def trust_server(self,client, challenge):
# loads citizen card
rsa = RSAKGen()
citizen = CitizenCard()
certificate = citizen.load_authentication_certificate()
self.digital_signature = citizen.digital_signature(challenge)
self.last = client.username
digital_signature = self.digital_signature
rsa_sign = rsa.sign_message(client.username.encode('utf-8'), client.private_key)
# builds trust message
json_message = "{\n\"rsa_signature\" : \"" + str(base64.b64encode(rsa_sign), "utf-8")+ "\", \n"
json_message += "\"username\" : \"" + client.username + "\", \n"
json_message += "\"certificate\" : \"" + str(base64.b64encode(certificate.public_bytes(serialization.Encoding.PEM)), "utf-8") + "\", \n"
json_message += "\"digital_signature\" : \"" + str(base64.b64encode(digital_signature), "utf-8") + "\" \n}"
return json_message
def create_auction(self, client):
message = "{ \"type\" : \"create_auction\" ,\n"
message += "\"username\" : \"" + client.username + "\",\n"
# Now ask for all the details
print("\n")
# Verify the fields
# Auction needs a name
auction_name = input("Auction name: ")
while auction_name == "":
auction_name = input("Auction name: ")
# If there is no description then put it as None
auction_description = input("Auction description: ")
if auction_description == "":
auction_description = "None"
# If no given minimum the put it at zero $
auction_min_number_bids = input("Minimum price bid: ")
if auction_min_number_bids == "":
auction_min_number_bids = "0"
# There needs to be a limit
auction_time = input("Auction time limit (Hrs): ")
while int(auction_time) < 0:
auction_time = input("Auction time limit (Hrs): ")
# If there is no max bids then 0
auction_max_number_bids = input("Auction maximum number of bids: ")
if auction_max_number_bids == "":
auction_max_number_bids = "0"
# If there is no given names then put it as None
auction_allowed_bidders = input("Auction allowed bidders (separate with [,]): ")
if auction_allowed_bidders == "":
auction_allowed_bidders = "None"
# There must have a type
auction_type = input("Auction type ((B)lind or (N)ormal): ")
if auction_type.lower() in ["b", "blind"]:
auction_type = BLIND_AUCTION
print("Blind auction is being created...")
else:
auction_type = ENGLISH_AUCTION
print("Normal auction is being created...")
# sign the session key
rsa = RSAKGen()
signature = rsa.sign_message(client.session_key_manager,client.auction_private_key)
auction_json_message = "{\"auction_name\" : \"" + encrypt_message_sk(auction_name, client.session_key_manager)+ "\" ,\n"
auction_json_message += "\"auction_description\" : \"" + encrypt_message_sk(auction_description,
client.session_key_manager) + "\" ,\n"
auction_json_message += "\"auction_min_number_bids\" : \"" + encrypt_message_sk(auction_min_number_bids,
client.session_key_manager) + "\",\n"
auction_json_message += "\"auction_time\" : \"" + encrypt_message_sk(auction_time, client.session_key_manager) + "\" ,\n"
auction_json_message += "\"auction_max_number_bids\" : \"" + encrypt_message_sk(auction_max_number_bids,
client.session_key_manager) + "\" ,\n"
auction_json_message += "\"auction_allowed_bidders\" : \"" + encrypt_message_sk(auction_allowed_bidders,
client.session_key_manager) + "\" ,\n"
auction_json_message += "\"auction_type\" : \""+ encrypt_message_sk(auction_type, client.session_key_manager) + "\" ,\n"
# now put our public auction key and a signature to prove that he has the private key
auction_json_message += "\"auction_user_key\" : \"" + encrypt_message_sk(get_public_key_bytes(client.auction_public_key),
client.session_key_manager) + "\", \n"
auction_json_message += "\"auction_signature\" : \"" + encrypt_message_sk(str(base64.b64encode(signature), 'utf-8'),
client.session_key_manager)+ "\" \n"
auction_json_message += "}"
