def MsgRecvSequence(dynamic_socket, peerAdd, dataRecv): print "MsgRecvSequence" comm_private_key = None comm_public_key = None try: (peername, comm_private_key, comm_public_key) = AuthSequenceB(dynamic_socket, peerAdd, dataRecv) # Decrypt msg and output it on console if comm_private_key == None or comm_public_key == None: print "MsgRecvSequence Error" return (dataRecv, addr) = dynamic_socket.recvfrom(4096) comm_public_key = serialization.load_pem_public_key( comm_public_key, backend=default_backend()) comm_private_key = serialization.load_pem_private_key( comm_private_key, password=None, backend=default_backend()) msg = decryptSendMsg(dataRecv, comm_private_key, comm_public_key) print "Message Recieved From " + peername + " : " print msg except socket.timeout: print "socket timeout" except: print "Unexpected error:", sys.exc_info()[0] finally: dynamic_socket.close()
def MsgRecvSequence(dynamic_socket, peerAdd, dataRecv): print "MsgRecvSequence" comm_private_key = None comm_public_key = None try: (peername, comm_private_key, comm_public_key) = AuthSequenceB(dynamic_socket, peerAdd, dataRecv) # Decrypt msg and output it on console if comm_private_key == None or comm_public_key == None: print "MsgRecvSequence Error" return (dataRecv, addr) = dynamic_socket.recvfrom(4096) comm_public_key = serialization.load_pem_public_key( comm_public_key, backend=default_backend() ) comm_private_key = serialization.load_pem_private_key( comm_private_key, password=None, backend=default_backend() ) msg = decryptSendMsg(dataRecv, comm_private_key, comm_public_key) print "Message Recieved From "+peername+" : " print msg except socket.timeout: print "socket timeout" except: print "Unexpected error:", sys.exc_info()[0] finally: dynamic_socket.close()
def AuthSequenceB(dynamic_socket, peerAdd, init_msg): global server_socket global sender_private_key global dh_aes_key print "AuthSequenceB" # Decrypt peer's user name dataRecv = RSADecrypt(init_msg, sender_private_key) r2 = dataRecv[0:LengthN] peername = str(dataRecv[LengthN:len(dataRecv)]) # Fetch peer's AuthKey N1 = os.urandom(LengthN) iv = os.urandom(LengthIV) sendinfo = AESEncrypt('send ' + peername, dh_aes_key, iv) send_msg = bytes(N1) + bytes(username + ',' + sendinfo) # Encrypt send_msg using new aes key and then encrypt the aes key using server public key sym_key = keygen() encrypted_send = AESEncrypt(send_msg, sym_key, iv) cipher_sym_key = RSAEncrypt(sym_key, serverpubkey) send_msg = bytes(0x01) + bytes(iv) + bytes(cipher_sym_key) + bytes( encrypted_send) print('Sending send command') server_socket.sendto(send_msg, (serverIP, int(serverPort))) (Dport, addr) = server_socket.recvfrom(4096) # Receive peer info from the server (dataRecv, addr) = server_socket.recvfrom(4096) offset = InitOffset iv1 = dataRecv[offset:offset + LengthIV] offset += LengthIV ciphernew = dataRecv[offset:len(dataRecv)] # Decrypt ciphernew peerInfo = AESDecrypt(dh_aes_key, iv1, ciphernew) peerAdd_s = peerInfo.split(',')[0] if peerAdd_s != peerAdd[0]: print "Peer doesn't match... maybe impersonated..." return peerRSAKey = peerInfo.split(',')[2] peerRSAKey = serialization.load_pem_public_key(peerRSAKey, backend=default_backend()) # Finish the authentication r1 = os.urandom(LengthN) r1_e = RSAEncrypt(r1, peerRSAKey) msg = bytes(r2) + bytes(r1_e) print "Send reply to peer: " + peerAdd[0] + " : " + str(peerAdd[1]) dynamic_socket.sendto(msg, (peerAdd[0], int(peerAdd[1]))) # Waiting for CommKey (dataRecv, addr) = dynamic_socket.recvfrom(4096) r1_d = dataRecv[InitOffset:LengthN] if r1_d != r1: print 'Verification failed' return peerRSACommKey = dataRecv[LengthN:len(dataRecv)] peerRSACommKey = decryptSendMsg(peerRSACommKey, sender_private_key, peerRSAKey) # Generate CommKey and send to peer try: comm_private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048, backend=default_backend()) except: print("The provided backend does not implement RSABackend") return None # Obtain the public key from the private key generated using RSA comm_public_key = comm_private_key.public_key() try: pem = comm_public_key.public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo) pem_s = comm_private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption()) except: print("Serialization failed") return None key = serialization.load_pem_public_key(peerRSACommKey, backend=default_backend()) pem_cipher = encryptSendMsg(key, sender_private_key, pem) dynamic_socket.sendto(pem_cipher, (peerAdd[0], int(peerAdd[1]))) return (peername, pem_s, peerRSACommKey)
