import socket

# 創(chuàng)建TCP socket
server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

import threading

def receive_messages():
    while True:
        data = client_socket.recv(1024)
        print(f"Received: {data.decode()}")

# 創(chuàng)建接收消息的線程
receive_thread = threading.Thread(target=receive_messages)
receive_thread.start()

from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
import os

# 生成RSA密鑰對(duì)
private_key = rsa.generate_private_key(
    public_exponent=65537,
    key_size=2048,
    backend=default_backend()
)
public_key = private_key.public_key()

# 生成AES密鑰
aes_key = os.urandom(32)  # 256-bit key

class User:
    def __init__(self, name):
        self.name = name
        self.private_key = rsa.generate_private_key(
            public_exponent=65537,
            key_size=2048,
            backend=default_backend()
        )
        self.public_key = self.private_key.public_key()
        self.peer_public_key = None
        self.aes_key = None
        
    def serialize_public_key(self):
        return self.public_key.public_bytes(
            encoding=serialization.Encoding.PEM,
            format=serialization.PublicFormat.SubjectPublicKeyInfo
        )
        
    def deserialize_public_key(self, key_bytes):
        self.peer_public_key = serialization.load_pem_public_key(
            key_bytes,
            backend=default_backend()
        )

def perform_key_exchange(user, conn, is_initiator):
    # 交換公鑰
    conn.sendall(user.serialize_public_key())
    peer_key_bytes = conn.recv(4096)
    user.deserialize_public_key(peer_key_bytes)
    
    if is_initiator:
        # 生成并發(fā)送AES密鑰
        user.aes_key = os.urandom(32)
        encrypted_aes_key = user.peer_public_key.encrypt(
            user.aes_key,
            padding.OAEP(
                mgf=padding.MGF1(algorithm=hashes.SHA256()),
                algorithm=hashes.SHA256(),
                label=None
            )
        )
        conn.sendall(encrypted_aes_key)
    else:
        # 接收并解密AES密鑰
        encrypted_aes_key = conn.recv(4096)
        user.aes_key = user.private_key.decrypt(
            encrypted_aes_key,
            padding.OAEP(
                mgf=padding.MGF1(algorithm=hashes.SHA256()),
                algorithm=hashes.SHA256(),
                label=None
            )
        )

def encrypt_message(key, message):
    iv = os.urandom(16)  # 初始向量
    cipher = Cipher(
        algorithms.AES(key),
        modes.CFB(iv),
        backend=default_backend()
    )
    encryptor = cipher.encryptor()
    ciphertext = encryptor.update(message.encode()) + encryptor.finalize()
    return iv + ciphertext
    
def decrypt_message(key, ciphertext):
    iv = ciphertext[:16]
    cipher = Cipher(
        algorithms.AES(key),
        modes.CFB(iv),
        backend=default_backend()
    )
    decryptor = cipher.decryptor()
    plaintext = decryptor.update(ciphertext[16:]) + decryptor.finalize()
    return plaintext.decode()

def start_server(port):
    user = User("Server")
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
        s.bind(('0.0.0.0', port))
        s.listen()
        conn, addr = s.accept()
        perform_key_exchange(user, conn, False)
        
        # 啟動(dòng)接收消息線程
        def receive():
            while True:
                data = conn.recv(4096)
                if not data: break
                message = decrypt_message(user.aes_key, data)
                print(f"Received: {message}")
        
        threading.Thread(target=receive, daemon=True).start()
        
        # 發(fā)送消息
        while True:
            message = input("> ")
            encrypted = encrypt_message(user.aes_key, message)
            conn.sendall(encrypted)

def start_client(host, port):
    user = User("Client")
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
        s.connect((host, port))
        perform_key_exchange(user, s, True)
        
        # 啟動(dòng)接收消息線程
        def receive():
            while True:
                data = s.recv(4096)
                if not data: break
                message = decrypt_message(user.aes_key, data)
                print(f"Received: {message}")
        
        threading.Thread(target=receive, daemon=True).start()
        
