Finished full encryption implementation

This commit is contained in:
Kevin Veen-Birkenbach 2022-12-10 21:20:26 +01:00
parent 2b3e4932c2
commit 7b33c5420d
7 changed files with 49 additions and 32 deletions

View File

@ -18,13 +18,12 @@ echo2 foxtrott
asfdasd@sdskjd.de asfdasd@sdskjd.de
street in strasdlasöd street in strasdlasöd
END_OF_INPUTS END_OF_INPUTS
python scripts/main.py --mode decrypt --master-password "ewrwerwerew" && python scripts/main.py --mode decrypt --master-password "ewrwerwerew"
python scripts/main.py --mode decrypt --user "1"
python scripts/main.py --mode cleanup --file-types decrypted && python scripts/main.py --mode decrypt --user "1" --user-password "O3ITMWXZED9FKYQ0PB2WNVRWSCSCYVXCD00PJ6GQ4MFPIUWBVDCYSSSX9ZDBW5QU" << END_OF_INPUTS python scripts/main.py --mode cleanup --file-types decrypted && python scripts/main.py --mode decrypt --user "1" --user-password "DDB2QYHP4X0PDR0ZX9LBLACNL6VAXLXMNEZJDOOGUTENSI6UDYGPOR5CV01YLI49" << END_OF_INPUTS
2 2
YGC6FLI5FIFL4WV4JPZZI7RVOZTWLROCLY4HVGDMWWSTAIQJTLUQK1VBBY0E24PN EOQXCYGEY2IMKAJP5VOCRVRH9LPYAPK9IC0ID0GMSJ5KXNXJHPNUBUKEVLE2WHQJ
END_OF_INPUTS END_OF_INPUTS
``` ```
# Requirements to know # Requirements to know
@ -49,6 +48,8 @@ END_OF_INPUTS
- implement tails setup script - implement tails setup script
- implement relativ call - implement relativ call
- implement tmp mount for decrypted files - implement tmp mount for decrypted files
- add data-input attribut
- add data-output attribut
## Further Information ## Further Information
- https://www.tutorialspoint.com/python/python_command_line_arguments.htm - https://www.tutorialspoint.com/python/python_command_line_arguments.htm

View File

@ -1 +1,3 @@
main_data/* main_data/*
*.json
*.txt

View File

@ -21,14 +21,20 @@ class AbstractSplittedSecret(Cli):
def getSecretHoldersRange(): def getSecretHoldersRange():
return range(1,AbstractSplittedSecret.MAXIMUM_SECRET_HOLDERS) return range(1,AbstractSplittedSecret.MAXIMUM_SECRET_HOLDERS)
def getFolderPath(self,folder_type): def getDataFolderPath(self,folder_type):
return self.data_folder + folder_type + "/" return self.data_folder + folder_type + "/"
def getGroupFilesFolderPath(self,folder_type): def getGroupFilesFolderPath(self,folder_type):
return self.getFolderPath(folder_type) + "group_files/" return self.getDataFolderPath(folder_type) + "group_files/"
def getUserFilesFolderPath(self,folder_type): def getUserFilesFolderPath(self,folder_type):
return self.getFolderPath(folder_type) + "user_files/" return self.getDataFolderPath(folder_type) + "user_files/"
def getEncryptedMainDataFile(self):
return self.getDataFolderPath(AbstractSplittedSecret.TYPE_ENCRYPTED) + "main_data.tar.gz.gpg"
def getDecryptedMainDataStandartFolder(self):
return self.getDataFolderPath(AbstractSplittedSecret.TYPE_DECRYPTED) + "main_data/"
def getFileExtension(self,file_type): def getFileExtension(self,file_type):
if file_type == AbstractSplittedSecret.TYPE_ENCRYPTED: if file_type == AbstractSplittedSecret.TYPE_ENCRYPTED:
@ -42,4 +48,4 @@ class AbstractSplittedSecret(Cli):
return self.getGroupFilesFolderPath(file_type) + str(group_id) + '.txt' + self.getFileExtension(file_type); return self.getGroupFilesFolderPath(file_type) + str(group_id) + '.txt' + self.getFileExtension(file_type);
def getAccumulatedFilePath(self,file_type): def getAccumulatedFilePath(self,file_type):
return self.getFolderPath(file_type) + 'accumulated.json' + self.getFileExtension(file_type); return self.getDataFolderPath(file_type) + 'accumulated.json' + self.getFileExtension(file_type);

View File

@ -4,17 +4,20 @@ class Cleanup(AbstractSplittedSecret):
super(Cleanup, self).__init__() super(Cleanup, self).__init__()
def getAllFilePaths(self,file_type): def getAllFilePaths(self,file_type):
return [ all_file_paths = [
self.getGroupFilesFolderPath(file_type), self.getGroupFilesFolderPath(file_type),
self.getUserFilesFolderPath(file_type), self.getUserFilesFolderPath(file_type),
self.getAccumulatedFilePath(file_type) self.getAccumulatedFilePath(file_type)
] ]
if file_type == AbstractSplittedSecret.TYPE_DECRYPTED:
all_file_paths.append(self.getDecryptedMainDataStandartFolder())
return all_file_paths
def deleteAllFilesInFolder(self,folder_path): def deleteAllFilesInFolder(self,folder_path):
try: try:
self.executeCommand('rm -v ' + folder_path + '*') self.executeCommand('rm -r ' + folder_path + '*')
except: except Exception as error:
pass print(error)
def cleanupFiles(self,file_type): def cleanupFiles(self,file_type):
for folder_path in self.getAllFilePaths(file_type): for folder_path in self.getAllFilePaths(file_type):
@ -22,9 +25,9 @@ class Cleanup(AbstractSplittedSecret):
def cleanupForUser(self,user): def cleanupForUser(self,user):
try: try:
self.executeCommand('find "' + self.getFolderPath(AbstractSplittedSecret.TYPE_ENCRYPTED) + '" -not -name "*' + str(user) +'*" -type f -print | xargs rm -v') self.executeCommand('find "' + self.getDataFolderPath(AbstractSplittedSecret.TYPE_ENCRYPTED) + '" -not -name "*' + str(user) +'*" -type f -print | xargs rm -v')
except: except Exception as error:
pass print(error)
self.cleanupFiles(AbstractSplittedSecret.TYPE_DECRYPTED) self.cleanupFiles(AbstractSplittedSecret.TYPE_DECRYPTED)
def deleteAll(self): def deleteAll(self):

View File

@ -22,7 +22,7 @@ class Decryption(AbstractSplittedSecret):
self.group_name = self.getDecryptersGroupName() self.group_name = self.getDecryptersGroupName()
self.encrypted_group_file_path = self.getGroupFilePath(self.group_name, AbstractSplittedSecret.TYPE_DECRYPTED) self.encrypted_group_file_path = self.getGroupFilePath(self.group_name, AbstractSplittedSecret.TYPE_DECRYPTED)
self.decryptGroupFile() self.decryptGroupFile()
self.master_password = self.loadTxtFile(self.encrypted_group_file_path) self.master_password = self.loadTxtFile(self.encrypted_group_file_path).strip()
def initializeNeededDecryptersAmount(self): def initializeNeededDecryptersAmount(self):
self.needed_decrypters_amount = len(str(list(self.user_data['groups'].keys())[0])) self.needed_decrypters_amount = len(str(list(self.user_data['groups'].keys())[0]))
@ -113,5 +113,4 @@ class Decryption(AbstractSplittedSecret):
self.decryptFile(self.user_password, input_file_path, output_file_path) self.decryptFile(self.user_password, input_file_path, output_file_path)
def decryptMainData(self): def decryptMainData(self):
# gpg --batch --passphrase "helloworld" -d data/encrypted/main_data.tar.gz.gpg | tar -xvzf - self.executeCommand('gpg --batch --passphrase "' + self.getMasterPassword() + '" -d "' + self.getEncryptedMainDataFile() + '" | tar -xvzf - "' + self.getDecryptedMainDataStandartFolder() + '"')
pass

View File

@ -113,10 +113,10 @@ class Encryption(AbstractSplittedSecret):
self.encryptToJsonFile(data,file_path,self.master_password) self.encryptToJsonFile(data,file_path,self.master_password)
def encryptMainData(self): def encryptMainData(self):