def AuthSequenceA(peerInfo): global username global sender_private_key peer_ip = peerInfo.split(',')[0] # IP address of the peer peer_port = peerInfo.split(',')[1] # Port Number of the peer peer_authKey = peerInfo.split(',')[2] # RSA Public key of the peer # Sending GREETING to another client (dynamic_socket, dynamic_port) = createDynamicPort() print "CreateDynamicPort for peer auth: " + str(dynamic_port) peer_authKey = serialization.load_pem_public_key(peer_authKey, backend=default_backend()) r2 = os.urandom(LengthN) greeting_msg = bytes(r2) + bytes(username) # Encrypt the greeting message with the rsa public key of the peer greeting_msg = RSAEncrypt(greeting_msg, peer_authKey) print "peer_ip = " + peer_ip print "peer_port = " + peer_port dynamic_socket.sendto(greeting_msg, (peer_ip, int(peer_port))) # Waitng to receive portInfo (Dport, addr) = dynamic_socket.recvfrom(4096) print "Dport = " + Dport (dataRecv, addr) = dynamic_socket.recvfrom(4096) # Use this port info to finish authentication if addr[0] != peer_ip: print "Peer doesn't match... maybe impersonated..." return (None, None, dynamic_socket, addr) r2_d = dataRecv[0:LengthN] if r2_d != r2: print "R2 verification failed!" return (None, None, dynamic_socket, addr) r1_e = dataRecv[LengthN:len(dataRecv)] r1 = RSADecrypt(r1_e, sender_private_key) # Generate CommKey and send to peer try: comm_private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048, backend=default_backend()) except: print("The provided backend does not implement RSABackend") return (None, None, dynamic_socket, addr) # Obtain the public key from the private key generated using RSA comm_public_key = comm_private_key.public_key() try: pem = comm_public_key.public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo) pem_s = comm_private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption()) except: print("Serialization failed") return (None, None, dynamic_socket, addr) pem_cipher = encryptSendMsg(peer_authKey, sender_private_key, pem) msg = bytes(r1) + bytes(pem_cipher) dynamic_socket.sendto(msg, (peer_ip, int(Dport))) (peerCommKey, addr) = dynamic_socket.recvfrom(4096) if addr[0] != peer_ip: print "Peer doesn't match... maybe impersonated..." return (None, None, dynamic_socket, addr) peerCommKey = decryptSendMsg(peerCommKey, comm_private_key, peer_authKey) return (peerCommKey, pem_s, dynamic_socket, addr)
def AuthSequenceB(dynamic_socket, peerAdd, init_msg): global server_socket global sender_private_key global dh_aes_key print "AuthSequenceB" # Decrypt peer's user name dataRecv = RSADecrypt(init_msg, sender_private_key) r2 = dataRecv[0:LengthN] peername = str(dataRecv[LengthN:len(dataRecv)]) # Fetch peer's AuthKey N1 = os.urandom(LengthN) iv = os.urandom(LengthIV) sendinfo = AESEncrypt('send '+ peername, dh_aes_key, iv) send_msg = bytes(N1) + bytes(username + ',' + sendinfo) # Encrypt send_msg using new aes key and then encrypt the aes key using server public key sym_key = keygen() encrypted_send = AESEncrypt(send_msg, sym_key, iv) cipher_sym_key = RSAEncrypt(sym_key, serverpubkey) send_msg = bytes(0x01) + bytes(iv) + bytes(cipher_sym_key) + bytes(encrypted_send) print('Sending send command') server_socket.sendto(send_msg, (serverIP, int(serverPort))) (Dport, addr) = server_socket.recvfrom(4096) # Receive peer info from the server (dataRecv, addr) = server_socket.recvfrom(4096) offset = InitOffset iv1 = dataRecv[offset:offset+LengthIV] offset += LengthIV ciphernew = dataRecv[offset:len(dataRecv)] # Decrypt ciphernew peerInfo = AESDecrypt(dh_aes_key, iv1, ciphernew) peerAdd_s = peerInfo.split(',')[0] if peerAdd_s!