Esempio n. 1
0
def request_authentication(username, sock, sip, sport):
  a = util.get_random_number()
  A = util.get_public_ephemeral(a)
  msg = encrypt_message(username, A)
  #print("A: %s, a: %s, msg: %s") %(A, a, msg)
  # start a thread that only handles receipt of messages 
  #start_new_thread(receiveMessages, (sock,))	
  send_msg_to_server(sock, msg, sip, sport)
  '''
Esempio n. 2
0
def get_params(uname, A, s):
  try:
    if uname and A:
      b = util.get_random_number()
      p = client_store[uname]
      x = util.H(s, uname, p)
      N, g = util.get_ng()
      v = pow(g, x, N)  
      k = util.get_K()
      B = (k*v + pow(g, b, N)) % N
      return B, v, b
    else:
      print(' Please enter valid username and password ')
  except Exception as e:
    print(' Invalid username password entered... ')
Esempio n. 3
0
def request_authentication(username, sock, sip, sport, password):
  a = util.get_random_number()
  A = util.get_public_ephemeral(a)
  message = {}
  message.update({'username': username})
  message.update({'A': A})
  try:
    msg = util.encrypt_message_PSK(message, SERVER_KEY)
  except Exception as e:
    print "An error occured while encrypting the text message - ", message, "! %s" %e
  try:
    #start_new_thread(receiveMessages, (sock,)) 
    sock.connect((sip, int(sport)))
    send_message(sock, msg, sip, sport)
    progress[username] = 1
    t1 = Thread(target=receiveMessages, args=(sock, username, sip, sport, A, password, a))
    t1.start()
    t1.join()
    if(EXIT_IN_ERROR):
      sys.exit()
  except ServerConnectionBroken:
    print 'Connection broken !!'
    sys.exit()
Esempio n. 4
0
def non_blocking_listen(server, current_username):
  global USERNAME_TO_PORT
  global CHAT_NONCE
  global shared_key
  global g
  global p 
  global a
  global df_keys
  global message_tracker 
  global IV_tracker
  global df_progress
  global port_tracker

  udp_socket = create_udp_socket()
  udp_socket.bind(server.getsockname())
  read_sockets = [server, sys.stdin, udp_socket]
  write_sockets = []
  message_queue = {}
  timeout = 30
  try:
    while(read_sockets):
      #print("Waiting for read/write event...")
      readable, writable, exceptional = select.select(read_sockets, write_sockets, read_sockets, timeout)

      for s in readable:
        if s == sys.stdin:
          command = s.readline().strip()
          if command.lower() == 'list' or command.lower() == 'logout':
            global ACTION_NONCE
            ACTION_NONCE = util.get_random_number()
            message = {}
            message.update({'ACTION': command.upper()})
            message.update({'username': current_username})
            message.update({'NONCE': ACTION_NONCE})
            try:
              final_kas = util.MD5_HASH(shared_key)
              to_send = util.encrypt_message_KAS(message, final_kas, GENERATED_IV)
            except Exception as e:
              print "An error occured while encrypting the text message for ACTION. ", message, "! %s" %e
            send_message(server, to_send, sip, sport)
          
          # you are A
          if command.split(" ")[0] == "send":
            chat_text = command.split(" ")[1:]
            sender_username = chat_text[0]
            message_tracker[sender_username] = ' '.join(chat_text)

            #udp_socket.sendto(' '.join(chat_text[1:]),('localhost',int(USERNAME_TO_PORT[sender_username])))

