Compare commits
2 Commits
bfdec0e727
...
f0c5281697
Author | SHA1 | Date | |
---|---|---|---|
f0c5281697 | |||
b87e2c3b3d |
@ -7,13 +7,15 @@ from base64 import b64encode
|
|||||||
|
|
||||||
from Crypto.Hash import SHA256
|
from Crypto.Hash import SHA256
|
||||||
from Crypto.Protocol.KDF import bcrypt, bcrypt_check
|
from Crypto.Protocol.KDF import bcrypt, bcrypt_check
|
||||||
|
from Crypto.PublicKey import RSA
|
||||||
|
from Crypto.PublicKey.RSA import RsaKey
|
||||||
|
|
||||||
auth_logger = logging.getLogger('AUTH APPLICATION ')
|
auth_logger = logging.getLogger('AUTH APPLICATION ')
|
||||||
auth_logger.root.setLevel(logging.INFO)
|
auth_logger.root.setLevel(logging.INFO)
|
||||||
|
|
||||||
class Authetication:
|
class Authetication:
|
||||||
ABSOLUTE_PATH = os.path.abspath(os.path.dirname(sys.argv[0]))
|
ABSOLUTE_PATH = os.path.abspath(os.path.dirname(sys.argv[0]))
|
||||||
HOME_DIRECTORY_LOCATION = ABSOLUTE_PATH + os.path.sep +"home"
|
HOME_DIRECTORY_LOCATION = ABSOLUTE_PATH + os.path.sep + "home"
|
||||||
CONFIG_DIRECTORY_LOCATION = ABSOLUTE_PATH + os.path.sep + "config"
|
CONFIG_DIRECTORY_LOCATION = ABSOLUTE_PATH + os.path.sep + "config"
|
||||||
CONFIG_FILE_LOCATION = ABSOLUTE_PATH + os.path.sep + "config" + os.path.sep + "config.txt"
|
CONFIG_FILE_LOCATION = ABSOLUTE_PATH + os.path.sep + "config" + os.path.sep + "config.txt"
|
||||||
PRIVATE_KEY_DIRECTORY_LOCATION = CONFIG_DIRECTORY_LOCATION + os.path.sep + "private_keys"
|
PRIVATE_KEY_DIRECTORY_LOCATION = CONFIG_DIRECTORY_LOCATION + os.path.sep + "private_keys"
|
||||||
@ -111,3 +113,34 @@ class Authetication:
|
|||||||
auth_logger.debug("User NOT saved! Home directory already exists")
|
auth_logger.debug("User NOT saved! Home directory already exists")
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
def loadUserPublicKeys(self) -> dict:
|
||||||
|
with open(self.CONFIG_FILE_LOCATION) as json_file:
|
||||||
|
data = json.load(json_file)
|
||||||
|
|
||||||
|
dictionary: dict
|
||||||
|
|
||||||
|
for user in data['user']:
|
||||||
|
key = data['publicKey']
|
||||||
|
key = bytes.fromhex(key)
|
||||||
|
try:
|
||||||
|
rsaKey = RSA.import_key(key)
|
||||||
|
dictionary[user['username']] = rsaKey
|
||||||
|
except ValueError:
|
||||||
|
print('Invalid server public key!')
|
||||||
|
|
||||||
|
return dictionary
|
||||||
|
|
||||||
|
|
||||||
|
def loadServerPrivateKey(self) -> RsaKey:
|
||||||
|
with open(self.CONFIG_FILE_LOCATION) as json_file:
|
||||||
|
data = json.load(json_file)
|
||||||
|
|
||||||
|
key = data['serverPrivateKey']
|
||||||
|
key = bytes.fromhex(key)
|
||||||
|
try:
|
||||||
|
rsaKey = RSA.import_key(key)
|
||||||
|
except ValueError:
|
||||||
|
print('Invalid server private key!')