enc_json_message = encrypt_message_complete(base64.b64encode(auction_json_message.encode("utf-8")),
client.session_key_manager,
client.server_public_key_manager)
key = enc_json_message[0]
iv = enc_json_message[2]
data = enc_json_message[1]
hmac = HMAC_Conf.integrity_control(data.encode(), client.session_key_manager)
message += "\"message\" : \"" + data + "\",\n"
message += "\"Key\" : \"" + str(base64.b64encode(key), 'utf-8') + "\",\n"
message += "\"hmac\" : \"" + str(base64.b64encode(hmac), 'utf-8')+ "\", \n"
message += "\"iv\" : \"" + str(base64.b64encode(iv), 'utf-8') + "\"\n"
message += "}"
return message, AM_ADDRESS
def make_bid(self, message_json):
sk = self.auction_repository.session_key_clients[
message_json["username"]]
# VERIFIES THE message integrity
if not HMAC_Conf.verify_function("message", message_json, sk):
return base64.b64encode(
"{ \"type\" : \"Tempered data\"}".encode('utf-8'))
# Decrypts the message
username = message_json["username"]
data = decrypt_data(
self.auction_repository.session_key_clients[username],
message_json["message"], base64.b64decode(message_json["iv"]),
base64.b64decode(message_json["Key"]),
self.auction_repository.private_key)
# Loads the message to json
message_json = json.loads(data, strict="False")
auction_id = unpadd_data(
message_json["auction_id"],
self.auction_repository.session_key_clients[username])
bidder = unpadd_data(
message_json["bidder"],
self.auction_repository.session_key_clients[username])
amount = unpadd_data(
message_json["amount"],
self.auction_repository.session_key_clients[username])
signature = unpadd_data(
message_json["signature"],
self.auction_repository.session_key_clients[username])
certificate = unpadd_data(
message_json["certificate"],
self.auction_repository.session_key_clients[username])
# validate certificate and signature
cert = x509.load_pem_x509_certificate(certificate, default_backend())
citizen = CitizenCard()
if not citizen.check_signature(cert, signature, amount):
return base64.b64encode(
"{ \"type\" : \"No valid signature\"}".encode('utf-8'))
if not citizen.validate_certificate(cert):
return base64.b64encode(
"{ \"type\" : \"No valid certificate\"}".encode('utf-8'))
auction = self.auction_repository.auctions[str(auction_id, "utf-8")]
response = auction.makeBid(bidder, amount, signature, certificate)
if not response:
return base64.b64encode(
"{ \"type\" : \"No success\"}".encode('utf-8'))
# create receipt
rsa_kg = RSAKGen()
block = auction.blockchain[-1]
server_signature = rsa_kg.sign_message(
block.hash, self.auction_repository.private_key)
server_signature = encrypt_message_sk(server_signature, sk)
uuids = encrypt_message_sk(str(uuid.uuid1()), sk)
last = encrypt_message_sk(block.hash, sk)
bidder = encrypt_message_sk(bidder, sk)
receipt = create_receipt(encrypt_message_sk(str(block.timestamp), sk),
encrypt_message_sk(str(auction_id),
sk), server_signature,
encrypt_message_sk(amount, sk),
encrypt_message_sk(signature, sk), uuids,
last, bidder)
# cipher receipt with pub_key
client_pub = rsa_kg.load_public_key(os.getcwd() + "/Clients/" +
username)
enc_json_message = encrypt_message_complete(
base64.b64encode(receipt.encode("utf-8")), sk, client_pub)
key = enc_json_message[0]
iv = enc_json_message[2]
data = enc_json_message[1]
hmac = HMAC_Conf.integrity_control(
data.encode(),
self.auction_repository.session_key_clients[username])
message = "{ \"type\" : \"receipt\", \n"
message += "\"message\" : \"" + data + "\",\n"
message += "\"Key\" : \"" + str(base64.b64encode(key),
'utf-8') + "\",\n"
message += "\"hmac\" : \"" + str(base64.b64encode(hmac),
'utf-8') + "\", \n"
message += "\"iv\" : \"" + str(base64.b64encode(iv), 'utf-8') + "\"\n"
message += "}"
return base64.b64encode(message.encode("utf-8"))