mwc
/
lab_subrosa
Template
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Server working

This commit is contained in:
Chris Proctor 2024-05-19 19:26:23 -04:00
parent b5950eeb28
commit 780c1e581a
7 changed files with 361 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
client/api.py Normal file
View File

@ -0,0 +1,52 @@
import requests
class APIError(Exception):
"A custom error we'll use when something goes wrong with the API"
class SubRosaAPI:
"""An API for the SubRosa server.
"""
def __init__(self, url):
self.url = url
def get_user(self, username):
route = "/users"
params = {'name': username}
return self.get(route, params)
def create_user(self, username, public_key):
route = "/users/new"
params = {'name': username, 'public_key': public_key}
return self.post(route, params)
def get_messages(self, username):
route = "/messages"
params = {'name': username}
return self.get(route, params)
def send_message(self, sender, recipient, ciphertext, time_sent, time_sent_signature):
route = "/messages/send"
params = {
'sender': sender,
'recipient': recipient,
'ciphertext': ciphertext,
'time_sent': time_sent,
'time_sent_signature': time_sent_signature,
}
return self.get(route, params)
def get(self, route, params):
response = requests.get(self.url + route, json=params)
if response.ok:
return response.json()
else:
raise APIError(response.json()['error'])
def post(self, route, params):
response = requests.post(self.url + route, json=params)
if response.ok:
return response.json()
else:
raise APIError(response.json()['error'])

106
client/user_interface.py Normal file
View File

@ -0,0 +1,106 @@
from pathlib import Path
from api import SubRosaAPI, APIError
from datetime import datetime
import sys
sys.path.insert(0, ".")
from encryption import PrivateKey, PublicKey
class SubRosaUI:
"""A user interface to the SubRosa chat system.
"""
def __init__(self, private_key_file, url):
self.api = SubRosaAPI(url)
if Path(private_key_file).exists():
self.private_key = PrivateKey.load(private_key_file)
else:
self.private_key = PrivateKey.generate()
self.private_key.save(private_key_file)
self.public_key = self.private_key.get_public_key()
def run(self, username):
self.username = username
self.user = self.get_or_create_user(username)
print("Welcome to SubRosa.")
while True:
choice = self.choose_action_from_menu()
if choice == 'VIEW':
self.show_messages()
elif choice == 'SEND':
self.send_message()
print("=" * 80)
def get_or_create_user(self, username):
"""Gets user info from the server, or creates the user.
If the user already exists, checks that our public key matches
the server's public key for the user.
"""
try:
user = self.api.get_user(username)
if user['public_key'] != str(self.public_key):
raise ValueError(f"Invalid key for {username}")
except APIError:
user = self.api.create_user(username, str(self.public_key))
return user
def choose_action_from_menu(self):
"""Gets a choice from the user.
"""
print("What would you like to do?")
print("1. See messages")
print("2. Send a message")
while True:
choice = input("> ").strip()
if choice == '1':
return 'VIEW'
elif choice == '2':
return 'SEND'
def show_messages(self):
messages = self.api.get_messages(self.username)['messages']
if messages:
for i, message in enumerate(messages):
cleartext = self.private_key.decrypt(message['ciphertext'])
print('-' * 80)
print(f"{i}. From {message['sender']}:")
print(cleartext)
else:
print(f"No messages for {self.username}.")
def send_message(self):
try:
recipient_name = input("Username of recipient: ").strip()
recipient = self.api.get_user(recipient_name)
except APIError:
print(f"No user named {recipient_name}.")