            # update
            CHAT_NONCE = util.get_random_number()
            message = {}
            message.update({'ACTION': 'CHAT'})
            message.update({'A': current_username})
            message.update({'B': sender_username})
            message.update({'NONCE': CHAT_NONCE})
            try:
              final_kas = util.MD5_HASH(shared_key)
              to_send = util.encrypt_message_KAS(message, final_kas, GENERATED_IV)
            except Exception as e:
              print "An error occured while encrypting the text message for ACTION. ", message, "! %s" %e
            send_message(server, to_send, sip, sport)
            # update ends 

        if s is server and s != sys.stdin:
          data = s.recv(40960)
          if data:
            pickled_data = pickle.loads(data)
            #print("Received data - %s from %s" %(pickled_data, s.getpeername()))

            hash_shared_key = util.MD5_HASH(shared_key)
            response = util.decrypt_using_Kas(pickled_data, hash_shared_key, GENERATED_IV)
            d = ast.literal_eval(response)
            
            valid = False
            if(str(d['ACTION']).strip() == 'LIST'):
              list_message = d['MESSAGE']
              list_of_users = []
              if type(list_message) == str:
                print list_message
              else:
                print "~~~~~~~~~~~~~ Online Users ~~~~~~~~~~~~~"
                for item in list_message:
                  username =  item[0]
                  portip = item[1]
                  port = portip.split(":")[1]
                  USERNAME_TO_PORT.update({username:int(port)})
                  print username
                print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
              valid = True
              
            if(str(d['ACTION']).strip() == 'LOGOUT'):
              received_nonce = d['MESSAGE']
              if(long(received_nonce) + 1 == ACTION_NONCE):
                print "Confirming logout"
                valid = True
            
            if valid:
              challenge_nonce = d['NONCE']
              decrement_nonce = long(challenge_nonce) - 1
              try:
                final_kas = util.MD5_HASH(shared_key)
                to_send = util.encrypt_message_KAS(decrement_nonce, final_kas, GENERATED_IV)
              except Exception as e:
                print "An error occured while encrypting the text message for ACTION. ", message, "! %s" %e
              send_message(server, to_send, sip, sport)

              if(str(d['ACTION']).strip() == 'LOGOUT'):
                server.close()
                for s in read_sockets:
                  if s != sys.stdin:
                    s.close()
                for s in write_sockets:
                  s.close()
                #sys.exit()
            #message_queue[s].put(pickled_data)

            # update starts 

            # you are A
            if(str(d['ACTION']).strip() == 'CHAT'):
              ticket = d['TICKET']
              b_port = d['B_PORT']
              b_ip = d['B_IP']
              b_pk = d['B_PK']
              b_iv = d['B_IV']
              b = d['B']
              IV_tracker[b] = b_iv
              port_tracker[b] = int(b_port)
              nonce = d['NONCE']
              new_challenge = d['CHALLENGE']


              if(long(nonce) + 1 == long(CHAT_NONCE)):
                message = {}
                message.update({'TICKET': ticket})
                message.update({'NONCE': new_challenge})
                a = random.randint(1, 9)
                A = (g**a) % p
                message.update({'A': A})
                message.update({'g': g})
                message.update({'p': p})

                try:
                  msg = util.encrypt_with_PSK(message, b_pk)
                  #pickled_msg = pickle.dumps(msg)
                except Exception as e:
                  print "An error occured while encrypting the text message - ", message, "! %s" %e

                protocol_identity = {}
                protocol_identity.update({'CIPHER': msg})
                protocol_identity.update({'PROTOCOL': 'PUBLIC_KEY'})

                pickled_msg = pickle.dumps(protocol_identity)
                udp_socket.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 18000)
                udp_socket.sendto(pickled_msg,('localhost',int(b_port)))

              # update ends 

          else:
            print("Connection closed")
            if s in write_sockets:
              write_sockets.remove(s)
            read_sockets.remove(s)
            close_socket(s)
            del message_queue[s]

        elif s == udp_socket:

