valentin/pj_crypto_v2
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

SessionID implemented

Browse Source
This commit is contained in:
= 2019-11-12 20:32:33 +01:00
parent 7a980574d0
commit d4a9f911b5
14 changed files with 155 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.client_test_3.py.swp Normal file
View File

Binary file not shown.

14
.clients_keys
View File

@ -12,3 +12,17 @@ fd05a547-8032-450c-a0f1-6a204aa1288e -n2gtRIBrlDpRisHeno-1pxYLXn5muuct7CHuJXCsbI
20a03a39-d9f0-495b-ae38-016e3350ede3 78J-gIZ710ozVxg4Iu4S9r3olhZCMtcKYRC3_H4hCxU= 0 20a03a39-d9f0-495b-ae38-016e3350ede3 78J-gIZ710ozVxg4Iu4S9r3olhZCMtcKYRC3_H4hCxU= 0
9c5b6d7c-6317-4db1-a14a-d4be911ef45f u4SdDIORALLuPoKtJ076rZzpJk1ZiUCRWERZwQdNsxY= 0 9c5b6d7c-6317-4db1-a14a-d4be911ef45f u4SdDIORALLuPoKtJ076rZzpJk1ZiUCRWERZwQdNsxY= 0
f6325f18-2909-4665-b681-a0f764fa6c68 _d0ywQ34kEgiRopLnr8R8RDjjDLbH7JTZJp1_FkwgWw= 0 f6325f18-2909-4665-b681-a0f764fa6c68 _d0ywQ34kEgiRopLnr8R8RDjjDLbH7JTZJp1_FkwgWw= 0
5dfb41b5-edfa-487b-a000-11f4fc7eb191 DBVK8tjl3vMe08QrSYEWTJb3UOhtCH2A2Gj7xpiqHVs= 0
2822aedb-22c6-4063-880e-5daddc6f4789 fyH3UTGRpaztPFiLuBezND3-1OrwpgTsj7uemxzTKrs= 0
05d79777-9f0f-46b8-b69a-67024a37d9e4 XyNF4tFsFb6WgPBybLBLvensO0fglO371E-AGlaGqCI= 0
f0bf481d-71c6-4f2d-8881-13afdd8901f0 UkS-005VTwKUMnm2mDAHd-y_wsnfqvL8e4N7OxyGcW8= 0
c3c91ea4-bc4a-424a-a8fc-3daeb0c94002 NTEQ0pW5mImMGwsvnDTPIsmgZv5h95iKrfIjyCdsRI0= 0
82f0b861-54e5-4cad-a55e-71c0857ac410 nmxMpRZYhhQX5JmsD4AK2Y_CZlFN4Bo6HlO0sbLKwc0= 0
89982b07-b9c3-4d4a-b31e-88672b06d526 E6jPdbcKhygBLsKjiXg0onftF-6XNv5q6sA_dSoLzJw= 0
6c584e84-0a4a-4e1f-9e38-c58f740b3303 VCLE6cBO3qT-lQ2zrYoXYI8vnJuHLrvb_CCEC_P56ow= 0
24bd5c2a-8f30-4a8f-999a-22532a2bb42c v4u0W88oesXaSCBE81dgMwLQDdf1zsvmiS63xG4vo-0= 0
ca902056-92e8-4a63-8498-382003098cdf tO3N2oc7C_Pwhdcp6g3XcC-IR4yAw8CHQ5FOmkce2AA= 0
3543e331-a8d3-42a0-9e25-c1b4349c8682 JuVYT6cTJ-vJgcfeBeVU4dxt3x5sLEqG2kgdc1E5nkA= 0
8f5807f5-28c4-494c-b961-6c59c556733d T1kflpNULJtgoyjcgF10OM3jDWZ3gN3hWhS3S1x9GbU= 0
ee0b2669-63e8-4aa3-ac22-039f0c70188e XEzFplSYOZFjVUBU1YTWuz64dsBwxH3PgblNr7wxzAc= 0
bb0e3173-4df3-4b39-95b8-9214bda026f7 lxhvklnDrhayi14jSq6_4wMbODuaNYezwCW7rI7N-s4= 0

BIN
.server_test_3.py.swp Normal file
View File

Binary file not shown.

