def MsgSendSequence(peername, msg):
# Fetch user info from server
global dh_aes_key
global serverpubkey
global serverIP
global username
dynamic_socket = None
try:
# Format of send command {Alice,K{send Bob}} server-public-key
# Encrypt the list command using the DH shared key
N1 = os.urandom(LengthN)
iv = os.urandom(LengthIV)
sendinfo = AESEncrypt('send ' + peername, dh_aes_key, iv)
send_msg = bytes(N1) + bytes(username + ',' + str(sendinfo))
# Encrypt username and list command using new aes key and then encrypt the aes key using server public key
sym_key = keygen()
encrypted_send = AESEncrypt(send_msg, sym_key, iv)
cipher_sym_key = RSAEncrypt(sym_key, serverpubkey)
send_msg = bytes(0x01) + bytes(iv) + bytes(cipher_sym_key) + bytes(
encrypted_send)
print('Sending send command')
server_socket.sendto(send_msg, (serverIP, int(serverPort)))
(Dport, addr) = server_socket.recvfrom(4096)
# Receive peer info from the server
(dataRecv, addr) = server_socket.recvfrom(4096)
offset = InitOffset
iv1 = dataRecv[offset:offset + LengthIV]
offset += LengthIV
ciphernew = dataRecv[offset:len(dataRecv)]
# Decrypt ciphernew
peerInfo = AESDecrypt(dh_aes_key, iv1, ciphernew)
(peerCommKey, comm_private_key, dynamic_socket,
D_addr) = AuthSequenceA(peerInfo)
# Encrypt msg and send it to peer
if (peerCommKey == None or comm_private_key == None):
print "Sending msg failed"
else:
peerCommKey = serialization.load_pem_public_key(
peerCommKey, backend=default_backend())
comm_private_key = serialization.load_pem_private_key(
comm_private_key, password=None, backend=default_backend())
msg = encryptSendMsg(peerCommKey, comm_private_key, msg)
dynamic_socket.sendto(msg, (D_addr[0], int(D_addr[1])))
print "Message has been sent"
except socket.timeout:
print "Timeout... please try to re-send the command"
except:
print "Unexpected error:", sys.exc_info()[0]
finally:
if dynamic_socket != None:
dynamic_socket.close()
return
def AuthSequenceB(dynamic_socket, peerAdd, init_msg):
global server_socket
global sender_private_key
global dh_aes_key
print "AuthSequenceB"
# Decrypt peer's user name
dataRecv = RSADecrypt(init_msg, sender_private_key)
r2 = dataRecv[0:LengthN]
peername = str(dataRecv[LengthN:len(dataRecv)])
# Fetch peer's AuthKey
N1 = os.urandom(LengthN)
iv = os.urandom(LengthIV)
sendinfo = AESEncrypt('send ' + peername, dh_aes_key, iv)
send_msg = bytes(N1) + bytes(username + ',' + sendinfo)
# Encrypt send_msg using new aes key and then encrypt the aes key using server public key
sym_key = keygen()
encrypted_send = AESEncrypt(send_msg, sym_key, iv)
cipher_sym_key = RSAEncrypt(sym_key, serverpubkey)
send_msg = bytes(0x01) + bytes(iv) + bytes(cipher_sym_key) + bytes(
encrypted_send)
print('Sending send command')
server_socket.sendto(send_msg, (serverIP, int(serverPort)))
(Dport, addr) = server_socket.recvfrom(4096)
# Receive peer info from the server
(dataRecv, addr) = server_socket.recvfrom(4096)
offset = InitOffset
iv1 = dataRecv[offset:offset + LengthIV]
offset += LengthIV
ciphernew = dataRecv[offset:len(dataRecv)]
# Decrypt ciphernew
peerInfo = AESDecrypt(dh_aes_key, iv1, ciphernew)
peerAdd_s = peerInfo.split(',')[0]
if peerAdd_s != peerAdd[0]:
print "Peer doesn't match... maybe impersonated..."