return
recipient_public_key = PublicKey.load(recipient['public_key'])
plaintext = input("Message: ")
ciphertext = recipient_public_key.encrypt(plaintext)
time_sent = self.get_current_time()
time_sent_signature = self.private_key.sign(time_sent)
self.api.send_message(
self.username,
recipient_name,
ciphertext,
time_sent,
time_sent_signature,
)
print('-' * 80)
print(f"Message sent to {recipient_name}")
def get_current_time(self):
return datetime.utcnow().isoformat()
def main():
from argparse import ArgumentParser
parser = ArgumentParser()
parser.add_argument("username")
parser.add_argument("-k", "--key", default="subrosa_private_key.pem")
parser.add_argument("-s", "--server-url", default="http://127.0.0.1:5000")
args = parser.parse_args()
ui = SubRosaUI(args.key, args.server_url)
ui.run(args.username)
if __name__ == '__main__':
main()

18
encryption.py
View File

@ -19,11 +19,13 @@ class PrivateKey:
@classmethod @classmethod
def load(cls, pem): def load(cls, pem):
"""Loads an existing private key. """Loads an existing private key.
When `pem` is of type bytes, assumes it is a pem serialization. Pem may be a bytes or a string representation of the PEM-formatted key,
Otherwise, assumes `pem` is a path to a pem file. or a path to a pem file.
""" """
if isinstance(pem, bytes): if isinstance(pem, bytes):
key = serialization.load_pem_private_key(pem) key = serialization.load_pem_private_key(pem, password=None)
elif isinstance(pem, str) and pem.startswith("-----BEGIN RSA PRIVATE KEY-----"):
key = serialization.load_pem_private_key(pem.encode('ascii'), password=None)
elif isinstance(pem, (str, Path)): elif isinstance(pem, (str, Path)):
with open(pem, 'rb') as key_file: with open(pem, 'rb') as key_file:
key = serialization.load_pem_private_key( key = serialization.load_pem_private_key(
@ -58,7 +60,7 @@ class PrivateKey:
encoding=serialization.Encoding.PEM, encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL, format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption() encryption_algorithm=serialization.NoEncryption()
).decode('utf8') ).decode('utf8').strip()
def __repr__(self): def __repr__(self):
return "<PrivateKey>" return "<PrivateKey>"
@ -106,11 +108,13 @@ class PublicKey:
@classmethod @classmethod
def load(self, pem): def load(self, pem):
"""Loads an existing public key. """Loads an existing public key.
When `pem` is of type bytes, assumes it is a pem serialization. Pem may be a bytes or a string representation of the PEM-formatted key,
Otherwise, assumes `pem` is a path to a pem file. or a path to a pem file.
""" """
if isinstance(pem, bytes): if isinstance(pem, bytes):
key = serialization.load_pem_public_key(pem) key = serialization.load_pem_public_key(pem)
elif isinstance(pem, str) and pem.startswith("-----BEGIN PUBLIC KEY-----"):
key = serialization.load_pem_public_key(pem.encode('ascii'))
elif isinstance(pem, (str, Path)): elif isinstance(pem, (str, Path)):
with open(pem, 'rb') as key_file: with open(pem, 'rb') as key_file:
key = serialization.load_pem_public_key(key_file.read()) key = serialization.load_pem_public_key(key_file.read())
@ -126,7 +130,7 @@ class PublicKey:
return self.key.public_bytes( return self.key.public_bytes(
encoding=serialization.Encoding.PEM, encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo format=serialization.PublicFormat.SubjectPublicKeyInfo
).decode('utf8') ).decode('utf8').strip()
def __repr__(self): def __repr__(self):
return "<PublicKey>" return "<PublicKey>"

161
poetry.lock generated
View File

@ -17,6 +17,17 @@ typing-extensions = {version = ">=4", markers = "python_version < \"3.11\""}
[package.extras] [package.extras]
tests = ["mypy (>=0.800)", "pytest", "pytest-asyncio"] tests = ["mypy (>=0.800)", "pytest", "pytest-asyncio"]
[[package]]
name = "certifi"
version = "2024.2.2"
description = "Python package for providing Mozilla's CA Bundle."
