# Imports Used in Encryption Handlers

This section lists the necessary libraries and modules imported for implementing encryption handlers.

### Imports:

- **`from abc import ABC, abstractmethod`**: Imports the `ABC` class and `abstractmethod` decorator from the `abc` module, which are used to define abstract base classes and methods for encryption handler classes.
  
- **`from cryptography.hazmat.primitives.asymmetric import rsa, padding`**: Imports the `rsa` module for handling RSA key generation and encryption, and the `padding` module for adding cryptographic padding to the messages during asymmetric encryption.

- **`from cryptography.hazmat.primitives import hashes`**: Imports the `hashes` module, which provides hash algorithms like SHA256, used in encryption padding schemes.

- **`from cryptography.fernet import Fernet`**: Imports the `Fernet` class from the `cryptography` library, which is used for symmetric encryption and decryption with a shared key.

- **`import uuid`**: Imports the `uuid` module, which is used to generate unique identifiers for users.


In [3]:
from abc import ABC, abstractmethod
from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import hashes
from cryptography.fernet import Fernet
import uuid

# Abstract Base Class for Encryption Handlers

This Python class, `AbstractEncryptionHandler`, serves as an **Abstract Base Class (ABC)** that defines the structure for any encryption handler. The purpose of this class is to enforce a common interface for all encryption handler classes (e.g., symmetric encryption, asymmetric encryption).

It provides four abstract methods, which must be implemented by any subclass:

1. **`encrypt_message(self, message, key=None)`**:
    - **Purpose**: This method is intended to encrypt a given message.
    - **Parameters**:
        - `message`: The message that needs to be encrypted.
        - `key`: The encryption key used to encrypt the message. It is optional because some encryption methods may not require an explicit key (like in certain symmetric algorithms).
    - **Note**: The encryption method must be implemented in subclasses based on the type of encryption (e.g., RSA, AES, Fernet).

2. **`decrypt_message(self, encrypted_message)`**:
    - **Purpose**: This method decrypts an encrypted message.
    - **Parameters**:
        - `encrypted_message`: The message that has been encrypted.
    - **Note**: This will return the decrypted message in its original form.

3. **`get_encryption_key(self)`**:
    - **Purpose**: This method is used to retrieve the encryption key used by the encryption handler.
    - **Return**: The encryption key that is being used for encrypting messages.
    - **Note**: This is particularly useful for cases where keys need to be shared or managed separately from the encryption process.

4. **`get_decryption_key(self)`**:
    - **Purpose**: This method retrieves the key used for decryption.
    - **Return**: The decryption key used to reverse the encryption process.
    - **Note**: In cases of asymmetric encryption, the decryption key may be different from the encryption key.

### Why Abstract Base Class?

- **Consistency**: It ensures that any encryption handler class will have these key methods, maintaining a consistent interface across different encryption types (like symmetric or asymmetric encryption).
- **Extendability**: This design allows you to add new encryption methods (e.g., AES, RSA) by creating subclasses that implement the abstract methods.
- **Polymorphism**: By using an abstract base class, you can handle different types of encryption using a common interface, making the code cleaner and more maintainable.

### Example Usage:
Any subclass of `AbstractEncryptionHandler` would implement these methods with specific encryption logic. For example, a `SymmetricEncryptionHandler` could use AES or Fernet for encryption, while an `AsymmetricEncryptionHandler` might use RSA or Elliptic Curve Cryptography (ECC).


In [4]:
# Abstract Base Class for Encryption Handlers
class AbstractEncryptionHandler(ABC):
    @abstractmethod
    def encrypt_message(self, message, key = None):
        """Encrypt a message."""
        pass

    @abstractmethod
    def decrypt_message(self, encrypted_message):
        """Decrypt a message."""
        pass

    @abstractmethod
    def get_encryption_key(self):
        """Retrieve the encryption key."""
        pass

    @abstractmethod
    def get_decryption_key(self):
        """Retrieve the decryption key."""
        pass

# Symmetric Encryption Handler

The `SymmetricEncryptionHandler` class is a concrete implementation of the `AbstractEncryptionHandler` class, designed specifically for symmetric encryption using the **Fernet** encryption algorithm.

In symmetric encryption, the same key is used for both encryption and decryption. This class allows the user to encrypt and decrypt messages with the same key, which can either be provided by the user or generated automatically.

### Key Features:
- **Encryption and Decryption**: The handler supports encryption and decryption of messages using Fernet.
- **Key Management**: The encryption key can be supplied by the user or automatically generated by the handler.
- **Simplicity**: This handler focuses on symmetric encryption, where both encryption and decryption use the same key.

### Example Usage:

```python
# Create a handler and encrypt a message
handler = SymmetricEncryptionHandler()
encrypted_message = handler.encrypt_message("Hello, World!")

# Decrypt the message
decrypted_message = handler.decrypt_message(encrypted_message)
print(decrypted_message)  # Output: "Hello, World!"


In [5]:
# Symmetric Encryption Handler
class SymmetricEncryptionHandler(AbstractEncryptionHandler):
    def __init__(self, key=None):
        self.__key = key or self.generate_key()

    @staticmethod
    def generate_key():
        """Generate a symmetric encryption key."""
        return Fernet.generate_key()

    def encrypt_message(self, message, key = None):
        encryption_key = key or self.__key
        """Encrypt a message using the provided key."""
        f = Fernet(encryption_key)
        encrypted_message = f.encrypt(message.encode())
        return encrypted_message

    def decrypt_message(self, encrypted_message):
        """Decrypt an encrypted message using the provided key."""
        f = Fernet(self.__key)
        decrypted_message = f.decrypt(encrypted_message).decode()
        return decrypted_message

    def get_encryption_key(self):
        return self.__key

    def get_decryption_key(self):
        return self.__key

# Example of Symmetric Encryption

This example demonstrates how to use the `SymmetricEncryptionHandler` class to encrypt and decrypt a message using symmetric encryption.

### Steps in the Example:
1. **Create a `SymmetricEncryptionHandler` Instance**: We create an instance of the `SymmetricEncryptionHandler` class, which will handle the encryption and decryption operations.
   
2. **Define the Message**: The message to be encrypted is stored in the `message` variable. In this case, the message is "This is a secret message."

3. **Encrypt the Message**: The `encrypt_message()` method is used to encrypt the message. The encrypted message is printed as a byte sequence.

4. **Decrypt the Message**: The `decrypt_message()` method is used to decrypt the encrypted message back to its original form, and the result is printed.

### Output:
- **Encrypted Message**: The encrypted version of the original message is displayed as a byte string.
- **Decrypted Message**: The decrypted message matches the original plaintext message.

This example shows how symmetric encryption works with the same key for both encryption and decryption. It uses the **Fernet** algorithm for encryption, which ensures the confidentiality of the message by transforming it into an unreadable format, then decrypting it back into the original readable format.


In [6]:
handler = SymmetricEncryptionHandler()

message = "This is a secret message."

encrypted_message = handler.encrypt_message(message)
print(f"Encrypted Message: {encrypted_message}")

decrypted_message = handler.decrypt_message(encrypted_message)
print(f"Decrypted Message: {decrypted_message}")

Encrypted Message: b'gAAAAABnPLOvB6UYdNzEdzG2u1H5ZwI6IZb34wZ5BfgzvDqledO9mLoLE-pkn41MoEdbHcrPGIvdecPvtm4kV2gURv9UYBLZTD-pdQZswYxhgr9bv7B4wgA='
Decrypted Message: This is a secret message.


# Example of Symmetric Encryption with Different Keys (Fails)

This example demonstrates what happens when you try to decrypt a message using a different key than the one used for encryption, which causes the decryption to fail.

