def testrsa():
with open("benchmark/rfc8017.txt", 'r') as f:
message = f.read()
sk, pk = rsa.generate_key()
encrypt_session_key, ciphertext, tag = rsa.encrypt(pk, message)
plain, verify = rsa.decrypt(sk, encrypt_session_key, ciphertext, tag)
print(str(plain))
def send_message(receiver, receiver_pk, message, my_pass, is_block=False):
# Encrypt message
encrypt_session_key, ciphertext, tag = rsa.encrypt(receiver_pk, message)
msg_payload = OrderedDict()
msg_payload['encrypt_session_key'] = str(
base64.b64encode(encrypt_session_key), encoding=config.encoding)
msg_payload['ciphertext'] = str(base64.b64encode(ciphertext), encoding=config.encoding)
msg_payload['tag'] = str(base64.b64encode(tag), encoding=config.encoding)
# Init payload
payload = OrderedDict()
payload['sender'] = userdata_service.load_unencrypted_data('name')
payload['receiver'] = receiver
payload['message'] = json.dumps(msg_payload)
payload['is_block'] = is_block
payload['token'] = token_service.get_token()
signature = rsa.sign(key_service.get_rsa_key('sk', my_pass), json.dumps(payload))
payload['signature'] = base64.b64encode(signature)
r = requests.post(config_client.server_ip + '/message/send', payload)
try:
if r.json().get('err') == 0:
os.system('cls')
print('Send message to %s succeed.' % receiver)
return True
return False
except Exception as e:
print(str(e))
return False
def receive_message(receiver, my_pass, is_read=False):
payload = OrderedDict()
payload['receiver'] = receiver
payload['token'] = token_service.get_token()
signature = rsa.sign(key_service.get_rsa_key('sk', my_pass), json.dumps(payload))
payload['signature'] = base64.b64encode(signature)
payload['is_read'] = is_read
r = requests.post(config_client.server_ip + '/message/receive', payload)
try:
if r.json().get('err') == 0:
os.system('cls')
print("Receive message succeed!")
else:
print("Receive message failed")
except Exception as e:
print(str(e))
return False
msg = r.json().get('msg')
signature = base64.b64decode(r.json().get('signature'))
if not rsa.verify(userdata_service.load_unencrypted_data('server_pk'), json.dumps(msg), signature):
print("您可能遇到了假的服务器")
return False
message_table = prettytable.PrettyTable()
message_table.field_names = ['id', 'sender', 'message', 'verified']
# Reverse msg
msg.reverse()
# Msg cut
if len(msg) > 0:
if len(msg) > 5:
msg = msg[:5]
for i in msg:
message = json.loads(i['message'])
encrypt_session_key = base64.b64decode(message['encrypt_session_key'])
ciphertext = base64.b64decode(message['ciphertext'])
tag = base64.b64decode(message['tag'])
plain, verify = rsa.decrypt(key_service.get_rsa_key('sk', my_pass), encrypt_session_key, ciphertext, tag)
# Add message to table
message_table.add_row([
i['id'],
i['sender'],
str(plain, encoding=config.encoding),
'√' if verify else '×',
])
print(message_table)
else:
print("No new message!")
return True
def send(requests):
sender = requests.POST.get('sender')
receiver = requests.POST.get('receiver')
message = requests.POST.get('message')
is_block = requests.POST.get('is_block') == 'True'
token = requests.POST.get('token')
signature = base64.b64decode(requests.POST.get('signature'))
# Check post data
if None in [sender, receiver, message, is_block, token, signature]:
return JsonResponse({'err': 1, 'msg': 'Something lost'})
try:
sender_instance = User.objects.get(username=sender)
receiver_instance = User.objects.get(username=receiver)
except Exception as e:
return JsonResponse({'err': 1, 'msg': 'User error' + str(e)})
# Check token
if not auth_and_delete(sender, token):
return JsonResponse({'err': 1, 'msg': 'Invalid token'})
# Check signature
payload = OrderedDict()
payload['sender'] = sender
payload['receiver'] = receiver
payload['message'] = message
payload['is_block'] = is_block
payload['token'] = token
if not rsa.verify(sender_instance.public_key, json.dumps(payload),
signature):
return JsonResponse({'err': 1, 'msg': 'Invalid signature'})
# Create message
Message.objects.create(sender=sender_instance,
receiver=receiver_instance,
message=message,
is_block=is_block)
return JsonResponse({'err': 0})
def check_user_signature(public_key, payload, signature):
"""
:type public_key: str
:type payload: str
:type signature: str
:rtype: bool
"""
return rsa.verify(public_key, payload, signature)
def testchacha():
sk, pk = rsa.generate_key()
key = "12345678"
x = chacha20.encrypt(key,sk)
start = time.time()
for i in range(1000000):
chacha20.decrypt(key,x)
end = time.time()
print(end - start)
def receive(requests):
receiver = requests.POST.get('receiver')
is_read = requests.POST.get('is_read') == 'True'
token = requests.POST.get('token')
signature = base64.b64decode(requests.POST.get('signature'))
# Check post data
if None in [receiver, token, signature]:
return JsonResponse({'err': 1, 'msg': 'Something lost'})
try:
receiver_instance = User.objects.get(username=receiver)
except Exception as e:
return JsonResponse({'err': 1, 'msg': 'User error' + str(e)})
# Check token
if not auth_and_delete(receiver, token):