|
||||||
|
return rsaKey
|
||||||
|
@ -6,7 +6,7 @@ from Crypto.PublicKey import RSA
|
|||||||
from authentication import Authetication
|
from authentication import Authetication
|
||||||
|
|
||||||
|
|
||||||
def generatePrivateKeyForUser(auth: Authetication, username: str, user_passphrase: str, public_server_key='') -> bool:
|
def generatePrivateKeyForUser(auth: Authetication,username: str, user_passphrase: str, public_server_key: str) -> bool:
|
||||||
if auth.checkUserExists(username):
|
if auth.checkUserExists(username):
|
||||||
with open(auth.CONFIG_FILE_LOCATION) as json_file:
|
with open(auth.CONFIG_FILE_LOCATION) as json_file:
|
||||||
data = json.load(json_file)
|
data = json.load(json_file)
|
||||||
@ -17,9 +17,10 @@ def generatePrivateKeyForUser(auth: Authetication, username: str, user_passphras
|
|||||||
public_key_value = bytes.hex(public_key.exportKey('DER', pkcs=8))
|
public_key_value = bytes.hex(public_key.exportKey('DER', pkcs=8))
|
||||||
|
|
||||||
##Save private key in separate file
|
##Save private key in separate file
|
||||||
user_privatekey = {'passphrase': user_passphrase, 'privateClientKey': private_key_value,
|
user_privatekey = {'privateClientKey': private_key_value,
|
||||||
'publicServerKey': public_server_key}
|
'publicServerKey': public_server_key}
|
||||||
with open(auth.PRIVATE_KEY_DIRECTORY_LOCATION + os.path.sep + str(data['index']) + '.txt', 'w+') as outfile:
|
with open(auth.PRIVATE_KEY_DIRECTORY_LOCATION + os.path.sep + str(data['index']) + '.txt',
|
||||||
|
'w+') as outfile:
|
||||||
json.dump(user_privatekey, outfile)
|
json.dump(user_privatekey, outfile)
|
||||||
outfile.close()
|
outfile.close()
|
||||||
|
|
||||||
@ -27,7 +28,7 @@ def generatePrivateKeyForUser(auth: Authetication, username: str, user_passphras
|
|||||||
for user in data['user']:
|
for user in data['user']:
|
||||||
if username == user['username']:
|
if username == user['username']:
|
||||||
user['publicKey'] = public_key_value
|
user['publicKey'] = public_key_value
|
||||||
with open(auth.CONFIG_FILE_LOCATION, 'w') as outfile:
|
with open(auth.CONFIG_FILE_LOCATION, 'w+') as outfile:
|
||||||
json.dump(data, outfile)
|
json.dump(data, outfile)
|
||||||
break
|
break
|
||||||
outfile.close()
|
outfile.close()
|
||||||
@ -36,10 +37,28 @@ def generatePrivateKeyForUser(auth: Authetication, username: str, user_passphras
|
|||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def generatePrivateKeyForServer(auth: Authetication,passphrase: str) -> str:
|
||||||
|
with open(auth.CONFIG_FILE_LOCATION) as json_file:
|
||||||
|
data = json.load(json_file)
|
||||||
|
json_file.close()
|
||||||
|
|
||||||
|
private_key = RSA.generate(2048)
|
||||||
|
public_key = private_key.publickey()
|
||||||
|
private_key_value = bytes.hex(private_key.exportKey('DER', passphrase=passphrase, pkcs=8))
|
||||||
|
public_key_value = bytes.hex(public_key.exportKey('DER', pkcs=8))
|
||||||
|
|
||||||
|
data['serverPrivateKey'] = private_key_value
|
||||||
|
with open(auth.CONFIG_FILE_LOCATION, 'w+') as outfile:
|
||||||
|
json.dump(data, outfile)
|
||||||
|
|
||||||
|
return public_key_value
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
auth = Authetication()
|
auth = Authetication()
|
||||||
auth.initConfig()
|
auth.initConfig()
|
||||||
auth.saveUser('alma' ,'alma')
|
serverPublicKey = generatePrivateKeyForServer(auth, 'admin')
|
||||||
generatePrivateKeyForUser('alma', 'amla')
|
auth.saveUser('alma', 'alma')
|
||||||
auth.saveUser('citrom' ,'citrom')
|
generatePrivateKeyForUser(auth, 'alma', 'amla', serverPublicKey)
|
||||||
generatePrivateKeyForUser('citrom', 'mortic')
|
auth.saveUser('citrom', 'citrom')
|
||||||
|
generatePrivateKeyForUser(auth, 'citrom', 'mortic', serverPublicKey)
|
||||||
|
@ -5,6 +5,7 @@ import pyDH
|
|||||||
from Crypto.Cipher import PKCS1_OAEP
|
from Crypto.Cipher import PKCS1_OAEP
|
||||||
from Crypto.PublicKey import RSA
|
from Crypto.PublicKey import RSA
|
||||||
from Crypto.Cipher import ChaCha20
|
from Crypto.Cipher import ChaCha20
|
||||||
|
from Crypto.PublicKey.RSA import RsaKey
|
||||||
from Crypto.Random import get_random_bytes
|
from Crypto.Random import get_random_bytes
|
||||||
|
|
||||||
from netsim import network_interface
|
from netsim import network_interface
|
||||||
@ -13,7 +14,7 @@ from server.server import Server
|
|||||||
|
|
||||||
class NetWrapper:
|
class NetWrapper:
|
||||||
|
|
||||||
def __init__(self, clientPublicKey: dict, serverPrivateKey: str, serverInstance: Server):
|
def __init__(self, clientPublicKey: dict, serverPrivateKey: RsaKey, serverInstance: Server):
|
||||||
self.clientPublicKey = clientPublicKey
|
self.clientPublicKey = clientPublicKey
|
||||||
self.currentClientPublicKey = "".encode('UTF-8')
|
self.currentClientPublicKey = "".encode('UTF-8')
|
||||||
self.serverPrivateKey = serverPrivateKey
|
self.serverPrivateKey = serverPrivateKey
|
||||||
@ -30,9 +31,7 @@ class NetWrapper:
|
|||||||
self.clientAddr = incommingJson['source']
|
self.clientAddr = incommingJson['source']
|
||||||
self.currentUser = incommingJson['username']
|
self.currentUser = incommingJson['username']
|
||||||
self.currentClientPublicKey = self.clientPublicKey[self.currentUser]
|
self.currentClientPublicKey = self.clientPublicKey[self.currentUser]
|
||||||
myrsakey = RSA.import_key(self.serverPrivateKey)
|
retmsg = self.serverPrivateKey.decrypt(b64decode(incommingJson['message'])).decode('UTF-8')
|
||||||
mycipher = PKCS1_OAEP.new(myrsakey)
|
|
||||||
retmsg = mycipher.decrypt(b64decode(incommingJson['message'])).decode('UTF-8')
|
|
||||||
rsakey = RSA.import_key(self.currentClientPublicKey)
|
rsakey = RSA.import_key(self.currentClientPublicKey)
|
||||||
cipher = PKCS1_OAEP.new(rsakey)
|
cipher = PKCS1_OAEP.new(rsakey)
|
||||||
identMsg = json.dumps(
|
identMsg = json.dumps(
|
||||||
@ -63,9 +62,7 @@ class NetWrapper:
|
|||||||
if not status:
|
if not status:
|
||||||
raise Exception('Network error during connection.')
|
raise Exception('Network error during connection.')
|
||||||
decodedmsg = json.loads(msg.decode('UTF-8'))
|
decodedmsg = json.loads(msg.decode('UTF-8'))
|
||||||
myrsakey = RSA.import_key(self.serverPrivateKey)
|
serverpubkey = int(self.serverPrivateKey.decrypt(b64decode(decodedmsg['message'])).decode('UTF-8'))
|
||||||
mycipher = PKCS1_OAEP.new(myrsakey)
|
|
||||||
serverpubkey = int(mycipher.decrypt(b64decode(decodedmsg['message'])).decode('UTF-8'))
|
|
||||||
self.cipherkey = dh.gen_shared_key(serverpubkey).encode('UTF-8')
|
self.cipherkey = dh.gen_shared_key(serverpubkey).encode('UTF-8')
|
||||||
|
|
||||||
def login(self) -> bool:
|
def login(self) -> bool:
|
||||||
|
Loading…
Reference in New Issue
Block a user