mirror of
https://github.com/DJ2LS/FreeDATA
synced 2024-05-14 08:04:33 +00:00
first working hmac signing
This commit is contained in:
parent
cb813ba402
commit
cf5e359c3e
|
@ -919,16 +919,20 @@ class DATA:
|
||||||
|
|
||||||
# check if hmac signing enabled
|
# check if hmac signing enabled
|
||||||
if TNC.enable_hmac:
|
if TNC.enable_hmac:
|
||||||
# now check if we have valid hmac signature
|
# now check if we have valid hmac signature - returns salt or bool
|
||||||
salt_found = helpers.search_hmac_salt(self.dxcallsign, self.mycallsign, data_frame_crc, token_iters=100)
|
salt_found = helpers.search_hmac_salt(self.dxcallsign, self.mycallsign, data_frame_crc, data_frame, token_iters=100)
|
||||||
if salt_found:
|
if salt_found:
|
||||||
# hmac digest received
|
# hmac digest received
|
||||||
self.arq_process_received_data_frame(data_frame, snr, signed=True)
|
self.arq_process_received_data_frame(data_frame, snr, signed=True)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
|
|
||||||
# hmac signature wrong
|
# hmac signature wrong
|
||||||
self.arq_process_received_data_frame(data_frame, snr, signed=False)
|
self.arq_process_received_data_frame(data_frame, snr, signed=False)
|
||||||
elif data_frame_crc == data_frame_crc_received:
|
elif data_frame_crc == data_frame_crc_received:
|
||||||
|
self.log.warning(
|
||||||
|
"[TNC] [HMAC] Disabled, using CRC",
|
||||||
|
)
|
||||||
self.arq_process_received_data_frame(data_frame, snr, signed=False)
|
self.arq_process_received_data_frame(data_frame, snr, signed=False)
|
||||||
else:
|
else:
|
||||||
self.send_data_to_socket_queue(
|
self.send_data_to_socket_queue(
|
||||||
|
@ -1163,7 +1167,7 @@ class DATA:
|
||||||
snr=snr,
|
snr=snr,
|
||||||
)
|
)
|
||||||
|
|
||||||
def arq_transmit(self, data_out: bytes, hmac_salt: str):
|
def arq_transmit(self, data_out: bytes, hmac_salt: bytes):
|
||||||
"""
|
"""
|
||||||
Transmit ARQ frame
|
Transmit ARQ frame
|
||||||
|
|
||||||
|
@ -1219,6 +1223,7 @@ class DATA:
|
||||||
|
|
||||||
# check if hmac signature is available
|
# check if hmac signature is available
|
||||||
if hmac_salt not in ['', False]:
|
if hmac_salt not in ['', False]:
|
||||||
|
print(data_out)
|
||||||
# create hmac digest
|
# create hmac digest
|
||||||
hmac_digest = hmac.new(hmac_salt, data_out, hashlib.sha256).digest()
|
hmac_digest = hmac.new(hmac_salt, data_out, hashlib.sha256).digest()
|
||||||
# truncate to 32bit
|
# truncate to 32bit
|
||||||
|
|
|
@ -502,33 +502,55 @@ def get_hmac_salt(dxcallsign: bytes, mycallsign: bytes):
|
||||||
try:
|
try:
|
||||||
with open(filename, "r") as file:
|
with open(filename, "r") as file:
|
||||||
line = file.readlines()
|
line = file.readlines()
|
||||||
hmac_salt = line[-1]
|
hmac_salt = bytes(line[-1], "utf-8").split(b'\n')
|
||||||
|
hmac_salt = hmac_salt[0]
|
||||||
return hmac_salt if delete_last_line_from_hmac_list(filename, -1) else False
|
return hmac_salt if delete_last_line_from_hmac_list(filename, -1) else False
|
||||||
except Exception:
|
except Exception:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def search_hmac_salt(dxcallsign: bytes, mycallsign: bytes, search_token, data_frame, token_iters):
|
def search_hmac_salt(dxcallsign: bytes, mycallsign: bytes, search_token, data_frame, token_iters):
