def process_step2_phase3(sock, rply):
ip = base64.b64decode(rply.ip_addr)
port = rply.udp_port
#Fetch the Diffie hellman component received and verify sign on it
dh_component_2 = base64.b64decode(rply.dh_component)
long_dh_component = long(dh_component_2)
signature = base64.b64decode(rply.signature)
r2 = base64.b64decode(rply.nonce_r2)
private_key_file_user1 = USER1 + '_private_key.pem'
user1_private_key = CommonMethod.get_private_key(private_key_file_user1)
decrypted_r2 = Decrypt.asyn_decrypt(r2, user1_private_key)
public_key_file_user2 = USER2 + '_public_key.pem'
verify_sign(public_key_file_user2, dh_component_2, signature)
#generate shared Diffie Hellman secret
global dh_shared_key_u2
dh_shared_key_u2 = generate_dh_shared_secret(dh1_obj, long_dh_component)
#Sign and encrypt the Diffie hellman generated secret
sign_dh_shared_key_u1 = sign_message(private_key_file_user1,
dh_shared_key_u2)
encrypted_r2 = Encrypt.encrypt(R2, dh_shared_key_u2, RANDOM)
encrypted_signed_key = Encrypt.encrypt(sign_dh_shared_key_u1,
dh_shared_key_u2, RANDOM)
#set message to send
rply.ip_addr = base64.b64encode(args.ip_addr)
rply.udp_port = random_port
rply.secret_key = base64.b64encode(encrypted_signed_key)
rply.nonce_r2 = base64.b64encode(encrypted_r2)
rply.type = pb_example_pb2.Reply.SEND_1
# sqlconn = sqlite3.connect("db.sqlite")
# c = sqlconn.cursor()
# sql = "SELECT port,ip from active_users where name = ?"
# c.execute(sql,(USER2,))
# result = c.fetchone()
# port = result[0]
# print 'Port is '
# print port
# port = int(port)
# ip = result[1]
# print 'IP address is'
# print ip
# ip = ip.encode('utf-8')
# if port is None:
# print 'Port is not present'
# exit()
# if ip is None:
# print 'IP is not present'
# exit()
udp_sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udp_sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
udp_sock.sendto(rply.SerializeToString(), (ip, port))
def verify_sent_message(sock, rply):
ciphertext = base64.b64decode(rply.message)
msg_digest = base64.b64decode(rply.hash)
encrypted_shared_key = base64.b64decode(rply.secret_key)
private_key_user2 = USER2 + '_private_key.pem'
private_key_user2 = CommonMethod.get_private_key(private_key_user2)
dh_shared_key_u1 = Decrypt.asyn_decrypt(encrypted_shared_key,
private_key_user2)
decrypted_ciphertext = Decrypt.decrypt_message(ciphertext,
dh_shared_key_u1, RANDOM)
verify_hash(decrypted_ciphertext, RANDOM, msg_digest)
def sign_message(sender_privkey, plaintext):
try:
private_key = CommonMethod.get_private_key(sender_privkey)
except:
print 'Error in reading file'
try:
signature = private_key.sign(
plaintext,
padding.PSS(mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH), hashes.SHA256())
return signature
except Exception as e:
print 'Error in signing message' + str(e)
RANDOM = os.urandom(16)
Loged_in = True
rqst = pb_example_pb2.Request() # create protobuf Request message
rply = pb_example_pb2.Reply() # create protobuf Reply message
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((IP_ADDR, TCP_PORT))
except Exception:
print "----Eitheryour format is wrong or server is done check you format from below template------"
print "Format is :"
print "python client.py -u Username -pass Password -ip IP -p Port -pr Private_Key -pu public_key -sk server_public_key"
exit()
reqno = 0 # initialize request number to 0
ec = CommonMethod()
try:
client_private_key = ec.get_private_key(args.private_key)
client_public_key = ec.get_public_key(args.public_key)
server_public_key = ec.get_public_key(args.server_public_key)
except Exception:
print "Format is :"
print "python client.py -u Username -pass Password -ip IP -p Port -pr Private_Key -pu public_key -sk server_public_key"
exit()
symetric_key = ''
salt_for_key = ''
try:
user_password = args.password
except Exception:
print "Format is :"
print "python client.py -u Username -pass Password -ip IP -p Port -pr Private_Key -pu public_key -sk server_public_key"
exit()