Click the thumbnail to go to the youtube video.
Direct Link: https://www.youtube.com/watch?v=6ciqxq1OPvw
Developed with Python 3.9
This project was created for the Applied Cryptography course at NYU. There are two simple server and client programs. The server streams their desktop to the client.
The server program also supports multiple clients.
As of now this was done using purely TCP, so it won't be super performant compared to a UDP server.
To use the program please follow the setup steps Ubuntu/Debian setup and setting up venv
For an initial set of tests a mock PKI server was created here. Creating a PKI was out of the scope for the project, so it was left here as a proof of concept. The current code has some commented code that interacts with the mock PKI, in case you wanted to see how we planned to use it.
To create the basic app, this stack overflow answer was used as a base: https://stackoverflow.com/a/63717263/15782022
sudo apt-get install scrotFor system python3
sudo apt-get install python3-tk python3-devNote: for specific version of python3.x
sudo apt-get install python3.x-tk python3.x-devThere are some dependencies for this project. It's recommended you setup a virtual environment that uses a python 3.9 interpreter. You can then run the following pip command to install the dependencies:
pip install -r requirements_ubuntu.txtThe programs require RSA keys to work. There are default paths set in the programs to look for keys in an env directory.
To create some RSA keys to test the program with simply run the included bash script that is at the top level of the repo.
This script simply creates the directories that the programs will look through, and then creates the RSA keys with openssl
./setup_dev_keys.shThis will create the following folders and files in the repo.
Repository Root
| env/ (directory)
|---keys/ (directory)
|---client/ (directory)
| |---client_01/ (directory)
| | | private-key.pem (file)
| | | public-key.pem (file)
| |
| |---client_02/ (directory)
| | private-key.pem (file)
| | public-key.pem (file)
|
|---server/ (directory)
|---trusted_keys/ (directory)
| | client_01-public-key.pem (file)
|
| private-key.pem (file)
| public-key.pem (file)
The env/keys/server/trusted_keys/client_01-public-key.pem file is just a copy of the env/keys/client/client_01/public-key.pem file
Each program can be run with just the default values. It may be helpful to set the logging level to debug with the flag -l debug in order to see a detailed activity log.
Both programs accept command line arguments, to see what they are simply run the program with the -h flag. There are defaults set already to make simple testing on a local network easier.
python streaming_secured_server.py -h
python streaming_secured_client.py -hTo run the programs you can simply call them from the top level of the repo with no extra arguments. Their default values are setup so they can work that way.
First start the server in one terminal
python streaming_secured_server.pyThen start the client in another terminal
python streaming_secured_client.pyTo test multiple clients, simply start the client program multiple times in their own terminal sessions.
To exit the server press ctrl + C in the terminal to start the shutdown process.
Shutting down the server, will also cause the client programs to terminate
For the client you can just press the Enter key in the terminal to start the shutdown process.
To test restricted mode simple run the server with the restricted flag set to true.
Command to run restricted server with debug logging
python streaming_secured_server.py -l debug --restricted trueThe default client arguments will allow a client to connect since they will use the RSA keys in env/keys/client/client_01 directory which are whitelisted.
python streaming_secured_client.py -l debugTo test that keys not on the whitelist will NOT work you must specify the keys in the env/keys/client/client_02 directory which are not whitelisted.
python streaming_secured_client.py -l debug --rsa-pub-key env/keys/client/client_02/public-key.pem --rsa-priv-key env/keys/client/client_02/private-key.pemTo whitelist a key simply place a copy of the public key in the env/keys/server/trusted_keys directory. Or simply use the --whitelist flag to point at a directory that contains a copy of public RSA pem key files that you would like to whitelist.