split-secret/scripts/classes/Encryption.py

153 lines
7.3 KiB
Python
Raw Permalink Normal View History

2022-12-09 12:03:45 +01:00
import random
import string
import math
import numpy
import re
import json
2022-12-10 22:19:57 +01:00
from .Paths import Paths
import shlex
2022-12-09 12:03:45 +01:00
2022-12-10 22:19:57 +01:00
class Encryption():
2022-12-09 12:03:45 +01:00
2022-12-10 22:03:29 +01:00
USER_PASSWORD_LENGTHS = 64
OVERALL_PASSWORD_LENGTHS = 128
# At the moment the programm can only deal with one digit numbers.
MAXIMUM_SECRET_HOLDERS = 9
MINIMUM_SECRET_HOLDERS = 2
2022-12-10 22:19:57 +01:00
def __init__(self, cli, paths, amount_of_secret_holders, decryption_quota,master_password):
2022-12-09 12:03:45 +01:00
self.amount_of_secret_holders = amount_of_secret_holders
self.decryption_quota = decryption_quota
self.master_password = master_password
2022-12-09 12:03:45 +01:00
self.quota_factor=self.decryption_quota/100
self.group_members_amount=math.ceil(self.amount_of_secret_holders * self.quota_factor)
2022-12-09 22:37:29 +01:00
self.initializeUserData()
self.initializeGroupData()
2022-12-10 22:03:29 +01:00
self.cli = cli
2022-12-10 22:19:57 +01:00
self.paths = paths
2022-12-09 22:37:29 +01:00
def initializeUserData(self):
self.user_mapped_data = {}
user_count = 1
while user_count <= self.amount_of_secret_holders:
2022-12-10 12:21:43 +01:00
self.user_mapped_data[str(user_count)] = {"groups":{},"user_password":self.createPassword(self.USER_PASSWORD_LENGTHS),"about":{}}
2022-12-09 22:37:29 +01:00
user_count += 1;
def initializeGroupData(self):
self.group_mapped_data = {}
def addInformationToUser(self,user_id,label,content):
self.user_mapped_data[user_id]['about'][label] = content;
def getCoSecretHoldersRange():
2022-12-11 18:46:32 +01:00
return range(Encryption.MINIMUM_SECRET_HOLDERS,(Encryption.MAXIMUM_SECRET_HOLDERS+1))
def getSecretHoldersRange():
2022-12-11 18:46:32 +01:00
return range(1,(Encryption.MAXIMUM_SECRET_HOLDERS+1))
2022-12-09 12:03:45 +01:00
def getStartnumber(self):
index = 0
start_number = ''
while index < self.group_members_amount:
start_number += '1'
index += 1
return int(start_number)
def getEndnumber(self):
index = 0
start_number = ''
while index < self.group_members_amount:
start_number += str(self.amount_of_secret_holders)
index += 1
return int(start_number)
2022-12-09 17:32:02 +01:00
def createPassword(self,length):
2022-12-09 12:03:45 +01:00
characters = string.ascii_letters + string.digits
2022-12-09 17:32:02 +01:00
return (''.join(random.choice(characters) for i in range(length)).upper())
2022-12-09 12:03:45 +01:00
2022-12-10 14:42:11 +01:00
def isGroupValid(self,password_group_name):
secret_stakeholders_range=range(1,(self.amount_of_secret_holders+1))
valid_numbers = re.compile("([" + ','.join([str(x) for x in secret_stakeholders_range]) + "]{" + str(self.group_members_amount) + "})")
2022-12-09 12:03:45 +01:00
unvalid_sequenz = re.compile("(.)\\1+")
2022-12-10 14:42:11 +01:00
return re.search(valid_numbers, password_group_name) and not re.search(unvalid_sequenz, password_group_name)
2022-12-09 12:11:46 +01:00
2022-12-09 22:37:29 +01:00
def compileContacts(self):
contacts = {}
for user_id in self.user_mapped_data:
contacts[user_id] = self.user_mapped_data[user_id]['about']
for user_id in self.user_mapped_data:
self.user_mapped_data[user_id]['contacts'] = {}
for contact_id in contacts:
if contact_id != user_id:
self.user_mapped_data[user_id]['contacts'][contact_id] = contacts[contact_id]
2022-12-09 14:05:54 +01:00
2022-12-09 22:37:29 +01:00
def compileData(self):
self.compileContacts()
2022-12-09 12:03:45 +01:00
index = self.getStartnumber()
2022-12-11 18:46:32 +01:00
while index <= self.getEndnumber():
2022-12-10 14:42:11 +01:00
password_group_name = ''.join(sorted(str(index)))
if self.isGroupValid(password_group_name):
password_group_index_int = int(password_group_name)
2022-12-09 14:05:54 +01:00
if not password_group_index_int in self.group_mapped_data:
self.group_mapped_data[password_group_index_int] = {}
self.group_mapped_data[password_group_index_int]['members'] = {}
self.group_mapped_data[password_group_index_int]['password'] = ''
2022-12-09 12:03:45 +01:00
password = ''
2022-12-10 14:42:11 +01:00
for secret_holder_index in password_group_name:
2022-12-09 14:05:54 +01:00
self.group_mapped_data[password_group_index_int]['members'][secret_holder_index]={}
2022-12-10 12:21:43 +01:00
particial_password_length= int(self.OVERALL_PASSWORD_LENGTHS*self.quota_factor);
2022-12-09 17:32:02 +01:00
password_part = self.createPassword(particial_password_length)
2022-12-09 14:05:54 +01:00
self.group_mapped_data[password_group_index_int]['members'][secret_holder_index] = password_part
2022-12-09 12:03:45 +01:00
password += password_part
2022-12-10 14:42:11 +01:00
self.user_mapped_data[secret_holder_index]['groups'][password_group_name] = password_part
2022-12-09 14:05:54 +01:00
self.group_mapped_data[password_group_index_int]['password'] += password
index += 1
2022-12-09 17:32:02 +01:00
def encryptStringToFile(self,text,output_file,password):
self.cli.executeCommand('echo ' + shlex.quote(text) + ' | gpg --symmetric --armor --batch --passphrase ' + shlex.quote(password) + ' -o "' + output_file + '"')
2022-12-09 17:32:02 +01:00
2022-12-09 21:49:06 +01:00
def encryptGroupFiles(self):
2022-12-09 14:05:54 +01:00
for password_group_index_int in self.group_mapped_data:
2022-12-10 22:19:57 +01:00
encrypted_group_password_file_path = self.paths.getGroupFilePath(password_group_index_int,Paths.TYPE_ENCRYPTED)
2022-12-09 20:10:12 +01:00
self.encryptStringToFile(self.master_password,encrypted_group_password_file_path,self.group_mapped_data[password_group_index_int]['password'])
2022-12-09 17:32:02 +01:00
def encryptToJsonFile(self,data,file_path,password):
self.encryptStringToFile(json.dumps(data,ensure_ascii=False), file_path, password)
def encryptUserFile(self):
for user_id in self.user_mapped_data:
2022-12-10 22:19:57 +01:00
file_path=self.paths.getUserFilePath(user_id,Paths.TYPE_ENCRYPTED)
2022-12-09 22:37:29 +01:00
data=self.user_mapped_data[user_id]
2022-12-09 20:10:12 +01:00
password=self.user_mapped_data[user_id]['user_password']
self.encryptToJsonFile(data,file_path,password)
'''
This saving as decrypted file is necessary due to the reason that the shell can't deal with unlimited string length.
See: https://stackoverflow.com/questions/30650841/why-am-i-getting-errno-7-argument-list-too-long-and-oserror-errno-24-too-ma
'''
def encryptFileToFile(self,input_file,output_file,password):
self.cli.executeCommand('cat \'' + input_file + '\' | gpg --symmetric --armor --batch --passphrase ' + shlex.quote(password) + ' -o "' + output_file + '"')
def deleteDecryptedAccumulatedFile(self):
self.cli.executeCommand('rm ' + self.paths.getAccumulatedFilePath(Paths.TYPE_DECRYPTED))
def saveDecryptedAccumulatedFile(self):
file_path=self.paths.getAccumulatedFilePath(Paths.TYPE_DECRYPTED)
2022-12-09 17:32:02 +01:00
data={"user_mapped": self.user_mapped_data, "group_mapped": self.group_mapped_data}
with open(file_path, 'w') as file:
json.dump(data, file)
def encryptAccumulatedFile(self):
self.saveDecryptedAccumulatedFile()
encrypted_file_path=self.paths.getAccumulatedFilePath(Paths.TYPE_ENCRYPTED)
decrypted_file_path=self.paths.getAccumulatedFilePath(Paths.TYPE_DECRYPTED)
self.encryptFileToFile(decrypted_file_path,encrypted_file_path,self.master_password)
self.deleteDecryptedAccumulatedFile()
2022-12-11 18:46:32 +01:00
def encryptMainData(self,input_directory):
self.cli.executeCommand('tar -C"' + input_directory + '" -cvzf - ./ | gpg -c --batch --passphrase ' + shlex.quote(self.master_password) + ' > "' + self.paths.getEncryptedMainDataFile() + '"')
2022-12-11 18:46:32 +01:00
def encryptMetaData(self):
self.encryptUserFile()
self.encryptGroupFiles()
self.encryptAccumulatedFile()