return
peerRSAKey = peerInfo.split(',')[2]
peerRSAKey = serialization.load_pem_public_key(peerRSAKey,
backend=default_backend())
# Finish the authentication
r1 = os.urandom(LengthN)
r1_e = RSAEncrypt(r1, peerRSAKey)
msg = bytes(r2) + bytes(r1_e)
print "Send reply to peer: " + peerAdd[0] + " : " + str(peerAdd[1])
dynamic_socket.sendto(msg, (peerAdd[0], int(peerAdd[1])))
# Waiting for CommKey
(dataRecv, addr) = dynamic_socket.recvfrom(4096)
r1_d = dataRecv[InitOffset:LengthN]
if r1_d != r1:
print 'Verification failed'
return
peerRSACommKey = dataRecv[LengthN:len(dataRecv)]
peerRSACommKey = decryptSendMsg(peerRSACommKey, sender_private_key,
peerRSAKey)
# Generate CommKey and send to peer
try:
comm_private_key = rsa.generate_private_key(public_exponent=65537,
key_size=2048,
backend=default_backend())
except:
print("The provided backend does not implement RSABackend")
return None
# Obtain the public key from the private key generated using RSA
comm_public_key = comm_private_key.public_key()
try:
pem = comm_public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo)
pem_s = comm_private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption())
except:
print("Serialization failed")
return None
key = serialization.load_pem_public_key(peerRSACommKey,
backend=default_backend())
pem_cipher = encryptSendMsg(key, sender_private_key, pem)
dynamic_socket.sendto(pem_cipher, (peerAdd[0], int(peerAdd[1])))
return (peername, pem_s, peerRSACommKey)
def AuthSequenceA(peerInfo):
global username
global sender_private_key
peer_ip = peerInfo.split(',')[0] # IP address of the peer
peer_port = peerInfo.split(',')[1] # Port Number of the peer
peer_authKey = peerInfo.split(',')[2] # RSA Public key of the peer
# Sending GREETING to another client
(dynamic_socket, dynamic_port) = createDynamicPort()
print "CreateDynamicPort for peer auth: " + str(dynamic_port)
peer_authKey = serialization.load_pem_public_key(peer_authKey,
backend=default_backend())
r2 = os.urandom(LengthN)
greeting_msg = bytes(r2) + bytes(username)
# Encrypt the greeting message with the rsa public key of the peer
greeting_msg = RSAEncrypt(greeting_msg, peer_authKey)
print "peer_ip = " + peer_ip
print "peer_port = " + peer_port
dynamic_socket.sendto(greeting_msg, (peer_ip, int(peer_port)))
# Waitng to receive portInfo
(Dport, addr) = dynamic_socket.recvfrom(4096)
print "Dport = " + Dport
(dataRecv, addr) = dynamic_socket.recvfrom(4096)
# Use this port info to finish authentication
if addr[0] != peer_ip:
print "Peer doesn't match... maybe impersonated..."
return (None, None, dynamic_socket, addr)
r2_d = dataRecv[0:LengthN]
if r2_d != r2:
print "R2 verification failed!"
return (None, None, dynamic_socket, addr)
r1_e = dataRecv[LengthN:len(dataRecv)]
r1 = RSADecrypt(r1_e, sender_private_key)
# Generate CommKey and send to peer
try:
comm_private_key = rsa.generate_private_key(public_exponent=65537,
key_size=2048,
backend=default_backend())
except:
print("The provided backend does not implement RSABackend")
return (None, None, dynamic_socket, addr)
# Obtain the public key from the private key generated using RSA
comm_public_key = comm_private_key.public_key()
try:
pem = comm_public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo)
pem_s = comm_private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption())
except:
print("Serialization failed")
return (None, None, dynamic_socket, addr)
pem_cipher = encryptSendMsg(peer_authKey, sender_private_key, pem)
msg = bytes(r1) + bytes(pem_cipher)
dynamic_socket.sendto(msg, (peer_ip, int(Dport)))
(peerCommKey, addr) = dynamic_socket.recvfrom(4096)
if addr[0] != peer_ip:
print "Peer doesn't match... maybe impersonated..."