          # update begins 

          msg = s.recvfrom(30000)
          if msg:
            pickled_data = pickle.loads(msg[0])

            protocol = pickled_data['PROTOCOL']
            cipher = pickled_data['CIPHER']
            
            if(protocol == 'PUBLIC_KEY'):
              # You are user B
              cipher2, e_iv , e_sym_key = extract_cipher_data(cipher)
              decrypted_data = decrypt(cipher2, e_iv, e_sym_key)
              
              if(decrypted_data.has_key('A')):
                A = long(decrypted_data['A'])
                g = long(decrypted_data['g'])
                p = long(decrypted_data['p'])

                ticket = decrypted_data['TICKET']
                nonce = decrypted_data['NONCE']
                
                b = random.randint(100, 999)
                B = (g**b) % p
                b_shared_key = (A**b) % p

                hash_shared_key = util.MD5_HASH(shared_key)
                response = util.decrypt_using_Kas(ticket, hash_shared_key, GENERATED_IV)
                d = ast.literal_eval(response)
                message = {}
                message.update({'B': B})
                # B's username 
                message.update({'username': current_username})
                a_pk = d['A_PK']
                a_ip = d['A_IP']
                a_port = d['A_PORT']
                # A's username
                username = d['A']
                ticket_nonce = d['NONCE']

                if long(nonce) == long(ticket_nonce):
                  df_keys[username] = str(b_shared_key)
                  df_progress[current_username] = (2, username)
                  try:
                    msg = util.encrypt_with_PSK(message, a_pk)
                    #pickled_msg = pickle.dumps(msg)
                  except Exception as e:
                    print "An error occured while encrypting the text message - ", message, "! %s" %e

                  protocol_identity = {}
                  protocol_identity.update({'PROTOCOL': 'PUBLIC_KEY'})
                  protocol_identity.update({'CIPHER': msg})
                  pickled_msg = pickle.dumps(protocol_identity)
                  #udp_socket.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 20000)
                  udp_socket.sendto(pickled_msg,('localhost',int(a_port)))

              else:
                # you are user A
                if(decrypted_data.has_key('B')):
                  B = long(decrypted_data['B'])
                  # B's username 
                  username = decrypted_data['username']

                  ds_shared_key = (B ** a) % p
                  df_keys[username] = str(ds_shared_key)

                  B_IV = IV_tracker[username]
                  B_port = port_tracker[username]

                  message_to_send = message_tracker[username]
                  hmac_msg = util.get_hmac(message_to_send, B_IV)
                  to_send_dict = {}
                  to_send_dict.update({'MESSAGE': message_to_send})
                  to_send_dict.update({'HMAC': hmac_msg})

                  try:
                    final_kas = util.MD5_HASH(df_keys[username])

                    to_send = util.encrypt_message_KAS(to_send_dict, final_kas, B_IV)
                  except Exception as e:
                    print "An error occured while encrypting the text message for CHAT. ", message, "! %s" %e

                  protocol_identity = {}
                  protocol_identity.update({'PROTOCOL': 'SESSION_KEY'})
                  protocol_identity.update({'CIPHER': to_send})
                  pickled_msg = pickle.dumps(protocol_identity)
                  udp_socket.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 20000)
                  udp_socket.sendto(pickled_msg,('localhost',int(B_port)))
                  
            if(protocol == 'SESSION_KEY'):
              # you are user B 
              progress_tuple = df_progress[current_username]
              
              if (progress_tuple[0] == 2):
                b_username = progress_tuple[1]
                hash_shared_key = util.MD5_HASH(str(df_keys[b_username]))

                response = util.decrypt_using_Kas(cipher, hash_shared_key, GENERATED_IV)
                d = ast.literal_eval(response)
                msg_received = d['MESSAGE']
                msg_hmac = d['HMAC']
                util.verify_with_hmac(msg_received, msg_hmac, GENERATED_IV)
                print msg_received
                del df_progress[current_username]

            # update ends

      for s in writable:
        try:
          next_msg = message_queue[s].get_nowait()
          to_send = pickle.dumps(next_msg)
        except Queue.Empty:
          print("Queue Empty")
          write_sockets.remove(s)
        else:
          print("Sending message - %s to %s" %(to_send, s.getpeername())) 
          s.send(to_send)

