mirror of
https://github.com/kevinveenbirkenbach/splitted-secret.git
synced 2024-11-22 10:11:05 +01:00
Implemented encryption on user level
This commit is contained in:
parent
f5e290df65
commit
1017fa2257
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,5 +1,5 @@
|
|||||||
data/decrypted/splitted_password_files/*
|
data/decrypted/splitted_password_files/*
|
||||||
data/decrypted/password_files/*
|
data/decrypted/password_files/*
|
||||||
data/encrypted/splitted_password_files/*
|
data/encrypted/splitted_password_files/*
|
||||||
data/decrypted/password_files/*
|
data/encrypted/password_files/*
|
||||||
__pycache__
|
__pycache__
|
@ -4,4 +4,6 @@ class AbstractSplittedSecret(Cli):
|
|||||||
def __init__(self):
|
def __init__(self):
|
||||||
super(Cli, self).__init__()
|
super(Cli, self).__init__()
|
||||||
self.encrypted_splitted_password_files_folder = "data/encrypted/splitted_password_files/"
|
self.encrypted_splitted_password_files_folder = "data/encrypted/splitted_password_files/"
|
||||||
|
self.encrypted_password_files_folder = "data/encrypted/password_files/"
|
||||||
|
self.encrypted_password_files_folder = "data/encrypted/password_files/"
|
||||||
self.decrypted_password_files_folder="data/decrypted/password_files/"
|
self.decrypted_password_files_folder="data/decrypted/password_files/"
|
@ -2,12 +2,25 @@ from .AbstractSplittedSecret import AbstractSplittedSecret
|
|||||||
class Cleanup(AbstractSplittedSecret):
|
class Cleanup(AbstractSplittedSecret):
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
super(Cleanup, self).__init__()
|
super(Cleanup, self).__init__()
|
||||||
|
self.encrypted_files_folders = [self.decrypted_password_files_folder,self.decrypted_password_files_folder]
|
||||||
|
self.decrypted_files_folders = [self.encrypted_splitted_password_files_folder,self.encrypted_password_files_folder]
|
||||||
|
|
||||||
|
def deleteAllFilesInFolder(self,folder_path):
|
||||||
|
try:
|
||||||
|
self.executeCommand('rm -v ' + folder_path + '*')
|
||||||
|
print(self.getCommandString())
|
||||||
|
print(self.getOutputString())
|
||||||
|
except:
|
||||||
|
pass
|
||||||
|
|
||||||
|
def deleteAllDecryptedFiles(self):
|
||||||
|
for folder_path in self.decrypted_files_folders:
|
||||||
|
self.deleteAllFilesInFolder(folder_path)
|
||||||
|
|
||||||
def deleteAllEncryptedFiles(self):
|
def deleteAllEncryptedFiles(self):
|
||||||
self.executeCommand('rm -v ' + self.decrypted_password_files_folder + '*')
|
for folder_path in self.encrypted_files_folders:
|
||||||
print(self.getCommandString())
|
self.deleteAllFilesInFolder(folder_path)
|
||||||
print(self.getOutputString())
|
|
||||||
self.executeCommand('rm -v ' + self.encrypted_splitted_password_files_folder + '*')
|
|
||||||
print(self.getCommandString())
|
|
||||||
print(self.getOutputString())
|
|
||||||
def deleteAll(self):
|
def deleteAll(self):
|
||||||
self.deleteAllEncryptedFiles()
|
self.deleteAllEncryptedFiles()
|
||||||
|
self.deleteAllDecryptedFiles()
|
@ -40,9 +40,9 @@ class Generate(AbstractSplittedSecret):
|
|||||||
master_password_file.write(password)
|
master_password_file.write(password)
|
||||||
master_password_file.close()
|
master_password_file.close()
|
||||||
|
|
||||||
def createPassword(self):
|
def createPassword(self,length):
|
||||||
characters = string.ascii_letters + string.digits
|
characters = string.ascii_letters + string.digits
|
||||||
return ''.join(random.choice(characters) for i in range(int(64*self.quota_factor))).upper()
|
return (''.join(random.choice(characters) for i in range(length)).upper())
|
||||||
|
|
||||||
def isGroupValid(self,password_group_index_str):
|
def isGroupValid(self,password_group_index_str):
|
||||||
secret_stakeholders_range=range(1,(self.amount_of_secret_holders+1))
|
secret_stakeholders_range=range(1,(self.amount_of_secret_holders+1))
|
||||||
@ -54,7 +54,7 @@ class Generate(AbstractSplittedSecret):
|
|||||||
self.user_mapped_data = {}
|
self.user_mapped_data = {}
|
||||||
user_count = 1
|
user_count = 1
|
||||||
while user_count <= self.amount_of_secret_holders:
|
while user_count <= self.amount_of_secret_holders:
|
||||||
self.user_mapped_data[str(user_count)] = {}
|
self.user_mapped_data[str(user_count)] = {"groups":{},"user_password":self.createPassword(64)}
|
||||||
user_count += 1;
|
user_count += 1;
|
||||||
|
|
||||||
def createGroupMappedDataFrame(self):
|
def createGroupMappedDataFrame(self):
|
||||||
@ -75,39 +75,52 @@ class Generate(AbstractSplittedSecret):
|
|||||||
password = ''
|
password = ''
|
||||||