optional = false
python-versions = ">=3.6"
files = [
{file = "certifi-2024.2.2-py3-none-any.whl", hash = "sha256:dc383c07b76109f368f6106eee2b593b04a011ea4d55f652c6ca24a754d1cdd1"},
{file = "certifi-2024.2.2.tar.gz", hash = "sha256:0569859f95fc761b18b45ef421b1290a0f65f147e92a1e5eb3e635f9a5e4e66f"},
]
[[package]] [[package]]
name = "cffi" name = "cffi"
version = "1.16.0" version = "1.16.0"
@ -81,6 +92,105 @@ files = [
[package.dependencies] [package.dependencies]
pycparser = "*" pycparser = "*"
[[package]]
name = "charset-normalizer"
version = "3.3.2"
description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet."
optional = false
python-versions = ">=3.7.0"
files = [
{file = "charset-normalizer-3.3.2.tar.gz", hash = "sha256:f30c3cb33b24454a82faecaf01b19c18562b1e89558fb6c56de4d9118a032fd5"},
{file = "charset_normalizer-3.3.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:25baf083bf6f6b341f4121c2f3c548875ee6f5339300e08be3f2b2ba1721cdd3"},
{file = "charset_normalizer-3.3.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:06435b539f889b1f6f4ac1758871aae42dc3a8c0e24ac9e60c2384973ad73027"},
{file = "charset_normalizer-3.3.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:9063e24fdb1e498ab71cb7419e24622516c4a04476b17a2dab57e8baa30d6e03"},
{file = "charset_normalizer-3.3.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:6897af51655e3691ff853668779c7bad41579facacf5fd7253b0133308cf000d"},
{file = "charset_normalizer-3.3.2-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1d3193f4a680c64b4b6a9115943538edb896edc190f0b222e73761716519268e"},
{file = "charset_normalizer-3.3.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:cd70574b12bb8a4d2aaa0094515df2463cb429d8536cfb6c7ce983246983e5a6"},
{file = "charset_normalizer-3.3.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8465322196c8b4d7ab6d1e049e4c5cb460d0394da4a27d23cc242fbf0034b6b5"},
{file = "charset_normalizer-3.3.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a9a8e9031d613fd2009c182b69c7b2c1ef8239a0efb1df3f7c8da66d5dd3d537"},
{file = "charset_normalizer-3.3.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:beb58fe5cdb101e3a055192ac291b7a21e3b7ef4f67fa1d74e331a7f2124341c"},
{file = "charset_normalizer-3.3.2-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:e06ed3eb3218bc64786f7db41917d4e686cc4856944f53d5bdf83a6884432e12"},
{file = "charset_normalizer-3.3.2-cp310-cp310-musllinux_1_1_ppc64le.whl", hash = "sha256:2e81c7b9c8979ce92ed306c249d46894776a909505d8f5a4ba55b14206e3222f"},
{file = "charset_normalizer-3.3.2-cp310-cp310-musllinux_1_1_s390x.whl", hash = "sha256:572c3763a264ba47b3cf708a44ce965d98555f618ca42c926a9c1616d8f34269"},
{file = "charset_normalizer-3.3.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:fd1abc0d89e30cc4e02e4064dc67fcc51bd941eb395c502aac3ec19fab46b519"},
{file = "charset_normalizer-3.3.2-cp310-cp310-win32.whl", hash = "sha256:3d47fa203a7bd9c5b6cee4736ee84ca03b8ef23193c0d1ca99b5089f72645c73"},
{file = "charset_normalizer-3.3.2-cp310-cp310-win_amd64.whl", hash = "sha256:10955842570876604d404661fbccbc9c7e684caf432c09c715ec38fbae45ae09"},
{file = "charset_normalizer-3.3.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:802fe99cca7457642125a8a88a084cef28ff0cf9407060f7b93dca5aa25480db"},
{file = "charset_normalizer-3.3.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:573f6eac48f4769d667c4442081b1794f52919e7edada77495aaed9236d13a96"},
{file = "charset_normalizer-3.3.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:549a3a73da901d5bc3ce8d24e0600d1fa85524c10287f6004fbab87672bf3e1e"},