52
client_test_3.py
View File

@ -11,6 +11,7 @@ from cryptography.hazmat.primitives import serialization
# Home made RSA Utils # Home made RSA Utils
from utils.rsa_tenamortech_utils import * from utils.rsa_tenamortech_utils import *
from utils.client_keys_manager import * from utils.client_keys_manager import *
from utils.symmetric_keys_manager_1 import *
host = socket.gethostname() host = socket.gethostname()
port = 2004 port = 2004
@ -30,19 +31,46 @@ def de_serialize_pub_key(public_key_pem):
while MESSAGE != 'exit': while MESSAGE != 'exit':
data = tcpClientA.recv(BUFFER_SIZE) data = tcpClientA.recv(BUFFER_SIZE)
if not got_pub_key_server: if not got_pub_key_server:
public_key_server = de_serialize_pub_key(data) print("[DEBUG] Checking for SessionID [ ... ]")
got_pub_key_server = True (session_id,symmetric_key,public_key_server) = reload_session_by_host(host)
# Now we have the pub key of the server, we will send our pub key too print("[DEBUG] Checking for SessionID [ OK ]")
#encrypted_public_key = encrypt_msg(public_key_pem, public_key_server) if(session_id != -1):
#encrypted_public_key = encrypt_msg(bytes("test123456789000000000000000000000000000iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii000", 'utf-8'), public_key_server) tcpClientA.send(encrypt_msg(session_id.encode('utf-8'), public_key_server))
print("Server public key received") got_pub_key_server = True
print("Sending current client public key [ ... ] ") print("[DEBUG] SessionID Found ! [ OK ]")
tcpClientA.send(public_key_pem) else:
print("Sending current client public key [ OK ] ") #if find sessionID load it and negociate with server
#else send public key ...
print("[DEBUG] Receiving Server Public Key [ ... ]")
public_key_server = de_serialize_pub_key(data)
got_pub_key_server = True
print("[DEBUG] Receiving Server Public Key [ OK ]")
# Now we have the pub key of the server, we will send our pub key too
print("[DEBUG] Sending current Client Public Key [ ... ] ")
tcpClientA.send(public_key_pem)
print("[DEBUG] Sending current Client Public Key [ OK ] ")
print("[DEBUG] Waiting for new Symmetric Key and New SessionID [ ... ] ")
data = tcpClientA.recv(BUFFER_SIZE)
new_symmetric_key_and_session_id = decrypt_msg(data, private_key)
new_symmetric_key_and_session_id = new_symmetric_key_and_session_id.decode('utf-8')
new_symmetric_key_and_session_id = new_symmetric_key_and_session_id.split('|')
new_symmetric_key = new_symmetric_key_and_session_id[0]
new_session_id = new_symmetric_key_and_session_id[1]
print("[DEBUG] Waiting for new Symmetric Key and New SessionID [ OK ] ")
print("[DEBUG] Symmetric Key: [" + str(new_symmetric_key) + "]")
print("[DEBUG] SessionID : [" + new_session_id + "]")
print("[DEBUG] Saving basic HandShake infos [ ... ] ")
save_sym_key_by_host(host, new_session_id, new_symmetric_key, public_key_server)
print("[DEBUG] Saving basic HandShake infos [ OK ] ")
data = tcpClientA.recv(BUFFER_SIZE)
decrypted_data = decrypt_msg(data, private_key)
print(decrypted_data.decode('utf-8'))
else: else:
print(" Client2 received data:", data) print(" Client2 received data:", data)
MESSAGE = input("tcpClientA: Enter message to continue/ Enter exit:").encode('utf-8') MESSAGE = input("Working !").encode('utf-8')
tcpClientA.send(MESSAGE) tcpClientA.send(encrypt_msg(MESSAGE, public_key_server))
tcpClientA.close() tcpClientA.close()

