python3 验证客户端链接的合法性

服务端:

  1.secret_key为bytes类型

  2.random_bytes = os.urandom(n) 随机生成一个长度为n的random_bytes

  server.send(random_bytes)发送给客户端

  3.hmac_bytes = hmac(secret_key, random_bytes, 'md5').digest()

  通过hmac模块对secret_key和random_bytes进行md5加密,生成一个md5加密后的hmac_bytes

  client_hmac_bytes = server.recv(len(hmac_bytes))

  接收长度为len(hmac_bytes)的客户端md5加密后的client_hmac_bytes

  hmac.compare_digest(hmac_bytes, client_hmac_bytes)

  使用hmac.compare_digest()方法对比hmac_bytes和client_hmac_bytes是否一致

 

客户端:

  1.secret_key为bytes类型

  2.random_bytes = client.recv(n) 接收长度为n的random_bytes

  3.client_hmac_bytes = hmac(secret_key, random_bytes, 'md5').digest()

  通过hmac模块对secret_key和random_bytes进行md5加密,生成一个md5加密后的client_hmac_bytes

  client.send(client_hmac_bytes) 将client_hmac_bytes发送给服务端

--------------------------------tcp_server.py--------------------------------
#
coding:utf-8 import os import hmac import socket secret_key = b'This is my secret key' # bytes类型 def conn_auth(conn): random_bytes = os.urandom(32) # 随机生成长度为32字节的bytes conn.send(random_bytes) # 发送给客户端 server_md5_bytes = hmac.new(secret_key, random_bytes, 'md5').digest() # md5加密后的bytes client_md5_bytes = conn.recv(len(server_md5_bytes)) # 接收客户端数据 return hmac.compare_digest(server_md5_bytes, client_md5_bytes) # 对比md5加密后的bytes def data_handler(conn, bufsize=1024): if not conn_auth(conn): print("客户端链接认证失败.") conn.close() return print("客户端链接认证成功.") while 1: client_msg = conn.recv(bufsize) if not client_msg: break print("客户端消息: ", client_msg.decode("utf-8")) conn.send(client_msg.upper()) def server_handler(ip_port, backlog=5): server = socket.socket() server.bind(ip_port) server.listen(backlog) while 1: conn, addr = server.accept() print("客户端链接地址: %s 端口号: %s" % (addr[0], addr[1])) data_handler(conn) conn.close() server.close() if __name__ == '__main__': ip_port = ("127.0.0.1", 8001) bufsize = 1024 server_handler(ip_port, bufsize)

--------------------------------tcp_client.py--------------------------------
# coding:utf-8 import hmac import socket secret_key = b'This is my secret key.' # bytes类型 def conn_auth(conn): server_bytes = conn.recv(32) # 接收来自服务端的随机bytes client_md5_bytes = hmac.new(secret_key, server_bytes, 'md5').digest() # md5加密后的bytes conn.send(client_md5_bytes) # 把md5加密后的bytes发送给服务端 def client_handler(ip_port, bufsize=1024): client = socket.socket() client.connect(ip_port) conn_auth(client) while 1: inp = input(">>>: ").strip() if not inp: continue if inp.upper() == "Q": break client.send(inp.encode("utf-8")) server_msg = client.recv(bufsize) print("服务端消息: ", server_msg.decode("utf-8")) client.close() if __name__ == '__main__': ip_port = ("127.0.0.1", 8001) bufsize = 1024 client_handler(ip_port, bufsize)
posted on 2019-05-29 19:10  lilyxiaoyy  阅读(387)  评论(0编辑  收藏  举报

返回
顶部