-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathutils.py
184 lines (141 loc) · 5 KB
/
utils.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
from Crypto.PublicKey import RSA
from Crypto.Cipher import AES
from Crypto import Random
import struct
import socket
import signal
import os
import sys
def pad_message(message):
"""
Pads a string for use with AES encryption
:param message: string to be padded
:return: padded message
"""
pad_size = 16 - (len(message) % 16)
if pad_size == 0:
pad_size = 16
message += chr(pad_size) * pad_size
return message
def unpad_message(message):
return message[:-ord(message[-1])]
def add_layer(message, aes_key):
aes_obj = AES.new(aes_key, AES.MODE_CBC, "0" * 16)
ciphertext = aes_obj.encrypt(message)
return ciphertext
def peel_layer(ciphertext, aes_key):
aes_obj = AES.new(aes_key, AES.MODE_CBC, "0" * 16)
message = aes_obj.decrypt(ciphertext)
return message
# uses the PUBLIC key in 'key' to encrypt
def wrap_message(message, rsa_key, aes_key):
# generate AES key, 'k'
# encrypt message (param 'message') with AES using 'k'
# encrypt 'k' with RSA key (param 'key')
# assemble final blob, then return it
aes_obj = AES.new(aes_key, AES.MODE_CBC, "0" * 16)
ciphertext_aes = aes_obj.encrypt(message)
ciphertext_rsa = rsa_key.encrypt(aes_key, rsa_key.publickey())[0]
blob = ciphertext_rsa + ciphertext_aes
return blob
def unwrap_message(blob, rsa_key):
# seperate blob into data and encrypted AES key
# decrypt AES key using given RSA key
# decrypt data using the AES key
# return the unencrypted orignal blob
ciphertext_rsa = blob[0:128]
ciphertext_aes = blob[128:len(blob)]
aes_key = rsa_key.decrypt(ciphertext_rsa)
aes_obj = AES.new(aes_key, AES.MODE_CBC, "0" * 16)
message = aes_obj.decrypt(ciphertext_aes)
# print "length of aes key: " + str(len(aes_key))
return message, aes_key
# assumes 'message' is no longer than 4096 bytes
def send_message_with_length_prefix(tosocket, message):
prefix = struct.pack("!I", len(message))
# 4 bytes, should send all of it in one go
bytessent = sendn(tosocket, prefix)
if bytessent == 0:
return False
bytessent = sendn(tosocket, message)
if bytessent == 0:
return False
return True
# returns an empty string if the connection closed on the other end
def recv_message_with_length_prefix(fromsocket):
packedlen = recvn(fromsocket, 4)
if packedlen == "":
return ""
length = struct.unpack("!I", packedlen)[0]
message = recvn(fromsocket, length)
return message
# socket on the other end has closed if this returns 0
def sendn(tosocket, message):
length = len(message)
sent_so_far = 0
while length > sent_so_far:
bytessent = tosocket.send(message[sent_so_far:])
if bytessent == 0:
return 0
sent_so_far += bytessent
return length
def recvn(fromsocket, length):
recv_so_far = 0
recvbuf = ""
while length > recv_so_far:
newdata = fromsocket.recv(length - recv_so_far)
bytesrecvd = len(newdata)
if bytesrecvd == 0:
return ""
recvbuf += newdata
recv_so_far += bytesrecvd
return recvbuf
def packHostPort(ip, port):
return socket.inet_aton(ip) + struct.pack("!i", port)
def unpackHostPort(packed):
return (socket.inet_ntoa(packed[:4]), struct.unpack("!i", packed[4:])[0])
# hoplist is a list of tuples of the form (packedhop, RSA key object)
def packRoute(hoplist):
message = ""
for i in range(0, len(hoplist)):
idx = len(hoplist) - 1 - i
message = hoplist[idx][0] + message
message = wrap_message(message, hoplist[idx][1])
return message
# destination is a pre-packed hostport string
def wrap_all_messages(hoplist, destination):
randfile = Random.new()
wrapped_message = destination
aes_key_list = []
packedroute = ""
for i in range(0, len(hoplist)):
# have some way of getting each, probably from directory authority
elem_aes_key = randfile.read(32)
aes_key_list.append(elem_aes_key)
if i != 0:
packedroute = packHostPort(hoplist[i - 1][0], hoplist[i - 1][1])
wrapped_message = packedroute + wrapped_message
wrapped_message = wrap_message(
pad_message(wrapped_message), hoplist[i][2], elem_aes_key)
return wrapped_message, aes_key_list
def add_all_layers(aes_key_list, message):
message = pad_message(message)
for key in aes_key_list:
message = add_layer(message, key)
return message
def peel_all_layers(aes_key_list, response):
for i in reversed(range(0, len(aes_key_list))):
response = peel_layer(response, aes_key_list[i])
response = unpad_message(response)
return response
def process_route(data):
hoplist = []
for a in range(3):
rsa_key = data[8:220]
hostport = unpackHostPort(data[:8])
hoplist.append((hostport[0], hostport[1], RSA.importKey(rsa_key)))
data = data[220:]
return hoplist
def signal_handler(received_signal, frame):
os.killpg(os.getpgid(0), signal.SIGINT)
sys.exit(0)