22
server_test_3.py
View File

@ -1,7 +1,8 @@
import socket import socket
from threading import Thread from threading import Thread
from socketserver import ThreadingMixIn from socketserver import ThreadingMixIn
from utils.keys_manager_1 import * #from utils.keys_manager_1 import *
from utils.server_keys_manager import *
from utils.symmetric_keys_manager_1 import * from utils.symmetric_keys_manager_1 import *
from utils.rsa_tenamortech_utils import * from utils.rsa_tenamortech_utils import *
# --- Init keys --- # --- Init keys ---
@ -39,7 +40,8 @@ class ClientThread(Thread):
print("[DEBUG] Waiting for SessionID validation [ ... ]") print("[DEBUG] Waiting for SessionID validation [ ... ]")
msg = decrypt_msg(data, private_key) msg = decrypt_msg(data, private_key)
if(len(msg) == 36): # SessionID length should be 36 char. if(len(msg) == 36): # SessionID length should be 36 char.
print("[DEBUG] SessionID format looks correct [ ~ ]") print("[DEBUG] SessionID format looks correct [ ~ ]")
print("[DEBUG] (Given SessionID: [" + msg.decode('utf-8') + "]")
session_id = msg session_id = msg
(symmetric_key,public_key_client) = reload_session_sym_key(session_id) (symmetric_key,public_key_client) = reload_session_sym_key(session_id)
@ -48,27 +50,33 @@ class ClientThread(Thread):
if(symmetric_key == -1): if(symmetric_key == -1):
print("[DEBUG] Waiting for SessionID validation [ FAIL ]") print("[DEBUG] Waiting for SessionID validation [ FAIL ]")
print("[DEBUG] Invalid SessionID, will now abort negociation [ FAIL ]") print("[DEBUG] Invalid SessionID, will now abort negociation [ FAIL ]")
conn.close()
break break
else: else:
able_to_retrieve_session_id = True able_to_retrieve_session_id = True
print("[DEBUG] Waiting for SessionID validation [ OK ]") print("[DEBUG] Waiting for SessionID validation [ OK ]")
print("[DEBUG] SessionID is valid, symmetric_key and current Client Public key were retrieved successfully") print("[DEBUG] SessionID is valid, symmetric_key and current Client Public key were retrieved successfully")
print("[DEBUG] I'm all yours... [ :) ]") print("[DEBUG] I'm all yours... [ :) ]")
conn.send(encrypt_msg("login:".encode('utf-8'), public_key_client))
# --- SessionID that the client sent is valid, we got all the required infos # --- SessionID that the client sent is valid, we got all the required infos
# --- Client sent did not send sessionID but sent his public Key # --- Client sent did not send sessionID but sent his public Key
# --- Create a new session for it, (gen sessionID, create new symmetric Key, store his public key) # --- Create a new session for it, (gen sessionID, create new symmetric Key, store his public key)
if able_to_retrieve_session_id == False: if able_to_retrieve_session_id == False:
print("[DEBUG] No existing Session, will now initiate new Session [ ... ]") print("[DEBUG] No existing Session, will now initiate new Session [ ... ]")
# --- This function will create a sessionID, return a symmetric key and store the pub key # --- This function will create a sessionID, return a symmetric key and store the pub key
symmetric_key = gen_sym_key_and_save(public_key_client) (symmetric_key,session_id) = gen_sym_key_and_save(public_key_client)
print("[DEBUG] No existing Session, will now initiate new Session [ OK ]") print("[DEBUG] Sending encrypted Symmetric Key to Client [ ... ]")
print("[DEBUG] I'm all yours... [ :) ]") sym_key_and_session_id = (str((symmetric_key).decode('utf-8')) + "|" + session_id).encode('utf-8')
conn.send(encrypt_msg(sym_key_and_session_id, public_key_client))
print("[DEBUG] Sending encrypted Symmetric Key to Client [ OK ]")
print("[DEBUG] I'm all yours... [ :) ]")
conn.send(encrypt_msg("login:".encode('utf-8'), public_key_client))
print("Server received data:", data) #print("Server received data:", data)
MESSAGE = input("Multithreaded Python server : Enter Response from Server/Enter exit:").encode('utf-8') MESSAGE = input("Multithreaded Python server : Enter Response from Server/Enter exit:").encode('utf-8')
if MESSAGE == 'exit': if MESSAGE == 'exit':
break break
conn.send(MESSAGE) # echo conn.send(MESSAGE) # echo
# Multithreaded Python server : TCP Server Socket Program Stub # Multithreaded Python server : TCP Server Socket Program Stub
TCP_IP = '0.0.0.0' TCP_IP = '0.0.0.0'

BIN
utils/__pycache__/__init__.cpython-36.pyc
View File

Binary file not shown.

BIN
utils/__pycache__/client_keys_manager.cpython-36.pyc
View File

Binary file not shown.

BIN
utils/__pycache__/keys_manager_1.cpython-36.pyc
View File

Binary file not shown.

BIN
utils/__pycache__/rsa_tenamortech_utils.cpython-36.pyc
View File

Binary file not shown.

BIN
utils/__pycache__/server_keys_manager.cpython-36.pyc Normal file
View File

Binary file not shown.

