Ejemplo n.º 1
0
def download(filename, destination, privpath, user):
    """Download function, creates a temporary file to
    where the encrypted file is streamed to, then it is read
    chunk by chunk and decrypted.

    Security:
        - Authentication
        - File is decrypted with AES
        - hasher is created for File Integrity Control
        - Public key is accessed for decrypting the AES
          key
        - Private Key is accessed for verifying the file signature
        - All relevant information is kept client-side"""

    (username, session) = user.getInfo()
    message = {'filename': filename}
    messageToSend = security.encryptS_AES(json.dumps(message),
                                          session.decode('hex')).encode('hex')
    params = {'data': messageToSend, 'username': username}
    datagen, headers = multipart_encode(params)
    try:
        resp = urllib2.Request('https://localhost:8080/download', datagen,
                               headers)
        data = urllib2.urlopen(resp)
        fn = data.info().getheader('filename')
        date = json.loads(
            security.decryptS_AES(data.info().getheader('data').decode('hex'),
                                  session.decode('hex')))
        aes = data.info().getheader('aes').decode('hex')
        iv = date['iv'].decode('hex')
        signature = date['sign'].decode('hex')

        with open(privpath, 'rb') as f:
            priv = security.importkey_RSA(f.read())
        pub = security.importkey_RSA(getPubKey(username))
        RsaAES = security.decrypt_RSA(priv, aes)
        decipher = security.getDecipher(iv, RsaAES)
        tf = tempfile.NamedTemporaryFile(delete=True)

        CHUNK = 16 * 1024
        while True:
            chunk = data.read(CHUNK)
            if not chunk:
                break
            tf.write(chunk)
        tf.seek(0)

        hasher = security.Hasher()
        with open(os.path.join(str(destination), filename), 'wb') as out:
            security.decrypt_AES(decipher, tf, out, hasher)
        new = hasher.get()
        if security.verifyFile(pub, new, signature):
            print 'The File was not changed!'
        else:
            print 'The File was changed!'
        tf.close()
    except urllib2.HTTPError as e:
        print str(e.code) + ': ' + e.reason
        print 'Currently, you are not a valid user!\nSafeBox Team'
Ejemplo n.º 2
0
def diff(user, filename, privpath, filefp):
    """Function for getting the difference between a file in
    the server and a user file, works like download except no file
    is written.

    Security:
        - Authentication
        - File is decrypted with AES
        - hasher is created for File Integrity Control
        - Public key is accessed for decrypting the AES
          key
        - Private Key is accessed for verifying the file signature
        - All relevant information is kept client-side"   """
    (username, session) = user.getInfo()
    message = {'filename': filename}
    messageToSend = security.encryptS_AES(json.dumps(message),
                                          session.decode('hex')).encode('hex')
    params = {'data': messageToSend, 'username': username}
    datagen, headers = multipart_encode(params)

    try:
        resp = urllib2.Request('https://localhost:8080/download', datagen,
                               headers)
        data = urllib2.urlopen(resp)
        fn = data.info().getheader('filename')
        date = json.loads(
            security.decryptS_AES(data.info().getheader('data').decode('hex'),
                                  session.decode('hex')))
        aes = data.info().getheader('aes').decode('hex')
        iv = date['iv'].decode('hex')
        signature = date['sign'].decode('hex')
        with open(privpath, 'rb') as f:
            priv = security.importkey_RSA(f.read())
        pub = security.importkey_RSA(getPubKey(username))
        RsaAES = security.decrypt_RSA(priv, aes)
        decipher = security.getDecipher(iv, RsaAES)
        tf = tempfile.NamedTemporaryFile(delete=True)
        out = tempfile.NamedTemporaryFile(delete=True)
        CHUNK = 16 * 1024
        while True:
            chunk = data.read(CHUNK)
            if not chunk:
                break
            tf.write(chunk)
        tf.seek(0)

        hasher = security.Hasher()
        security.decrypt_AES(decipher, tf, out, hasher)
        out.seek(0)
        new = hasher.get()
        comp = open(filefp, 'rb').readlines()
        cenas = out.readlines()
        return diffchecker(comp, cenas)
    except urllib2.HTTPError as e:
        print str(e.code) + ': ' + e.reason
        print 'Currently, you are not a valid user!\nSafeBox Team'
Ejemplo n.º 3
0
def download(filename, destination, privpath, user):
    """Download function, creates a temporary file to
    where the encrypted file is streamed to, then it is read
    chunk by chunk and decrypted.

