ktgs = functions.generatePassword("TGSsecret")
keytgs = AES.generateKey(str(ktgs))
while True:
try:
package = recvmsg(clientsocket)
print("Message received from client")
# print(package,"\n")
ticket_tgs_bytes = AES.decrypt(package['ticket_tgs'], keytgs)
ticket_tgs = json.loads(ticket_tgs_bytes.decode())
kctgs = ticket_tgs['kctgs']
keyctgs = AES.generateKey(kctgs)
authc = functions.getauth(kctgs, package['authenticatorC'])
if (not functions.checkTimestamp(authc['ts'])):
if (functions.verify(authc, ticket_tgs)):
idv = package['idv']
resp = response(kctgs, authc)
# print("Message before encryption\n",resp,"\n")
resp_to_send = functions.dict_encryption(resp, keyctgs)
sendmsg(resp_to_send)
print("Encrypted message sent back to the client")
# print(resp_to_send)
else:
print("Breach detected!!")
else:
print("Taking too long to respond")
except:
def on_new_client(client, connection):
ip = connection[0]
port = connection[1]
print(f"S-a conectat un nou client cu adresa ip {ip}, si portul: {port}!")
msg = client.recv(25600)
print(f"Mesajul pe care l-am primit: {msg}")
json_msg = ast.literal_eval(msg.decode("utf8"))
# msg4_decrypted = functions.decrypt_asymmetric(msg, "PG").decode("utf8")
# json_msg4_decrypted = ast.literal_eval(msg4_decrypted)
aes = functions.decrypt_asymmetric(json_msg['aes'], "PG")
pm = json_msg['PM']
pm = unpad(functions.decrypt_symmetric(pm, aes), 48)
# print("tipul este", type(pm))
# print(pm)
pm_ascii = bytes.fromhex(pm.decode("utf8"))
# print(pm_ascii)
pm_ascii = functions.decrypt_asymmetric(pm_ascii,
"PG")
# print("pm ascii este", pm_ascii)
# test = input("test")
# pm_decrypted = functions.decrypt_asymmetric(pm_ascii, "PG")
pm_decrypted_json = ast.literal_eval(pm_ascii.decode("utf8"))
pi = pm_decrypted_json['PI']
pi_signature = pm_decrypted_json['PI_signature']
if functions.verify("Client", str(pi), pi_signature):
print("Putem continua, semnatura digitala asupra lui PI e autentica")
else:
client.sendall(b'ABORT')
# signature_decrypted = unpad(functions.decrypt_symmetric(pi_signature, pi['PubKC']), 24)
# pi_hash = hashlib.md5(str(pi).encode("utf8")).hexdigest()
# if pi_hash == signature_decrypted.decode("utf8"):
# print("Putem continua, semnatura digitala asupra lui PI e autentica")
# else:
# print("nu sunt egale")
# client.sendall(b'ABORT')
with open("PG\cc.txt") as fd:
text = fd.read()
card = pi['cardN']
ccode = pi['CCode']
amount = pi['Amount']
with open("./BD/bd.json") as fd:
informations = json.load(fd)
for client_detail in informations:
if client_detail['cardN'] == card:
if int(ccode) != client_detail['ccode'] or int(amount) >= client_detail['amount']:
client.sendall(b'ABORT')
sid = pi['Sid']
pub_k_c = pi['PubKC']
amount = pi['Amount']
sid_pubkc_amount = {"sid": sid.decode("utf8"), "pubkc": pub_k_c, "amount": amount}
signature_merchant = json_msg['signature']
if functions.verify("Merchant", str(sid_pubkc_amount), signature_merchant):
print("Semnatura digitala asupra sid, pubKC si amount e autentica")
else:
client.sendall(b'ABORT')
print("Pregatim mesajul 5 catre merchant")
resp = "ok"
message5_info = {"resp": resp, "sid": sid.decode("utf8"), "amount": amount, "NC": pi['NC']}
message5_info_signature = functions.sign("PG", str(message5_info))
message5 = {"resp": resp, "sid": sid.decode("utf8"), "signature": message5_info_signature.hex()}
# message5_encrypted = functions.encrypt_asymmetric(str(message5).encode("utf8"), "Merchant")
message5_encrypted = functions.encrypt_symmetric(str(message5).encode("utf8"), aes)
client.sendall(message5_encrypted)
print(f"Clientul cu adresa ip: {ip}, si portul: {port}, a iesit!")
client.close()
def on_new_client(client, connection):
ip = connection[0]
port = connection[1]
print(f"S-a conectat un nou client cu adresa ip {ip}, si portul: {port}!")