BIN
utils/__pycache__/symmetric_keys_manager_1.cpython-36.pyc
View File

Binary file not shown.

2
utils/client_keys_manager.py
View File

@ -72,4 +72,4 @@ def check_for_existing_keys():
print('Find private key from file [ FAIL ]') print('Find private key from file [ FAIL ]')
print('New keys will be generated') print('New keys will be generated')
return generate_keys(1) return generate_keys(1)
check_for_existing_keys() #check_for_existing_keys()

4
utils/server_keys_manager.py
View File

@ -25,7 +25,7 @@ from cryptography.hazmat.primitives import serialization
from pathlib import Path from pathlib import Path
# Home made RSA Keys lib # Home made RSA Keys lib
from rsa_tenamortech_utils import * from utils.rsa_tenamortech_utils import *
def check_for_existing_keys(): def check_for_existing_keys():
keys_dir_path = Path.home() / '.auth_server_test' / 'server' keys_dir_path = Path.home() / '.auth_server_test' / 'server'
@ -72,4 +72,4 @@ def check_for_existing_keys():
print('Find private key from file [ FAIL ]') print('Find private key from file [ FAIL ]')
print('New keys will be generated') print('New keys will be generated')
return generate_keys(0) return generate_keys(0)
check_for_existing_keys() #check_for_existing_keys()

