypt.xorDecode( self.request[0], password) #Encrypt Hash with Secret #Set MAC known to requested User FIXME in future VERSION else: logging.error("No Password specified in private search!") self.ComId = random.randint(0, 255) self.start_time = time.time() ssid = sofi_ssid.ssid(hashString=self.request[2], private=private, request=True, service=service, Comid=self.ComId) self.nId = self.wpa.wpa_supplicant_connect(ssid.toString(), pwd=None) self.state = WAITING_FOR_RESPONSE self._start_timeout() self.endbuildScanTime = time.time() self.startScanDiscoverTime = time.time() return True else: logging.info( "Already searching for another file. Please wait for timeout..." ) return False
def eval_lookup(): import platform import csv import time sample_no = 10000 writer = csv.writer(open("lookup_" + platform.system() +"_"+ platform.node() +"_"+ platform.release()+ "_" + platform.processor() + ".csv","ab")) testAPDB = APdb(Itemsfile="EVALDB.db",SAfile="EVALSADB.db") said1 = testAPDB.addSA(address="00:00:00:00:00:FF", key=sofi_crypt.singleHash("THISISMYKEYKEYKEY"), chained=False, chainIndex=0, name="horst") said2 = testAPDB.addSA(address="00:00:00:00:DE:AD", key=sofi_crypt.singleHash("THISISMYKEYKEYKEY"), chained=False, chainIndex=0, name="dings") item1 = testAPDB.addDataItem(location="/bin/bash", descString="bin bash", serviceId=2, private=True, ACL=[said1,said2]) item2 = testAPDB.addDataItem(location="/bin/false", descString="bin false", serviceId=2, private=False, ACL=[]) SAid1 = testAPDB.getSA(said1) for i in xrange(6): result_list = ["%s" %(10**i)] for _j in xrange(10**i): testAPDB.addDataItem(location=''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(50)), descString=''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(30)), serviceId=2, private=True, ACL=[said1,said2]) for _k in xrange(sample_no): key = sofi_crypt.xorDecode(item1.getSearchHash(),SAid1.getKey()) Address=SAid1.getAddress() start_time = time.time() SA,iteml = testAPDB.getAvailable(key,Address=Address) end_time = time.time() result_list.append(end_time - start_time) writer.writerow(result_list)
def eval_lookup(): import platform import csv import time sample_no = 10000 writer = csv.writer( open( "lookup_" + platform.system() + "_" + platform.node() + "_" + platform.release() + "_" + platform.processor() + ".csv", "ab")) testAPDB = APdb(Itemsfile="EVALDB.db", SAfile="EVALSADB.db") said1 = testAPDB.addSA(address="00:00:00:00:00:FF", key=sofi_crypt.singleHash("THISISMYKEYKEYKEY"), chained=False, chainIndex=0, name="horst") said2 = testAPDB.addSA(address="00:00:00:00:DE:AD", key=sofi_crypt.singleHash("THISISMYKEYKEYKEY"), chained=False, chainIndex=0, name="dings") item1 = testAPDB.addDataItem(location="/bin/bash", descString="bin bash", serviceId=2, private=True, ACL=[said1, said2]) item2 = testAPDB.addDataItem(location="/bin/false", descString="bin false", serviceId=2, private=False, ACL=[]) SAid1 = testAPDB.getSA(said1) for i in xrange(6): result_list = ["%s" % (10**i)] for _j in xrange(10**i): testAPDB.addDataItem(location=''.join( random.choice(string.ascii_uppercase + string.digits) for x in range(50)), descString=''.join( random.choice(string.ascii_uppercase + string.digits) for x in range(30)), serviceId=2, private=True, ACL=[said1, said2]) for _k in xrange(sample_no): key = sofi_crypt.xorDecode(item1.getSearchHash(), SAid1.getKey()) Address = SAid1.getAddress() start_time = time.time() SA, iteml = testAPDB.getAvailable(key, Address=Address) end_time = time.time() result_list.append(end_time - start_time) writer.writerow(result_list)
def speed_test(num_items): print "Loading Database..." start_time = time.clock() testAPDB = APdb() finish_time = time.clock() - start_time a = finish_time print "Database with %s items loaded in %.09f sec" %(len(testAPDB.getdataItems()),finish_time) said1 = testAPDB.addSA(address="00:00:00:00:00:FF", key=sofi_crypt.singleHash("THISISMYKEYKEYKEY"), chained=False, chainIndex=0, name="horst") said2 = testAPDB.addSA(address="00:00:00:00:DE:AD", key=sofi_crypt.singleHash("THISISMYKEYKEYKEY"), chained=False, chainIndex=0, name="dings") item1 = testAPDB.addDataItem(location="/bin/bash", descString="bin bash", serviceId=2, private=True, ACL=[said1,said2]) item2 = testAPDB.addDataItem(location="/bin/false", descString="bin