{file = "charset_normalizer-3.3.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f27273b60488abe721a075bcca6d7f3964f9f6f067c8c4c605743023d7d3944f"},
{file = "charset_normalizer-3.3.2-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1ceae2f17a9c33cb48e3263960dc5fc8005351ee19db217e9b1bb15d28c02574"},
{file = "charset_normalizer-3.3.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:65f6f63034100ead094b8744b3b97965785388f308a64cf8d7c34f2f2e5be0c4"},
{file = "charset_normalizer-3.3.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:753f10e867343b4511128c6ed8c82f7bec3bd026875576dfd88483c5c73b2fd8"},
{file = "charset_normalizer-3.3.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4a78b2b446bd7c934f5dcedc588903fb2f5eec172f3d29e52a9096a43722adfc"},
{file = "charset_normalizer-3.3.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:e537484df0d8f426ce2afb2d0f8e1c3d0b114b83f8850e5f2fbea0e797bd82ae"},
{file = "charset_normalizer-3.3.2-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:eb6904c354526e758fda7167b33005998fb68c46fbc10e013ca97f21ca5c8887"},
{file = "charset_normalizer-3.3.2-cp311-cp311-musllinux_1_1_ppc64le.whl", hash = "sha256:deb6be0ac38ece9ba87dea880e438f25ca3eddfac8b002a2ec3d9183a454e8ae"},
{file = "charset_normalizer-3.3.2-cp311-cp311-musllinux_1_1_s390x.whl", hash = "sha256:4ab2fe47fae9e0f9dee8c04187ce5d09f48eabe611be8259444906793ab7cbce"},
{file = "charset_normalizer-3.3.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:80402cd6ee291dcb72644d6eac93785fe2c8b9cb30893c1af5b8fdd753b9d40f"},
{file = "charset_normalizer-3.3.2-cp311-cp311-win32.whl", hash = "sha256:7cd13a2e3ddeed6913a65e66e94b51d80a041145a026c27e6bb76c31a853c6ab"},
{file = "charset_normalizer-3.3.2-cp311-cp311-win_amd64.whl", hash = "sha256:663946639d296df6a2bb2aa51b60a2454ca1cb29835324c640dafb5ff2131a77"},
{file = "charset_normalizer-3.3.2-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:0b2b64d2bb6d3fb9112bafa732def486049e63de9618b5843bcdd081d8144cd8"},
{file = "charset_normalizer-3.3.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:ddbb2551d7e0102e7252db79ba445cdab71b26640817ab1e3e3648dad515003b"},
{file = "charset_normalizer-3.3.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:55086ee1064215781fff39a1af09518bc9255b50d6333f2e4c74ca09fac6a8f6"},
{file = "charset_normalizer-3.3.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8f4a014bc36d3c57402e2977dada34f9c12300af536839dc38c0beab8878f38a"},
{file = "charset_normalizer-3.3.2-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a10af20b82360ab00827f916a6058451b723b4e65030c5a18577c8b2de5b3389"},
{file = "charset_normalizer-3.3.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:8d756e44e94489e49571086ef83b2bb8ce311e730092d2c34ca8f7d925cb20aa"},
{file = "charset_normalizer-3.3.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:90d558489962fd4918143277a773316e56c72da56ec7aa3dc3dbbe20fdfed15b"},
{file = "charset_normalizer-3.3.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:6ac7ffc7ad6d040517be39eb591cac5ff87416c2537df6ba3cba3bae290c0fed"},
{file = "charset_normalizer-3.3.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:7ed9e526742851e8d5cc9e6cf41427dfc6068d4f5a3bb03659444b4cabf6bc26"},
{file = "charset_normalizer-3.3.2-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:8bdb58ff7ba23002a4c5808d608e4e6c687175724f54a5dade5fa8c67b604e4d"},
{file = "charset_normalizer-3.3.2-cp312-cp312-musllinux_1_1_ppc64le.whl", hash = "sha256:6b3251890fff30ee142c44144871185dbe13b11bab478a88887a639655be1068"},