        # 發(fā)送消息
        while True:
            message = input("> ")
            encrypted = encrypt_message(user.aes_key, message)
            s.sendall(encrypted)

import socket
import threading
import argparse
from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
import os

class User:
    def __init__(self, name):
        self.name = name
        self.private_key = rsa.generate_private_key(
            public_exponent=65537,
            key_size=2048,
            backend=default_backend()
        )
        self.public_key = self.private_key.public_key()
        self.peer_public_key = None
        self.aes_key = None
        
    def serialize_public_key(self):
        return self.public_key.public_bytes(
            encoding=serialization.Encoding.PEM,
            format=serialization.PublicFormat.SubjectPublicKeyInfo
        )
        
    def deserialize_public_key(self, key_bytes):
        self.peer_public_key = serialization.load_pem_public_key(
            key_bytes,
            backend=default_backend()
        )

def encrypt_message(key, message):
    iv = os.urandom(16)
    cipher = Cipher(
        algorithms.AES(key),
        modes.CFB(iv),
        backend=default_backend()
    )
    encryptor = cipher.encryptor()
    ciphertext = encryptor.update(message.encode()) + encryptor.finalize()
    return iv + ciphertext
    
def decrypt_message(key, ciphertext):
    iv = ciphertext[:16]
    cipher = Cipher(
        algorithms.AES(key),
        modes.CFB(iv),
        backend=default_backend()
    )
    decryptor = cipher.decryptor()
    plaintext = decryptor.update(ciphertext[16:]) + decryptor.finalize()
    return plaintext.decode()

def perform_key_exchange(user, conn, is_initiator):
    conn.sendall(user.serialize_public_key())
    peer_key_bytes = conn.recv(4096)
    user.deserialize_public_key(peer_key_bytes)
    
    if is_initiator:
        user.aes_key = os.urandom(32)
        encrypted_aes_key = user.peer_public_key.encrypt(
            user.aes_key,
            padding.OAEP(
                mgf=padding.MGF1(algorithm=hashes.SHA256()),
                algorithm=hashes.SHA256(),
                label=None
            )
        )
        conn.sendall(encrypted_aes_key)
    else:
        encrypted_aes_key = conn.recv(4096)
        user.aes_key = user.private_key.decrypt(
            encrypted_aes_key,
            padding.OAEP(
                mgf=padding.MGF1(algorithm=hashes.SHA256()),
                algorithm=hashes.SHA256(),
                label=None
            )
        )

def start_server(port):
    user = User("Server")
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
        s.bind(('0.0.0.0', port))
        s.listen()
        print(f"Server listening on port {port}")
        conn, addr = s.accept()
        print(f"Connected by {addr}")
        perform_key_exchange(user, conn, False)
        
        def receive():
            while True:
                data = conn.recv(4096)
                if not data: break
                message = decrypt_message(user.aes_key, data)
                print(f"Received: {message}")
        
        threading.Thread(target=receive, daemon=True).start()
        
        while True:
            message = input("> ")
            encrypted = encrypt_message(user.aes_key, message)
            conn.sendall(encrypted)

def start_client(host, port):
    user = User("Client")
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
        s.connect((host, port))
        perform_key_exchange(user, s, True)
        
        def receive():
            while True:
                data = s.recv(4096)
                if not data: break
                message = decrypt_message(user.aes_key, data)
                print(f"Received: {message}")
        
        threading.Thread(target=receive, daemon=True).start()
        
        while True:
            message = input("> ")
            encrypted = encrypt_message(user.aes_key, message)
            s.sendall(encrypted)

if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="Secure LAN Chat")
    parser.add_argument("-s", "--server", action="store_true", help="Run as server")
    parser.add_argument("-c", "--client", action="store_true", help="Run as client")
    parser.add_argument("--host", type=str, default="localhost", help="Server host")
    parser.add_argument("--port", type=int, default=12345, help="Port number")
    args = parser.parse_args()
    
    if args.server:
        start_server(args.port)
    elif args.client:
        start_client(args.host, args.port)
    else:
        print("Please specify --server or --client")

python chat.py --server --port 12345

python chat.py --client --host <服務(wù)器IP> --port 12345