A. Verify the legitimacy of the client module hmac
Python's built hmac module implements the standard of Hmac algorithm,
It is calculated using a hash key for the message "hash",
Hmac algorithm is more secure than using the standard hash algorithm, because for the same message, different key will produce different hash.
import os aa=os.urandom(32) print(type(aa),aa) print("*******************************************************888") import hmac Message = B ' the Hello World ' Key = B ' Secret ' H = hmac.new (key, Message, digestmod = " MD5 " ) # The first argument is the key key, the second argument is the string to be encrypted, The third parameter is a hash function Print (h.hexdigest ()) print("*******************************************************888") Test to see whether the client is legitimate Do not rely on login authentication import hmac H = hmac.new () # SECRET_KEY you want bytes encrypted ciphertext h.digest = () # ciphertext Abstract # returned as binary data string value hmac.compare_digest () # comparative ciphertext another ciphertext
1. Verify the legitimacy of the client
server import os import hmac import socket secret_key=b'lover' sk=socket.socket() sk.bind(('127.0.0.1',8600)) sk.listen() def chek(conn): msg = os.urandom (32 ) conn.send(msg) h=hmac.new(secret_key,msg) dyke = h.digest () client_dige=conn.recv(1024) return hmac.compare_digest(dige,client_dige) conn,addr=sk.accept() RES = Chek (Conn) IF RES: Print ( " legitimate customer terminal " ) conn.close() the else : Print ( " illegal customer service side " ) conn.close()
client import hmac import socket secret_key=b'lover' sk=socket.socket() sk.connect(('127.0.0.1',8600))
msg=sk.recv(1024) h=hmac.new(secret_key,msg) dyke = h.digest () sk.send (head)