return JsonResponse({'err': 1, 'msg': 'Invalid token'})
# Check signature
payload = OrderedDict()
payload['receiver'] = receiver
payload['token'] = token
if not rsa.verify(receiver_instance.public_key, json.dumps(payload),
signature):
return JsonResponse({'err': 1, 'msg': 'Invalid signature'})
msg_instances = Message.objects.filter(receiver=receiver_instance,
is_read=is_read)
ret_msg = list(msg_instances.values())
for i in range(len(msg_instances)):
ret_msg[i]['sender'] = msg_instances[i].sender.username
ret_msg[i]['receiver'] = msg_instances[i].receiver.username
ret_msg[i]['created_at'] = str(msg_instances[i].created_at)
msg_instances[i].is_read = True
msg_instances[i].save()
payload = OrderedDict()
payload['msg'] = ret_msg
server_signature = str(base64.b64encode(
rsa.sign(get_private_key(), json.dumps(payload['msg']))),
encoding=config.encoding)
res = dict({'err': 0, 'signature': server_signature}, **payload)
return JsonResponse(res)
def get_public_key_by_username(username):
try:
user = User.objects.get(username=username)
except Exception as e:
return False
# Get user's pk and sign
user_public_key = user.public_key
# Init a payload and add some random padding
payload = OrderedDict()
payload['rand_pad'] = random.random()
payload['public_key'] = user_public_key
# Signature
signature = str(base64.b64encode(
rsa.sign(get_private_key(), json.dumps(payload))),
encoding=config.encoding)
return payload, signature
def generate_key(password, force=False):
# Check if key exist
if not os.path.exists(root_dir):
os.makedirs(root_dir)
# Create
if not os.path.exists(private_key_path) or force:
print('Generating key pairs...')
sk, pk = rsa.generate_key()
with open(private_key_path, 'w') as fi:
b64_res = base64.b64encode(chacha20.encrypt(password, sk))
fi.write(str(b64_res, encoding=config.encoding))
with open(public_key_path, 'w') as fi:
fi.write(str(pk, encoding=config.encoding))
else:
raise Exception('Key pair exist')
return True
def register_interface():
name = input('Please input your name\n')
# Prevent duplicate user name
if name in server_connect_service.get_user_on_server():
print('Duplicate user name, please re enter it.')
return register_interface()
# Get password
password = True
re_password = False
while password != re_password:
password = getpass.getpass('Please input your password\n')
re_password = getpass.getpass('Please re input your password\n')
# Generate key pair
userdata_service.save_unencrypted_data('name', name)
userdata_service.generate_check_pass_file(name, password)
key_service.generate_key(password)
print('Register succeed! Hello, %s' % name)
print('Please remember your password.')
# Get server public key
payload = OrderedDict()
payload['name'] = name
payload['public_key'] = key_service.get_rsa_key('pk')
signature = base64.b64encode(
rsa.sign(key_service.get_rsa_key('sk', password), json.dumps(payload)))
payload = dict({'signature': signature}, **payload)
r = requests.post(config_client.server_ip + '/user/register', payload)
try:
if r.json().get('err') != 0:
print('Register failed.')
return False
else:
print('Register succeed and upload succeed.')
userdata_service.save_unencrypted_data(
'server_pk',
r.json().get('server_public_key'))
except Exception as e:
print(str(e))
return False
def get_token():
name = userdata_service.load_unencrypted_data('name')
print('Get token...')
r = requests.post(config_client.server_ip + '/session/start',
{'user': name})
try:
if r.json().get('err') != 0:
return False
payload = OrderedDict()
payload['key'] = r.json().get('key')
signature = base64.b64decode(r.json().get('signature'))
if rsa.verify(userdata_service.load_unencrypted_data('server_pk'),
json.dumps(payload), signature):
print('Token signature auth succeed.')
return payload['key']
else:
print('Token signature auth failed.')
return False
except Exception as e:
print(str(e))
return False
def download_user_public_key(username):
print('Get %s\'s public key...' % username)
r = requests.get(config_client.server_ip + '/user/query',
{'name': username})
data = r.json()
try:
payload = OrderedDict()
payload['rand_pad'] = data.get('rand_pad')
payload['public_key'] = data.get('public_key')
signature = base64.b64decode(data.get('signature'))
print('Verifying...')
if rsa.verify(load_unencrypted_data('server_pk'), json.dumps(payload),
signature):
print('User %s\'s public key verified.' % username)
return data.get('public_key')
else:
print('User %s\'s public key not verified.' % username)
return False
except Exception as e:
print(str(e))
return False
def start_new_session(request):
username = request.POST.get('user')
if not username:
return JsonResponse({'err': 1, 'msg': 'No user name'})
session = create_session(username)
if not session:
return JsonResponse({'err': 1, 'msg': 'Unknown error'})
server_sk = server_key_service.get_private_key()
payload = OrderedDict()
payload['key'] = session.key
signature = rsa.sign(server_sk, json.dumps(payload))
res = dict(
{
'err': 0,
'signature': str(base64.b64encode(signature), "utf-8")
}, **payload)
return JsonResponse(res)