false", serviceId=2, private=False, ACL=[]) print "Adding %s items..." %num_items start_time = time.clock() for i in range(num_items): testAPDB.addDataItem(location=''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(50)), descString=''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(30)), serviceId=2, private=True, ACL=[said1,said2]) finish_time = time.clock() - start_time b = finish_time print "Finished adding %s items in %0.6f sec" %(num_items,finish_time) SAid1 = testAPDB.getSA(said1) print "Staring search..." start_time = time.clock() SA,iteml = testAPDB.getAvailable(sofi_crypt.xorDecode(item1.getSearchHash(),SAid1.getKey()),Address=SAid1.getAddress()) finish_time = time.clock() - start_time c = finish_time #SA,iteml = testAPDB.getAvailable(item1.getSearchHash(),said1) if(len(iteml)>0): print "Found %s items." %len(iteml) print "Search finished in %.012f sec" %finish_time print "Saving Database..." start_time = time.clock() testAPDB.save() finish_time = time.clock() - start_time d = finish_time print "Finished saving Database with %s entries in %.09f sec." %(len(testAPDB.getdataItems()),finish_time) print "Currently holding %s security associations." %len(testAPDB.getSAs()) return (len(testAPDB.getdataItems()),finish_time),a,b,c,d
def _hashDecode(self,mHash,key): """ Decode the passed mHash with the passed Key and return the result. Decoding is done via simple XOR. """ return sofi_crypt.xorDecode(mHash, key)
def speed_test(num_items): print "Loading Database..." start_time = time.clock() testAPDB = APdb() finish_time = time.clock() - start_time a = finish_time print "Database with %s items loaded in %.09f sec" % (len( testAPDB.getdataItems()), finish_time) said1 = testAPDB.addSA(address="00:00:00:00:00:FF", key=sofi_crypt.singleHash("THISISMYKEYKEYKEY"), chained=False, chainIndex=0, name="horst") said2 = testAPDB.addSA(address="00:00:00:00:DE:AD", key=sofi_crypt.singleHash("THISISMYKEYKEYKEY"), chained=False, chainIndex=0, name="dings") item1 = testAPDB.addDataItem(location="/bin/bash", descString="bin bash", serviceId=2, private=True, ACL=[said1, said2]) item2 = testAPDB.addDataItem(location="/bin/false", descString="bin false", serviceId=2, private=False, ACL=[]) print "Adding %s items..." % num_items start_time = time.clock() for i in range(num_items): testAPDB.addDataItem(location=''.join( random.choice(string.ascii_uppercase + string.digits) for x in range(50)), descString=''.join( random.choice(string.ascii_uppercase + string.digits) for x in range(30)), serviceId=2, private=True, ACL=[said1, said2]) finish_time = time.clock() - start_time b = finish_time print "Finished adding %s items in %0.6f sec" % (num_items, finish_time) SAid1 = testAPDB.getSA(said1) print "Staring search..." start_time = time.clock() SA, iteml = testAPDB.getAvailable(sofi_crypt.xorDecode( item1.getSearchHash(), SAid1.getKey()), Address=SAid1.getAddress()) finish_time = time.clock() - start_time c = finish_time #SA,iteml = testAPDB.getAvailable(item1.getSearchHash(),said1) if (len(iteml) > 0): print "Found %s items." % len(iteml) print "Search finished in %.012f sec" % finish_time print "Saving Database..." start_time = time.clock() testAPDB.save() finish_time = time.clock() - start_time d = finish_time print "Finished saving Database with %s entries in %.09f sec." % (len( testAPDB.getdataItems()), finish_time) print "Currently holding %s security associations." % len( testAPDB.getSAs()) return (len(testAPDB.getdataItems()), finish_time), a, b, c, d
def _hashDecode(self, mHash, key): """ Decode the passed mHash with the passed Key and return the result. Decoding is done via simple XOR. """ return sofi_crypt.xorDecode(mHash, key)