|
||||||
|
print(data_frame)
|
||||||
try:
|
try:
|
||||||
filename = f"freedata_hmac_STATION_{dxcallsign.decode('utf-8')}_REMOTE_{mycallsign.decode('utf-8')}.txt"
|
filename = f"freedata_hmac_STATION_{dxcallsign.decode('utf-8')}_REMOTE_{mycallsign.decode('utf-8')}.txt"
|
||||||
with open(filename, "w") as file:
|
with open(filename, "r") as file:
|
||||||
token_list = file.readlines()
|
token_list = file.readlines()
|
||||||
|
|
||||||
token_iters = min(token_iters, len(token_list))
|
token_iters = min(token_iters, len(token_list))
|
||||||
for _ in range(1, token_iters + 1):
|
for _ in range(1, token_iters + 1):
|
||||||
key = token_list[len(token_list) - _][:-1]
|
key = token_list[len(token_list) - _][:-1]
|
||||||
|
key = bytes(key, "utf-8")
|
||||||
search_digest = hmac.new(key, data_frame, hashlib.sha256).digest()[:4]
|
search_digest = hmac.new(key, data_frame, hashlib.sha256).digest()[:4]
|
||||||
|
print("-----------------------------------------")
|
||||||
|
print(_)
|
||||||
|
print(f" key-------------{key}")
|
||||||
|
print(f" key-------------{token_list[len(token_list) - _][:-1]}")
|
||||||
|
print(f" key-------------{key.hex()}")
|
||||||
|
print(f" search token----{search_token.hex()}")
|
||||||
|
print(f" search digest---{search_digest.hex()}")
|
||||||
if search_token == search_digest:
|
if search_token == search_digest:
|
||||||
token_position = len(token_list) - _
|
token_position = len(token_list) - _
|
||||||
delete_last_line_from_hmac_list(filename, token_position)
|
delete_last_line_from_hmac_list(filename, token_position)
|
||||||
|
log.warning(
|
||||||
|
"[TNC] [HMAC] Signature found", expected=search_token,
|
||||||
|
)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
log.warning(
|
||||||
|
"[TNC] [HMAC] Signature not found", expected=search_token,
|
||||||
|
)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
except Exception:
|
except Exception as e:
|
||||||
|
log.warning(
|
||||||
|
"[TNC] [HMAC] Lookup failed", e=e, expected=search_token,
|
||||||
|
)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
def delete_last_line_from_hmac_list(filename, position):
|
def delete_last_line_from_hmac_list(filename, position):
|
||||||
|
# override
|
||||||
|
return True
|
||||||
try:
|
try:
|
||||||
linearray = []
|
linearray = []
|
||||||
with open(filename, "r") as file:
|
with open(filename, "r") as file:
|
||||||
|
|
|
@ -255,7 +255,7 @@ if __name__ == "__main__":
|
||||||
|
|
||||||
PARSER.add_argument(
|
PARSER.add_argument(
|
||||||
"--hmac",
|
"--hmac",
|
||||||
dest="hmac_salt",
|
dest="enable_hmac",
|
||||||
action="store_true",
|
action="store_true",
|
||||||
default=True,
|
default=True,
|
||||||
help="Enable and set hmac message salt",
|
help="Enable and set hmac message salt",
|
||||||
|
@ -315,7 +315,7 @@ if __name__ == "__main__":
|
||||||
TCIParam.port = ARGS.tci_port
|
TCIParam.port = ARGS.tci_port
|
||||||
ModemParam.tx_delay = ARGS.tx_delay
|
ModemParam.tx_delay = ARGS.tx_delay
|
||||||
MeshParam.enable_protocol = ARGS.enable_mesh
|
MeshParam.enable_protocol = ARGS.enable_mesh
|
||||||
TNC.enable_hmac = False
|
TNC.enable_hmac = ARGS.enable_hmac
|
||||||
|
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|
Loading…
Reference in a new issue