      for s in exceptional:
        print("Exceptional condition occurred for user - %s" %(s.getpeername()))
        read_sockets.remove(s)
        if s in write_sockets:
          write_sockets.remove(s)
        close_socket(s)
        del message_queue[s]
  except KeyboardInterrupt:
    "Inside KeyboardInterrupt!!!!!!!!"
    server.close()
    for s in read_sockets:
      if s != sys.stdin:
        s.close()
    for s in write_sockets:
      s.close()
    sys.exit()
  except:
    print 'Closing client .....'
    server.close()
    for s in read_sockets:
      if s != sys.stdin:
        s.close()
    for s in write_sockets:
      s.close()
    sys.exit()
Esempio n. 5
0
def receiveMessages(sock, username, sip, sport, A, password, a):
  while(1):
    try:
      # try to receive messages from the server
      msg = sock.recv(40960)  # changed here akshay
      if msg != '':
        msg1 = pickle.loads(msg)
        #print("Received message:%s" %(msg1))
        status = progress[username]
        if(status == 1):
          if(msg1 == 'ERROR'):
            global EXIT_IN_ERROR
            EXIT_IN_ERROR = True
            sys.exit()
          value = find_value_from_hash(msg1)
          send_message(sock, value, sip, sport)
          progress[username] = 2
      
        if(status == 2):
          challenge_pk_data = {}
          data_for_kas = {}
          final_to_server = {}
          global shared_key
          shared_key = compute_shared_key(A, msg1, username, password, a)
          final_kas = util.MD5_HASH(shared_key)
          challenge = util.get_random_number()
          global NONCE_SENT
          NONCE_SENT = challenge
          data_for_kas.update({'CHALLENGE': challenge , 'PK_CLIENT': CLIENT_PUBLIC_KEY_STR})
          Kas_encrypted_data = util.encrypt_message_KAS(data_for_kas, final_kas, GENERATED_IV)
          # add IV here 
          challenge_pk_data.update({'CHALLENGE_PK': Kas_encrypted_data, 'CHALLENGE': challenge, 'IV': GENERATED_IV})
          data_to_server = util.encrypt_message_PSK(challenge_pk_data, SERVER_KEY)
          send_message(sock, data_to_server, sip, sport)
          progress[username] = 3

        if(status == 3):
          hash_shared_key = util.MD5_HASH(shared_key)
          nonce = util.decrypt_using_Kas(msg1, hash_shared_key, GENERATED_IV)
          incremented_nonce = long(nonce) + 1
          if incremented_nonce == NONCE_SENT:
            print ("Login Success !")
            return True
          else:
            print("Authentication pending!")
            return False

      else:
        print("Connection with server is broken...")
        sys.exit()
    except KeyboardInterrupt:
      sock.close()
    # handling socket errors
    except socket.error, s_error:
      sock.close()
      error_code = s_error[0]
      error_message = s_error[1]
      print('Error in reading messages: ', error_code, ' - ', error_message)
    except Exception as e:
      print('Error occured:', e)
      sock.close()
      sys.exit()
Esempio n. 6
0
def non_blocking_listen(server):
  server.listen(5)
  read_sockets = [server]
  write_sockets = []
  message_queue = {}
  timeout = 30
  load_client_vault()
  try:
    while(read_sockets):
      readable, writable, exceptional = select.select(read_sockets, write_sockets, read_sockets, timeout)

      for s in readable:
        if s is server:
          conn, client_address = s.accept()
          print("Received connection - %s from %s" %(conn, client_address))
          conn.setblocking(0)
          read_sockets.append(conn)
          message_queue[conn] = Queue.Queue()
          client_progress[conn] = (1,)
        else:
          data = s.recv(40960)
          if data:
            pickled_data = pickle.loads(data)
            status = client_progress[s]

            if(status[0] == 1):
              #A, username = parse_data(pickled_data)
              cipher, e_iv , e_sym_key = extract_cipher_data(pickled_data)
              decrypted_data = decrypt(cipher, e_iv, e_sym_key)
              A = str(decrypted_data["A"])
              username = str(decrypted_data["username"])
              if(not logged_users.has_key(username)):
                num = util.get_random_challenge()
                hashed_num = util.get_hash(num)
                message_queue[s].put(hashed_num)
                # num is added so u can check in the next step that value sent by client is same as num 
                client_progress[s] = (2, A, username, num)
              else:
                print 'User: %s is already logged in!' %(username)
                message_queue[s].put('ERROR')

