Как шифровать файлы при передаче на сервер и дешефровать при передаче с сервера на клиент
08.12.2016, 07:18. Показов 2232. Ответов 0
Есть программа клиент/сервер, файлы со стороны клиента передаются на сервер, если были внесены изменения. Как правильно зашифровать файлы, чтобы после их передачи серверу, они на нем лежали зашифрованными (при этом они остаются незашифрованными на стороне клиента, и сервер не знает ключ для дешифрования)? т.е. если кто-то взломает сервер, они не могут воспользоваться этими файлами. Не могу найти приемеры для питона python, так что если есть какие-то примеры(особенно, используя OpenPGP) и как вообще это делать, было бы здорово.
Конкретно вопрос в том, что для посылки файла от клиента серверу и чтобы на сервер они загружались зашифрованными и выгружались с сервера на клиент-дешефрованными, если воспользоваться AES, то как? какой модификацией? И другие способы-как ими пользоваться?
| Python | 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
| # server.py
import socket # Import socket module
import ssl
import sys # Import system-specific parameters and functions
import hashlib
import os.path # Import module to manipulate paths
import os, time, _thread as thread
from socket import *
ssl_certfile = "/cs/home/server.crt"
ssl_keyfile = "/cs/home/server.key"
def now():
return time.asctime()
def process_file(file_name):
user_names = []
passwords = []
try:
file_conn = open(file_name)
data = file_conn.readlines()
for i in range(len(data)):
if i%2 == 0:
user_names.append(data[i][:-1])
else:
passwords.append(data[i][:-1])
file_conn.close()
except:
sys.exit('There was a problem reading the file!')
return user_names, passwords
def myrec(the_socket):
total_data=[]
while True:
data = the_socket.recv(8192)
if not data: break
total_data.append(data)
return ''.join(total_data)
def main(connstream):
print 'Client connected to login...'
user_names, passwords = process_file("pass.txt")
user = connstream.recv(1024) # Get up to 1024 bytes at a time
print user
if user not in user_names:
connstream.send ("Unkown User Name, terminating... ")
sys.exit('Unkown User Name, terminating... \n')
else:
connstream.send ("Please enter password: ")
password = connstream.recv(1024) # Get up to 1024 bytes at a time
print password
user_input = hashlib.sha224(password).hexdigest()
dir_name = ((r'/cs/home/server/%s') % (user))
os.chdir(dir_name)
if user_input != passwords[user_names.index(user)]:
print 'Incorrect Password!\n'
connstream.send ("Incorrect password. ")
sys.exit('Incorrect Password, terminating... \n')
else:
print 'User is logged in!\n'
connstream.send ('User is logged in!\n')
reqCommand = connstream.recv(1024) # Get up to 1024 bytes at a time
print 'Client> %s' %(reqCommand)
if (reqCommand == 'q'):
print "Current client quited!"
sys.exit("Client quited.")
else:
string = reqCommand.split(' ', 1) # In case of 'u'-upload and 'd'-download method
#reqFile = string[1]
if (string[0] == 'u'):
reqFile = string[1]
data = connstream.recv(1024) # Get up to 1024 bytes at a time
if data == "EXISTS": # If file exists
print "FILE on the client side EXISTS!"
with open(reqFile, 'wb') as file_to_write: # Create local file
while True:
data = myrec(connstream) # Get up to 1024 bytes at a time
if not data: # until file totally sent.
break
file_to_write.write(data) # Store data in local file
file_to_write.close()
print 'Received successfully.'
break
else:
print "NO SUCH FILE on the client side!"
elif (string[0] == 'd'):
reqFile = string[1]
if os.path.isfile(reqFile): # If "filename" is an "input filename"
print "FILE EXISTS on the server!"
connstream.send("EXISTS") # send respond to client
with open(reqFile, 'rb') as file_to_send: # Create local file
for data in file_to_send:
connstream.sendall(data) # Connect and send the data
print 'Sent successfully.'
else:
print "NO SUCH FILE on the server!"
connstream.close() # Close the connection
HOST = 'localhost' # Get local machine name
PORT = 3004 # Reserve a port for your service.
