online_security_project/README.md

80 lines
2.4 KiB
Markdown
Raw Normal View History

2024-12-01 17:40:08 +00:00
# Project - TODO:
[ ] Create a skeleton protocol
[ ] implement most of the skeleton
[ ] Create basic TCP server
[ ] Create basic client that connects to the server
[ ] Send ping message from client to server
[ ] Add more items based on skeleton protocol
[ ] Refine protocol using the implementation (and update stuff that got changed in impl)
[ ] Finish implementing the protocol
[ ] Update the protocol file with the latest structs and stuff
2024-12-14 17:10:09 +00:00
## Protocol todo:
[ ] Figure out how a message and message ack payload will look
[ ] Figure out server responses (hopefully manages to be stuck in a 512 bit block as well)
## Misc todo:
[ ] Create a Request to String function for easy printing and debugging
2024-12-14 17:10:09 +00:00
## client todo:
[ ] Check for key when turned on
2024-12-17 18:41:30 +00:00
[x] generate key and register if no key is preset, and save it after registration is done
[ ] if key is present, start by establishing connection (which makes sure we are signed in)
[ ] use AES to get basic packets from the server
[ ] use RSA private key to read normal messages
## Server todo:
[x] Laucnh task for each new connection
[x] use RSA key to get first message and extract AES key
2024-12-17 18:41:30 +00:00
[ ] verify the user using its public RSA key
[x] if it was a register session save the key into the BIG DATA STRUCTURE
2024-12-17 18:41:30 +00:00
[ ] Keep lists of incoming messages
(doesnt need to know from who, they are just big blobs of shlomp)
[ ] When user asks for incoming messages, make basic packet and append the incoming messages
- last byte is the "how many messages are left" byte
- each byte in the extra data will be the length of the next message, so
if there are 3 messages of length 128, 200, 300 bytes it will be
[128, 200, 300, 0 ...] and the actual position in the payload is easy
to calculate ([128, 200+128=328, 300+328=628, ...])
2024-12-14 17:10:09 +00:00
Register process:
Client Server
Send AES key (sk)
Send Register(pub key)
Get AES
Get Register
Send 6 digit code
Get 6 digit code
(1) Wait for user to input 6 digit code
Send 6 digit code (signed)
Get 6 digit code and verify (code, then sig)
Send OK/NACK
if NACK goto (1)
Login process:
Client Server
Send AES key (sk)
Send Login message (Phone, AES sig)
Get AES key
Verify AES sig with Phone-pub key
if sig is invalid: close connection
else: send stored messages because why not
Usual process get messages:
Client Server
Send GetMessages
Send back messages
Send GotMessages(amount)