            if(status[0] == 2):
              salt = util.get_random_number() #Salt
              user_tuple = client_progress[s]
              username = user_tuple[2]
              numCheck = user_tuple[3]
              if user_tuple[1] and user_tuple[2] and pickled_data == numCheck:
                salt_and_B_dict = {}
                A = user_tuple[1]
                B, v, b = get_params(user_tuple[2], user_tuple[1], salt)
                u = util.H(A,B)
                signed_salt = util.sign_document(private_key, str(salt).encode())
                signed_B =  util.sign_document(private_key, str(B).encode())
                salt_and_B_dict.update({'SALT': salt})
                salt_and_B_dict.update({'SIGNED_SALT': signed_salt})
                salt_and_B_dict.update({'B': B})
                salt_and_B_dict.update({'SIGNED_B': signed_B})
                message_queue[s].put(salt_and_B_dict)
                Kas = util.get_server_shared_key(A, v, u, b) 
                client_progress[s] = (3, util.MD5_HASH(Kas), username)
            if(status[0] == 3):
                user_tuple = client_progress[s]
                cipher, e_iv , e_sym_key = extract_cipher_data(pickled_data)
                decrypted_data = decrypt(cipher, e_iv, e_sym_key)
                Challenge_PK = decrypted_data['CHALLENGE_PK']
                IV = decrypted_data['IV']
                final_decrypted_data = util.decrypt_using_Kas(Challenge_PK, user_tuple[1], IV)
                d= ast.literal_eval(final_decrypted_data)
                if str(d['CHALLENGE']) == str(decrypted_data['CHALLENGE']):
                  print 'Challenge matches'
                  #global logged_users
                  client_ip = s.getpeername()[0]
                  client_port = s.getpeername()[1]
                  ip_port = str(client_ip) + ":" + str(client_port)
                  logged_users[username] = (user_tuple[1], s, d['PK_CLIENT'],ip_port, IV) # .................
                else:
                  print 'Challenge does not match'

                nonce = d['CHALLENGE']
                subtracted_nonce = long(nonce) - 1
                #iv = os.urandom(16)
                encrypted_nonce = util.encrypt_message_KAS(str(subtracted_nonce), user_tuple[1], IV)
                message_queue[s].put(encrypted_nonce)
                client_progress[s] = (4, util.MD5_HASH(Kas), username, IV)

            if(status[0] == 4):
              user_tuple = client_progress[s]
              IV = user_tuple[3]
              final_decrypted_data = util.decrypt_using_Kas(pickled_data, user_tuple[1], IV)
              d= ast.literal_eval(final_decrypted_data)
              if(type(d) != long):
                valid = False
                if(action_progress.has_key(s)):
                  action_status = action_progress[s]
                  status_2 = action_status[1]
                  valid = (status_2 == 3)
                else:
                  valid = True

                if (valid):
                  if(d['ACTION'] == 'LIST'):
                    A_ip_port = ''
                    all_users = []
                    for username, value in logged_users.items():
                      if not username == d['username']:
                        A_ip_port = value[3]
                        all_users.append((username, A_ip_port))
                    if len(all_users) == 0:
                      all_users = 'No user is online currently'
                    action_challenge = util.get_random_number()
                    user_list = {}
                    user_list.update({'MESSAGE': all_users})
                    user_list.update({'NONCE': action_challenge})
                    user_list.update({'ACTION': 'LIST'})
                    final_kas = user_tuple[1]
                    try:
                      to_send = util.encrypt_message_KAS(user_list, final_kas, IV)
                    except:
                      print "An error occured while encrypting the text message for ACTION. ", message, "! %s" %e
                    message_queue[s].put(to_send)
                    action_progress[s] = ('LIST', 2, action_challenge)
                  