{file = "charset_normalizer-3.3.2-cp312-cp312-musllinux_1_1_s390x.whl", hash = "sha256:b4a23f61ce87adf89be746c8a8974fe1c823c891d8f86eb218bb957c924bb143"},
{file = "charset_normalizer-3.3.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:efcb3f6676480691518c177e3b465bcddf57cea040302f9f4e6e191af91174d4"},
{file = "charset_normalizer-3.3.2-cp312-cp312-win32.whl", hash = "sha256:d965bba47ddeec8cd560687584e88cf699fd28f192ceb452d1d7ee807c5597b7"},
{file = "charset_normalizer-3.3.2-cp312-cp312-win_amd64.whl", hash = "sha256:96b02a3dc4381e5494fad39be677abcb5e6634bf7b4fa83a6dd3112607547001"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:95f2a5796329323b8f0512e09dbb7a1860c46a39da62ecb2324f116fa8fdc85c"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c002b4ffc0be611f0d9da932eb0f704fe2602a9a949d1f738e4c34c75b0863d5"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a981a536974bbc7a512cf44ed14938cf01030a99e9b3a06dd59578882f06f985"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:3287761bc4ee9e33561a7e058c72ac0938c4f57fe49a09eae428fd88aafe7bb6"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:42cb296636fcc8b0644486d15c12376cb9fa75443e00fb25de0b8602e64c1714"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0a55554a2fa0d408816b3b5cedf0045f4b8e1a6065aec45849de2d6f3f8e9786"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:c083af607d2515612056a31f0a8d9e0fcb5876b7bfc0abad3ecd275bc4ebc2d5"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:87d1351268731db79e0f8e745d92493ee2841c974128ef629dc518b937d9194c"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-musllinux_1_1_ppc64le.whl", hash = "sha256:bd8f7df7d12c2db9fab40bdd87a7c09b1530128315d047a086fa3ae3435cb3a8"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-musllinux_1_1_s390x.whl", hash = "sha256:c180f51afb394e165eafe4ac2936a14bee3eb10debc9d9e4db8958fe36afe711"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:8c622a5fe39a48f78944a87d4fb8a53ee07344641b0562c540d840748571b811"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-win32.whl", hash = "sha256:db364eca23f876da6f9e16c9da0df51aa4f104a972735574842618b8c6d999d4"},
{file = "charset_normalizer-3.3.2-cp37-cp37m-win_amd64.whl", hash = "sha256:86216b5cee4b06df986d214f664305142d9c76df9b6512be2738aa72a2048f99"},
{file = "charset_normalizer-3.3.2-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:6463effa3186ea09411d50efc7d85360b38d5f09b870c48e4600f63af490e56a"},
{file = "charset_normalizer-3.3.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:6c4caeef8fa63d06bd437cd4bdcf3ffefe6738fb1b25951440d80dc7df8c03ac"},
{file = "charset_normalizer-3.3.2-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:37e55c8e51c236f95b033f6fb391d7d7970ba5fe7ff453dad675e88cf303377a"},
{file = "charset_normalizer-3.3.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:fb69256e180cb6c8a894fee62b3afebae785babc1ee98b81cdf68bbca1987f33"},
{file = "charset_normalizer-3.3.2-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:ae5f4161f18c61806f411a13b0310bea87f987c7d2ecdbdaad0e94eb2e404238"},
{file = "charset_normalizer-3.3.2-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:b2b0a0c0517616b6869869f8c581d4eb2dd83a4d79e0ebcb7d373ef9956aeb0a"},
{file = "charset_normalizer-3.3.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:45485e01ff4d3630ec0d9617310448a8702f70e9c01906b0d0118bdf9d124cf2"},
{file = "charset_normalizer-3.3.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:eb00ed941194665c332bf8e078baf037d6c35d7c4f3102ea2d4f16ca94a26dc8"},