103
utils/symmetric_keys_manager_1.py
View File

@ -10,71 +10,134 @@ from pathlib import Path
# Home made RSA Keys lib # Home made RSA Keys lib
from utils.rsa_tenamortech_utils import * from utils.rsa_tenamortech_utils import *
def gen_rand_session_id(): def gen_rand_session_id():
return str(uuid.uuid4()) return str(uuid.uuid4())
# --- Used by Server
def gen_sym_key_and_save(public_key_client): def gen_sym_key_and_save(public_key_client):
key = Fernet.generate_key() key = Fernet.generate_key()
root_file_path = '.auth_server_test/' root_file_path = Path.home() / '.auth_server_test/server'
path = root_file_path + 'server' path_public_keys_clients = root_file_path / 'public_keys_clients'
path_clients_pub_keys = root_file_path + 'server/clients_pub_keys' # Path exists ? If not we will create it
path_public_keys_clients.mkdir(exist_ok=True)
session_id = gen_rand_session_id() session_id = gen_rand_session_id()
file = open('.clients_keys', 'ab') # changed from 'wb' to 'w+' ... file = open(str(root_file_path) + '/.known_clients', 'ab') # changed from 'wb' to 'w+' ...
file.write((session_id + " ").encode('utf-8')) file.write((session_id + " ").encode('utf-8'))
file.write(key + (" ").encode('utf-8')) # The key is type bytes still file.write(key + (" ").encode('utf-8')) # The key is type bytes still
file.write(('0\n').encode('utf-8')) file.write(('0\n').encode('utf-8'))
file.close() file.close()
# --- Store the client public Key for next time. # --- Store the client public Key for next time.
# --- Public keys are stored in '.auth_server_test/server/clients_pub_keys/session_id.pub' # --- Public keys are stored in '.auth_server_test/server/pubilic_keys_clients/session_id.pub'
keys_dir_path = Path.home() / path_clients_pub_keys
# Path exists ? If not we will create it
keys_dir_path.mkdir(exist_ok=True)
public_key_client_pem = public_key_serializer(public_key_client) public_key_client_pem = public_key_serializer(public_key_client)
key_path = keys_dir_path / (str(session_id) + '.pub') key_path = path_public_keys_clients / (str(session_id) + '.pub')
with open(str(key_path), 'wb') as f: with open(str(key_path), 'wb') as f:
f.write(public_key_client_pem) f.write(public_key_client_pem)
return key return (key,session_id)
# --- Used by server
def reload_session_sym_key(sessionid): def reload_session_sym_key(sessionid):
root_file_path = '.auth_server_test/' root_file_path = Path.home() / '.auth_server_test/server'
path = root_file_path + 'server/' path_public_keys_clients = root_file_path / 'public_keys_clients'
path_clients_pub_keys = path + 'clients_pub_keys/' # Path exists ? If not we will create it
filename='.clients_keys' path_public_keys_clients.mkdir(exist_ok=True)
session_id_found = False session_id_found = False
# --- Open session file # --- Open session file
with open(filename) as f: with open(str(root_file_path) + "/.known_clients") as f:
line = f.readline().rstrip() line = f.readline().rstrip()
while(line and session_id_found == False): while(line and session_id_found == False):
# each line contains (session_id, sym_key, sym_key_nb_use) # each line contains (session_id, sym_key, sym_key_nb_use)
# Those infos are spaced with "space" char, so we use 'split' fuction to get an array # Those infos are spaced with "space" char, so we use 'split' fuction to get an array
cur_client_infos = line.split() cur_client_infos = line.split()
# If we find the given sessionID: # If we find the given sessionID:
if(cur_client_infos[0] == sessionid): # cur_client_info[0] is the session_id stored in the cur line #print(cur_client_infos[0] + "|" + sessionid.decode('utf-8'))
if(cur_client_infos[0] == sessionid.decode('utf-8')): # cur_client_info[0] is the session_id stored in the cur line
session_id_found = True session_id_found = True
line = f.readline().rstrip() line = f.readline().rstrip()
# --- We found the given sessionID, so we will now load the corresponding client public key we previously stored. # --- We found the given sessionID, so we will now load the corresponding client public key we previously stored.
if session_id_found == True: if session_id_found == True:
with open(str(path_clients_pub_keys + cur_client_infos[0] + '.pub'), "rb") as key_file: with open(str(path_public_keys_clients) + "/" + cur_client_infos[0] + '.pub', "rb") as key_file:
public_key_client = serialization.load_pem_public_key( public_key_client = serialization.load_pem_public_key(
key_file.read(), key_file.read(),
backend=default_backend() backend=default_backend()
) )
# --- Return the Symmetric Key used with this client and the PEM formated client public Key # --- Return the Symmetric Key used with this client and the PEM formated client public Key
return (cur_client_infos[1],public_key_client_pem) return (cur_client_infos[1],public_key_client)
else: else:
# Return Error tuple # Return Error tuple
return (-1,'') return (-1,-1)
# --- Used by client
def reload_session_by_host(host):
root_file_path = Path.home() / '.auth_server_test/client'
path_public_keys_servers = root_file_path / 'public_keys_servers'
# Path exists ? If not we will create it
path_public_keys_servers.mkdir(exist_ok=True)
host_found = False
# --- Open session file
with open(str(root_file_path) + "/.known_hosts") as f:
line = f.readline().rstrip()
while(line and host_found == False):
# each line contains (host session_id, sym_key)
# Those infos are spaced with "space" char, so we use 'split' fuction to get an array
cur_server_infos = line.split()
# If we find the given host:
if(cur_server_infos[0] == host): # cur_client_info[0] is the host stored in the cur line
host_found = True
line = f.readline().rstrip()
# --- We found the given host, so we will now load the corresponding server public key we previously stored.
if host_found == True:
with open(str(path_public_keys_servers) + "/" + cur_server_infos[1] + '.pub', "rb") as key_file:
public_key_server = serialization.load_pem_public_key(
key_file.read(),
backend=default_backend()
)
# --- Return the SessionID, the Symmetric Key and the PEM formated server public Key used with this server
return (cur_server_infos[1], cur_server_infos[2], public_key_server)
else:
# Return Error tuple
return (-1,-1,-1)
# --- Used by client
def save_sym_key_by_host(host, session_id, sym_key, public_key_server):
root_file_path = Path.home() / '.auth_server_test/client'
path_public_keys_servers = root_file_path / 'public_keys_servers'
# Path exists ? If not we will create it
path_public_keys_servers.mkdir(exist_ok=True)
line_to_add = str(host) + " " + session_id + " " + sym_key
# dont forget to save public key server in separate file !
file = open(str(root_file_path) + '/.known_hosts', 'ab') # changed from 'wb' to 'ab' ...
file.write(line_to_add.encode('utf-8'))
file.write(('\n').encode('utf-8'))
file.close()
# --- Store the server public Key for next time.
# --- Public keys are stored in '.auth_server_test/client/public_keys_servers/session_id.pub'
public_key_server_pem = public_key_serializer(public_key_server)
key_path = path_public_keys_servers / (str(session_id) + '.pub')
with open(str(key_path), 'wb') as f:
f.write(public_key_server_pem)
# --- Used by Client and Server
def encrypt_msg_symmetric(msg, key): def encrypt_msg_symmetric(msg, key):
msg = msg.encode() msg = msg.encode()
f_key = Fernet(key) f_key = Fernet(key)