def __init__(self,ip,port,userId): try: self.id = userId key = generateRSAkey() self.pukey = key.publickey().exportKey() self.prkey = key.exportKey() #generating DH keys prDHKey = random.randint(100,1000) self.sessionKey = "" #Setting up socket server = socket.socket(socket.AF_INET,socket.SOCK_STREAM) server.connect((ip,int(port))) server.send("User") brokerPbKey = exchangePublicKey(server, self.pukey) if brokerPbKey: print "User - Broker Key exchange successful" #Diffie-Hellman Key Exchange Starts here sendData(getDHkey(prDHKey), server, brokerPbKey) data = decryptMsg(server.recv(1024), key) brokerSessionKey = getSessionKey(data, prDHKey) sendData(getHash(brokerSessionKey), server, brokerPbKey) ack = decryptMsg(server.recv(1024), key) if ack == "ACK": print "DH Authentication successful" inp = raw_input("Enter the Seller IP address & port (format:-ipaddress:port): ") sendData(inp, server, brokerPbKey) sellerPbKey = "" sellerPbKey = server.recv(2048) print "Received Seller key in User" print sellerPbKey server.send("ACK") prDHKey = random.randint(100,1000) sendData(getDHkey(prDHKey), server, sellerPbKey) sellerNounce = decryptMsg(server.recv(2048), key) nounce = getSessionKey(sellerNounce.split("~")[0], prDHKey) if getHash(nounce) == sellerNounce.split("~")[1]: data = AESCipher(nounce).encrypt("NOUNCE VERIFIED") server.send(data) data = server.recv(2048) broucher = AESCipher(nounce).decrypt(data) print broucher inp = raw_input("Press the number to select any product: ") data = AESCipher(nounce).encrypt(inp) server.send(data) data = server.recv(1024) price = AESCipher(nounce).decrypt(data) sellerId = price.split(";")[1] price = price.split(";")[0] print "Price of the product you want to buy is $" + str(price) time.sleep(0.5) inp = raw_input("Are you sure you want to buy? [Y/N]: ") date = str(datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")) dbTransact = str(self.id+";"+price+";"+sellerId+";"+date) sign = signData(dbTransact, self.prkey) if inp == "Y": data = AESCipher(getHash(brokerSessionKey)).encrypt(dbTransact+"~"+sign) server.send(data) data = server.recv(2048) imgSize = AESCipher(nounce).decrypt(data) print imgSize if imgSize.startswith('SIZE'): tmp = imgSize.split() size = int(tmp[1]) print 'got size' print 'size is %s' % size data = AESCipher(nounce).encrypt("GOT SIZE") server.send(data) imgData = server.recv(40960000) imageString = AESCipher(nounce).decrypt(imgData) output_file = open("Output/output_"+self.id+".jpg", "wb") output_file.write(imageString.decode('base64')) output_file.close() server.close() print "Transaction completed successfully. Hope to see you soon again" else: print "Error in getting image size" server.close() else: sendData("No Purchase", server, key) else: data = AESCipher(nounce).encrypt("NOUNCE MISMATCH") server.send(data) print "Unable to authenticate seller" server.close() else: sendData("Error", server, brokerPbKey) else: print "Improper Broker Public key" server.close() except Exception as e: print e server.close()
def onUserConnect(client, addr): try: key = generateRSAkey() pukey = key.publickey().exportKey() userPbKey = exchangeUserRSAPbKey(client, pukey) if userPbKey: #Diffie-Hellman Key Exchange Starts here data = decryptMsg(client.recv(1024), key) sendData(getDHkey(prDHkey), client, userPbKey) userBrokerNounce = getSessionKey(data, prDHkey) nounceHash = getHash(userBrokerNounce) userNounceHash = decryptMsg(client.recv(1024), key) if userNounceHash == nounceHash: sendData("ACK", client, userPbKey) ipadd = decryptMsg(client.recv(1024), key) if "Error" not in data: #DH Authentication Successful and Now can transmit messages #Now get Seller Ip address from the user and connect to the Seller print ipadd brokerRsaKey = generateRSAkey() brokerPuKey = brokerRsaKey.publickey().exportKey() server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) port = int(ipadd.split(":")[1]) server.connect((ipadd.split(":")[0], port)) server.send("Broker") sellerPbKey = exchangeSellerRSAPbKey(server, brokerPuKey) print "Seller Pb Key received" print sellerPbKey if sellerPbKey: #Diffie-Hellman Key Exchange Starts here sendData(getDHkey(prDHkey), server, sellerPbKey) print "Broker - Seller Key Exchange successful" print "DH exchange starts" data = decryptMsg(server.recv(1024), brokerRsaKey) nounce = getSessionKey(data, prDHkey) sendData(getHash(nounce), server, sellerPbKey) ack = decryptMsg(server.recv(1024), brokerRsaKey) if ack == "ACK": print "DH Authentication successful" server.send(userPbKey) client.send(sellerPbKey) ackUser = client.recv(3) ackSeller = server.recv(1024) print ackSeller print ackUser if ackUser == "ACK" and ackSeller == "ACK": data = client.recv(1024) server.send(data) print "Nounce exchange in Process between Seller and User" data = server.recv(2048) client.send(data) ack = client.recv(1024) server.send(ack) broucher = server.recv(2048) client.send(broucher) userinp = client.recv(1024) server.send(userinp) price = server.recv(1024) client.send(price) data = AESCipher(nounceHash).decrypt( client.recv(1024)) dbTransact = data.split("~")[0] if "No Purchase" not in data and verifySign( dbTransact, userPbKey, data.split("~")[1]): print "User authenticated Seller" price = dbTransact.split(";")[1] if price: confFile = open( os.path.join( os.path.abspath( '.\\paymentDB'), "payment.csv"), "a") data = str(dbTransact) confFile.write( dbTransact.replace(";", ",")) confFile.write("\n") confFile.close() sendData("Paid " + str(price), server, sellerPbKey) size = server.recv(1024) client.send(size) data = client.recv(1024) server.send(data) img = server.recv(40960000) client.send(img) client.close() server.close() else: print "Purchase Aborted. Closing the Servers" client.close() server.close() else: print "Unable to get acks for public key exchange between seller and user" server.close() client.close() else: sendData("Error", server, sellerPbKey) server.close() client.close() else: print "Nounce didn't match between user and brokers" client.close() else: print "Nounce exchange failed" client.close() except Exception as e: client.close() print "Unable to process user message in broker" print e return None