return (None, None, dynamic_socket, addr)
peerCommKey = decryptSendMsg(peerCommKey, comm_private_key, peer_authKey)
return (peerCommKey, pem_s, dynamic_socket, addr)
def MsgSendSequence(peername, msg):
# Fetch user info from server
global dh_aes_key
global serverpubkey
global serverIP
global username
dynamic_socket = None
try:
# Format of send command {Alice,K{send Bob}} server-public-key
# Encrypt the list command using the DH shared key
N1 = os.urandom(LengthN)
iv = os.urandom(LengthIV)
sendinfo = AESEncrypt('send '+peername, dh_aes_key, iv)
send_msg = bytes(N1) + bytes(username + ',' + str(sendinfo))
# Encrypt username and list command using new aes key and then encrypt the aes key using server public key
sym_key = keygen()
encrypted_send = AESEncrypt(send_msg, sym_key, iv)
cipher_sym_key = RSAEncrypt(sym_key, serverpubkey)
send_msg = bytes(0x01) + bytes(iv) + bytes(cipher_sym_key) + bytes(encrypted_send)
print('Sending send command')
server_socket.sendto(send_msg, (serverIP, int(serverPort)))
(Dport, addr) = server_socket.recvfrom(4096)
# Receive peer info from the server
(dataRecv, addr) = server_socket.recvfrom(4096)
offset = InitOffset
iv1 = dataRecv[offset:offset+LengthIV]
offset += LengthIV
ciphernew = dataRecv[offset:len(dataRecv)]
# Decrypt ciphernew
peerInfo = AESDecrypt(dh_aes_key, iv1, ciphernew)
(peerCommKey, comm_private_key, dynamic_socket, D_addr) = AuthSequenceA(peerInfo)
# Encrypt msg and send it to peer
if (peerCommKey == None or comm_private_key == None):
print "Sending msg failed"
else:
peerCommKey = serialization.load_pem_public_key(
peerCommKey,
backend=default_backend()
)
comm_private_key = serialization.load_pem_private_key(
comm_private_key,
password=None,
backend=default_backend()
)
msg = encryptSendMsg(peerCommKey, comm_private_key, msg)
dynamic_socket.sendto(msg, (D_addr[0],int(D_addr[1])))
print "Message has been sent"
except socket.timeout:
print "Timeout... please try to re-send the command"
except:
print "Unexpected error:", sys.exc_info()[0]
finally:
if dynamic_socket != None:
dynamic_socket.close()
return
def AuthSequenceB(dynamic_socket, peerAdd, init_msg):
global server_socket
global sender_private_key
global dh_aes_key
print "AuthSequenceB"
# Decrypt peer's user name
dataRecv = RSADecrypt(init_msg, sender_private_key)
r2 = dataRecv[0:LengthN]
peername = str(dataRecv[LengthN:len(dataRecv)])
# Fetch peer's AuthKey
N1 = os.urandom(LengthN)
iv = os.urandom(LengthIV)
sendinfo = AESEncrypt('send '+ peername, dh_aes_key, iv)
send_msg = bytes(N1) + bytes(username + ',' + sendinfo)
# Encrypt send_msg using new aes key and then encrypt the aes key using server public key
sym_key = keygen()
encrypted_send = AESEncrypt(send_msg, sym_key, iv)
cipher_sym_key = RSAEncrypt(sym_key, serverpubkey)
send_msg = bytes(0x01) + bytes(iv) + bytes(cipher_sym_key) + bytes(encrypted_send)
print('Sending send command')
server_socket.sendto(send_msg, (serverIP, int(serverPort)))
(Dport, addr) = server_socket.recvfrom(4096)
# Receive peer info from the server
(dataRecv, addr) = server_socket.recvfrom(4096)
offset = InitOffset
iv1 = dataRecv[offset:offset+LengthIV]
offset += LengthIV
ciphernew = dataRecv[offset:len(dataRecv)]
# Decrypt ciphernew
peerInfo = AESDecrypt(dh_aes_key, iv1, ciphernew)
peerAdd_s = peerInfo.split(',')[0]
if peerAdd_s!=peerAdd[0]:
print "Peer doesn't match... maybe impersonated..."
