From 7b33c5420d841cd75428b1d244f4ba93bae24f97 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sat, 10 Dec 2022 21:20:26 +0100 Subject: [PATCH] Finished full encryption implementation --- Readme.md | 9 ++++---- data/decrypted/.gitignore | 4 +++- scripts/classes/AbstractSplittedSecret.py | 14 ++++++++---- scripts/classes/Cleanup.py | 17 +++++++++------ scripts/classes/Decryption.py | 5 ++--- scripts/classes/Encryption.py | 6 +++--- scripts/main.py | 26 ++++++++++++++--------- 7 files changed, 49 insertions(+), 32 deletions(-) diff --git a/Readme.md b/Readme.md index d8d7dff..62a74a0 100644 --- a/Readme.md +++ b/Readme.md @@ -18,13 +18,12 @@ echo2 foxtrott asfdasd@sdskjd.de street in strasdlasöd END_OF_INPUTS -python scripts/main.py --mode decrypt --master-password "ewrwerwerew" && -python scripts/main.py --mode decrypt --user "1" +python scripts/main.py --mode decrypt --master-password "ewrwerwerew" -python scripts/main.py --mode cleanup --file-types decrypted && python scripts/main.py --mode decrypt --user "1" --user-password "O3ITMWXZED9FKYQ0PB2WNVRWSCSCYVXCD00PJ6GQ4MFPIUWBVDCYSSSX9ZDBW5QU" << END_OF_INPUTS +python scripts/main.py --mode cleanup --file-types decrypted && python scripts/main.py --mode decrypt --user "1" --user-password "DDB2QYHP4X0PDR0ZX9LBLACNL6VAXLXMNEZJDOOGUTENSI6UDYGPOR5CV01YLI49" << END_OF_INPUTS 2 -YGC6FLI5FIFL4WV4JPZZI7RVOZTWLROCLY4HVGDMWWSTAIQJTLUQK1VBBY0E24PN +EOQXCYGEY2IMKAJP5VOCRVRH9LPYAPK9IC0ID0GMSJ5KXNXJHPNUBUKEVLE2WHQJ END_OF_INPUTS ``` # Requirements to know @@ -49,6 +48,8 @@ END_OF_INPUTS - implement tails setup script - implement relativ call - implement tmp mount for decrypted files +- add data-input attribut +- add data-output attribut ## Further Information - https://www.tutorialspoint.com/python/python_command_line_arguments.htm diff --git a/data/decrypted/.gitignore b/data/decrypted/.gitignore index 7274218..1350402 100644 --- a/data/decrypted/.gitignore +++ b/data/decrypted/.gitignore @@ -1 +1,3 @@ -main_data/* \ No newline at end of file +main_data/* +*.json +*.txt \ No newline at end of file diff --git a/scripts/classes/AbstractSplittedSecret.py b/scripts/classes/AbstractSplittedSecret.py index 3ddb81d..16328de 100644 --- a/scripts/classes/AbstractSplittedSecret.py +++ b/scripts/classes/AbstractSplittedSecret.py @@ -21,14 +21,20 @@ class AbstractSplittedSecret(Cli): def getSecretHoldersRange(): return range(1,AbstractSplittedSecret.MAXIMUM_SECRET_HOLDERS) - def getFolderPath(self,folder_type): + def getDataFolderPath(self,folder_type): return self.data_folder + folder_type + "/" def getGroupFilesFolderPath(self,folder_type): - return self.getFolderPath(folder_type) + "group_files/" + return self.getDataFolderPath(folder_type) + "group_files/" def getUserFilesFolderPath(self,folder_type): - return self.getFolderPath(folder_type) + "user_files/" + return self.getDataFolderPath(folder_type) + "user_files/" + + def getEncryptedMainDataFile(self): + return self.getDataFolderPath(AbstractSplittedSecret.TYPE_ENCRYPTED) + "main_data.tar.gz.gpg" + + def getDecryptedMainDataStandartFolder(self): + return self.getDataFolderPath(AbstractSplittedSecret.TYPE_DECRYPTED) + "main_data/" def getFileExtension(self,file_type): if file_type == AbstractSplittedSecret.TYPE_ENCRYPTED: @@ -42,4 +48,4 @@ class AbstractSplittedSecret(Cli): return self.getGroupFilesFolderPath(file_type) + str(group_id) + '.txt' + self.getFileExtension(file_type); def getAccumulatedFilePath(self,file_type): - return self.getFolderPath(file_type) + 'accumulated.json' + self.getFileExtension(file_type); \ No newline at end of file + return self.getDataFolderPath(file_type) + 'accumulated.json' + self.getFileExtension(file_type); \ No newline at end of file diff --git a/scripts/classes/Cleanup.py b/scripts/classes/Cleanup.py index 02c5911..d371b4c 100644 --- a/scripts/classes/Cleanup.py +++ b/scripts/classes/Cleanup.py @@ -4,17 +4,20 @@ class Cleanup(AbstractSplittedSecret): super(Cleanup, self).