{file = "charset_normalizer-3.3.2-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:2127566c664442652f024c837091890cb1942c30937add288223dc895793f898"},
{file = "charset_normalizer-3.3.2-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:a50aebfa173e157099939b17f18600f72f84eed3049e743b68ad15bd69b6bf99"},
{file = "charset_normalizer-3.3.2-cp38-cp38-musllinux_1_1_ppc64le.whl", hash = "sha256:4d0d1650369165a14e14e1e47b372cfcb31d6ab44e6e33cb2d4e57265290044d"},
{file = "charset_normalizer-3.3.2-cp38-cp38-musllinux_1_1_s390x.whl", hash = "sha256:923c0c831b7cfcb071580d3f46c4baf50f174be571576556269530f4bbd79d04"},
{file = "charset_normalizer-3.3.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:06a81e93cd441c56a9b65d8e1d043daeb97a3d0856d177d5c90ba85acb3db087"},
{file = "charset_normalizer-3.3.2-cp38-cp38-win32.whl", hash = "sha256:6ef1d82a3af9d3eecdba2321dc1b3c238245d890843e040e41e470ffa64c3e25"},
{file = "charset_normalizer-3.3.2-cp38-cp38-win_amd64.whl", hash = "sha256:eb8821e09e916165e160797a6c17edda0679379a4be5c716c260e836e122f54b"},
{file = "charset_normalizer-3.3.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:c235ebd9baae02f1b77bcea61bce332cb4331dc3617d254df3323aa01ab47bd4"},
{file = "charset_normalizer-3.3.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:5b4c145409bef602a690e7cfad0a15a55c13320ff7a3ad7ca59c13bb8ba4d45d"},
{file = "charset_normalizer-3.3.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:68d1f8a9e9e37c1223b656399be5d6b448dea850bed7d0f87a8311f1ff3dabb0"},
{file = "charset_normalizer-3.3.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:22afcb9f253dac0696b5a4be4a1c0f8762f8239e21b99680099abd9b2b1b2269"},
{file = "charset_normalizer-3.3.2-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e27ad930a842b4c5eb8ac0016b0a54f5aebbe679340c26101df33424142c143c"},
{file = "charset_normalizer-3.3.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:1f79682fbe303db92bc2b1136016a38a42e835d932bab5b3b1bfcfbf0640e519"},
{file = "charset_normalizer-3.3.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b261ccdec7821281dade748d088bb6e9b69e6d15b30652b74cbbac25e280b796"},
{file = "charset_normalizer-3.3.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:122c7fa62b130ed55f8f285bfd56d5f4b4a5b503609d181f9ad85e55c89f4185"},
{file = "charset_normalizer-3.3.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:d0eccceffcb53201b5bfebb52600a5fb483a20b61da9dbc885f8b103cbe7598c"},
{file = "charset_normalizer-3.3.2-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:9f96df6923e21816da7e0ad3fd47dd8f94b2a5ce594e00677c0013018b813458"},
{file = "charset_normalizer-3.3.2-cp39-cp39-musllinux_1_1_ppc64le.whl", hash = "sha256:7f04c839ed0b6b98b1a7501a002144b76c18fb1c1850c8b98d458ac269e26ed2"},
{file = "charset_normalizer-3.3.2-cp39-cp39-musllinux_1_1_s390x.whl", hash = "sha256:34d1c8da1e78d2e001f363791c98a272bb734000fcef47a491c1e3b0505657a8"},
{file = "charset_normalizer-3.3.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:ff8fa367d09b717b2a17a052544193ad76cd49979c805768879cb63d9ca50561"},
{file = "charset_normalizer-3.3.2-cp39-cp39-win32.whl", hash = "sha256:aed38f6e4fb3f5d6bf81bfa990a07806be9d83cf7bacef998ab1a9bd660a581f"},
{file = "charset_normalizer-3.3.2-cp39-cp39-win_amd64.whl", hash = "sha256:b01b88d45a6fcb69667cd6d2f7a9aeb4bf53760d7fc536bf679ec94fe9f3ff3d"},
{file = "charset_normalizer-3.3.2-py3-none-any.whl", hash = "sha256:3e4d1f6587322d2788836a99c69062fbb091331ec940e02d12d179c1d53e25fc"},
