Changes to make the Python JPAKE code compatible with the latest crpt…

…o changes
st3fan · Dec 8, 2010 · fd40675 · fd40675
1 parent a2ed8a4
commit fd40675
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 8 deletions.
diff --git a/Desktop/desktop.py b/Desktop/desktop.py
@@ -79,7 +79,7 @@ def main():
     print "X Server      = %s" % server
     print "X Channel URL = %s" % url
 
-    j = JPAKE(password, signerid="sender", params=params_80)
+    j = JPAKE(password, signerid="sender", params=params_128)
 
     # Get Server.Message1
 
@@ -151,11 +151,17 @@ def main():
 
     # Put Client.Message3
 
-    aes_key = sha256("encrypt:" + key).digest()
-    hmac_key = sha256("hmac:" + key).digest()
+    # aes_key  = HMAC-SHA256(key, "Sync-AES_256_CBC-HMAC256" + 0x01)
+    # hmac_key = HMAC-SHA256(key, aes_key + "Sync-AES_256_CBC-HMAC256" + 0x02)
+
+    aes_key  = hmac("Sync-AES_256_CBC-HMAC256\x01", key, algo="sha256")
+    hmac_key = hmac(aes_key + "Sync-AES_256_CBC-HMAC256\x02", key, algo="sha256")
+
+    #aes_key = sha256("encrypt:" + key).digest()
+    #hmac_key = sha256("hmac:" + key).digest()
 
     iv = '0123456780abcdef'
-    cleartext = simplejson.dumps({ 'account': 'st3fan', 'password': 'test', 'synckey': 'OHAI-ITIS-CAPS-LOCK-DAYY' })
+    cleartext = simplejson.dumps({ 'account': 'stefan@arentz.ca', 'password': 'q1w2e3r4', 'synckey': 'msed952bhxhx5iti6qx5vygrgu', 'serverURL': 'http://sa.tk:5000/' })
     ciphertext = encrypt(cleartext, aes_key, iv)
     ciphertext_base64 = base64.b64encode(ciphertext)
     hmac_hex = binascii.hexlify(hmac(hmac_key, ciphertext_base64, algo="sha256"))

diff --git a/Desktop/jpake.py b/Desktop/jpake.py
@@ -5,7 +5,7 @@
     import json
 except ImportError:
     import simplejson as json
-
+from M2Crypto.EVP import hmac
 
 class JPAKEError(Exception):
     pass
@@ -224,7 +224,7 @@ def hashbn(bn):
         s = "".join([hashbn(generator), hashbn(gr), hashbn(gx),
                      number_to_string(len(self.signerid), 2),
                      self.signerid])
-        h = string_to_number(sha1(s).digest())
+        h = string_to_number(sha256(s).digest())
 
         b = (r - exponent*h) % q
         return {"gr": "%x"%gr, # gr and b are the important values
@@ -249,7 +249,7 @@ def hashbn(bn):
         s = "".join([hashbn(generator), hashbn(gr), hashbn(gx),
                      number_to_string(len(zkp["id"]), 2),
                      str(zkp["id"])])
-        h = string_to_number(sha1(s).digest())
+        h = string_to_number(sha256(s).digest())
         gb = pow(generator, b, p)
         y = pow(gx, h, p)
         if gr != (gb*y)%p:
@@ -370,7 +370,7 @@ def three(self, m2):
                    # hashing schemes to get from K to the final key. It's
                    # important to hash K before using it, to not expose the
                    # actual number to anybody.
-        key = sha256(number_to_string(K, self.params.orderlen)).digest()
+        key = hmac("\0"*32, number_to_string(K, self.params.orderlen), algo="sha256")
         return key
 
     def getattr_hex(self, name):