def handle_request(self, ssid, source_address, ip=None): """ Handle an incoming request either from hostapd or a legacy client. That means that the required service is started and the response for hostapd / legacy client is prepared. Returns the message to be sent back. """ reply = "" # our reply for the request #reply = IPC.PWIFI_IPC_ACK if(source_address in self.stateIndex): #This is a request from a client that we are already communicating with! logging.debug("Address %s has existing State." %source_address) localState = self.stateIndex[source_address] if(localState.State == FAILED): logging.info("Deleting old State of address: %s" %source_address) self.statelist.remove(localState) del self.stateIndex[source_address] if(localState.lastSSID in self.stateSSIDindex): del self.stateSSIDindex[localState.lastSSID] reply = IPC.PWIFI_IPC_NACK return reply else: if(localState.lastSSID == ssid.toString()): logging.info("Duplicate Request received!") if(localState.State == PUZZLE_SEND): reply = localState.lastReply else: reply = IPC.PWIFI_IPC_NACK # We can ignore this request as it was already answered! return reply else: if(localState.State == REQUEST): logging.error("State on second message was still REQUEST! This shouldnt happen!") elif(localState.State == PUZZLE_SEND and localState.ComId == ssid.getID()): #This must be the answer to the puzzle! if(len(localState.DataItems)>0): hashValue = localState.hashList[1] else: logging.debug("State found, but DataItems List is empty!") reply = IPC.PWIFI_IPC_NACK return reply # this should never happen! ssidHash = ssid.getHash() if(NO_PUZZLE): puzzle_solution = 0 else: puzzle_solution = sofi_crypt.xorDecode(ssidHash, hashValue) if((NO_PUZZLE) or (self.puzzler.verifyPuzzleS(localState.Puzzle,puzzle_solution,bitSize=localState.bitSize))): #The Client has successfully requested a file and solved the puzzle! localState.stop_timeout() localState.State = PUZZLE_SOLVED localState.PuzzleSolution = puzzle_solution localState.PuzzleSolved = True del self.stateSSIDindex[localState.lastSSID] #delete the old SSID Index for this state localState.lastSSID = ssid.toString() self.stateSSIDindex[localState.lastSSID] = localState #Add the new SSID Index for this state! return self._build_ACK(ssid,source_address,ip,localState,reply) else: #Wrong solution to the puzzle! #Drop that Client! logging.info("Invalid Puzzle Solution received! Puzzle: %s Solution: %s" %(localState.Puzzle,puzzle_solution) ) localState.State = FAILED self.statelist.remove(localState) if(source_address in self.stateIndex): del self.stateIndex[source_address] if(ssid.toString() in self.stateSSIDindex): del self.stateSSIDindex[ssid.toString()] reply = IPC.PWIFI_IPC_NACK return reply else: logging.info("Existing State found. State is: %s" %localState.State) if(localState.State == PUZZLE_SOLVED): logging.info("Last connect must have failed. Deleting old State of address: %s" %source_address) self.statelist.remove(localState) del self.stateIndex[source_address] if(localState.lastSSID in self.stateSSIDindex): del self.stateSSIDindex[localState.lastSSID] reply = IPC.PWIFI_IPC_NACK return reply else: #A new Client request. We have to set up a state. logging.info("New Request received: " + ssid.toString()) if(ssid.isPrivate()): SA,itemlist = self.database.getAvailable(ssid.getHash(),Address=source_address) else: SA,itemlist = self.database.getAvailable(ssid.getHash()) if(len(itemlist)>0): localState = State(address=source_address) self.statelist.append(localState) self.stateIndex[source_address] = localState self.stateSSIDindex[ssid.toString()] = localState if(NO_PUZZLE): localState.Puzzle = 0 else: localState.Puzzle = self.puzzler.createPuzzle(4) localState.SA = SA localState.ComId = ssid.getID() localState.DataItems = itemlist localState.lastSSID = ssid.toString() localState.hashList = itemlist[0].getHashList() if(SA != None): key = SA.getKey() for i,item in enumerate(localState.hashList): localState.hashList[i] = sofi_crypt.xorDecode(item,key) #######PRE ACK! SIGNAL THE HostAPD to announce the SSID Hash2 XOR Puzzle if(NO_PUZZLE): ssid.hash = localState.hashList[1] else: ssid.hash = sofi_crypt.xorDecode(localState.hashList[1],localState.Puzzle) ssid.reply = True if(NO_PUZZLE): ssid.bitSize = 0 else: ssid.bitSize = localState.bitSize newSSID = ssid.toString() ie_ssid = (struct.pack('>BB', COMMON.PWIFI_EID_SSID, len(newSSID)) + newSSID) reply = reply + ie_ssid ie_pwifi = struct.pack('>BB', COMMON.PWIFI_EID, len(reply)) reply = IPC.PWIFI_IPC_PACK + ie_pwifi + reply localState.lastReply = reply logging.info("Found Items in Database. Sending Puzzle!") localState.State = PUZZLE_SEND # puzzle is build and will be send now! localState.start_timeout() # start the timeout as last action before returning return reply else: #Nothing was found in the database for that specific client! logging.info("Nothing found in the Database for this Request!") reply = IPC.PWIFI_IPC_NACK return reply return reply