### Steps in the Example:
1. **Create Two `SymmetricEncryptionHandler` Instances**: Two instances of the `SymmetricEncryptionHandler` class are created, each with its own unique key.
   
2. **Define the Message**: A secret message is defined that will be encrypted.

3. **Encrypt the Message**: The message is encrypted using `handler_1`'s encryption key.

4. **Attempt Decryption with a Different Key**: The encrypted message is then attempted to be decrypted using `handler_2`'s key, which is different from the key used for encryption.

### Expected Output:
- **Encrypted Message**: The encrypted message is displayed as a byte string.
- **Decryption Failure**: Since the encryption key and decryption key don't match, an exception is raised during decryption. The error message indicating the failure is printed.

This example highlights the importance of using the same key for both encryption and decryption in symmetric encryption. When the keys don't match, decryption will fail, and the original message cannot be retrieved.


In [8]:
handler_1 = SymmetricEncryptionHandler()
handler_2 = SymmetricEncryptionHandler()

message = "This is a secret message."

encrypted_message = handler_1.encrypt_message(message)
print(f"Encrypted Message: {encrypted_message}")

# Attempt to decrypt the message using handler_2's key (which is different)
try:
    decrypted_message = handler_2.decrypt_message(encrypted_message)
    print(f"Decrypted Message: {decrypted_message}")
except Exception as e:
    print(f"Decryption failed: {e}")

Encrypted Message: b'gAAAAABnPLP6WgeeqbV1Q7H8pOWFW75VcE0An2hvWWNifgpprDc_D7_0yl6t1rzdxXlbk2iq9zzzbYYfLFy7Dn_u5U7M0nKSVW0Whv7wrPHThPz3whvota8='
Decryption failed: 


# Asymmetric Encryption Handler

The `AsymmetricEncryptionHandler` class is a concrete implementation of the `AbstractEncryptionHandler` class, designed specifically for asymmetric encryption using the RSA algorithm.

In asymmetric encryption, two keys are used: a **public key** for encryption and a **private key** for decryption. This class allows the user to encrypt and decrypt messages with these two distinct keys.

### Key Features:
- **Public and Private Key Management**: The class generates an RSA private key and derives the corresponding public key.
- **Encryption and Decryption**: The `encrypt_message` method uses the public key to encrypt messages, and the `decrypt_message` method uses the private key to decrypt messages.
- **Key Retrieval**: Methods are provided to retrieve the public and private keys.


In [10]:
# Asymmetric Encryption Handler
class AsymmetricEncryptionHandler(AbstractEncryptionHandler):
    def __init__(self):
        self.__private_key = self.generate_key()
        self.__public_key = self.__private_key.public_key()

    @staticmethod
    def generate_key():
        """Generate an RSA private key."""
        return rsa.generate_private_key(
            public_exponent=65537,
            key_size=2048,
        )

    def encrypt_message(self, message, key = None):
        public_key = key or self.__public_key
        
        """Encrypt a message using the public key."""
        encrypted_message = public_key.encrypt(
            message.encode(),
            padding.OAEP(
                mgf=padding.MGF1(algorithm=hashes.SHA256()),
                algorithm=hashes.SHA256(),
                label=None,
            ),
        )
        return encrypted_message

    def decrypt_message(self, encrypted_message):
        """Decrypt an encrypted message using the private key."""
        decrypted_message = self.__private_key.decrypt(
            encrypted_message,
            padding.OAEP(
                mgf=padding.MGF1(algorithm=hashes.SHA256()),
                algorithm=hashes.SHA256(),
                label=None,
            ),
        ).decode()
        return decrypted_message

    def get_encryption_key(self):
        """Retrieve the public key."""
        return self.__public_key

    def get_decryption_key(self):
        """Retrieve the private key."""
        return self.__private_key

## Example usage

In [11]:
# Create an instance of AsymmetricEncryptionHandler
handler = AsymmetricEncryptionHandler()

# Define a message to be encrypted
message = "This is a confidential message."

# Encrypt the message using the public key
encrypted_message = handler.encrypt_message(message)
print(f"Encrypted Message: {encrypted_message}")

# Decrypt the message using the private key
decrypted_message = handler.decrypt_message(encrypted_message)
print(f"Decrypted Message: {decrypted_message}")

Encrypted Message: b"\x92bK\x0e\x1f\xbcS<\xd8\xfe\x93~\x16\x05u\xf4\x13\xaa\xc7\xea? \xa0\xfe\xb8is\x1f\xbf\xbd\x8f\xf2\x126\xbc\xef\x15\x89\xe1>\xc1r\xe7\x86\xbf\x9d\x040FM9\xab\xfe:\x95a\x87\x8a\xd1\x8c>\x93\xe5\xfcY\xeb|\xc4j\x82PC\xc9\r\x8c\xb9X\rJ\x0bFC\x99\xf2\xd0&\xc5Vy\x18\xca\x9b\x98\xa5\xd2]\xc9BB6D\xb8-1J\xae9\x1c4F%\x9cw}\xf4\xf2%\x8a\x86\xde\xf9\xb1\xd1\x1d\xb0w\xc3n\xcb\xf9\x118\xd0\xec\x94\x16J\xf3\x11\xf9M\x13\xfb\xfb]\x03@\xba\xc3\xb8\xfe\x1e\x9a\xb4\x18\n\n2\x98\xf9R\xe7\x06\xf8OA!\xc07\xd6\xc1\x851\xbe\xf5w\x82.\xef\xed.\x17{.\x1e\xc8 b5\xf3QN\x0e'\x1c\xb2\x9c\x08\xf0\xbbu\xa9@\xbb\xc6\xfa\xb9\xee2\xac\xbb\xaaJHi\x9b\xdd\x98\xa0\xe6Cg\x96\x05\x83\x1c\xbc\xf4\x9e\xe6\xb8\x01\xefJ\x82\xad\xc9U!\xc9k\xec]b9\xab\xea\xc2=>~;3\x93\xaf="
Decrypted Message: This is a confidential message.


# Example of Asymmetric Encryption with Incorrect Key (Fails)

This example demonstrates what happens when you try to decrypt a message using a private key that doesn't correspond to the public key used for encryption. In asymmetric encryption, the decryption process will fail if the incorrect private key is used, as the encryption and decryption keys must form a matching pair.

In [12]:
handler_1 = AsymmetricEncryptionHandler()  # This will have its own public/private key pair
handler_2 = AsymmetricEncryptionHandler()  # This will have a different public/private key pair

# Define a message to be encrypted
message = "This is a confidential message."

# Encrypt the message using handler_1's public key
encrypted_message = handler_1.encrypt_message(message)
print(f"Encrypted Message: {encrypted_message}")

# Attempt to decrypt the message using handler_2's private key (which is not the correct private key)
try:
    decrypted_message = handler_2.decrypt_message(encrypted_message)
    print(f"Decrypted Message: {decrypted_message}")
except Exception as e:
    print(f"Decryption failed: {e}")

Encrypted Message: b'\xac\xb3_8\x17\xa7\x8c#F\x82u\x0ce\xba\xb4y}\xe9S|\xbc\xdb\x8a\x95\x07\xdc\xe7\xcf\xe1:\xeb\xaf+>\xad\xaf\x93\x80Bd\xee`q\xe38\x9fp\x96\x1b+!\x0f3\xb7\xc0\x82\x96\xa1\x05\x85\xf2\xde\xcb[za9\x16e\xba&\xeeY\xc3\xd1\xf2\xd6\xb5U\x1bB\xeasg#\xf8\xdeT\xdd\xa7(\xaf\xf3\xe3\tnI\xdd\x14\xbayD9\xa0\xd8\x98\x0c@\xc0\xb4\xb3\x9c\x14o\x8e\xcb#\xe3\x05;\xf8\x84\x1e\x93\xc0\xc8\xb1\n\x8e\xe1\xe3\x0f\x99\xb51S\x86\xf6\xa3\x8e[\x1e\x18T\x86E\x89\xce\x08\x0fb\x9a\xd2\x1c\x8c!\x7fMENx\xbfy<S\xb0[a{>\nR8,\xb1\xea\x91\x1c\xcdn5\xc0n\xd0DP\x9f\xad\xb19\xd0\x89\xc4/b\xe5\xbb%\xde\xf3z\xe5\x9c\xa49\xba\x95i\xcd\xab\xa5\xaa7\xa6\x89-\xe5\xc3\xba)Pm\xdd\xd7\xdc\xef1W\x82Cut\x0buz\x8a\xd4!\x91z0\x1e/j\xf3`\x93l\xf3\x14\xdbsi&i\x8f'
Decryption failed: Decryption failed


# User Class

The `User` class represents a user in a system that can send and receive encrypted messages. Each user has a unique ID and can exchange encryption keys with other users. The class handles both symmetric and asymmetric encryption for communication.

### Attributes:

- **`id`**: A unique identifier for the user, generated using the `uuid` module.
- **`name`**: The name of the user.
- **`keys`**: A dictionary that stores the encryption keys and handlers for other users.

### Methods:

- **`__init__(self, name)`**: Initializes the user with a name and a unique ID. The `keys` dictionary is also initialized to store encryption data for other users.

- **`receive_key_for_user(self, user, my_encryption_handler, encryption_key)`**: Stores the encryption key and handler for another user. This method is used when a user shares their encryption key with another user.

- **`send_message_to(self, user, message)`**: Encrypts a message using the stored encryption key for a specified user and sends the encrypted message to that user.

- **`receive_message_from(self, user, encrypted_message)`**: Decrypts the received encrypted message using the corresponding encryption key and handler, and prints the decrypted message.

- **`exchange_keys(user1, user2, encryption_type)`**: A static method to exchange encryption keys between two users based on the specified encryption type (either "symmetric" or "asymmetric"). If symmetric encryption is used, the same key is exchanged for both users. If asymmetric encryption is used, the public keys are exchanged.

### Usage:
- A user can encrypt a message and send it to another user, who can then decrypt the message using the shared encryption key.
- The `exchange_keys` method allows users to share encryption keys with each other for secure communication, depending on whether symmetric or asymmetric encryption is desired.


In [21]:
class User:
    def __init__(self, name):
        """
        Initialize the user with a name and a unique ID.
        """
        self.id = str(uuid.uuid4())  # Generate a unique ID for the user
        self.name = name
        self.keys = {}  # Store encryption information for other users

    def send_key_to_user(self, user, encryption_type):
        handler = None
        
        if encryption_type == "symmetric":
            handler = SymmetricEncryptionHandler()

        elif encryption_type == "asymmetric":
            handler = AsymmetricEncryptionHandler()
            
        else:
            raise ValueError("Unsupported encryption type")

        my_encryption_key = handler.encryption_key

        print(f"{self.name} => (key) {user.name}.")
        user_encryption_key = user.__receive_key_for_user(self, my_encryption_key, encryption_type)
        print(f"{self.name} <= (key) {user.name}.")

        self.keys[user.id] = {
            "my_encryption_handler": handler,
            "encryption_key": user_encryption_key,
        }
        

    def __receive_key_for_user(self, user, user_encryption_key, encryption_type):
        if encryption_type == "symmetric":
            handler = SymmetricEncryptionHandler()
        elif encryption_type == "asymmetric":
            handler = AsymmetricEncryptionHandler()
        else:
            raise ValueError("Unsupported encryption type")

        print(f"{self.name} received a key from {user.name}.")
        
        self.keys[user.id] = {
            "my_encryption_handler": handler,
            "encryption_key": user_encryption_key,
        }
        
        return handler.get_encryption_key()

    def send_message_to(self, user, message):
        """
        Encrypt a message and send it to another user.
        :param user: The user to send the message to.
        :param message: The plaintext message to send.
        """
        if user.id not in self.keys:
            print(f"{self.name} cannot send a message to {user.name}: Key not available.")
            return

        encryption_info = self.keys[user.id]
        my_encryption_handler = encryption_info["my_encryption_handler"]
        encryption_key = encryption_info["encryption_key"]

        encrypted_message = my_encryption_handler.encrypt_message(message, encryption_key)
        user.receive_message_from(self, encrypted_message)

    def receive_message_from(self, user, encrypted_message):
        """
        Decrypt and display the message received from another user.
        :param user: The user who sent the message.
        :param encrypted_message: The encrypted message to decrypt.
        """
        if user.id not in self.keys:
            print(f"{self.name} cannot decrypt message from {user.name}: Key not available.")
            return

        encryption_info = self.keys[user.id]
        my_encryption_handler = encryption_info["my_encryption_handler"]

