split-secret/scripts/classes/Encryption.py

import random
import string
import math
import numpy
import re
import json
from .Paths import Paths
import shlex

class Encryption():
    
    USER_PASSWORD_LENGTHS = 64
    OVERALL_PASSWORD_LENGTHS = 128
    
    # At the moment the programm can only deal with one digit numbers. 
    MAXIMUM_SECRET_HOLDERS = 9
    MINIMUM_SECRET_HOLDERS = 2
    
    def __init__(self, cli, paths, amount_of_secret_holders, decryption_quota,master_password):
        self.amount_of_secret_holders = amount_of_secret_holders
        self.decryption_quota = decryption_quota
        self.master_password = master_password
        self.quota_factor=self.decryption_quota/100
        self.group_members_amount=math.ceil(self.amount_of_secret_holders * self.quota_factor)
        self.initializeUserData()
        self.initializeGroupData()
        self.cli = cli
        self.paths = paths
    
    def initializeUserData(self):
        self.user_mapped_data = {}
        user_count = 1
        while user_count <= self.amount_of_secret_holders:
            self.user_mapped_data[str(user_count)] = {"groups":{},"user_password":self.createPassword(self.USER_PASSWORD_LENGTHS),"about":{}}
            user_count += 1;
    
    def initializeGroupData(self):
        self.group_mapped_data = {} 

    def addInformationToUser(self,user_id,label,content):
        self.user_mapped_data[user_id]['about'][label] = content;

    def getCoSecretHoldersRange():
        return range(Encryption.MINIMUM_SECRET_HOLDERS,(Encryption.MAXIMUM_SECRET_HOLDERS+1))

    def getSecretHoldersRange():
        return range(1,(Encryption.MAXIMUM_SECRET_HOLDERS+1))
            
    def getStartnumber(self):
        index = 0
        start_number = ''
        while index < self.group_members_amount:
            start_number += '1'
            index += 1
        return int(start_number)

    def getEndnumber(self):
        index = 0
        start_number = ''
        while index < self.group_members_amount:
            start_number += str(self.amount_of_secret_holders)
            index += 1
        return int(start_number)
    
    def createPassword(self,length):
        characters = string.ascii_letters + string.digits
        return (''.join(random.choice(characters) for i in range(length)).upper())
    
    def isGroupValid(self,password_group_name):
        secret_stakeholders_range=range(1,(self.amount_of_secret_holders+1))
        valid_numbers = re.compile("([" + ','.join([str(x) for x in secret_stakeholders_range]) + "]{" + str(self.group_members_amount) + "})")
        unvalid_sequenz = re.compile("(.)\\1+")
        return re.search(valid_numbers, password_group_name) and not re.search(unvalid_sequenz, password_group_name)
    
    def compileContacts(self):
        contacts = {}
        for user_id in self.user_mapped_data:
            contacts[user_id] = self.user_mapped_data[user_id]['about']
        for user_id in self.user_mapped_data:
            self.user_mapped_data[user_id]['contacts'] = {}
            for contact_id in contacts:
                if contact_id != user_id:
                    self.user_mapped_data[user_id]['contacts'][contact_id] = contacts[contact_id]
        
    def compileData(self):
        self.compileContacts()
        index = self.getStartnumber()
        while index <= self.getEndnumber():
            password_group_name = ''.join(sorted(str(index)))
            if self.isGroupValid(password_group_name):
                password_group_index_int = int(password_group_name)
                if not password_group_index_int in self.group_mapped_data:
                    self.group_mapped_data[password_group_index_int] = {}
                    self.group_mapped_data[password_group_index_int]['members'] = {}
                    self.group_mapped_data[password_group_index_int]['password'] = '' 
                    password = ''
                    for secret_holder_index in password_group_name:
                        self.group_mapped_data[password_group_index_int]['members'][secret_holder_index]={}
                        particial_password_length= int(self.OVERALL_PASSWORD_LENGTHS*self.quota_factor); 
                        password_part = self.createPassword(particial_password_length)
                        self.group_mapped_data[password_group_index_int]['members'][secret_holder_index] = password_part
                        password += password_part
                        self.user_mapped_data[secret_holder_index]['groups'][password_group_name] = password_part
                    self.group_mapped_data[password_group_index_int]['password'] += password
            index += 1
            
    def encryptStringToFile(self,text,output_file,password):
        self.cli.executeCommand('echo ' + shlex.quote(text) + ' | gpg --symmetric --armor --batch --passphrase ' + shlex.quote(password) + ' -o "' + output_file + '"')
    
    def encryptGroupFiles(self):
        for password_group_index_int in self.group_mapped_data:
            encrypted_group_password_file_path = self.paths.getGroupFilePath(password_group_index_int,Paths.TYPE_ENCRYPTED)
            self.encryptStringToFile(self.master_password,encrypted_group_password_file_path,self.group_mapped_data[password_group_index_int]['password'])
    
    def encryptToJsonFile(self,data,file_path,password):
        self.encryptStringToFile(json.dumps(data,ensure_ascii=False), file_path, password)
        
    def encryptUserFile(self):
        for user_id in self.user_mapped_data:
            file_path=self.paths.getUserFilePath(user_id,Paths.TYPE_ENCRYPTED)
            data=self.user_mapped_data[user_id]
            password=self.user_mapped_data[user_id]['user_password']
            self.encryptToJsonFile(data,file_path,password)
    '''
    This saving as decrypted file is necessary due to the reason that the shell can't deal with unlimited string length.
    See: https://stackoverflow.com/questions/30650841/why-am-i-getting-errno-7-argument-list-too-long-and-oserror-errno-24-too-ma
    '''
    def encryptFileToFile(self,input_file,output_file,password):
        self.cli.executeCommand('cat \'' + input_file + '\' | gpg --symmetric --armor --batch --passphrase ' + shlex.quote(password) + ' -o "' + output_file + '"')
    
    def deleteDecryptedAccumulatedFile(self):
        self.cli.executeCommand('rm ' + self.paths.getAccumulatedFilePath(Paths.TYPE_DECRYPTED))
    
    def saveDecryptedAccumulatedFile(self):
        file_path=self.paths.getAccumulatedFilePath(Paths.TYPE_DECRYPTED)
        data={"user_mapped": self.user_mapped_data, "group_mapped": self.group_mapped_data}
        with open(file_path, 'w') as file:
            json.dump(data, file)
        
    def encryptAccumulatedFile(self):
        self.saveDecryptedAccumulatedFile()
        encrypted_file_path=self.paths.getAccumulatedFilePath(Paths.TYPE_ENCRYPTED)
        decrypted_file_path=self.paths.getAccumulatedFilePath(Paths.TYPE_DECRYPTED)
        self.encryptFileToFile(decrypted_file_path,encrypted_file_path,self.master_password)
        self.deleteDecryptedAccumulatedFile()
        
    def encryptMainData(self,input_directory):
        self.cli.executeCommand('tar -C"' + input_directory + '" -cvzf - ./ | gpg -c --batch --passphrase ' + shlex.quote(self.master_password) + ' > "' + self.paths.getEncryptedMainDataFile() + '"')
    
    def encryptMetaData(self):
        self.encryptUserFile()
        self.encryptGroupFiles()
        self.encryptAccumulatedFile()