]
[[package]] [[package]]
name = "cryptography" name = "cryptography"
version = "42.0.7" version = "42.0.7"
@ -195,6 +305,17 @@ files = [
{file = "environ-1.0.tar.gz", hash = "sha256:4df7f1dfeb7d1c988d2e19a8bd5d547a526e0400aeb35adf732032472f35dcb0"}, {file = "environ-1.0.tar.gz", hash = "sha256:4df7f1dfeb7d1c988d2e19a8bd5d547a526e0400aeb35adf732032472f35dcb0"},
] ]
[[package]]
name = "idna"
version = "3.7"
description = "Internationalized Domain Names in Applications (IDNA)"
optional = false
python-versions = ">=3.5"
files = [
{file = "idna-3.7-py3-none-any.whl", hash = "sha256:82fee1fc78add43492d3a1898bfa6d8a904cc97d8427f683ed8e798d07761aa0"},
{file = "idna-3.7.tar.gz", hash = "sha256:028ff3aadf0609c1fd278d8ea3089299412a7a8b9bd005dd08b9f8285bcb5cfc"},
]
[[package]] [[package]]
name = "pycparser" name = "pycparser"
version = "2.22" version = "2.22"
@ -206,6 +327,27 @@ files = [
{file = "pycparser-2.22.tar.gz", hash = "sha256:491c8be9c040f5390f5bf44a5b07752bd07f56edf992381b05c701439eec10f6"}, {file = "pycparser-2.22.tar.gz", hash = "sha256:491c8be9c040f5390f5bf44a5b07752bd07f56edf992381b05c701439eec10f6"},
] ]
[[package]]
name = "requests"
version = "2.31.0"
description = "Python HTTP for Humans."
optional = false
python-versions = ">=3.7"
files = [
{file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"},
{file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"},
]
[package.dependencies]
certifi = ">=2017.4.17"
charset-normalizer = ">=2,<4"
idna = ">=2.5,<4"
urllib3 = ">=1.21.1,<3"
[package.extras]
socks = ["PySocks (>=1.5.6,!=1.5.7)"]
use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"]
[[package]] [[package]]
name = "sqlparse" name = "sqlparse"
version = "0.5.0" version = "0.5.0"
@ -243,7 +385,24 @@ files = [
{file = "tzdata-2024.1.tar.gz", hash = "sha256:2674120f8d891909751c38abcdfd386ac0a5a1127954fbc332af6b5ceae07efd"}, {file = "tzdata-2024.1.tar.gz", hash = "sha256:2674120f8d891909751c38abcdfd386ac0a5a1127954fbc332af6b5ceae07efd"},
] ]
[[package]]
name = "urllib3"
version = "2.2.1"
description = "HTTP library with thread-safe connection pooling, file post, and more."
optional = false
python-versions = ">=3.8"
files = [
{file = "urllib3-2.2.1-py3-none-any.whl", hash = "sha256:450b20ec296a467077128bff42b73080516e71b56ff59a60a02bef2232c4fa9d"},
{file = "urllib3-2.2.1.tar.gz", hash = "sha256:d0570876c61ab9e520d776c38acbbb5b05a776d3f9ff98a5c8fd5162a444cf19"},
]
[package.extras]
brotli = ["brotli (>=1.0.9)", "brotlicffi (>=0.8.0)"]
h2 = ["h2 (>=4,<5)"]
socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"]
zstd = ["zstandard (>=0.18.0)"]
[metadata] [metadata]
lock-version = "2.0" lock-version = "2.0"
python-versions = "^3.10" python-versions = "^3.10"
content-hash = "c3f2c06832bafe7f40cadca2f6a067ca8f7cdaf5098d6e1e15da97e00634cede" content-hash = "cac991f3d0e9e354a9e492ba15735644e560ec8c9f7dfb8f9f05570b863a5a88"

1
pyproject.toml
View File

@ -10,6 +10,7 @@ packages = [{include = "lab_subrosa"}]
python = "^3.10" python = "^3.10"
django-banjo = "^0.5.1" django-banjo = "^0.5.1"
cryptography = "^42.0.7" cryptography = "^42.0.7"
requests = "^2.31.0"
[build-system] [build-system]

9
server/app/models.py
View File

@ -7,7 +7,7 @@ from banjo.models import (
class User(Model): class User(Model):
name = StringField(unique=True) name = StringField(unique=True)
public_key = StringField(unique=True) public_key = StringField()
def to_dict(self): def to_dict(self):
return { return {
@ -20,3 +20,10 @@ class Message(Model):