        decrypted_message = my_encryption_handler.decrypt_message(encrypted_message)
        print(f"{self.name} received a message from {user.name}: {decrypted_message}")

    @staticmethod
    def exchange_keys(user1, user2, encryption_type):
        """
        Exchange encryption keys between two users.
        :param user1: The first user to exchange keys.
        :param user2: The second user to exchange keys.
        :param encryption_type: The type of encryption to use (symmetric or asymmetric).
        """
        if encryption_type == "symmetric":
            encryption_handler = SymmetricEncryptionHandler()
            key = encryption_handler.get_encryption_key()

            # Exchange keys for both users
            user1.receive_key_for_user(user2, encryption_handler, key)
            user2.receive_key_for_user(user1, encryption_handler, key)

        elif encryption_type == "asymmetric":
            user_1_encryption_handler = AsymmetricEncryptionHandler()
            user_1_encryption_key = user_1_encryption_handler.get_encryption_key()

            user_2_encryption_handler = AsymmetricEncryptionHandler()
            user_2_encryption_key = user_2_encryption_handler.get_encryption_key()

            # Exchange the public keys
            user1.receive_key_for_user(user2, user_1_encryption_handler, user_2_encryption_key)
            user2.receive_key_for_user(user1, user_2_encryption_handler, user_1_encryption_key)

        else:
            raise ValueError("Unsupported encryption type")


## Example Usage

In [17]:
alice = User("Alice")
bob = User("Bob")

User.exchange_keys(alice, bob, "asymmetric")

# Step 3: Alice sends an encrypted message to Bob
alice.send_message_to(bob, "Hello Bob! This is a secret message.")

bob.send_message_to(alice, "Hi Alice, how have you been?")

Alice received a key from Bob.
Bob received a key from Alice.
Bob received a message from Alice: Hello Bob! This is a secret message.
Alice received a message from Bob: Hi Alice, how have you been?


In [18]:
alice = User("Alice")
bob = User("Bob")

User.exchange_keys(alice, bob, "symmetric")

# Step 3: Alice sends an encrypted message to Bob
alice.send_message_to(bob, "Hello Bob! This is a secret message.")

bob.send_message_to(alice, "Hi Alice, how have you been?")

Alice received a key from Bob.
Bob received a key from Alice.
Bob received a message from Alice: Hello Bob! This is a secret message.
Alice received a message from Bob: Hi Alice, how have you been?


In [19]:
# Creating a middle actor, Charlie, who intercepts the public keys during exchange
alice = User("Alice")
bob = User("Bob")
charlie = User("Charlie")

# Step 1: Alice and Bob exchange keys (asymmetric encryption)
User.exchange_keys(alice, bob, "asymmetric")

# Charlie intercepts Bob's public key (asymmetric encryption) 
# For simplicity, Charlie gets the public key of Bob from the `keys` dictionary
bob_public_key = bob.keys[alice.id]["encryption_key"]

# Step 2: Alice sends an encrypted message to Bob using her public key
alice.send_message_to(bob, "Hello Bob! This is a secret message.")

# Step 3: Now, Charlie intercepts Bob's response and attempts to decrypt the message
# Charlie tries to decrypt Alice's message using Bob's public key (this will fail)
try:
    decrypted_message = bob_public_key.decrypt(
        alice.send_message_to(bob, "Hello Bob! This is a secret message."),
        padding.OAEP(
            mgf=padding.MGF1(algorithm=hashes.SHA256()),
            algorithm=hashes.SHA256(),
            label=None,
        ),
    )
    print("Charlie intercepted and decrypted the message:", decrypted_message)
except Exception as e:
    print("Charlie failed to decrypt the message:", e)


Alice received a key from Bob.
Bob received a key from Alice.
Bob received a message from Alice: Hello Bob! This is a secret message.
Charlie failed to decrypt the message: 'cryptography.hazmat.bindings._rust.openssl.rsa.RSAPublicKey' object has no attribute 'decrypt'
