Beispiel #1
0
def initiatehandshake():
    if request.method == "POST":
        global nonce, session_key_with_alice, session_key_with_bob

        response_text = config.get_response("GET", "/getpublickey", {},
                                            config.BOB_PORT)
        response_text = json.loads(response_text)
        bob_public_key = response_text["public_key"]

        c_priv_key = RSA.importKey(charlie_private_key)
        c_pub_key = RSA.importKey(charlie_public_key)
        b_pub_key = RSA.importKey(bob_public_key)
        a_pub_key = RSA.importKey(alice_public_key)

        message = request.form["message"]
        message = base64.b64decode(message)
        message = c_priv_key.decrypt(message)
        message = json.loads(message)

        user_name = message['message']
        session_key_with_alice = message['session_key']

        session_key_with_bob = config.generate_key()

        data = json.dumps({
            "message": str(user_name),
            "session_key": session_key_with_bob
        })
        data = b_pub_key.encrypt(data, None)
        data = data[0]
        data = base64.b64encode(data)
        data = {"message": data}

        response_text = config.get_response("POST", "/initiatehandshake", data,
                                            config.BOB_PORT)
        response_text = json.loads(response_text)
        if response_text['success']:
            message = response_text['message']
            message = config.aes_decrypt(message, session_key_with_bob)
            message = json.loads(message)
            nonce = message['nonce']
            message = message['message']

            data = json.dumps({'message': message, 'nonce': nonce})
            encrypted_message = config.aes_encrypt(data,
                                                   session_key_with_alice)

            response = make_response(
                json.dumps({
                    'success': True,
                    'message': encrypted_message
                }), status.HTTP_200_OK)
            return response

        response = make_response(
            json.dumps({
                'success': False,
                'error': 'Handshake Failed'
            }), status.HTTP_200_OK)
        return response
Beispiel #2
0
def chat_with_bob():
	if request.method == "POST":

		user_name = request.form["user_name"]

		response_text = config.get_response("GET", "/getpublickey", {}, config.BOB_PORT)
		response_text = json.loads(response_text)
		bob_public_key = response_text["public_key"]

		a_priv_key = RSA.importKey(alice_private_key)
		a_pub_key = RSA.importKey(alice_public_key)
		b_pub_key = RSA.importKey(bob_public_key)

		session_key = config.generate_key()

		data = json.dumps({"message": str(user_name), "session_key": session_key})
		data = b_pub_key.encrypt(data, None)
		data = data[0]
		data = base64.b64encode(data)
		data = {"message": data}

		response_text = config.get_response("POST", "/initiatehandshake", data, config.BOB_PORT)
		response_text = json.loads(response_text)
		if response_text['success']:
			message = response_text['message']
			message = config.aes_decrypt(message, session_key)
			message = json.loads(message)
			nonce = message['nonce']
			message = message['message']

			if message != user_name:
				response = make_response(json.dumps({'success': False, 'error': "This Isn't Bob."}))
				return response
			else:
				signature = a_priv_key.sign(nonce, None)
				signature = signature[0]

				data = json.dumps({'message': message, 'signature': signature})
				data = config.aes_encrypt(data, session_key)
				data = {'message': data}

				response_text = config.get_response("POST", "/verifyhandshake", data, config.BOB_PORT)
				response_text = json.loads(response_text)
				if response_text['success']:
					response = make_response(json.dumps({'success': True}), status.HTTP_200_OK)
					return response

		response = make_response(json.dumps({'success': False, 'error': 'Handshake Failed'}), status.HTTP_200_OK)
		return response
Beispiel #3
0
def verifyhandshake():
    if request.method == "POST":
        global nonce, session_key_with_alice, session_key_with_bob

        message = request.form['message']
        signature = request.form['signature']
        signature = (long(signature), )

        nonce = int(nonce)

        a_pub_key = RSA.importKey(alice_public_key)

        verified = a_pub_key.verify(int(nonce), signature)

        if verified:
            signature = signature[0]
            data = json.dumps({'message': message, 'signature': signature})
            data = config.aes_encrypt(data, session_key_with_bob)
            data = {'message': data}

            response_text = config.get_response("POST", "/verifyhandshake",
                                                data, config.BOB_PORT)
            response_text = json.loads(response_text)
            if response_text['success']:
                response = make_response(json.dumps({'success': True}),
                                         status.HTTP_200_OK)
                return response

        response = make_response(
            json.dumps({
                'success': False,
                'error': 'Handshake Failed'
            }), status.HTTP_200_OK)
        return response
Beispiel #4
0
        signature = message['signature']
        signature = (long(signature), )

        nonce = int(nonce)

        a_pub_key = RSA.importKey(alice_public_key)

        verified = a_pub_key.verify(int(nonce), signature)

        response = make_response(json.dumps({'success': verified}),
                                 status.HTTP_200_OK)
        return response


@app.route("/getpublickey", methods=["GET"])
def get_public_key():
    return make_response(json.dumps({"public_key": bob_public_key}))


if __name__ == "__main__":
    private_key = RSA.generate(config.KEY_SIZE)
    bob_private_key = private_key.exportKey('PEM')
    bob_public_key = private_key.publickey().exportKey('PEM')
    response_text = config.get_response("GET", "/getpublickey", {},
                                        config.ALICE_PORT)
    response_text = json.loads(response_text)
    alice_public_key = response_text["public_key"]
    app.run(config.HOST, config.BOB_PORT)

# cookie = {nonce}
# userid, Ru<H(pwd, nonce)>