for secret_holder_index in password_group_index_str:
|
for secret_holder_index in password_group_index_str:
|
||||||
self.group_mapped_data[password_group_index_int]['members'][secret_holder_index]={}
|
self.group_mapped_data[password_group_index_int]['members'][secret_holder_index]={}
|
||||||
password_part = self.createPassword()
|
particial_password_length= int(128*self.quota_factor);
|
||||||
|
password_part = self.createPassword(particial_password_length)
|
||||||
self.group_mapped_data[password_group_index_int]['members'][secret_holder_index] = password_part
|
self.group_mapped_data[password_group_index_int]['members'][secret_holder_index] = password_part
|
||||||
password += password_part
|
password += password_part
|
||||||
self.user_mapped_data[secret_holder_index][password_group_index_str] = password_part
|
self.user_mapped_data[secret_holder_index]['groups'][password_group_index_str] = password_part
|
||||||
self.group_mapped_data[password_group_index_int]['password'] += password
|
self.group_mapped_data[password_group_index_int]['password'] += password
|
||||||
index += 1
|
index += 1
|
||||||
|
|
||||||
|
def encryptStringToFile(self,text,output_file,password):
|
||||||
|
self.executeCommand('echo \'' + text + '\' | gpg --symmetric --armor --batch --passphrase "' + password + '" -o "' + output_file + '.gpg"')
|
||||||
|
print(self.getCommandString())
|
||||||
|
|
||||||
def generateEncryptedGroupFiles(self):
|
def generateEncryptedGroupFiles(self):
|
||||||
for password_group_index_int in self.group_mapped_data:
|
for password_group_index_int in self.group_mapped_data:
|
||||||
encrypted_splitted_password_file = AbstractSplittedSecret().encrypted_splitted_password_files_folder + str(password_group_index_int) + ".txt.gpg"
|
encrypted_splitted_password_file = AbstractSplittedSecret().encrypted_splitted_password_files_folder + str(password_group_index_int) + ".txt"
|
||||||
self.executeCommand('echo "' + self.master_password + '" | gpg --symmetric --armor --batch --passphrase "' + self.group_mapped_data[password_group_index_int]['password'] + '" -o "' + encrypted_splitted_password_file + '"')
|
self.encryptStringToFile(self.master_password,encrypted_splitted_password_file,self.group_mapped_data[password_group_index_int]['password'])
|
||||||
print(self.getCommandString())
|
|
||||||
|
|
||||||
def saveJsonFile(self,file_path,data):
|
def encryptToJsonFile(self,data,file_path,password):
|
||||||
with open(file_path, 'w', encoding='utf-8') as file:
|
self.encryptStringToFile(json.dumps(data,ensure_ascii=False), file_path, password)
|
||||||
json.dump(data, file, ensure_ascii=False, indent=4)
|
|
||||||
|
def encryptUserMappedData(self):
|
||||||
def saveUserMappedData(self):
|
|
||||||
for user_id in self.user_mapped_data:
|
for user_id in self.user_mapped_data:
|
||||||
file_path=self.decrypted_password_files_folder+user_id+'.json'
|
file_path=self.encrypted_password_files_folder+user_id+'.json'
|
||||||
self.saveJsonFile(file_path, self.user_mapped_data[user_id])
|
self.encryptToJsonFile(self.user_mapped_data[user_id]['groups'],file_path,self.user_mapped_data[user_id]['user_password'])
|
||||||
|
|
||||||
def saveGroupMappedData(self):
|
def encryptAccumulatedMappedData(self):
|
||||||
file_path=self.decrypted_password_files_folder+'group_mapped.json'
|
file_path=self.encrypted_password_files_folder+'accumulated.json'
|
||||||
self.saveJsonFile(file_path, self.group_mapped_data)
|
data={"user_mapped": self.user_mapped_data, "group_mapped": self.group_mapped_data}
|
||||||
|
self.encryptToJsonFile(data,file_path,self.master_password)
|
||||||
|
|
||||||
def saveMappedData(self):
|
def saveMappedData(self):
|
||||||
self.saveUserMappedData()
|
self.encryptUserMappedData()
|
||||||
self.saveGroupMappedData();
|
self.encryptAccumulatedMappedData()
|
||||||
|
|
||||||
|
def encryptMappedUserData(self):
|
||||||
|
self.user_passwords = {}
|
||||||
|
for user_id in self.user_mapped_data:
|
||||||
|
self.user_passwords[user_id] = self.createPassword(64)
|
||||||
|
|
||||||
|
def encryptMappedData(self):
|
||||||
|
self.encryptMappedUserData()
|
||||||
|
|
||||||
def generate(self):
|
def generate(self):
|
||||||
self.generateMappedData()
|
self.generateMappedData()
|
||||||
self.saveMappedData()
|
self.saveMappedData()
|
||||||
|
self.encryptMappedData()
|
||||||
self.generateEncryptedGroupFiles()
|
self.generateEncryptedGroupFiles()
|
||||||
|
|
||||||
def getUserMappedData(self):
|
def getUserMappedData(self):
|
||||||
|
Loading…
Reference in New Issue
Block a user