def process_step4_phase3(sock, rply):
ip = base64.b64decode(rply.ip)
port = rply.udp_port
#Verify the R! sent in the last message is same as R1 given in the first message.
decrypted_r1 = base64.b64decode(rply.nonce_r1)
decrypted_r1 = Decrypt.decrypt_message(decrypted_r1, dh_shared_key_u2,
RANDOM)
if decrypted_r1 != R1:
print 'R1 does not match, Something went wrong. Exiting.'
exit()
decrypted_signed_key = base64.b64decode(rply.secret_key)
decrypted_signed_key = Decrypt.decrypt_message(decrypted_signed_key,
dh_shared_key_u2, RANDOM)
#Verify signature on Diffie Hellman
public_key_file_user2 = USER2 + '_public_key.pem'
public_key_user2 = CommonMethod.get_public_key(public_key_file_user2)
verify_sign(public_key_file_user2, dh_shared_key_u2, decrypted_signed_key)
#Prepare message that the user1 wants to give user2
#hash the message, encrypt it and then send to user1.
rply.type = pb_example_pb2.Reply.SEND_3
message_to_send = 'Hi ' + USER2 + ' ,this is ' + USER1
message_hash = hashing_process(message_to_send, RANDOM)
encrypted_message = Encrypt.encrypt(message_to_send, dh_shared_key_u2,
RANDOM)
rply.message = base64.b64encode(encrypted_message)
encrypted_dh_key = Encrypt.asy_encrpt_key(dh_shared_key_u2,
public_key_user2)
rply.secret_key = base64.b64encode(encrypted_dh_key)
rply.hash = base64.b64encode(message_hash)
rply.ip = base64.b64encode(args.ip_addr)
rply.port = random_port
sqlconn = sqlite3.connect("db.sqlite")
# c = sqlconn.cursor()
# sql = "SELECT port,ip from active_users where name = ?"
# c.execute(sql,(USER2,))
# result = c.fetchone()
# port = result[0]
# print 'Port is '
# print port
# port = int(port)
# ip = result[1]
# print 'IP address is'
# print ip
# ip = ip.encode('utf-8')
# if port is None:
# print 'Port is not present'
# exit()
# if ip is None:
# print 'IP is not present'
# exit()
# print 'Done executing chat with client'
udp_sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udp_sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
udp_sock.sendto(rply.SerializeToString(), (ip, port))
def talk_to_another_client(data, iv_user1, symmetric_key_user1, username,
user_to_talk_to):
rply.ParseFromString(data)
#Decrypt the public key of user2 using the shared key of user1-server
#this key will be used to send data to user2
decrypted_pku2 = base64.b64decode(rply.public_key_u2)
decrypted_pku2 = Decrypt.decrypt_message(decrypted_pku2,
symmetric_key_user1, iv_user1)
#Generate a nonce to send to server
r1 = R1
#Fetch public key value
public_key_u2 = CommonMethod.get_public_key(decrypted_pku2)
#Encrypt username of user1 and r1 with the public key of user2
encrypted_r1 = Encrypt.asy_encrpt_key(r1, public_key_u2)
encrypted_u1 = Encrypt.asy_encrpt_key(username, public_key_u2)
#keep the ticket to user2 as it was received from Server.
ticket_pku1 = rply.public_key_u1
ticket_u1 = rply.username
#Generate the Diffie hellman component to generate session keys
dh_component_1 = dh1_obj.gen_public_key()
dh_component_1 = str(dh_component_1).encode()
#Sign the Diffie Hellman component using user1's private key
private_key_file = username + '_private_key.pem'
signed_dh_component = sign_message(private_key_file, dh_component_1)
#Set the message to send to user 2
rply.nonce_r1 = base64.b64encode(encrypted_r1)
rply.username = base64.b64encode(encrypted_u1)
rply.public_key_u1 = base64.b64encode(ticket_pku1)
rply.ticket_username = base64.b64encode(ticket_u1)
rply.dh_component = base64.b64encode(dh_component_1)
rply.signature = base64.b64encode(signed_dh_component)
#Fetch the port to send on
sqlconn = sqlite3.connect("db.sqlite")
c = sqlconn.cursor()
sql = "SELECT port,ip from active_users where name = ?"
c.execute(sql, (user_to_talk_to, ))
result = c.fetchone()
port = result[0]
port = int(port)
ip = result[1]
ip = ip.encode('utf-8')
if port is None:
print 'Port is not present'
exit()
if ip is None:
print 'IP is not present'
exit()
#Client to client communication takes place on udp port
udp_sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udp_sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
udp_sock.sendto(rply.SerializeToString(), (ip, port))
def chat_with_client(sock, any, rply):
#Receive any message coming from client
data = sock.recvfrom(BUFFER_SIZE)
if data:
rply.ParseFromString(data[0])
if rply.type == pb_example_pb2.Reply.SEND:
process_step2_phase3(sock, rply)
if rply.type == pb_example_pb2.Reply.SEND_1:
process_step3_phase3(sock, rply)
if rply.type == pb_example_pb2.Reply.SEND_2:
process_step4_phase3(sock, rply)
if rply.type == pb_example_pb2.Reply.SEND_3:
verify_sent_message(sock, rply)
else:
#User2 verifies the data sent by user1.
