From 75892afb2e39451e34a10b5f186d995025358084 Mon Sep 17 00:00:00 2001 From: Lonami Date: Sat, 3 Sep 2016 16:46:40 +0200 Subject: [PATCH] Reached Authenticator's step 3 --- network/authenticator.py | 16 ++++++++----- unit_test.py | 49 ++++++++++++++++------------------------ utils/helpers.py | 2 +- 3 files changed, 31 insertions(+), 36 deletions(-) diff --git a/network/authenticator.py b/network/authenticator.py index dcadd622..f79e3187 100755 --- a/network/authenticator.py +++ b/network/authenticator.py @@ -39,7 +39,9 @@ def do_authentication(transport): server_nonce = reader.read(16) pq_bytes = reader.tgread_bytes() - pq = int.from_bytes(pq_bytes, byteorder='little') + # "string pq is a representation of a natural number (in binary big endian format)" + # See https://core.telegram.org/mtproto/auth_key#dh-exchange-initiation + pq = int.from_bytes(pq_bytes, byteorder='big') vector_id = reader.read_int() if vector_id != 0x1cb5c415: @@ -88,7 +90,6 @@ def do_authentication(transport): # Step 2 response: DH Exchange encrypted_answer = None - # TODO, there is no data to read? What's going on? with BinaryReader(sender.receive()) as reader: response_code = reader.read_int(signed=False) @@ -110,7 +111,8 @@ def do_authentication(transport): # Step 3 sending: Complete DH Exchange key, iv = utils.generate_key_data_from_nonces(server_nonce, new_nonce) - aes = pyaes.AESModeOfOperationCFB(key, iv, 16) + # TODO ValueError: initialization vector must be 16 bytes + aes = pyaes.AESModeOfOperationCFB(key, iv, len(key)) plain_text_answer = aes.decrypt(encrypted_answer) g, dh_prime, ga, time_offset = None, None, None, None @@ -129,13 +131,15 @@ def do_authentication(transport): raise AssertionError('Invalid server nonce in encrypted answer') g = dh_inner_data_reader.read_int() - dh_prime = int.from_bytes(dh_inner_data_reader.tgread_bytes(), byteorder='little', signed=True) - ga = int.from_bytes(dh_inner_data_reader.tgread_bytes(), byteorder='little', signed=True) + # "current value of dh_prime equals (in big-endian byte order) + # See https://core.telegram.org/mtproto/auth_key#presenting-proof-of-work-server-authentication + dh_prime = int.from_bytes(dh_inner_data_reader.tgread_bytes(), byteorder='big', signed=True) + ga = int.from_bytes(dh_inner_data_reader.tgread_bytes(), byteorder='big', signed=True) server_time = dh_inner_data_reader.read_int() time_offset = server_time - int(time.time() * 1000) # Multiply by 1000 to get milliseconds - b = int.from_bytes(utils.generate_random_bytes(2048), byteorder='little') + b = int.from_bytes(utils.generate_random_bytes(2048), byteorder='big', signed=True) gb = pow(g, b, dh_prime) gab = pow(ga, b, dh_prime) diff --git a/unit_test.py b/unit_test.py index 6d665723..ecfcb38b 100755 --- a/unit_test.py +++ b/unit_test.py @@ -8,7 +8,6 @@ from network.tcp_client import TcpClient from utils.binary_reader import BinaryReader from utils.binary_writer import BinaryWriter from utils.factorizator import