=peerAdd[0]: print "Peer doesn't match... maybe impersonated..." return peerRSAKey = peerInfo.split(',')[2] peerRSAKey = serialization.load_pem_public_key(peerRSAKey, backend=default_backend()) # Finish the authentication r1 = os.urandom(LengthN) r1_e = RSAEncrypt(r1, peerRSAKey) msg = bytes(r2)+bytes(r1_e) print "Send reply to peer: " + peerAdd[0] + " : " + str(peerAdd[1]) dynamic_socket.sendto(msg, (peerAdd[0], int(peerAdd[1]))) # Waiting for CommKey (dataRecv, addr) = dynamic_socket.recvfrom(4096) r1_d = dataRecv[InitOffset:LengthN] if r1_d!=r1: print 'Verification failed' return peerRSACommKey = dataRecv[LengthN:len(dataRecv)] peerRSACommKey = decryptSendMsg(peerRSACommKey, sender_private_key, peerRSAKey) # Generate CommKey and send to peer try: comm_private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, backend=default_backend()) except: print("The provided backend does not implement RSABackend") return None # Obtain the public key from the private key generated using RSA comm_public_key = comm_private_key.public_key() try: pem = comm_public_key.public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo) pem_s = comm_private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption() ) except: print("Serialization failed") return None key = serialization.load_pem_public_key(peerRSACommKey, backend=default_backend()) pem_cipher = encryptSendMsg(key, sender_private_key, pem) dynamic_socket.sendto(pem_cipher, (peerAdd[0], int(peerAdd[1]))) return (peername, pem_s, peerRSACommKey)
def AuthSequenceA(peerInfo): global username global sender_private_key peer_ip = peerInfo.split(',')[0] # IP address of the peer peer_port = peerInfo.split(',')[1] # Port Number of the peer peer_authKey = peerInfo.split(',')[2] # RSA Public key of the peer # Sending GREETING to another client (dynamic_socket, dynamic_port) = createDynamicPort() print "CreateDynamicPort for peer auth: " + str(dynamic_port) peer_authKey = serialization.load_pem_public_key(peer_authKey, backend=default_backend()) r2 = os.urandom(LengthN) greeting_msg = bytes(r2) + bytes(username) # Encrypt the greeting message with the rsa public key of the peer greeting_msg = RSAEncrypt(greeting_msg, peer_authKey) print "peer_ip = " + peer_ip print "peer_port = " + peer_port dynamic_socket.sendto(greeting_msg,(peer_ip,int(peer_port))) # Waitng to receive portInfo (Dport, addr) = dynamic_socket.recvfrom(4096) print "Dport = " + Dport (dataRecv, addr) = dynamic_socket.recvfrom(4096) # Use this port info to finish authentication if addr[0]!= peer_ip: print "Peer doesn't match... maybe impersonated..." return (None, None, dynamic_socket, addr) r2_d = dataRecv[0:LengthN] if r2_d != r2: print "R2 verification failed!" return (None, None, dynamic_socket, addr) r1_e = dataRecv[LengthN:len(dataRecv)] r1 = RSADecrypt(r1_e, sender_private_key) # Generate CommKey and send to peer try: comm_private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, backend=default_backend()) except: print("The provided backend does not implement RSABackend") return (None, None, dynamic_socket, addr) # Obtain the public key from the private key generated using RSA comm_public_key = comm_private_key.public_key() try: pem = comm_public_key.public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo) pem_s = comm_private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption() ) except: print("Serialization failed") return (None, None, dynamic_socket, addr) pem_cipher = encryptSendMsg(peer_authKey, sender_private_key, pem) msg = bytes(r1)+bytes(pem_cipher) dynamic_socket.sendto(msg,(peer_ip, int(Dport))) (peerCommKey, addr) = dynamic_socket.recvfrom(4096) if addr[0]!= peer_ip: print "Peer doesn't match... maybe impersonated..." return (None, None, dynamic_socket, addr) peerCommKey = decryptSendMsg(peerCommKey, comm_private_key, peer_authKey) return (peerCommKey, pem_s, dynamic_socket, addr)