user2 = args.user
decrypted_r1 = Decrypt.asyn_decrypt(
base64.b64decode(rply.nonce_r1), client_private_key)
decrypted_u1 = Decrypt.asyn_decrypt(
base64.b64decode(rply.username), client_private_key)
#Fetch the shared key of user2-server and IV from the database
sqlconn = sqlite3.connect("db.sqlite")
c = sqlconn.cursor()
sql = "SELECT * from active_users where name = ?"
c.execute(sql, (user2, ))
result = c.fetchone()
symmetric_key_user2 = base64.b64decode(result[1])
iv_user2 = base64.b64decode(result[3])
#Fetch the shared key of user1-server and IV from the database
sql = "SELECT * from active_users where name = ?"
c.execute(sql, (decrypted_u1, ))
result_u1 = c.fetchone()
symmetric_key_user1 = base64.b64decode(result_u1[1])
iv_user1 = base64.b64decode(result_u1[3])
ip = base64.b64decode(rply.ip)
port = rply.port
#Decrypt username oof user1 in the ticket to B and verify it with
#the username in the tuple encrypted with public key of user2.
#If usernames in both places are same, continue, else exit
decrypted_ticket_username = base64.b64decode(rply.ticket_username)
decrypted_ticket_username = base64.b64decode(
decrypted_ticket_username)
decrypted_ticket_username = Decrypt.decrypt_message(
decrypted_ticket_username, symmetric_key_user1, iv_user1)
decrypted_ticket_username = Decrypt.decrypt_message(
decrypted_ticket_username, symmetric_key_user2, iv_user2)
if decrypted_ticket_username != decrypted_u1:
print 'Usernames are not same, something is wrong. Exiting.'
exit()
#verify signature on the diffie hellman component
signature = base64.b64decode(rply.signature)
dh_component = base64.b64decode(rply.dh_component)
long_dh_component = long(dh_component)
sql = 'SELECT public_key from user_public_key where name = ?'
c.execute(sql, (decrypted_u1, ))
public_key_user1_file = str(c.fetchone()[0])
verify_sign(public_key_user1_file, dh_component, signature)
#Generate the shared secret key of Diffie Hellman
global dh_shared_key_u1
dh_shared_key_u1 = generate_dh_shared_secret(
dh2_obj, long_dh_component)
#Send a nonce, r2 and user2 sides's diffie hellman component to user 1
r2 = R2
public_key_user1 = CommonMethod.get_public_key(
public_key_user1_file)
encrypted_r2 = Encrypt.asy_encrpt_key(r2, public_key_user1)
dh_component_2 = dh2_obj.gen_public_key()
dh_component_2 = str(dh_component_2).encode()
private_key_file_user2 = user2 + '_private_key.pem'
print private_key_file_user2
#Sign the diffie hellman component
signed_dh_component = sign_message(private_key_file_user2,
dh_component_2)
#prepare emssage to send
rply.ip = base64.b64encode(args.ip_addr)
rply.udp_port = random_port
rply.nonce_r2 = base64.b64encode(encrypted_r2)
rply.dh_component = base64.b64encode(dh_component_2)
rply.signature = base64.b64encode(signed_dh_component)
rply.type = pb_example_pb2.Reply.SEND
# sqlconn = sqlite3.connect("db.sqlite")
# c = sqlconn.cursor()
# sql = "SELECT port,ip from active_users where name = ?"
# c.execute(sql,(decrypted_u1,))
# result = c.fetchone()
# port = result[0]
# print 'Port is '
# print port
# port = int(port)
# ip = result[1]
# print 'IP address is'
# print ip
# ip = ip.encode('utf-8')
# if port is None:
# print 'Port is not present'
# exit()
# if ip is None:
# print 'IP is not present'
# exit()
udp_sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udp_sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
udp_sock.sendto(rply.SerializeToString(), (ip, port))
Loged_in = True
rqst = pb_example_pb2.Request() # create protobuf Request message
rply = pb_example_pb2.Reply() # create protobuf Reply message
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((IP_ADDR, TCP_PORT))
except Exception:
print "----Eitheryour format is wrong or server is done check you format from below template------"
print "Format is :"
print "python client.py -u Username -pass Password -ip IP -p Port -pr Private_Key -pu public_key -sk server_public_key"
exit()
reqno = 0 # initialize request number to 0
ec = CommonMethod()
try:
client_private_key = ec.get_private_key(args.private_key)
client_public_key = ec.get_public_key(args.public_key)
server_public_key = ec.get_public_key(args.server_public_key)
except Exception:
print "Format is :"
print "python client.py -u Username -pass Password -ip IP -p Port -pr Private_Key -pu public_key -sk server_public_key"
exit()
symetric_key = ''
salt_for_key = ''
try:
user_password = args.password
except Exception:
print "Format is :"
print "python client.py -u Username -pass Password -ip IP -p Port -pr Private_Key -pu public_key -sk server_public_key"
exit()