Factorizator -from utils.rsa import RSA host = 'localhost' @@ -110,7 +109,6 @@ class UnitTest(unittest.TestCase): assert buffer == valid, "Written type should be {} but is {}".format(list(valid), list(buffer)) - @staticmethod def test_binary_tgwriter_tgreader(): string = 'Testing Telegram strings, this should work properly!' @@ -143,7 +141,6 @@ class UnitTest(unittest.TestCase): assert p == 1719614201, 'Factorized pair did not yield the correct result' assert q == 1813767169, 'Factorized pair did not yield the correct result' - @staticmethod def test_to_byte_array(): for value, real in zip( @@ -169,36 +166,30 @@ class UnitTest(unittest.TestCase): real = '0A-54-92-7C-8D-06-3A-29-99-04-8E-F8-6A-3F-C4-8E-D3-7D-6D-39' assert hashsum == real, 'Invalid sha1 hashsum representation (should be {}, but is {})'.format(real, data) - @staticmethod - def test_rsa(): - fingerprint = '216BE86C022BB4C3' - data = get_bytes('EC-5A-C9-83-08-29-86-64-72-35-B8-4B-7D-00-00-00-04-59-6B-F5-41-00-00-00-04-76-E1-1B-3D-00-00-00-CE-2A-EA-DE-D2-17-35-B8-E6-AB-3B-3A-00-0A-79-46-C6-09-3A-99-E9-C1-5B-B5-20-30-27-B7-D5-4F-2F-A3-1C-AF-F4-23-54-B2-5E-BD-00-AB-71-0A-3E-67-94-21-E3-B3-72-71-C0-29-50-00-19-8C-CD-6A-52-D4-CE-9E') - hashsum = utils.sha1(data) - real = get_bytes('6C-86-F7-6D-A2-F5-C2-A5-D0-4D-D5-45-8A-85-AE-62-8B-F7-84-A0') + def test_bytes_to_int(): + bytez = b'\x01\x23\x45\x67\x89\xab\xcd\xef' - assert hashsum == real, 'Invalid sha1 hashsum representation (should be {}, but is {})'\ - .format(get_representation(real), get_representation(data)) + reprs = get_representation(bytez) + real = '01-23-45-67-89-AB-CD-EF' + assert reprs == real, 'Invalid bytes representation (should be {} but is {})'.format(real, reprs) + assert bytez == get_bytes(reprs), 'Invalid representation to bytes conversion' - with BinaryWriter() as writer: - writer.write(hashsum) - writer.write(data) - - real = get_bytes('6C-86-F7-6D-A2-F5-C2-A5-D0-4D-D5-45-8A-85-AE-62-8B-F7-84-A0-EC-5A-C9-83-08-29-86-64-72-35-B8-4B-7D-00-00-00-04-59-6B-F5-41-00-00-00-04-76-E1-1B-3D-00-00-00-CE-2A-EA-DE-D2-17-35-B8-E6-AB-3B-3A-00-0A-79-46-C6-09-3A-99-E9-C1-5B-B5-20-30-27-B7-D5-4F-2F-A3-1C-AF-F4-23-54-B2-5E-BD-00-AB-71-0A-3E-67-94-21-E3-B3-72-71-C0-29-50-00-19-8C-CD-6A-52-D4-CE-9E') - assert writer.get_bytes() == real, 'Invalid written value' - - # Since the random padding is random by nature, use the sample data we know the result for - data = get_bytes( - '6C-86-F7-6D-A2-F5-C2-A5-D0-4D-D5-45-8A-85-AE-62-8B-F7-84-A0-EC-5A-C9-83-08-29-86-64-72-35-B8-4B-7D-00-00-00-04-59-6B-F5-41-00-00-00-04-76-E1-1B-3D-00-00-00-CE-2A-EA-DE-D2-17-35-B8-E6-AB-3B-3A-00-0A-79-46-C6-09-3A-99-E9-C1-5B-B5-20-30-27-B7-D5-4F-2F-A3-1C-AF-F4-23-54-B2-5E-BD-00-AB-71-0A-3E-67-94-21-E3-B3-72-71-C0-29-50-00-19-8C-CD-6A-52-D4-CE-9E-10-F4-6E-C6-1F-CB-DC-8C-2A-7A-91-92-71-22-D6-08-AD-B4-6D-5F-D3-59-0F-F4-71-1A-57-FF-17-9E-AE-CD-D8-90-4B-DB-1A-1F-06-C1-22-8D-20-67-F8-F0-F2-D1-26-DF-E9-78-72-A7-DF-B6-E5-7A-55-04-73-DD-74-8B-CB-C3-B9-E1-D7-FA-EE-8E-AD-AB-3D-46-39-A8-FB-80-28-85-D8-38-B5-35-5B-30-B0-94-F6-A0-CA-02-4E-45-18-94-9B-35-36-11-FA-2C-F0-5B-CA-C6-6A-98-7D-3C-7E-D4-DB-ED-05-3C-D6-95-68-88-30-43-04-4E-C3-AB-5D-F7-2D-A5-0C-C6-49-17-8B-AC-48') - - e = 65537 - m = 24403446649145068056824081744112065346446136066297307473868293895086332508101251964919587745984311372853053253457835208829824428441874946556659953519213382748319518214765985662663680818277989736779506318868003755216402538945900388706898101286548187286716959100102939636333452457308619454821845196109544157601096359148241435922125602449263164512290854366930013825808102403072317738266383237191313714482187326643144603633877219028262697593882410403273959074350849923041765639673335775605842311578109726403165298875058941765362622936097839775380070572921007586266115476975819175319995527916042178582540628652481530373407 - - cipher_text = utils.get_byte_array(pow(int.from_bytes(data, byteorder='big'), e, m), signed=False) - real = get_bytes('13-8A-DC-F1-10-FF-59-29-2D-ED-4A-16-AA-D9-FA-15-A5-9A-A2-A6-33-D0-23-77-6F-E7-42-30-52-9E-4E-A9-CA-8F-CD-11-71-AB-C8-E2-97-2C-B9-A1-68-FA-4D-02-A9-56-30-84-5B-F6-5F-5D-1E-95-53-A4-A9-8F-1F-66-82-0C-20-8F-6D-EB-6F-B0-F5-D2-6C-45-89-14-1F-69-85-C8-6F-C7-41-A5-76-5F-F5-BA-9B-18-32-F7-02-C8-29-A7-70-BE-8E-FD-9E-86-48-6D-00-1E-AF-77-3F-7C-A4-1E-CD-03-21-18-4A-4D-57-FB-D9-6F-B0-4A-AD-24-A4-6F-01-07-CB-56-AC-37-22-9F-50-1F-EA-B9-17-51-EB-4B-A9-30-14-5A-A8-A9-5F-9D-9D-A5-AE-46-86-0D-0B-07-2D-84-C6-3B-DD-AD-4B-EA-89-07-CF-6B-DD-D4-68-38-F9-A9-62-A7-A3-3A-CB-79-F3-42-1B-28-E4-25-90-9B-B2-ED-EE-BC-65-8B-10-21-38-27-8B-66-98-51-A2-30-4B-F0-EA-BD-5D-E1-7D-D0-55-6E-A5-D1-FB-12-01-C2-44-D7-1F-B5-28-37-3B-08-8D-3B-79-59-D6-15-76-A4-4B-E6-3C-B3-16-58-88-9F-F9-77-21-C1-99-4E') - assert cipher_text == real, 'Invalid ciphered text (should be {}, but is {})'\ - .format(get_representation(real), get_representation(cipher_text)) + value = int.from_bytes(bytez, byteorder='big', signed=True) + real = 81985529216486895 + assert value == real, 'Invalid bytes to int conversion (should be {} but is {})'.format(real, value) + # Now test more cases + for repr, real in zip( + ['24-9D-FE-49-20-45-DF-C3', '60-44-F3-33', '61-5F-61-31'], + [2638544546736496579, 1615131443, 1633640753] + ): + bytez = get_bytes(repr) + if len(bytez) > 8: + value = int.from_bytes(bytez, byteorder='little', signed=True) + else: + value = int.from_bytes(bytez, byteorder='big', signed=True) + assert value == real, 'Invalid bytes to int conversion (should be {} but is {})'.format(real, value) if __name__ == '__main__': unittest.main() diff --git a/utils/helpers.py b/utils/helpers.py index 78e5bdf9..be804f8f 100755 --- a/utils/helpers.py +++ b/utils/helpers.py @@ -60,7 +60,7 @@ def generate_key_data_from_nonces(server_nonce, new_nonce): iv_buffer.write(hash2[12:20]) iv_buffer.write(hash3) - iv_buffer.write_byte(new_nonce[:4]) + iv_buffer.write(new_nonce[:4]) return key_buffer.get_bytes(), iv_buffer.get_bytes()