Created
October 7, 2010 01:57
-
-
Save st3fan/614423 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# We are the Desktop | |
import sys, simplejson, time, urllib2, hmac, base64 | |
from jpake import JPAKE, params_80, params_112, params_128 | |
from M2Crypto.EVP import Cipher | |
def get(url, etag = None): | |
headers = {} | |
if etag: | |
headers['If-None-Match'] = etag | |
request = urllib2.Request(url, None, headers) | |
response = urllib2.urlopen(request) | |
data = response.read() | |
return simplejson.loads(data) | |
def put(url, data): | |
opener = urllib2.build_opener(urllib2.HTTPHandler) | |
json = simplejson.dumps(data) | |
request = urllib2.Request(url, data=json) | |
request.add_header('Content-Type', 'application/json') | |
request.get_method = lambda: 'PUT' | |
response = urllib2.urlopen(request) | |
return response.info().getheader('Etag') | |
def encrypt(data, key, iv): | |
cipher = Cipher(alg='aes_256_cbc', key=key, iv=iv, op=1) | |
res = cipher.update(data) | |
res += cipher.final() | |
return res | |
def decrypt(data, key, iv): | |
cipher = Cipher(alg='aes_256_cbc', key=key, iv=iv, op=0) | |
res = cipher.update(data) | |
res += cipher.final() | |
return res | |
password = sys.argv[1] | |
url = "http://wopr.local:5000/%s" % password | |
print "X Password = %s" % password | |
print "X URL = %s" % url | |
j = JPAKE(password, signerid="Desktop", params=params_80) | |
# Get Server.Message1 | |
print "X Getting Server.Message1" | |
server_one = get(url) | |
#print "X Got Server.Message1: %s" % str(server_one) | |
# Generate and Put Client.Message1 | |
print "X Putting Client.Message1" | |
client_one = j.one() | |
client_one_etag = put(url, client_one) | |
#print "X Put Client.Message1 (etag=%s) %s" % (client_one_etag, client_one) | |
# Get Server.Message2 | |
print "X Getting Server.Message2" | |
while True: | |
try: | |
server_two = get(url, client_one_etag) | |
break | |
except urllib2.HTTPError, e: | |
if e.code == 304: | |
print "X Did not get right response yet. Trying again." | |
pass | |
else: | |
raise | |
time.sleep(5) | |
#print "X Got Server.Message2: %s" % server_two | |
# Generate Client.Message2 | |
print "X Generating Client.Message2" | |
client_two = j.two(server_one) | |
# Generate the key | |
print "X Generating key" | |
key = j.three(server_two) | |
print "X Generated key: %s" % key | |
# Put Client.Message2 | |
iv = '0123456780abcdef' | |
ct = encrypt(simplejson.dumps({ 'message': sys.argv[2] }), key, iv) | |
client_two['payload'] = { 'ciphertext': base64.b64encode(ct), | |
'iv': base64.b64encode(iv) } | |
print "X Putting Client.Message2" | |
client_two_etag = put(url, client_two) | |
#print "X Put Client.Message2 (etag=%s) %s" % (client_two_etag, client_two) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment