commit 86c97b4ac03b93a7aab860de4cba61a283f2fe38 Author: Juhani Krekelä Date: Wed Dec 11 00:03:33 2019 +0200 First commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..15c993e --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +__pycache__ +*.pyc +*.swp diff --git a/CC0 b/CC0 new file mode 100644 index 0000000..670154e --- /dev/null +++ b/CC0 @@ -0,0 +1,116 @@ +CC0 1.0 Universal + +Statement of Purpose + +The laws of most jurisdictions throughout the world automatically confer +exclusive Copyright and Related Rights (defined below) upon the creator and +subsequent owner(s) (each and all, an "owner") of an original work of +authorship and/or a database (each, a "Work"). + +Certain owners wish to permanently relinquish those rights to a Work for the +purpose of contributing to a commons of creative, cultural and scientific +works ("Commons") that the public can reliably and without fear of later +claims of infringement build upon, modify, incorporate in other works, reuse +and redistribute as freely as possible in any form whatsoever and for any +purposes, including without limitation commercial purposes. These owners may +contribute to the Commons to promote the ideal of a free culture and the +further production of creative, cultural and scientific works, or to gain +reputation or greater distribution for their Work in part through the use and +efforts of others. + +For these and/or other purposes and motivations, and without any expectation +of additional consideration or compensation, the person associating CC0 with a +Work (the "Affirmer"), to the extent that he or she is an owner of Copyright +and Related Rights in the Work, voluntarily elects to apply CC0 to the Work +and publicly distribute the Work under its terms, with knowledge of his or her +Copyright and Related Rights in the Work and the meaning and intended legal +effect of CC0 on those rights. + +1. Copyright and Related Rights. A Work made available under CC0 may be +protected by copyright and related or neighboring rights ("Copyright and +Related Rights"). Copyright and Related Rights include, but are not limited +to, the following: + + i. the right to reproduce, adapt, distribute, perform, display, communicate, + and translate a Work; + + ii. moral rights retained by the original author(s) and/or performer(s); + + iii. publicity and privacy rights pertaining to a person's image or likeness + depicted in a Work; + + iv. rights protecting against unfair competition in regards to a Work, + subject to the limitations in paragraph 4(a), below; + + v. rights protecting the extraction, dissemination, use and reuse of data in + a Work; + + vi. database rights (such as those arising under Directive 96/9/EC of the + European Parliament and of the Council of 11 March 1996 on the legal + protection of databases, and under any national implementation thereof, + including any amended or successor version of such directive); and + + vii. other similar, equivalent or corresponding rights throughout the world + based on applicable law or treaty, and any national implementations thereof. + +2. Waiver. To the greatest extent permitted by, but not in contravention of, +applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and +unconditionally waives, abandons, and surrenders all of Affirmer's Copyright +and Related Rights and associated claims and causes of action, whether now +known or unknown (including existing as well as future claims and causes of +action), in the Work (i) in all territories worldwide, (ii) for the maximum +duration provided by applicable law or treaty (including future time +extensions), (iii) in any current or future medium and for any number of +copies, and (iv) for any purpose whatsoever, including without limitation +commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes +the Waiver for the benefit of each member of the public at large and to the +detriment of Affirmer's heirs and successors, fully intending that such Waiver +shall not be subject to revocation, rescission, cancellation, termination, or +any other legal or equitable action to disrupt the quiet enjoyment of the Work +by the public as contemplated by Affirmer's express Statement of Purpose. + +3. Public License Fallback. Should any part of the Waiver for any reason be +judged legally invalid or ineffective under applicable law, then the Waiver +shall be preserved to the maximum extent permitted taking into account +Affirmer's express Statement of Purpose. In addition, to the extent the Waiver +is so judged Affirmer hereby grants to each affected person a royalty-free, +non transferable, non sublicensable, non exclusive, irrevocable and +unconditional license to exercise Affirmer's Copyright and Related Rights in +the Work (i) in all territories worldwide, (ii) for the maximum duration +provided by applicable law or treaty (including future time extensions), (iii) +in any current or future medium and for any number of copies, and (iv) for any +purpose whatsoever, including without limitation commercial, advertising or +promotional purposes (the "License"). The License shall be deemed effective as +of the date CC0 was applied by Affirmer to the Work. Should any part of the +License for any reason be judged legally invalid or ineffective under +applicable law, such partial invalidity or ineffectiveness shall not +invalidate the remainder of the License, and in such case Affirmer hereby +affirms that he or she will not (i) exercise any of his or her remaining +Copyright and Related Rights in the Work or (ii) assert any associated