recipient = ForeignKey(User, related_name="messages_received") recipient = ForeignKey(User, related_name="messages_received")
ciphertext = StringField() ciphertext = StringField()
read = BooleanField() read = BooleanField()
def to_dict(self):
return {
'sender': self.sender.name,
'recipient': self.recipient.name,
'ciphertext': self.ciphertext,
}

33
server/app/views.py
View File

@ -2,7 +2,10 @@ from banjo.urls import route_get, route_post
from app.models import User, Message from app.models import User, Message
from banjo.http import NotFound, NotAllowed from banjo.http import NotFound, NotAllowed
from datetime import datetime from datetime import datetime
import rsa from cryptography.exceptions import InvalidSignature
import sys
sys.path.insert(0, "..")
from encryption import PrivateKey, PublicKey
@route_post("users/new", args={'name': str, 'public_key': str}) @route_post("users/new", args={'name': str, 'public_key': str})
def create_user(params): def create_user(params):
@ -27,14 +30,14 @@ def get_user(params):
def get_messages(params): def get_messages(params):
"Return all the messages for a user" "Return all the messages for a user"
try: try:
user = User.objects.get(name=params['name']) recipient = User.objects.get(name=params['name'])
except User.DoesNotExist: except User.DoesNotExist:
raise NotFound(f"There is no user named {params['name']}") raise NotFound(f"There is no user named {params['name']}")
messages = Message.objects.filter(user=user) messages = Message.objects.filter(recipient=recipient)
return {'messages': [m.to_dict() for m in messages]} return {'messages': [m.to_dict() for m in messages]}
@route_get("messages/send", args={'sender': str, 'recipient': str, 'ciphertext': str, @route_get("messages/send", args={'sender': str, 'recipient': str, 'ciphertext': str,
'time_sent': str, 'auth': str}) 'time_sent': str, 'time_sent_signature': str})
def send_message(params): def send_message(params):
"""Securely sends an encrypted message from `sender` to `recipient` """Securely sends an encrypted message from `sender` to `recipient`
Sender and recipient should be recognized usernames. Sender and recipient should be recognized usernames.
@ -44,18 +47,28 @@ def send_message(params):
""" """
try: try:
sender = User.objects.get(name=params['sender']) sender = User.objects.get(name=params['sender'])
recipient = User.objects.get(name=['recipient']) recipient = User.objects.get(name=params['recipient'])
except User.DoesNotExist: except User.DoesNotExist:
raise NotFound(f"There is no user named {params['name']}") raise NotFound(f"User not found.")
try: try:
time_sent = datetime.fromisoformat(params['time_sent']) time_sent = datetime.fromisoformat(params['time_sent'])
except ValueError: except ValueError:
raise NotAllowed(f"Time sent ({params['time_sent']}) must be in isoformat") raise NotAllowed(f"Time sent ({params['time_sent']}) must be in isoformat")
if (datetime.now() - time_sent).seconds > 10: now = datetime.utcnow()
if (now - time_sent).seconds > 10:
raise NotAllowed(f"The message is too old. Time sent must be within ten seconds") raise NotAllowed(f"The message is too old. Time sent must be within ten seconds")
if not sender_public_key = PublicKey.load(sender.public_key)
try:
sender_public_key.verify_signature(params['time_sent'], params['time_sent_signature'])
except InvalidSignature:
raise NotAllowed("Invalid signature.")
message = Message(
sender=sender,
recipient=recipient,
ciphertext=params['ciphertext'],
)
message.save()
return message.to_dict()