    Security:
        - Authentication
        - File is decrypted with AES
        - hasher is created for File Integrity Control
        - Public key is accessed for decrypting the AES
          key
        - Private Key is accessed for verifying the file signature
        - All relevant information is kept client-side"""

    (username, session) = user.getInfo()
    message = {"filename": filename}
    messageToSend = security.encryptS_AES(json.dumps(message), session.decode("hex")).encode("hex")
    params = {"data": messageToSend, "username": username}
    datagen, headers = multipart_encode(params)
    try:
        resp = urllib2.Request("https://localhost:8080/download", datagen, headers)
        data = urllib2.urlopen(resp)
        fn = data.info().getheader("filename")
        date = json.loads(security.decryptS_AES(data.info().getheader("data").decode("hex"), session.decode("hex")))
        aes = data.info().getheader("aes").decode("hex")
        iv = date["iv"].decode("hex")
        signature = date["sign"].decode("hex")

        with open(privpath, "rb") as f:
            priv = security.importkey_RSA(f.read())
        pub = security.importkey_RSA(getPubKey(username))
        RsaAES = security.decrypt_RSA(priv, aes)
        decipher = security.getDecipher(iv, RsaAES)
        tf = tempfile.NamedTemporaryFile(delete=True)

        CHUNK = 16 * 1024
        while True:
            chunk = data.read(CHUNK)
            if not chunk:
                break
            tf.write(chunk)
        tf.seek(0)

        hasher = security.Hasher()
        with open(os.path.join(str(destination), filename), "wb") as out:
            security.decrypt_AES(decipher, tf, out, hasher)
        new = hasher.get()
        if security.verifyFile(pub, new, signature):
            print "The File was not changed!"
        else:
            print "The File was changed!"
        tf.close()
    except urllib2.HTTPError as e:
        print str(e.code) + ": " + e.reason
        print "Currently, you are not a valid user!\nSafeBox Team"
Ejemplo n.º 4
0
def diff(user, filename, privpath, filefp):
    """Function for getting the difference between a file in
    the server and a user file, works like download except no file
    is written.

    Security:
        - Authentication
        - File is decrypted with AES
        - hasher is created for File Integrity Control
        - Public key is accessed for decrypting the AES
          key
        - Private Key is accessed for verifying the file signature
        - All relevant information is kept client-side"   """
    (username, session) = user.getInfo()
    message = {"filename": filename}
    messageToSend = security.encryptS_AES(json.dumps(message), session.decode("hex")).encode("hex")
    params = {"data": messageToSend, "username": username}
    datagen, headers = multipart_encode(params)

    try:
        resp = urllib2.Request("https://localhost:8080/download", datagen, headers)
        data = urllib2.urlopen(resp)
        fn = data.info().getheader("filename")
        date = json.loads(security.decryptS_AES(data.info().getheader("data").decode("hex"), session.decode("hex")))
        aes = data.info().getheader("aes").decode("hex")
        iv = date["iv"].decode("hex")
        signature = date["sign"].decode("hex")
        with open(privpath, "rb") as f:
            priv = security.importkey_RSA(f.read())
        pub = security.importkey_RSA(getPubKey(username))
        RsaAES = security.decrypt_RSA(priv, aes)
        decipher = security.getDecipher(iv, RsaAES)
        tf = tempfile.NamedTemporaryFile(delete=True)
        out = tempfile.NamedTemporaryFile(delete=True)
        CHUNK = 16 * 1024
        while True:
            chunk = data.read(CHUNK)
            if not chunk:
                break
            tf.write(chunk)
        tf.seek(0)

        hasher = security.Hasher()
        security.decrypt_AES(decipher, tf, out, hasher)
        out.seek(0)
        new = hasher.get()
        comp = open(filefp, "rb").readlines()
        cenas = out.readlines()
        return diffchecker(comp, cenas)
    except urllib2.HTTPError as e:
        print str(e.code) + ": " + e.reason
        print "Currently, you are not a valid user!\nSafeBox Team"