claims +and causes of action with respect to the Work, in either case contrary to +Affirmer's express Statement of Purpose. + +4. Limitations and Disclaimers. + + a. No trademark or patent rights held by Affirmer are waived, abandoned, + surrendered, licensed or otherwise affected by this document. + + b. Affirmer offers the Work as-is and makes no representations or warranties + of any kind concerning the Work, express, implied, statutory or otherwise, + including without limitation warranties of title, merchantability, fitness + for a particular purpose, non infringement, or the absence of latent or + other defects, accuracy, or the present or absence of errors, whether or not + discoverable, all to the greatest extent permissible under applicable law. + + c. Affirmer disclaims responsibility for clearing rights of other persons + that may apply to the Work or any use thereof, including without limitation + any person's Copyright and Related Rights in the Work. Further, Affirmer + disclaims responsibility for obtaining any necessary consents, permissions + or other rights required for any use of the Work. + + d. Affirmer understands and acknowledges that Creative Commons is not a + party to this document and has no duty or obligation with respect to this + CC0 or use of the Work. + +For more information, please see + diff --git a/README.md b/README.md new file mode 100644 index 0000000..e23154e --- /dev/null +++ b/README.md @@ -0,0 +1,7 @@ +Name +---- +𒁾 kišib (Sumerian) - n. cylinder seal, sealed tablet + +License +------- +Everything in the repo is under CC0. diff --git a/kishib.py b/kishib.py new file mode 100644 index 0000000..6fe16da --- /dev/null +++ b/kishib.py @@ -0,0 +1,158 @@ +import base64 +import hashlib +import socket +import sys + +def error(*args): + print('%s: Error:' % sys.argv[0], *args, file = sys.stderr) + sys.exit(1) + +def enc_len(length): + assert 0 <= length < 1<<16 + high_byte = length >> 8 + low_byte = length & 0xff + return bytes([low_byte, high_byte]) + +def dec_len(encoded): + low_byte, high_byte = encoded + return (high_byte << 8) | low_byte + +def server(server_pubkey, port): + sock = None + for res in socket.getaddrinfo(None, port, socket.AF_UNSPEC, socket.SOCK_STREAM, 0, socket.AI_PASSIVE): + af, socktype, proto, canonname, sa = res + try: + sock = socket.socket(af, socktype, proto) + except OSError: + sock = None + continue + try: + sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + sock.bind(sa) + sock.listen(1) + except OSError: + sock.close() + sock = None + continue + break + + if sock is None: + error('Could not bind on port %i' % port) + + conn, addr = sock.accept() + with conn: + remote_host, remote_port = addr + print('Connection from %s' % remote_host) + + client_pubkey_len = dec_len(conn.recv(2)) + client_pubkey = bytearray() + while len(client_pubkey) < client_pubkey_len: + data = conn.recv(1024) + if not data: + sock.close() + error('Client public key could not be received') + client_pubkey.extend(data) + + conn.sendall(enc_len(len(server_pubkey))) + conn.sendall(server_pubkey) + + conn.shutdown(socket.SHUT_RDWR) + + sock.close() + + return bytes(client_pubkey) + +def client(client_pubkey, host, port): + sock = None + for res in socket.getaddrinfo(host, port, socket.AF_UNSPEC, socket.SOCK_STREAM): + af, socktype, proto, canonname, sa = res + try: + sock = socket.socket(af, socktype, proto) + except OSError: + sock = None + continue + try: + sock.connect(sa) + except OSError: + sock.close() + sock = None + continue + break + + if sock is None: + error('Could not connect to %s on port %i' % (host, port)) + + print('Connected to %s' % host) + + with sock: + sock.sendall(enc_len(len(client_pubkey))) + sock.sendall(client_pubkey) + + server_pubkey_len = dec_len(sock.recv(2)) + server_pubkey = bytearray() + while len(server_pubkey) < server_pubkey_len: + data = sock.recv(1024) + if not data: + error('Server public key could not be received') + server_pubkey.extend(data) + + sock.shutdown(socket.SHUT_RDWR) + + return bytes(server_pubkey) + +def sha512(x): + h = hashlib.sha512() + h.update(x) + return h.digest() + +def auth_hash(client_pubkey, server_pubkey): + client_pubkey_hash = sha512(enc_len(len(client_pubkey)) + client_pubkey) + server_pubkey_hash = sha512(enc_len(len(server_pubkey)) + server_pubkey) + combined_hash = sha512(client_pubkey_hash + server_pubkey_hash) + + truncated_hash = combined_hash[:32] + hash_check = sha512(truncated_hash)[:4] + return truncated_hash + hash_check + +def chunk(sliceable, length): + for i in range(0, len(sliceable), length): + yield sliceable[i:i + length] + +def format_hash(hash_bytes): + hash_base64 = base64.b64encode(hash_bytes).decode() + chunked_base64 = chunk(hash_base64, 4) + return '-'.join(chunked_base64) + +def verify(client_pubkey, server_pubkey): + own_hash = auth_hash(client_pubkey, server_pubkey) + print('Authentication hash: %s' % format_hash(own_hash)) + + # TODO: Actually verify + +def main(): + # TODO: Actual agument parsing + # TODO: Read pubkeys from files + # TODO: Write pubkeys to files + if sys.argv[1] == 'server': + port = int(sys.argv[2]) + server_pubkey = b'server\n' + + client_pubkey = server(server_pubkey, port) + + verify(client_pubkey, server_pubkey) + + elif sys.argv[1] == 'client': + host = sys.argv[2] + port = int(sys.argv[3]) + client_pubkey = b'client\n' + + server_pubkey = client(client_pubkey, host, port) + + verify(client_pubkey, server_pubkey) + + else: + print('Usage: %s server PORT') + print('Usage: %s client HOST PORT') + +if __name__ == '__main__': + main()