一. 验证客户端合法性 hmac模块
Python内置的hmac模块实现了标准的Hmac算法,
它利用一个key对message计算“杂凑”后的hash,
使用hmac算法比标准hash算法更安全,因为针对相同的message,不同的key会产生不同的hash。
import os aa=os.urandom(32) print(type(aa),aa) print("*******************************************************888") import hmac message = b'Hello world' key = b'secret' h = hmac.new(key,message,digestmod="md5") # 第一个参数是密钥key,第二个参数是待加密的字符串,第三个参数是hash函数 print(h.hexdigest()) print("*******************************************************888") 检测 一下客户端是否合法 不依靠登陆认证 import hmac h=hmac.new() # secret_key 你想进行加密的bytes 密文=h.digest() # 密文 # 返回摘要,作为二进制数据字符串值 hmac.compare_digest() # 对比 密文 另外一密文
1.验证客户端合法性
server import os import hmac import socket secret_key=b'lover' sk=socket.socket() sk.bind(('127.0.0.1',8600)) sk.listen() def chek(conn): msg=os.urandom(32) conn.send(msg) h=hmac.new(secret_key,msg) dige=h.digest() client_dige=conn.recv(1024) return hmac.compare_digest(dige,client_dige) conn,addr=sk.accept() res=chek(conn) if res: print("合法的客服端") conn.close() else: print("不合法的客服端") conn.close()
client import hmac import socket secret_key=b'lover' sk=socket.socket() sk.connect(('127.0.0.1',8600))
msg=sk.recv(1024) h=hmac.new(secret_key,msg) dige=h.digest() sk.send(dige)
案例
server from socket import * ip_prot=("192.168.59.1",8600) import hmac import os res_key=b"lover" def server_hma(conn): msg=os.urandom(32) conn.sendall(msg) h= hmac.new(res_key,msg) dis=h.digest() req=conn.recv(len(dis)) cc=hmac.compare_digest(req,dis) return cc def server_conn(conn): while True: if not server_hma(conn): print("这是不符合") break else: date = conn.recv(1024) if not date: break conn.sendall(date.upper()) def server_head(ip_prot): server=socket(AF_INET,SOCK_STREAM) server.bind(ip_prot) server.listen(5) conn,addr=server.accept() server_conn(conn) server_head(ip_prot)
client 合法客服端 from socket import * import hmac ip_prot=("192.168.59.1",8600) import hmac import os res_key=b"lover" def client_hm(client): msg=client.recv(32) h=hmac.new(res_key,msg) dis=h.digest() client.sendall(dis) def client_head(ip): client=socket(AF_INET,SOCK_STREAM) client.connect(ip) client_hm(client) while True: aa=input("》》》").strip() if not aa: continue client.sendall(aa.encode("utf-8")) bb=client.recv(1024) print(bb.decode("utf-8")) client_head(ip_prot)
cliinet 非法客服端(没有验证) #_*_coding:utf-8_*_ __author__ = 'Linhaifeng' from socket import * def client_handler(ip_port,bufsize=1024): tcp_socket_client=socket(AF_INET,SOCK_STREAM) tcp_socket_client.connect(ip_port) while True: data=input('>>: ').strip() if not data:continue if data == 'quit':break tcp_socket_client.sendall(data.encode('utf-8')) respone=tcp_socket_client.recv(bufsize) print(respone.decode('utf-8')) tcp_socket_client.close() if __name__ == '__main__': ip_port=('127.0.0.1',9999) bufsize=1024
clinet 非法客户端 不知道key __author__ = 'Linhaifeng' from socket import * import hmac,os secret_key=b'linhaifeng bang bang bang1111' def conn_auth(conn): ''' 验证客户端到服务器的链接 :param conn: :return: ''' msg=conn.recv(32) h=hmac.new(secret_key,msg) digest=h.digest() conn.sendall(digest) def client_handler(ip_port,bufsize=1024): tcp_socket_client=socket(AF_INET,SOCK_STREAM) tcp_socket_client.connect(ip_port) conn_auth(tcp_socket_client) while True: data=input('>>: ').strip() if not data:continue if data == 'quit':break tcp_socket_client.sendall(data.encode('utf-8')) respone=tcp_socket_client.recv(bufsize) print(respone.decode('utf-8')) tcp_socket_client.close() if __name__ == '__main__': ip_port=('127.0.0.1',9999) bufsize=1024 client_handler(ip_port,bufsize)