CHAP

This are two little python scripts to demonstrate the CHAP workflow. One script is serving and the other fetching.

Presets

• Python 3.8.5

Usage

To use just first start the server and then the client script

Imported Libraries

Client

• xmlrpc.client
• hashlib
• os
• sys

Server

• uuid
• pickle
• hashlib
• xmlrpc.server

Internal workings

The server script will the serve a XMLRPC server with 4 endpoints on Port 8000 at localhost (the local machine) :

• init(): [ session_id: uuid, seed: uuid ]

This endpoint will start a new session and send you the id and seed of this new session

• auth( session_id: uuid, username: string, password_hash: string): bool

This endpoint requires the session id, an username and your password hash generated from the password concatenated with the seed and hashed using sha256 It will return whether the password is correct and you are authorized and set you as authorized in the server instance

• logout( session_id: uuid, username: string, password_hash: string): bool

This endpoint requires the session id, an username and your password hash generated from the password concatenated with the seed and hashed using sha256 It will destroy the session and return you if it worked (should always return true)

• hello( session_id: uuid ): string

This endpoint will return a string with a hello message if you are authorized and a denial message otherwise

• create_user( session: uuid, username: string, password: string )

This endpoint requires the session id a username and a password for a user to add, adds this user and saves it to a file

Note: uuid is not a the DataType but a string in uuid format

The client script will then establish a connection, initialize a session, successfully authorize itself, print the return value from hello method and finally destroy the session.