                  if(d['ACTION'] == 'LOGOUT'):
                    user_to_remove = d['username']
                    challenge_received = d['NONCE']
                    decrement_nonce = long(challenge_received) - 1
                    new_nonce = util.get_random_number()
                    user_list = {}
                    user_list.update({'MESSAGE': decrement_nonce})
                    user_list.update({'NONCE': new_nonce})
                    user_list.update({'ACTION': 'LOGOUT'})
                    final_kas = user_tuple[1]
                    try:
                      to_send = util.encrypt_message_KAS(user_list, final_kas, IV)
                    except:
                      print "An error occured while encrypting the text message for ACTION. ", message, "! %s" %e
                    message_queue[s].put(to_send)
                    action_progress[s] = ('LOGOUT', 2, new_nonce)
                  
                  # UPDATE START

                  if(d['ACTION'] == 'CHAT'):
                    A_ipport = ''
                    B_ipport = ''
                    A_PK = ''
                    B_PK = ''
                    Kbs = ''
                    Kas = ''
                    for username, value in logged_users.items():
                      if username == d['A']:
                        A_ipport = value[3]
                        Kas = value[0]
                        A_PK = str(value[2])
                      if username == d['B']:
                        B_ipport = value[3]
                        Kbs = value[0]
                        B_PK = value[2]

                    A_IP = A_ipport.split(":")[0]
                    A_PORT = A_ipport.split(":")[1]
                    username_A = d['A']
                    N6 = util.get_random_number()
                    TICKET = {}
                    ticket_and_stuff = {}
                    TICKET.update({'A_PORT':A_PORT})
                    TICKET.update({'A_IP':A_IP})
                    TICKET.update({'A_PK':A_PK})
                    TICKET.update({'A':username_A})
                    TICKET.update({'NONCE':N6})
                    final_kas = user_tuple[1]
                    username_B = str(d['B'])
                    # use B's IV
                    login_tuple = logged_users[username_B]    
                    B_IV = login_tuple[4]

                    Kbs_encrypted_ticket = util.encrypt_message_KAS(TICKET, Kbs, B_IV)
                    
                    N4 = d['NONCE']
                    B_IP = B_ipport.split(":")[0]
                    B_PORT = B_ipport.split(":")[1]
                    N4_minus_1 = long(N4) - 1

                    ticket_and_stuff.update({'TICKET':Kbs_encrypted_ticket})
                    ticket_and_stuff.update({'B_PORT':B_PORT})
                    ticket_and_stuff.update({'B_IP':B_IP})
                    ticket_and_stuff.update({'B_PK':B_PK})
                    ticket_and_stuff.update({'NONCE':N4_minus_1})
                    ticket_and_stuff.update({'CHALLENGE':N6})
                    ticket_and_stuff.update({'ACTION':'CHAT'})
                    ticket_and_stuff.update({'B_IV': B_IV})
                    ticket_and_stuff.update({'B': username_B})              
                    Kas_final_encrypt = util.encrypt_message_KAS(ticket_and_stuff, Kas, IV)
                    message_queue[s].put(Kas_final_encrypt)
                  #UPDATE END

              else:
                action_status = action_progress[s]
                if(action_status[1] == 2 and action_status[0] == 'LIST'):
                  action_progress[s] = (action_status[0], 3)
                if(action_status[1] == 2 and action_status[0] == 'LOGOUT'):
                  earlier_nonce = action_status[2]
                  if(long(final_decrypted_data) == long(earlier_nonce) - 1):
                    print ' deleting user info '
                    del logged_users[user_to_remove]
                    print 'Deleting user: '******' Did not receive logout confirmation '
                else:
                  print 'Message ignored'

            #message_queue[s].put(pickled_data)
            if s not in write_sockets:
              write_sockets.append(s)
          else:
            if (client_progress.has_key(s)):
              client_status = client_progress[s]
              if(client_status[0] > 1):
                print("Connection closed ...... !")
                del logged_users[client_status[2]]
                print 'Deleting user: '******'Closing server .....'
    server.close()
    for s in read_sockets:
      s.close()
    for s in write_sockets:
      s.close()