In [1]:
import socket
import ssl
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.serialization import load_pem_private_key, load_pem_public_key
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.primitives.asymmetric import dh
from cryptography.hazmat.primitives import serialization
import os
import tkinter as tk



In [2]:
encryption_choice = 0
msg = ""

def generate_rsa_keypair():
    private_key = rsa.generate_private_key(
        public_exponent=65537,
        key_size=2048,
        backend=default_backend()
    )
    return private_key

def generate_dh_keypair():
    parameters = dh.generate_parameters(generator=2, key_size=2048)
    private_key = parameters.generate_private_key()
    public_key = private_key.public_key()
    return private_key, public_key

def derive_dh_shared_key(private_key, public_key):
    shared_key = private_key.exchange(public_key)
    return shared_key

# def derive_dh_shared_key(private_key, public_key):
#     # shared_key = public_key.public_numbers().y ** private_key.private_numbers().x % public_key.public_numbers().parameter_numbers.g
#     # return shared_key.to_bytes((shared_key.bit_length() + 7) // 8, byteorder='big')


def rsa_encrypt(public_key, plaintext):
    ciphertext = public_key.encrypt(
        plaintext.encode(),
        padding.OAEP(
        mgf=padding.MGF1(algorithm=hashes.SHA256()),
        algorithm=hashes.SHA256(),
        label=None)
        )
    return ciphertext

def rsa_decrypt(private_key, ciphertext):
    plaintext = private_key.decrypt(
    ciphertext,
    padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA256()),
    algorithm=hashes.SHA256(),
    label=None))
    return plaintext.decode()

def aes_encrypt(key, plaintext):
    iv = os.urandom(16)
    cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend())
    encryptor = cipher.encryptor()
    ciphertext = encryptor.update(plaintext.encode()) + encryptor.finalize()
    return iv + ciphertext

def aes_decrypt(key, ciphertext):
    iv = ciphertext[:16]
    ciphertext = ciphertext[16:]
    cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend())
    decryptor = cipher.decryptor()
    plaintext = decryptor.update(ciphertext) + decryptor.finalize()
    return plaintext.decode()

def start_client(msg_for_server,append_log, append_chat):
    client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
    context.load_verify_locations(cafile="server.crt")
    context.check_hostname = False
    client_socket.connect(("localhost", 8443))
    append_log("Connected to server.")
    
    with context.wrap_socket(client_socket, server_hostname="localhost") as ssock:
        
        append_log("SSL/TLS connection established.")
    
        encryption_choice = ssock.recv(2048).decode()
        append_log(f"Encryption choice received from server: {encryption_choice}")
    
        if encryption_choice == "1":
            # RSA encryption and PKI key exchange
            private_key = generate_rsa_keypair()
            public_key = private_key.public_key()
            append_log(f"Public key generated. {public_key}")
            ssock.send(public_key.public_bytes(
                encoding=serialization.Encoding.PEM,
                format=serialization.PublicFormat.SubjectPublicKeyInfo
            ))
            
            #receive public key from server
            received_public_key = ssock.recv(2048)
            server_public_key = load_pem_public_key(received_public_key, backend=default_backend())
            
            
          
            msg_from_server = ssock.recv(2048)
            msg_from_server = rsa_decrypt(private_key, msg_from_server)
            append_chat(f"Decrypted RSA message from server: {msg_from_server}")
            #send msg to server

            msg_for_server = rsa_encrypt(server_public_key, msg_for_server)
            append_log(f"Encrypted RSA message for server: {msg_for_server}")
            #send encrypted msg to server
            ssock.send(msg_for_server)
            append_log("Message sent to server.")

        elif encryption_choice == "2":
            append_log("Diffie-Hellman key exchange initiated.")
            # AES encryption and Diffie-Hellman key exchange
            private_key, public_key = generate_dh_keypair()
            append_log(f"Public key generated. {public_key}")
            
            ssock.send(public_key.public_bytes(
                encoding=serialization.Encoding.PEM,
                format=serialization.PublicFormat.SubjectPublicKeyInfo
            ))
            append_log("Public key sent to server.")
            received_public_key = ssock.recv(2048)
            append_log(f"Received public key from server: {received_public_key}")
            received_public_key = serialization.load_pem_public_key(received_public_key, backend=default_backend())
            
            try:    
                shared_key = derive_dh_shared_key(private_key, received_public_key)
            except:
                append_log("Error: Shared key could not be derived.")
                return
            append_log(f"Shared key: {shared_key}")

            msg_for_server = aes_encrypt(shared_key, msg_for_server)
            ssock.send(msg_for_server)
            append_log("Message sent to server.")
            
            msg_from_server = ssock.recv(2048)
            msg_from_server = aes_decrypt(shared_key, msg_from_server)
            append_log(f"Decrypted AES message from server: {msg_from_server}")
            



In [3]:
import tkinter as tk
from tkinter import Text, Scrollbar

def append_log(message):
    log_text.config(state=tk.NORMAL)  # Set text widget to allow editing
    log_text.insert(tk.END, message + "\n")
    log_text.config(state=tk.DISABLED)  # Disable editing to make it read-only

def append_chat(message):
    chat_text.config(state=tk.NORMAL)  # Set text widget to allow editing
    chat_text.insert(tk.END, message + "\n")
    chat_text.config(state=tk.DISABLED)  # Disable editing to make it read-only

    
    
def on_send_message():
    message = message_entry.get()
    start_client(message,append_log ,append_chat)
        


# Create the main window
root = tk.Tk()
root.title("CLIENT")


# # Message input
message_label = tk.Label(root, text="Enter Message:")
message_label.pack()

message_entry = tk.Entry(root)
message_entry.pack()

# Send button
send_button = tk.Button(root, text="Send Message", command=on_send_message)
send_button.pack()

# Log display area
log_label = tk.Label(root, text="Log:")
log_label.pack()

log_text = Text(root, height=15, width=100)
log_text.pack()

scrollbar = Scrollbar(root)
scrollbar.pack(side=tk.RIGHT, fill=tk.Y)

log_text.config(yscrollcommand=scrollbar.set)
scrollbar.config(command=log_text.yview)

chat_label = tk.Label(root, text="Chat:")
chat_label.pack()

chat_text = Text(root, height=5, width=100)
chat_text.pack()


# Start the GUI event loop
root.mainloop()


In [None]:
if __name__ == "__main__":
   start_client("bye")
   
#openssl req -x509 -newkey rsa:4096 -keyout ca.key -out ca.crt -days 365
   """
   info for ca.crt
   PEM pass phrase: 03455
   country name: PK
   state or province name: Punjab
   locality name: Rawalpindi
   organization name: FAST
   organizational unit name: Computing
   common name: FARQ
   email address: i200621@nu.edu.pk
   """