return
peerRSAKey = peerInfo.split(',')[2]
peerRSAKey = serialization.load_pem_public_key(peerRSAKey, backend=default_backend())
# Finish the authentication
r1 = os.urandom(LengthN)
r1_e = RSAEncrypt(r1, peerRSAKey)
msg = bytes(r2)+bytes(r1_e)
print "Send reply to peer: " + peerAdd[0] + " : " + str(peerAdd[1])
dynamic_socket.sendto(msg, (peerAdd[0], int(peerAdd[1])))
# Waiting for CommKey
(dataRecv, addr) = dynamic_socket.recvfrom(4096)
r1_d = dataRecv[InitOffset:LengthN]
if r1_d!=r1:
print 'Verification failed'
return
peerRSACommKey = dataRecv[LengthN:len(dataRecv)]
peerRSACommKey = decryptSendMsg(peerRSACommKey, sender_private_key, peerRSAKey)
# Generate CommKey and send to peer
try:
comm_private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend())
except:
print("The provided backend does not implement RSABackend")
return None
# Obtain the public key from the private key generated using RSA
comm_public_key = comm_private_key.public_key()
try:
pem = comm_public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo)
pem_s = comm_private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
except:
print("Serialization failed")
return None
key = serialization.load_pem_public_key(peerRSACommKey, backend=default_backend())
pem_cipher = encryptSendMsg(key, sender_private_key, pem)
dynamic_socket.sendto(pem_cipher, (peerAdd[0], int(peerAdd[1])))
return (peername, pem_s, peerRSACommKey)
def AuthSequenceA(peerInfo):
global username
global sender_private_key
peer_ip = peerInfo.split(',')[0] # IP address of the peer
peer_port = peerInfo.split(',')[1] # Port Number of the peer
peer_authKey = peerInfo.split(',')[2] # RSA Public key of the peer
# Sending GREETING to another client
(dynamic_socket, dynamic_port) = createDynamicPort()
print "CreateDynamicPort for peer auth: " + str(dynamic_port)
peer_authKey = serialization.load_pem_public_key(peer_authKey, backend=default_backend())
r2 = os.urandom(LengthN)
greeting_msg = bytes(r2) + bytes(username)
# Encrypt the greeting message with the rsa public key of the peer
greeting_msg = RSAEncrypt(greeting_msg, peer_authKey)
print "peer_ip = " + peer_ip
print "peer_port = " + peer_port
dynamic_socket.sendto(greeting_msg,(peer_ip,int(peer_port)))
# Waitng to receive portInfo
(Dport, addr) = dynamic_socket.recvfrom(4096)
print "Dport = " + Dport
(dataRecv, addr) = dynamic_socket.recvfrom(4096)
# Use this port info to finish authentication
if addr[0]!= peer_ip:
print "Peer doesn't match... maybe impersonated..."
return (None, None, dynamic_socket, addr)
r2_d = dataRecv[0:LengthN]
if r2_d != r2:
print "R2 verification failed!"
return (None, None, dynamic_socket, addr)
r1_e = dataRecv[LengthN:len(dataRecv)]
r1 = RSADecrypt(r1_e, sender_private_key)
# Generate CommKey and send to peer
try:
comm_private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend())
except:
print("The provided backend does not implement RSABackend")
return (None, None, dynamic_socket, addr)
# Obtain the public key from the private key generated using RSA
comm_public_key = comm_private_key.public_key()
try:
pem = comm_public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo)
pem_s = comm_private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
except:
print("Serialization failed")
return (None, None, dynamic_socket, addr)
pem_cipher = encryptSendMsg(peer_authKey, sender_private_key, pem)
msg = bytes(r1)+bytes(pem_cipher)
dynamic_socket.sendto(msg,(peer_ip, int(Dport)))
(peerCommKey, addr) = dynamic_socket.recvfrom(4096)
if addr[0]!= peer_ip:
print "Peer doesn't match... maybe impersonated..."
return (None, None, dynamic_socket, addr)
peerCommKey = decryptSendMsg(peerCommKey, comm_private_key, peer_authKey)
return (peerCommKey, pem_s, dynamic_socket, addr)