msg = client.recv(3072)
print(f"Mesajul pe care l-am primit: {msg}")
# pub_k_c_encrypted = msg
# pub_k_c = functions.decrypt_asymmetric(pub_k_c_encrypted, "Merchant")
msg_json = msg.decode("utf8")
msg_json = ast.literal_eval(msg_json)
aes_encrypted = msg_json['aes_encrypted']
pub_k_c_encrypted = msg_json['pub_k_c_encrypted']
pub_k_c_encrypted = bytes.fromhex(pub_k_c_encrypted)
aes_encrypted = bytes.fromhex(aes_encrypted)
aes = functions.decrypt_asymmetric(aes_encrypted, "Merchant")
pub_k_c = unpad(functions.decrypt_symmetric(pub_k_c_encrypted, aes), 48)
# mesajul 2
print("Pregatim mesajul 2\n")
sid = str(randint(1000, 9999))
signature = functions.sign("Merchant", sid)
message2 = sid.encode("utf-8") + signature
print("lungimea e", len(aes))
message2_encrypted = functions.encrypt_symmetric(message2, aes)
client.sendall(message2_encrypted)
msg = client.recv(8192)
print(f"Mesajul pe care l-am primit: {msg}")
print("Pregatim mesajul 4 sa-l trimitem\n")
print("lungimea mesajului este", len(msg))
msg2_decrypted = unpad(functions.decrypt_symmetric(msg, aes), 48)
msg2_decrypted = msg2_decrypted.decode("utf8")
json_data = ast.literal_eval(msg2_decrypted)
po = json_data['PO']
oi = po['OI']
json_oi = ast.literal_eval(oi)
amount = json_oi['Amount']
oi = str(oi)
oi_signature = po['OI_signature']
if functions.verify("Client", oi, oi_signature):
print("Semnatura clientului asupra lui OI este in regula")
else:
client.sendall(b"ABORT")
PM = json_data['PM']
sid_pubkc_amount = {"sid": sid, "pubkc": pub_k_c, "amount": amount}
signature_sid_pubkc_amount = functions.sign("Merchant", str(sid_pubkc_amount))
message4_encrypted = {"PM": functions.encrypt_symmetric(str(PM).encode("utf8"), aes),
"signature": signature_sid_pubkc_amount,
"aes": functions.encrypt_asymmetric(aes, "PG")}
# message4_encrypted = functions.encrypt_asymmetric(str(message4).encode("utf8"), "PG")
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sckTTP:
try:
sckTTP.connect(("127.0.0.2", 4321))
except Exception as e:
raise SystemExit(f"Eroare la conecatarea la server: {e}")
sckTTP.sendall(str(message4_encrypted).encode("utf8"))
msg = sckTTP.recv(4096)
print(f"Mesajul pe care l-am primit: {msg}")
if msg == b'ABORT':
client.sendall(b'ABORT')
msg5_decrypted = unpad(functions.decrypt_symmetric(msg, aes), 48)
print("Pregatim mesajul 6")
msg6 = functions.encrypt_symmetric(msg5_decrypted, aes)
client.sendall(msg6)
print(f"Clientul cu adresa ip: {ip}, si portul: {port}, a iesit!")
client.close()
aes_encrypted = functions.encrypt_asymmetric(aes, "Merchant")
data_to_send = {
"pub_k_c_encrypted": pub_k_c_encrypted.hex(),
"aes_encrypted": aes_encrypted.hex()
}
data_to_send = str(data_to_send)
data_to_send = data_to_send.encode("utf8")
print(data_to_send)
sck.sendall(data_to_send)
data = sck.recv(3072)
print(f"Mesajul pe care l-am primit: {data}")
print("lungimea e", len(aes))
message2_decrypted = unpad(functions.decrypt_symmetric(data, aes), 24)
sid = message2_decrypted[:4]
signature = message2_decrypted[4:]
if not functions.verify("Merchant", sid.decode("utf8"), signature):
raise SystemExit("Certificatul este invalid!!!")
else:
print("Certificatul este valid!!!")
# mesajul 3 C->M, PM, PO
print("Suntem in etapa mesajului 3")
cardN = "3141592653589793"
with open("PG\cc.txt") as fd:
text = fd.read()
CCode = text
Amount = "999"
NC = functions.generate_once()
CardExp = "12/04"
PI = {
"cardN": cardN,
"CCode": CCode,
proxy_private = sigma lhs = gm.powmod(g, sigma, p) temp = gm.powmod(K, K, p) rhs = (v * temp) % p proxy_public = rhs print(lhs == rhs) m = 12345678 (ori_r, ori_sig) = fn.sign(m, g, original_private, p) ori_verify = fn.verify(p, g, original_public, ori_r, ori_sig, m) print(ori_verify) (proxy_r, proxy_sig) = fn.sign(m, g, proxy_private, p) proxy_verify = fn.verify(p, g, proxy_public, proxy_r, proxy_sig, m) print(proxy_verify) (ori_r, ori_sig) = fn.sign(m, g, original_private, p) ori_verify = fn.verify(p, g, proxy_public, ori_r, ori_sig, m) print(ori_verify) (proxy_r, proxy_sig) = fn.sign(m, g, proxy_private, p) proxy_verify = fn.verify(p, g, original_public, proxy_r, proxy_sig, m)
try:
package = recvmsg(clientsocket)
print("Message received from the client")
if (type(package) == type({})):
ticket_v_bytes = AES.decrypt(package['ticketv'], keyv)
ticketv = json.loads(ticket_v_bytes.decode())
kcv = ticketv['kcv']
idc = ticketv['idc']
keycv = AES.generateKey(kcv)
authc = functions.getauth(kcv, package['authenticatorC'])
if (not functions.checkTimestamp(authc['ts'])):
if (functions.verify(authc, ticketv)):
print("User verified\n")
ts5 = str(round(time.time()) + 1)
msg_to_client = AES.encrypt(ts5, keycv)
clientInfo[idc] = {'keycv': keycv, 'lt': ticketv['lt4']}
sendmsg(msg_to_client)
print("Encrypted Message sent back to the client")
encrypted_homepage = sendhomepage(clientsocket, keycv)
sendmsg(encrypted_homepage)
else:
print("Breach detected")
else: