diff --git a/trabalho4/AES.py b/trabalho4/AES.py new file mode 100644 index 0000000..b32bb44 --- /dev/null +++ b/trabalho4/AES.py @@ -0,0 +1,21 @@ +from Crypto.Cipher import AES + +class AESCipher(object): + def __init__(self, key): + self.key = key + self.nonce = b'\xeb\x06\xfa\xa5C{3\x9d\x9dj\x18\xa2V\xe5\xcb\xc2' + + def encrypt(self, raw): + cipher = AES.new(self.key, AES.MODE_EAX, nonce=self.nonce) + ciphertext, _ = cipher.encrypt_and_digest(raw.encode()) + return ciphertext + + def decrypt(self, enc): + if type(enc) == str: + enc = eval(enc) + + cipher = AES.new(self.key, AES.MODE_EAX, nonce=self.nonce) + + plaintext = cipher.decrypt(enc) + print('plaintext', type(plaintext), plaintext) + return plaintext.decode() diff --git a/trabalho4/as.py b/trabalho4/as.py new file mode 100644 index 0000000..1157e7d --- /dev/null +++ b/trabalho4/as.py @@ -0,0 +1,104 @@ +from common import * +from hashlib import sha256 +import socket +from AES import AESCipher +import os + +HOST = "127.0.0.1" +PORT = AS_PORT + +def process_message(message): + print(message) + message = message.split("||") + + if message[0] == "register": + body = message[1].split(",") + username = body[0] + password = body[1] + password = sha256(password.encode()).hexdigest() + key = message[3] + return register_user(username, password, key) + elif message[0] == "login": + body = message[1].split(",") + username = body[0] + password = body[1] + password = sha256(password.encode()).hexdigest() + return login(username, password) + elif message[0] == "request": + """ + M1 = [ID_C + {ID_S + T_R + N1}Kc] + + T_c_tgs = {ID_C + T_R + K_c_tgs}K_tgs + M2 = [{K_c_tgs + N_1}Kc + T_c_tgs] + """ + body = message[1].split(",") + + ID_C = body[0] + key = get_key(ID_C) + AES = AESCipher(key) + K_tgs = C_K_tgs + M2_AES = AESCipher(K_tgs) + + inner_message = AES.decrypt(body[1]) + inner_message = inner_message.split(",") + T_R = inner_message[1] + N1 = inner_message[2] + + K_c_tgs = os.urandom(16) + T_c_tgs = f"{ID_C},{T_R},{K_c_tgs}" + T_c_tgs = M2_AES.encrypt(T_c_tgs) + + M2 = f"{K_c_tgs},{N1}" + M2 = AES.encrypt(M2) + M2 = f"{M2},{T_c_tgs}" + print('sending m2', M2) + return M2 + else: + print("Invalid message") + +def register_user(username, password, key): + with open("users.data", "a") as f: + f.write(f"{username},{password},{key.encode()}\n") + return f"success,{key}" + +def login(username, password): + with open("users.data", "r", newline='\n') as f: + for line in f: + line = line.strip() + line = line.replace("\n", "") + user, pw, key = line.split(",") + if user == username and pw == password: + key = eval(key) + print(f"Login succeeded!") + return f"success,{key}" + print("Login failed!") + return "failure" + +def get_key(username): + return C_User_Key + + with open("users.data", "r", newline='\n') as f: + for line in f: + line = line.strip() + line = line.replace("\n", "") + user, _, key = line.split(",") + if user == username: + return eval(key) + +def main(): + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.bind((HOST, PORT)) + s.listen() + while True: + conn, addr = s.accept() + with conn: + print(f"Connected by {addr}") + data = conn.recv(4096) + data = data.decode() + + response = process_message(data) + + conn.sendall(response.encode()) + +if __name__ == "__main__": + main() \ No newline at end of file diff --git a/trabalho4/client.py b/trabalho4/client.py new file mode 100644 index 0000000..0548926 --- /dev/null +++ b/trabalho4/client.py @@ -0,0 +1,183 @@ +from common import * +import os +import socket +from AES import AESCipher +from random import randint + +HOST = "127.0.0.1" +CLIENT_ID = None +KEY = None + +def register_user(username, password): + global CLIENT_ID, KEY + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.connect((HOST, AS_PORT)) + key = os.urandom(32) + message = f"register||{username},{password},{key}" + s.sendall(message.encode()) + data = s.recv(4096) + + data = data.decode() + if data == "success": + print("Login succeeded!") + CLIENT_ID = username + KEY = key + +def login(username, password): + global CLIENT_ID, KEY + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.connect((HOST, AS_PORT)) + message = f"login||{username},{password}" + s.sendall(message.encode()) + data = s.recv(4096) + + data = data.decode() + data = data.split(",") + if data[0] == "success": + print(f"Login succeeded!") + CLIENT_ID = username + KEY = data[1] + +def print_something(): + global CLIENT_ID, KEY + + if CLIENT_ID is None: + print("You must register or login first!") + return + + AES = AESCipher(C_User_Key) + + ID_C = CLIENT_ID + ID_S = "PRINTER" + T_R = int(input("Enter the ticket lifetime (minutes): ")) + T_R = T_R * 60 + N1 = randint(0, 1000000) + + M2 = None + M4 = None + M6 = None + + M1_inner = f"{ID_S},{T_R},{N1}" + M1_inner = AES.encrypt(M1_inner) + M1 = f"{ID_C},{M1_inner}" + message = f"request||{M1}" + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.connect((HOST, AS_PORT)) + print('sending m1', message) + s.sendall(message.encode()) + + data = s.recv(4096) + data = data.decode() + print('received m2', data) + M2 = data + + ''' + M2 = [{K_c_tgs + N_1}Kc + T_c_tgs] + M3 = [{ID_C + ID_S + T_R + N2}K_c_tgs + T_c_tgs] + ''' + M2 = M2.split(",") + M2_inner = AES.decrypt(M2[0]) + M2_inner = M2_inner.split(",") + + K_c_tgs = eval(M2_inner[0]) + N1 = M2_inner[1] + T_c_tgs = M2[1] + + M2_AES = AESCipher(K_c_tgs) + N2 = randint(0, 1000000) + + M3_inner = f"{ID_C},{ID_S},{T_R},{N2}" + M3_inner = M2_AES.encrypt(M3_inner) + M3 = f"{M3_inner},{T_c_tgs}" + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.connect((HOST, TGS_PORT)) + message = f"request||{M3}" + print('sending m3', message) + s.sendall(message.encode()) + + data = s.recv(4096) + data = data.decode() + print('received m4', data) + M4 = data + + ''' + M4 = [{K_c_s + T_A + N2}K_c_tgs + T_c_s] + T_c_s = {ID_C + T_A + K_c_s}K_s + M5 = [{ID_C + T_A + S_R + N3}K_c_s + T_c_s] + ''' + M4 = M4.split(",") + M4_AES = AESCipher(K_c_tgs) + M4_inner = M4_AES.decrypt(M4[0]) + M4_inner = M4_inner.split(",") + print('M4_inner', M4_inner) + + K_c_s = eval(M4_inner[0]) + T_A = M4_inner[1] + N2 = M4_inner[2] + + T_c_s = M4[1] + + M5_AES = AESCipher(K_c_s) + N3 = randint(0, 1000000) + + M5_inner = f"{ID_C},{T_A},{ID_S},{N3}" + M5_inner = M5_AES.encrypt(M5_inner) + M5 = f"{M5_inner},{T_c_s}" + + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.connect((HOST, SERVICE_PORT)) + message = f"request||{M5}" + print('sending m5', message) + s.sendall(message.encode()) + + data = s.recv(4096) + data = data.decode() + print('received m6', data) + M6 = data + + ''' + M6 = [{Resposta, N3}K_c_s] + ''' + M6 = M6.split(",") + M6_AES = AESCipher(K_c_s) + M6_inner = M6_AES.decrypt(M6[0]) + M6_inner = M6_inner.split(",") + resposta = M6_inner[0] + N3 = M6_inner[1] + + print(f"Resposta: [{resposta}]") + + print("Finished!!!") + + +def main(): + global CLIENT_ID + while True: + # os.system("clear") + + print(f"Hello world! Logged as [{CLIENT_ID}]") + print("1. Register") + print("2. Login") + if CLIENT_ID is not None: + print("3. Print something") + print("0. Exit") + + choice = input("Enter your choice: ") + + if choice == "1": + username = input("Enter your username: ") + password = input("Enter your password: ") + register_user(username, password) + elif choice == "2": + username = input("Enter your username: ") + password = input("Enter your password: ") + login(username, password) + elif choice == "3": + print_something() + elif choice == "0": + break + else: + print("Invalid choice") + +if __name__ == "__main__": + main() diff --git a/trabalho4/common.py b/trabalho4/common.py new file mode 100644 index 0000000..2760af6 --- /dev/null +++ b/trabalho4/common.py @@ -0,0 +1,7 @@ +AS_PORT = 65431 +TGS_PORT = 65433 +SERVICE_PORT = 65434 + +C_User_Key = b'\xb0O\x12M\xfe\x99\xc0\xff\xa9B\x12e\xdf\x89\xec\x06\x8fhXy\x95\xc8\xdf\x80\x03F\xd72\x11\xb6\xdb\x06' +C_K_tgs = b'\xb0O\x12M\xfe\x99\xc0\xff\xa9B\x12e\xdf\x89\xec\x06\x8fhXy\x95\xc8\xdf\x80\x03F\xd72\x11\xb6\xdb\x06' +C_K_s = b'\xb0O\x12M\xfe\x99\xc0\xff\xa9B\x12e\xdf\x89\xec\x06\x8fhXy\x95\xc8\xdf\x80\x03F\xd72\x11\xb6\xdb\x06' \ No newline at end of file diff --git a/trabalho4/service.py b/trabalho4/service.py new file mode 100644 index 0000000..fca2c1e --- /dev/null +++ b/trabalho4/service.py @@ -0,0 +1,67 @@ +import socket +from common import * +import socket +from AES import AESCipher +import os +from random import randint + +HOST = "127.0.0.1" +PORT = SERVICE_PORT + +def process_message(message): + print(message) + message = message.split("||") + + if message[0] == "request": + """ + T_c_s = {ID_C + T_A + K_c_s}K_s + + M5 = [{ID_C + T_A + S_R + N3}K_c_s + T_c_s] + M6 = [{Resposta, N3}K_c_s] + """ + body = message[1].split(",") + K_s = C_K_s + T_c_s_AES = AESCipher(K_s) + + M5_inner = body[0] + T_c_s = body[1] + + T_c_s = T_c_s_AES.decrypt(T_c_s) + T_c_s = T_c_s.split(",") + ID_C = T_c_s[0] + T_A = T_c_s[1] + K_c_s = T_c_s[2] + + M5_inner_AES = AESCipher(K_c_s) + M5_inner = M5_inner_AES.decrypt(M5_inner) + M5_inner = M5_inner.split(",") + ID_S = M5_inner[2] + N3 = M5_inner[3] + + # generate M6 + + M6_inner = f"{randint(0, 100)},{N3}" + M6_inner_AES = AESCipher(K_c_s) + M6_inner = M6_inner_AES.encrypt(M6_inner) + + M6 = f"{M6_inner}" + return M6 + +def main(): + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.bind((HOST, PORT)) + s.listen() + while True: + conn, addr = s.accept() + with conn: + print(f"Connected by {addr}") + all_data = "" + data = conn.recv(4096) + all_data += data.decode() + + response = process_message(all_data) + + conn.sendall(response.encode()) + +if __name__ == "__main__": + main() diff --git a/trabalho4/tgs.py b/trabalho4/tgs.py new file mode 100644 index 0000000..efad7ae --- /dev/null +++ b/trabalho4/tgs.py @@ -0,0 +1,77 @@ +import socket +from common import * +import socket +from AES import AESCipher +import os + +HOST = "127.0.0.1" +PORT = TGS_PORT + +def process_message(message): + print(message) + message = message.split("||") + + if message[0] == "request": + """ + T_c_tgs = {ID_C + T_R + K_c_tgs}K_tgs + + M3 = [{ID_C + ID_S + T_R + N2}K_c_tgs + T_c_tgs] + M4 = [{K_c_s + T_A + N2}K_c_tgs + T_c_s] + T_c_s = {ID_C + T_A + K_c_s}K_s + """ + body = message[1].split(",") + K_tgs = C_K_tgs + + M3 = body[0] + M3 = M3.split(",") + M3_inner = M3[0] + T_c_tgs = body[1] + print('T_c_tgs', type(T_c_tgs), T_c_tgs) + + M3_AES = AESCipher(K_tgs) + T_c_tgs = M3_AES.decrypt(T_c_tgs) + T_c_tgs = T_c_tgs.split(",") + ID_C = T_c_tgs[0] + T_R = int(T_c_tgs[1]) + K_c_tgs = eval(T_c_tgs[2]) + + M3_inner_AES = AESCipher(K_c_tgs) + M3_inner = M3_inner_AES.decrypt(M3_inner) + M3_inner = M3_inner.split(",") + ID_S = M3_inner[1] + N2 = M3_inner[3] + + # generate M4 + K_c_s = os.urandom(16) + T_A = 600 if T_R > 600 else T_R + T_c_s = f"{ID_C},{T_A},{K_c_s}" + + K_s = C_K_s + T_c_s_AES = AESCipher(K_s) + T_c_s = T_c_s_AES.encrypt(T_c_s) + + M4_inner = f"{K_c_s},{T_A},{N2}" + M4_inner_AES = AESCipher(K_c_tgs) + M4_inner = M4_inner_AES.encrypt(M4_inner) + + M4 = f"{M4_inner},{T_c_s}" + return M4 + +def main(): + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: + s.bind((HOST, PORT)) + s.listen() + while True: + conn, addr = s.accept() + with conn: + print(f"Connected by {addr}") + all_data = "" + data = conn.recv(4096) + all_data += data.decode() + + response = process_message(all_data) + + conn.sendall(response.encode()) + +if __name__ == "__main__": + main() diff --git a/trabalho4/users.data b/trabalho4/users.data new file mode 100644 index 0000000..5fc7f15 --- /dev/null +++ b/trabalho4/users.data @@ -0,0 +1 @@ +fake,a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3,b"b'\\x9cs\\xb9\\x9f*\\xd4\\xa8@!.`\\xb1\\xa5y\\x84\\xfcv\\xdd\\x15X\\x0f`\\xfd\\xb1I\\xbf\\xb4\\xc9\\xaa\\xa2{\\x7f'"