def server(folder):
HOST = ''
PORT = 4567
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#Create server socket
try:
s.bind((HOST, PORT))
except socket.error as msg:
print('Bind failed. Error Code : ' + str(msg[0]) + ' Message ' +
msg[1])
sys.exit()
#Start listening on socket
s.listen(10)
print('Server started ...')
#Start upload counter
counter = 0
#now keep talking with the client
while 1:
#wait for client - conn is input stream
conn, addr = s.accept()
#Increment counter
counter += 1
print("Accepted connection " + str(counter) + ".")
#negotiate private keypair
keyfile = open('keypair_server.xml', 'r')
sigfile = open('signature_server.sig', 'rb')
signature = sigfile.read()
tree = ET.parse(keyfile)
root = tree.getroot()
pr_k_pem = root.findtext('private_key')
pu_k_pem = root.findtext('public_key')
rsa_private_key = serialization.load_pem_private_key(
pr_k_pem.encode(), password=None, backend=default_backend())
#rsa_public_key = serialization.load_pem_public_key(pu_k_pem.encode(), backend=default_backend())
sk = crypto.negotiate_asymmetric_session_key(conn, rsa_private_key,
pu_k_pem, signature)
#Open file to write to
f = open(folder + "/" + str(counter), 'wb')
sess_k = sk[0:16]
mac_k = sk[16:32]
hmac = mac.MAC(mac_k)
crypto.decrypt_AES_with_key_mac(conn, f, sess_k, hmac)
f.close()
print("Closed connection.")
s.close()
def server(folder):
HOST = ''
PORT = 4567
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#Create server socket
try:
s.bind((HOST, PORT))
except socket.error as msg:
print('Bind failed. Error Code : ' + str(msg[0]) + ' Message ' + msg[1])
sys.exit()
#Start listening on socket
s.listen(10)
print('Server started ...')
#Start upload counter
counter = 0;
#now keep talking with the client
while 1:
#wait for client - conn is input stream
conn, addr = s.accept()
#Increment counter
counter += 1
print("Accepted connection "+str(counter)+".");
#negotiate private keypair
keyfile = open('keypair_server.xml', 'r')
sigfile = open('signature_server.sig', 'rb')
signature = sigfile.read()
tree = ET.parse(keyfile)
root = tree.getroot()
pr_k_pem = root.findtext('private_key')
pu_k_pem = root.findtext('public_key')
rsa_private_key = serialization.load_pem_private_key(pr_k_pem.encode(), password=None, backend=default_backend())
#rsa_public_key = serialization.load_pem_public_key(pu_k_pem.encode(), backend=default_backend())
sk = crypto.negotiate_asymmetric_session_key(conn, rsa_private_key, pu_k_pem, signature)
#Open file to write to
f = open(folder+"/"+str(counter), 'wb')
sess_k = sk[0:16]
mac_k = sk[16:32]
hmac = mac.MAC(mac_k)
crypto.decrypt_AES_with_key_mac(conn, f, sess_k, hmac)
f.close()
print("Closed connection.")
s.close()
def server(folder):
HOST = ''
PORT = 4567
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#Create server socket
try:
s.bind((HOST, PORT))
except socket.error as msg:
print('Bind failed. Error Code : ' + str(msg[0]) + ' Message ' + msg[1])
sys.exit()
#Start listening on socket
s.listen(10)
print('Server started ...')
#Start upload counter
counter = 0;
#now keep talking with the client
while 1:
#wait for client - conn is input stream
conn, addr = s.accept()
#Increment counter
counter += 1
print("Accepted connection "+str(counter)+".");
#negotiate private keypair
rsa_private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048, backend=default_backend())
rsa_public_key = rsa_private_key.public_key()
sk = crypto.negotiate_asymmetric_session_key(conn, rsa_private_key, rsa_public_key)
#Open file to write to
f = open(folder+"/"+str(counter), 'wb')
sess_k = sk[0:16]
mac_k = sk[16:32]
hmac = mac.MAC(mac_k)
crypto.decrypt_AES_with_key_mac(conn, f, sess_k, hmac)
f.close()
print("Closed connection.")
s.close()
def server(folder):
HOST = ''
PORT = 4567
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#Create server socket
try:
s.bind((HOST, PORT))
except socket.error as msg:
print('Bind failed. Error Code : ' + str(msg[0]) + ' Message ' +
msg[1])
sys.exit()
#Start listening on socket
s.listen(10)
print('Server started ...')
#Start upload counter
counter = 0
#now keep talking with the client
while 1:
#wait for client - conn is input stream
conn, addr = s.accept()
#Increment counter
counter += 1
print("Accepted connection " + str(counter) + ".")
#Open file to write to
f = open(folder + "/" + str(counter), 'wb')
sk = crypto.accept_session_packet(conn, 'enc_key.store')
sess_k = sk[0:16]
mac_k = sk[16:32]
hmac = mac.MAC(mac_k)
crypto.decrypt_AES_with_key_mac(conn, f, sess_k, hmac)
hmac.counterUp()
f.close()
print("Closed connection.")
s.close()
def server(folder):
HOST = ''
PORT = 4567
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#Create server socket
try:
s.bind((HOST, PORT))
except socket.error as msg:
print('Bind failed. Error Code : ' + str(msg[0]) + ' Message ' + msg[1])
sys.exit()
#Start listening on socket
s.listen(10)
print('Server started ...')
