Compare commits

..

No commits in common. "a0c17c9fd6da104797e2f90b697f9b347c9f66f9" and "a88ca6904abdc80953fdc00c9d6ae082c26b608e" have entirely different histories.

5 changed files with 90 additions and 112 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
__pycache__
INSTRUCTIONS.md
testcases.txt

View File

@ -46,17 +46,9 @@ python scripts/main.py --mode cleanup --file-types encrypted
To decrypt the data execute:
```bash
python scripts/main.py --mode decrypt-data
python scripts/main.py --mode decrypt
```
### decrypt accumulated file
To decrypt the accumulated datafile execute:
```bash
python scripts/main.py --mode decrypt --meta
```
### decrypt defined user
To decrypt the data for a defined user execute:
@ -64,19 +56,18 @@ To decrypt the data for a defined user execute:
python scripts/main.py --mode decrypt --user "<<user_id>>"
```
### addtional instructions
In the [INSTRUCTIONS.md](./Instruction.md) file the master encrypter can leave additional instructions.
## encrypt
### encrypt main data
```bash
python scripts/main.py --secret-holders-amount "<<amount>>" --quota "<<quota>>" --mode encrypt --master-password "<<master_password>>" --input-directory "<<input_directory>>"
```
### encrypt master password
To encrypt the master-password file and to create the neccessary encrypted meta data execute:
```bash
python scripts/main.py --secret-holders-amount "<<amount>>" --quota "<<quota>>" --mode encrypt --add-user-information --master-password "<<master_password>>" --meta
python scripts/main.py --secret-holders-amount "<<amount>>" --quota "<<quota>>" --mode encrypt --add-user-information --master-password "<<master_password>>" --create-meta-data
```

View File

@ -1,7 +1,6 @@
import json
import os
from pathlib import Path
import shlex
class AutomaticIdentificationImpossibleException(Exception):
pass
@ -36,18 +35,12 @@ class Decryption():
self.initializeNeededDecryptersAmount()
self.initializeValidDecrypterIds()
def getEscapedMasterPassword(self):
return shlex.quote(self.master_password)
def initializeGroupDataEncryption(self):
self.group_name = self.getDecryptersGroupName()
self.encrypted_group_file_path = self.paths.getGroupFilePath(self.group_name, self.paths.TYPE_DECRYPTED)
self.decryptGroupFile()
self.master_password = self.loadTxtFile(self.encrypted_group_file_path).strip()
def getMasterPassword(self):
return self.master_password
def initializeNeededDecryptersAmount(self):
self.needed_decrypters_amount = len(str(list(self.user_data['groups'].keys())[0]))
@ -77,6 +70,9 @@ class Decryption():
shared_password += str(self.password_parts[password_share_index])
return shared_password
def getMasterPassword(self):
return self.master_password
def addDecrypterId(self,decrypter_id):
decrypter_id = int(decrypter_id)
if decrypter_id not in self.valid_decrypter_ids:
@ -118,7 +114,7 @@ class Decryption():
return data
def decryptFile(self,password,input_file_path,output_file_path):
self.cli.executeCommand('gpg --batch --passphrase '+ shlex.quote(password) + ' -o "' + output_file_path +'" "'+ input_file_path+'"')
self.cli.executeCommand('gpg --batch --passphrase "'+ password + '" -o "' + output_file_path +'" "'+ input_file_path+'"')
def decryptUserFile(self):
input_file_path = self.paths.getUserFilePath(self.user_id,self.paths.TYPE_ENCRYPTED)
@ -134,4 +130,4 @@ class Decryption():
self.decryptFile(self.user_password, input_file_path, output_file_path)
def decryptMainData(self):
self.cli.executeCommand('gpg --batch --passphrase ' + shlex.quote(self.getMasterPassword()) + ' -d "' + self.paths.getEncryptedMainDataFile() + '" | tar --one-top-level="' + self.paths.getDecryptedMainDataStandartFolder() + '" -xvzf -')
self.cli.executeCommand('gpg --batch --passphrase "' + self.getMasterPassword() + '" -d "' + self.paths.getEncryptedMainDataFile() + '" | tar --one-top-level="' + self.paths.getDecryptedMainDataStandartFolder() + '" -xvzf -')

View File

@ -5,7 +5,6 @@ import numpy
import re
import json
from .Paths import Paths
import shlex
class Encryption():
@ -105,7 +104,7 @@ class Encryption():
index += 1