self.executeCommand('tar -cvzf - data/decrypted/main_data | gpg -c --batch --passphrase "' + self.master_password +'" > data/encrypted/main_data.tar.gz.gpg'); self.executeCommand('tar -cvzf - "' + self.getDecryptedMainDataStandartFolder() + '" | gpg -c --batch --passphrase "' + self.master_password +'" > "' + self.getEncryptedMainDataFile() + '"');
pass
def encrypt(self): def encryptAll(self):
self.encryptUserFile() self.encryptUserFile()
self.encryptAccumulatedFile() self.encryptAccumulatedFile()
self.encryptGroupFiles() self.encryptGroupFiles()
self.encryptMainData()

View File

@ -14,12 +14,14 @@ def clean_exit():
cleanup.cleanupFiles(AbstractSplittedSecret.TYPE_DECRYPTED) cleanup.cleanupFiles(AbstractSplittedSecret.TYPE_DECRYPTED)
except: except:
pass pass
print("Leaving program.") standard_exit()
exit()
def dirty_exit(): def dirty_exit():
print("ATTENTION: SECURITY RISK !!!\nPROGRAM DIDN'T CLEAN UP DECRYPTED DATA. \nDECRYPTED DATA EXISTS AND CAN BE READ BY EVERYBODY!") print("ATTENTION: SECURITY RISK !!!\nPROGRAM DIDN'T CLEAN UP DECRYPTED DATA. \nDECRYPTED DATA EXISTS AND CAN BE READ BY EVERYBODY!")
print("TO REMOVE DECRYPTED DATA EXECUTE:\nmain.py --mode cleanup --file-types " + AbstractSplittedSecret.TYPE_DECRYPTED) print("TO REMOVE DECRYPTED DATA EXECUTE:\nmain.py --mode cleanup --file-types " + AbstractSplittedSecret.TYPE_DECRYPTED)
standard_exit()
def standard_exit():
print("Leaving program.") print("Leaving program.")
exit() exit()
@ -45,13 +47,13 @@ try:
if args.user is None: if args.user is None:
print("Deleting all encrypted and decrypted files.") print("Deleting all encrypted and decrypted files.")
cleanup.deleteAll() cleanup.deleteAll()
clean_exit() standard_exit()
print("Deleting all files which aren't related to user: " + str(args.user)); print("Deleting all files which aren't related to user: " + str(args.user));
cleanup.cleanupForUser(args.user) cleanup.cleanupForUser(args.user)
clean_exit() standard_exit()
print("Deleting all " + args.file_types + " files.") print("Deleting all " + args.file_types + " files.")
cleanup.cleanupFiles(args.file_types) cleanup.cleanupFiles(args.file_types)
clean_exit() standard_exit()
if args.mode == 'decrypt': if args.mode == 'decrypt':
decrypt = Decryption() decrypt = Decryption()
@ -120,11 +122,14 @@ try:
break; break;
except: except:
print("An unexpected error occured: \n" + traceback.format_exc()) print("An unexpected error occured: \n" + traceback.format_exc())
print("Decrypting main data.")
decrypt.decryptMainData()
print("All data decrypted.")
dirty_exit() dirty_exit()
print("Decrypting accumulated file...") print("Decrypting accumulated data.")
decrypt.setUserPassword(args.master_password) decrypt.setUserPassword(args.master_password)
decrypt.decryptAccumulatedFile() decrypt.decryptAccumulatedFile()
clean_exit() dirty_exit()
if args.mode == 'encrypt': if args.mode == 'encrypt':
if args.master_password is None: if args.master_password is None:
@ -139,8 +144,9 @@ try:
print("Enter attribut <<" + label + ">> for user <<" + user_id+ ">>:" ) print("Enter attribut <<" + label + ">> for user <<" + user_id+ ">>:" )
encrypt.addInformationToUser(user_id, label, str(input())) encrypt.addInformationToUser(user_id, label, str(input()))
encrypt.compileData() encrypt.compileData()
encrypt.encrypt() encrypt.encryptAll()
clean_exit()
dirty_exit()
except KeyboardInterrupt: except KeyboardInterrupt:
print("Program interrupted by user.") print("Program interrupted by user.")
clean_exit() clean_exit()