#Start upload counter
counter = 0;
#now keep talking with the client
while 1:
#wait for client - conn is input stream
conn, addr = s.accept()
#Increment counter
counter += 1
print("Accepted connection "+str(counter)+".");
#Open file to write to
f = open(folder+"/"+str(counter), 'wb')
sk = crypto.accept_session_packet(conn, 'enc_key.store')
sess_k = sk[0:16]
mac_k = sk[16:32]
hmac = mac.MAC(mac_k)
crypto.decrypt_AES_with_key_mac(conn, f, sess_k, hmac)
hmac.counterUp()
f.close()
print("Closed connection.")
s.close()
def server(folder):
HOST = ''
PORT = 4567
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#Create server socket
try:
s.bind((HOST, PORT))
except socket.error as msg:
print('Bind failed. Error Code : ' + str(msg[0]) + ' Message ' +
msg[1])
sys.exit()
#Start listening on socket
s.listen(10)
print('Server started ...')
#Start upload counter
counter = 0
#now keep talking with the client
while 1:
#wait for client - conn is input stream
conn, addr = s.accept()
#Increment counter
counter += 1
print("Accepted connection " + str(counter) + ".")
# Load and send server certificate
server_cert_file = open('server.cer', 'rb')
server_cert = server_cert_file.read()
server_cert_file.close()
conn.send(bytes(server_cert))
in_cert = conn.recv(2048)
# Validate server certificate using CA certificate
client_cert = x509.load_der_x509_certificate(in_cert,
default_backend())
ca_cert_file = open('ca.cer', 'rb')
ca_cert = ca_cert_file.read()
ca_cert_file.close()
store = crypto.X509Store()
store.add_cert(crypto.load_certificate(crypto.FILETYPE_ASN1, ca_cert))
store_ctx = crypto.X509StoreContext(store, client_cert)
if store_ctx.verify_certificate() != None:
click.echo(
click.style('Error validating client certificate',
bold=True,
fg='red'))
return
else:
click.echo(
click.style('Valid client certificate!', bold=True,
fg='green'))
client_public_key = client_cert.public_key()
private_key_file = open('server.pk8', 'rb')
private_key = private_key_file.read()
private_key_file.close()
private_key = load_der_private_key(private_key,
password=None,
backend=default_backend())
#accept session key
csk = conn.recv(512)
#unseal session key
so = SealedObject()
sk = so.unseal_asym(csk, private_key)
challenge = os.urandom(32)
conn.send(challenge)
signature = conn.recv(512)
verifier = client_public_key.verifier(
signature,
padding.PSS(mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH), hashes.SHA256())
verifier.update(challenge)
try:
verifier.verify()
except InvalidKey:
click.echo(
click.style('Error verifying signature!', bold=True, fg='red'))
return
#Open file to write to
f = open(folder + "/" + str(counter), 'wb')
sess_k = sk[0:16]
mac_k = sk[16:32]
hmac = mac.MAC(mac_k)
crypt.decrypt_AES_with_key_mac(conn, f, sess_k, hmac)
f.close()
print("Closed connection.")
s.close()
def server(folder):
HOST = ''
PORT = 4567
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#Create server socket
try:
s.bind((HOST, PORT))
except socket.error as msg:
print('Bind failed. Error Code : ' + str(msg[0]) + ' Message ' + msg[1])
sys.exit()
#Start listening on socket
s.listen(10)
print('Server started ...')
#Start upload counter
counter = 0;
#now keep talking with the client
while 1:
#wait for client - conn is input stream
conn, addr = s.accept()
#Increment counter
counter += 1
print("Accepted connection " + str(counter) + ".");
# Load and send server certificate
server_cert_file = open('server.cer', 'rb')
server_cert = server_cert_file.read()
server_cert_file.close()
conn.send(bytes(server_cert))
in_cert = conn.recv(2048)
# Validate server certificate using CA certificate
client_cert = x509.load_der_x509_certificate(in_cert, default_backend())
ca_cert_file = open('ca.cer', 'rb')
ca_cert = ca_cert_file.read()
ca_cert_file.close()
store = crypto.X509Store()
store.add_cert(crypto.load_certificate(crypto.FILETYPE_ASN1, ca_cert))
store_ctx = crypto.X509StoreContext(store, client_cert)
if store_ctx.verify_certificate() != None:
click.echo(click.style('Error validating client certificate', bold = True, fg = 'red'))
return
else:
click.echo(click.style('Valid client certificate!', bold = True, fg = 'green'))
client_public_key = client_cert.public_key()
private_key_file = open('server.pk8', 'rb')
private_key = private_key_file.read()
private_key_file.close()
private_key = load_der_private_key(private_key, password=None, backend=default_backend())
#accept session key
csk = conn.recv(512)
#unseal session key
so = SealedObject()
sk = so.unseal_asym(csk, private_key)
challenge = os.urandom(32)
conn.send(challenge)
signature = conn.recv(512)
verifier = client_public_key.verifier(signature, padding.PSS(mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH), hashes.SHA256())
verifier.update(challenge)
try:
verifier.verify()
except InvalidKey:
click.echo(click.style('Error verifying signature!', bold = True, fg = 'red'))
return
#Open file to write to
f = open(folder + "/" + str(counter), 'wb')
sess_k = sk[0:16]
mac_k = sk[16:32]
hmac = mac.MAC(mac_k)
crypt.decrypt_AES_with_key_mac(conn, f, sess_k, hmac)
f.close()
print("Closed connection.")
s.close()