__init__() def getAllFilePaths(self,file_type): - return [ + all_file_paths = [ self.getGroupFilesFolderPath(file_type), self.getUserFilesFolderPath(file_type), self.getAccumulatedFilePath(file_type) ] + if file_type == AbstractSplittedSecret.TYPE_DECRYPTED: + all_file_paths.append(self.getDecryptedMainDataStandartFolder()) + return all_file_paths def deleteAllFilesInFolder(self,folder_path): try: - self.executeCommand('rm -v ' + folder_path + '*') - except: - pass + self.executeCommand('rm -r ' + folder_path + '*') + except Exception as error: + print(error) def cleanupFiles(self,file_type): for folder_path in self.getAllFilePaths(file_type): @@ -22,9 +25,9 @@ class Cleanup(AbstractSplittedSecret): def cleanupForUser(self,user): try: - self.executeCommand('find "' + self.getFolderPath(AbstractSplittedSecret.TYPE_ENCRYPTED) + '" -not -name "*' + str(user) +'*" -type f -print | xargs rm -v') - except: - pass + self.executeCommand('find "' + self.getDataFolderPath(AbstractSplittedSecret.TYPE_ENCRYPTED) + '" -not -name "*' + str(user) +'*" -type f -print | xargs rm -v') + except Exception as error: + print(error) self.cleanupFiles(AbstractSplittedSecret.TYPE_DECRYPTED) def deleteAll(self): diff --git a/scripts/classes/Decryption.py b/scripts/classes/Decryption.py index 57bf58f..f88865e 100644 --- a/scripts/classes/Decryption.py +++ b/scripts/classes/Decryption.py @@ -22,7 +22,7 @@ class Decryption(AbstractSplittedSecret): self.group_name = self.getDecryptersGroupName() self.encrypted_group_file_path = self.getGroupFilePath(self.group_name, AbstractSplittedSecret.TYPE_DECRYPTED) self.decryptGroupFile() - self.master_password = self.loadTxtFile(self.encrypted_group_file_path) + self.master_password = self.loadTxtFile(self.encrypted_group_file_path).strip() def initializeNeededDecryptersAmount(self): self.needed_decrypters_amount = len(str(list(self.user_data['groups'].keys())[0])) @@ -113,5 +113,4 @@ class Decryption(AbstractSplittedSecret): self.decryptFile(self.user_password, input_file_path, output_file_path) def decryptMainData(self): - # gpg --batch --passphrase "helloworld" -d data/encrypted/main_data.tar.gz.gpg | tar -xvzf - - pass \ No newline at end of file + self.executeCommand('gpg --batch --passphrase "' + self.getMasterPassword() + '" -d "' + self.getEncryptedMainDataFile() + '" | tar -xvzf - "' + self.getDecryptedMainDataStandartFolder() + '"') \ No newline at end of file diff --git a/scripts/classes/Encryption.py b/scripts/classes/Encryption.py index 6b1d01b..4f5c513 100644 --- a/scripts/classes/Encryption.py +++ b/scripts/classes/Encryption.py @@ -113,10 +113,10 @@ class Encryption(AbstractSplittedSecret): self.encryptToJsonFile(data,file_path,self.master_password) def encryptMainData(self): - self.executeCommand('tar -cvzf - data/decrypted/main_data | gpg -c --batch --passphrase "' + self.master_password +'" > data/encrypted/main_data.tar.gz.gpg'); - pass + self.executeCommand('tar -cvzf - "' + self.getDecryptedMainDataStandartFolder() + '" | gpg -c --batch --passphrase "' + self.master_password +'" > "' + self.getEncryptedMainDataFile() + '"'); - def encrypt(self): + def encryptAll(self): self.encryptUserFile() self.encryptAccumulatedFile() self.encryptGroupFiles() + self.encryptMainData() diff --git a/scripts/main.py b/scripts/main.py index 5250855..ff6de84 100644 --- a/scripts/main.py +++ b/scripts/main.py @@ -14,15 +14,17 @@ def clean_exit(): cleanup.cleanupFiles(AbstractSplittedSecret.TYPE_DECRYPTED) except: pass - print("Leaving program.") - exit() + standard_exit() def dirty_exit(): print("ATTENTION: SECURITY RISK !!!\nPROGRAM DIDN'T CLEAN UP DECRYPTED DATA. \nDECRYPTED DATA EXISTS AND CAN BE READ BY EVERYBODY!") print("TO REMOVE DECRYPTED DATA EXECUTE:\nmain.py --mode cleanup --file-types " + AbstractSplittedSecret.TYPE_DECRYPTED) + standard_exit() + +def standard_exit(): print("Leaving program.") exit() - + try: if __name__ == '__main__': parser = argparse.ArgumentParser() @@ -45,13 +47,13 @@ try: if args.user is None: print("Deleting all encrypted and decrypted files.") cleanup.deleteAll() - clean_exit() + standard_exit() print("Deleting all files which aren't related to user: " + str(args.user)); cleanup.cleanupForUser(args.user) - clean_exit() + standard_exit() print("Deleting all " + args.file_types + " files.") cleanup.cleanupFiles(args.file_types) - clean_exit() + standard_exit() if args.mode == 'decrypt': decrypt = Decryption() @@ -120,11 +122,14 @@ try: break; except: print("An unexpected error occured: \n" + traceback.format_exc()) + print("Decrypting main data.") + decrypt.decryptMainData() + print("All data decrypted.") dirty_exit() - print("Decrypting accumulated file...") + print("Decrypting accumulated data.") decrypt.setUserPassword(args.master_password) decrypt.decryptAccumulatedFile() - clean_exit() + dirty_exit() if args.mode == 'encrypt': if args.master_password is None: @@ -139,8 +144,9 @@ try: print("Enter attribut <<" + label + ">> for user <<" + user_id+ ">>:" ) encrypt.addInformationToUser(user_id, label, str(input())) encrypt.compileData() - encrypt.encrypt() - clean_exit() + encrypt.encryptAll() + + dirty_exit() except KeyboardInterrupt: print("Program interrupted by user.") clean_exit() \ No newline at end of file