socket = socket(AF_INET, SOCK_STREAM) # Create a socket object
socket.bind((HOST, PORT)) # Bind to the port
socket.listen(1) # Now wait for client connection.
while (1):
conn, addr = socket.accept() # Establish connection with client.
print 'Client connected ..'
print('Server connected by', addr, 'at', now())
connstream = ssl.wrap_socket(conn,
server_side=True,
certfile=ssl_certfile,
keyfile=ssl_keyfile)
thread.start_new_thread(main, (connstream,))
conn.close() |
|
| Python | 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
| # client.py
import socket # Import socket module
import sys # Import system-specific parameters and functions
import os.path # Import module to manipulate paths
import ssl
import pprint
HOST = 'localhost' # Get local machine name
PORT = 3004 # Reserve a port for service.
ssl_certfile = "/cs/home/server.crt"
def myrec(the_socket):
total_data=[]
while True:
data = the_socket.recv(8192)
if not data: break
total_data.append(data)
return ''.join(total_data)
def main():
print '\nUser & Password Authentication\n'
socket1 = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Create a socket object
ssl_sock = ssl.wrap_socket(socket1,
ca_certs=ssl_certfile,
cert_reqs=ssl.CERT_REQUIRED)
ssl_sock.connect((HOST, PORT)) # Connect to the port
# Send remote input filename
while(1):
user = raw_input('Please Enter User Name: ')
print 'name send to server: ' + user
ssl_sock.send(user)
data = ssl_sock.recv(1024)
print data
if data == "Unkown User Name, terminating... ":
sys.exit('Unknown user name, terminating... \n')
else:
# data = ssl_sock.recv(2048)
password= raw_input(data)
print 'pas send to server: ' + password
ssl_sock.send(password)
data = ssl_sock.recv(2048)
if data == "User is logged in!\n":
dir_name = ((r'/cs/home/client/%s') % (user))
os.chdir(dir_name)
print 'Client is logged in!\n'
while(True):
print 'Instructions:'
print '"u [filename]" to upload the file to the server'
print '"d [filename]" to download the file from the server'
print '"q" to quit'
sys.stdout.write('%s> ' % user)
inputCommand = sys.stdin.readline().strip()
if (inputCommand == 'q'):
print "Program terminated. Bye!"
sys.exit("quit")
else:
string = inputCommand.split(' ', 1)
ssl_sock.send(inputCommand)
inputFile = string[1]
if (string[0] == 'u'):
#ssl_sock.send(inputCommand) # Send remote input filename
#string = inputCommand.split(' ', 1)
#inputFile = string[1]
if os.path.isfile(inputFile): # If requested file exists,
print "FILE on the client side EXISTS!"
ssl_sock.send("EXISTS") # Send respond to server
with open(inputFile, 'rb') as file_to_send: # Create local file
for data in file_to_send:
ssl_sock.sendall(data) # Send requested file
print 'Upload is successful.'
#ssl_sock.close() # Close the connection
else:
print "NO SUCH FILE on the client side!"
elif (string[0] == 'd'):
#ssl_sock.send(inputCommand) # Send remote requested filename
#string = inputCommand.split(' ', 1)
#inputFile = string[1]
data = ssl_sock.recv(1024) # Send message from the server
if data == "EXISTS": # if requested file exists on the server
print "FILE on the server EXISTS!"
with open(inputFile, 'wb') as file_to_write: # open requested file
while True:
data = myrec(ssl_sock)
if not data: # until file totally sent.
break
file_to_write.write(data) # Store data in a file
file_to_write.close()
print 'Download is successful.'
else:
print "NO SUCH FILE on the server!"
#ssl_sock.close() # Close the connection
else:
print "Wrong input."
# print "exit client"
elif data == "Incorrect password. ":
# print 'Incorrect password. \n'
sys.exit('Incorrect password. \n')
else:
print "Terminating... \n"
ssl_sock.close()
socket1.close()
#ssl_sock.close()
#msg = raw_input('Enter your name: ')
main() |
|
0
|
(