def encryptStringToFile(self,text,output_file,password):
self.cli.executeCommand('echo ' + shlex.quote(text) + ' | gpg --symmetric --armor --batch --passphrase ' + shlex.quote(password) + ' -o "' + output_file + '"')
self.cli.executeCommand('echo \'' + text + '\' | gpg --symmetric --armor --batch --passphrase "' + password + '" -o "' + output_file + '"')
def encryptGroupFiles(self):
for password_group_index_int in self.group_mapped_data:
@ -126,7 +125,7 @@ class Encryption():
See: https://stackoverflow.com/questions/30650841/why-am-i-getting-errno-7-argument-list-too-long-and-oserror-errno-24-too-ma
'''
def encryptFileToFile(self,input_file,output_file,password):
self.cli.executeCommand('cat \'' + input_file + '\' | gpg --symmetric --armor --batch --passphrase ' + shlex.quote(password) + ' -o "' + output_file + '"')
self.cli.executeCommand('cat \'' + input_file + '\' | gpg --symmetric --armor --batch --passphrase "' + password + '" -o "' + output_file + '"')
def deleteDecryptedAccumulatedFile(self):
self.cli.executeCommand('rm ' + self.paths.getAccumulatedFilePath(Paths.TYPE_DECRYPTED))
@ -145,7 +144,7 @@ class Encryption():
self.deleteDecryptedAccumulatedFile()
def encryptMainData(self,input_directory):
self.cli.executeCommand('tar -C"' + input_directory + '" -cvzf - ./ | gpg -c --batch --passphrase ' + shlex.quote(self.master_password) + ' > "' + self.paths.getEncryptedMainDataFile() + '"')
self.cli.executeCommand('tar -C"' + input_directory + '" -cvzf - ./ | gpg -c --batch --passphrase "' + self.master_password +'" > "' + self.paths.getEncryptedMainDataFile() + '"')
def encryptMetaData(self):
self.encryptUserFile()

View File

@ -40,13 +40,11 @@ try:
parser.add_argument('--user',type=int, dest='user',choices=Encryption.getSecretHoldersRange(),required=False)
parser.add_argument('--add-user-information',type=bool, dest='add_user_information', default=False, required=False, action=argparse.BooleanOptionalAction, help="Add additional information to users.")
parser.add_argument('--input-directory',type=str,dest='input_directory',required=False, help="The directory from which the data should be encrypted.")
parser.add_argument('--meta-data',type=bool, dest='meta_data', default=False, required=False, action=argparse.BooleanOptionalAction, help="When mode is encrypt and this flag is set, the encrypted meta data is created. When mode is decrypt and this flag is set the accumulated file will be decrypted.")
parser.add_argument('--create-meta-data',type=bool, dest='create_meta_data', default=False, required=False, action=argparse.BooleanOptionalAction, help="When mode is encrypt and this flag is set, the encrypted meta data is created.")
args = parser.parse_args()
print("Application started.")
print("To leave the appplication use the key kombination: <<Ctr>> + <<Alt>> + <<C>>")
print("Cleaning up all decrypted files.")
cleanup.cleanupFiles(Paths.TYPE_DECRYPTED)
print("Selected Mode: " + args.mode)
if args.mode == 'cleanup':
@ -65,17 +63,7 @@ try:
if args.mode == 'decrypt':
decrypt = Decryption(cli,paths)
if args.meta_data is True:
if args.master_password is None:
print("Enter the master password:")
master_password = getpass()
else:
master_password = args.master_password
decrypt = Decryption(cli,paths)
print("Decrypting accumulated data.")
decrypt.setUserPassword(master_password)
decrypt.decryptAccumulatedFile()
dirty_exit()
if args.user is None:
try:
print("Attempt to identify user.")
@ -151,6 +139,10 @@ try:
decrypt.decryptMainData()
print("The data was decrypted to: " + paths.getDecryptedMainDataStandartFolder())
dirty_exit()
print("Decrypting accumulated data.")
decrypt.setUserPassword(args.master_password)
decrypt.decryptAccumulatedFile()
dirty_exit()
if args.mode == 'encrypt':
if args.master_password is None:
@ -165,7 +157,7 @@ try:
print("Enter attribut <<" + label + ">> for user <<" + user_id+ ">>:" )
encrypt.addInformationToUser(user_id, label, str(input()))
encrypt.compileData()
if args.meta_data is True:
if args.create_meta_data is True:
print("Create and encrypt meta data.")
encrypt.encryptMetaData()
if args.input_directory is not None: