def accept_session_packet(connection, keystore, mode_name='CFB'): iv = open("iv.txt", 'rb').read(16) ks = KeyStore(keystore, os.path.abspath('')) key = str.encode(ks.keys['mother_base_key'].public_key) ct = b"" #while True: chunk = connection.recv(512) #if not chunk: #break ct += chunk so = SealedObject() packet = so.deserialize(ct) cipher = ciphers.KeyAES(key, 'CFB8', False, packet.iv) sk = cipher.decrypt(packet.msg) #send private key connection.sendall(ct) #click.echo(click.style('Decryption successful!', bold = True, fg = 'green')) return sk
def decrypt_AES_with_key_mac(connection, outfile, s_key, hmac): ct = b"" while True: chunk = connection.recv(50) if not chunk: break ct += chunk so = SealedObject() packet = so.deserialize(ct) #verify mac if not hmac.verMAC(packet.msg, 0, packet.mac): #reject click.echo(click.style('Decryptionphailed', bold = True, fg = 'red')) else: cipher = ciphers.KeyAES(s_key, 'CFB8', False, packet.iv) dt = cipher.decrypt(packet.msg) outfile.write(dt) click.echo(click.style('Decryption successful!', bold = True, fg = 'green'))
def decrypt_AES_with_key_mac(connection, outfile, s_key, hmac, mode_name='CFB8'): ct = b"" while True: chunk = connection.recv(50) if not chunk: break ct += chunk so = SealedObject() packet = so.deserialize(ct) #verify mac if not hmac.verMAC(packet.msg, packet.mac): #reject click.echo(click.style('Decryptionphailed', bold = True, fg = 'red')) else: cipher = ciphers.KeyAES(s_key, 'CFB8', False, packet.iv) dt = cipher.decrypt(packet.msg) outfile.write(dt) click.echo(click.style('Decryption successful!', bold = True, fg = 'green'))
def cli(filename): """Send file over to server""" s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) host = '127.0.0.1' port = 4567 click.echo(click.style('Connecting...', bold=True, fg='yellow')) try: s.connect((host, port)) except socket.error as msg: click.echo( click.style('Error connecting to server: ' + str(msg[1]), bold=True, fg='red')) pt = b"" while True: chunk = filename.read(100) if not chunk: break pt += chunk r_pkt = s.recv(2048) #click.echo(click.style('Client: public key = %s' % rsa_public_key, bold = True, fg = 'green')) so = SealedObject() pkt = so.deserialize(r_pkt) signature = pkt.get_attribute('sig') pem = pkt.msg rsa_public_key = serialization.load_pem_public_key( pem.encode(), backend=default_backend() ) #.public_bytes(serialization.Encoding.PEM, serialization.PublicFormat.SubjectPublicKeyInfo) key_bytes = rsa_public_key.public_bytes( serialization.Encoding.PEM, serialization.PublicFormat.SubjectPublicKeyInfo) verifier = rsa_public_key.verifier( signature, padding.PSS(mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH), hashes.SHA256()) verifier.update(key_bytes) try: verifier.verify() except InvalidKey: click.echo(click.style('Error verifying key', bold=True, fg='red')) return sk = os.urandom(32) sk1 = sk[0:16] sk2 = sk[16:32] so = SealedObject() csk = so.seal_asym(sk, rsa_public_key) s.sendall(csk) cipher = ciphers.KeyAES(sk1, 'CFB8', False) ct = cipher.encrypt(pt) hmac = mac.MAC(sk2) mac1 = hmac.genMAC(ct, 0) pkt = packet.Packet(ct, mac1, cipher.iv) so = SealedObject() csk = so.serialize(pkt) s.send(csk) s.close() click.echo(click.style('File sent!', bold=True, fg='green'))