imgupload-legacy/keygen.py

from cryptography.fernet import Fernet
from cryptography.fernet import InvalidToken
from pathlib import Path
import settings
import string
import secrets
import sys
import os


# Load secret
def load_secret():
    with open(settings.ENCKEY_PATH, "rb") as sf:
        secret = sf.read()
    return secret


# Encrypting and storing of key
def append_uploadkey(akey):
    with open('uploadkeys', 'a+') as uploadkeysf:
        print(str(akey), file=uploadkeysf)


def decrypt_uploadkeys():
    with open("uploadkeys", "rb") as uploadkeysf:
        uploadkeys_data = uploadkeysf.read()

    try:
        secret = load_secret()
        secretf = Fernet(secret)
        decrypted_data = secretf.decrypt(uploadkeys_data)  # decrypt data
        with open("uploadkeys", "wb") as ukf:
            ukf.write(decrypted_data)  # write the original file
        print("Done decrypting")  # debug
        return True
    except InvalidToken:
        print("InvalidToken")  # debug
        print("The encrypted key data is invalid and cannot be read.")
        print("It may be necessary to clear the file entirely, which will invalidate all tokens.")
        proceed = ask_yn("Do you wish to proceed to clearing the uploadkeys file? [y/n] ")

        if proceed:
            print("Proceed1")
            os.remove("uploadkeys")
            print("Removed uploadkeys file.")
            proceed2 = ask_yn("Would you like to continue and generate a new key? [y/n] ")
            if not proceed2:
                print("not proceed2")
                return False
            else:
                print("proceed2")
                return True
        else:
            print("not Proceed1")
            return False


def encrypt_uploadkeys():
    with open("uploadkeys", "rb") as uploadkeysf:
        uploadkeys_data = uploadkeysf.read()

    secret = load_secret()
    secretf = Fernet(secret)
    encrypted_data = secretf.encrypt(uploadkeys_data)

    with open("uploadkeys", "wb") as uploadkeysf:
        uploadkeysf.write(encrypted_data)


def ask_yn(msg):
    resps = {"y": True, "n": False}
    ask = True
    while ask:
        proceedraw = input(msg)
        if proceedraw.lower() in resps.keys():
            proceed = resps[proceedraw]
            ask = False
        else:
            print("Invalid response.")
    return proceed


# Check if encryption secret already exists
if Path(settings.ENCKEY_PATH).is_file():
    print("Encryption secret found.")
else:
    print("Encryption secret not found.")
    print("Generating secret...")
    newsecret = Fernet.generate_key()
    with open(settings.ENCKEY_PATH, "wb") as secret_file:
        secret_file.write(newsecret)
    print("Encryption secret generated and stored in {0}".format(settings.ENCKEY_PATH))


if __name__ == "__main__":
    start = ask_yn("Have you run this program as the correct user (for example, nginx uses www-data)? [y/n] ")
    if not start:
        print("Please run this as the correct user with: sudo su [user] -s /bin/sh -c 'python3 keygen.py'")

    else:
        # Decrypt the existing keyfile
        secret = load_secret()
        keyf = Fernet(secret)

        genkey = True
        uploadkeysp = Path("uploadkeys")
        if not uploadkeysp.is_file():
            uploadkeysp.touch()
        else:
            with open("uploadkeys", "rb") as ukf:
                # read the encrypted data
                encrypted_data = ukf.read()


        if genkey:
            if decrypt_uploadkeys():  # Decrypt the file
                N = 64  # Size of key
                key = ''.join(secrets.choice(string.ascii_letters + string.digits) for i in range(N))
                print("Your new key is: " + str(key))  # Print key
                append_uploadkey(key)  # Save the new key to file unencrypted
                encrypt_uploadkeys()  # Encrypt the uploadkeys file
            else:
                print("Exiting.")
added encryption to uploadkeys and added a key generator 2020-08-31 19:12:39 -05:00			`from cryptography.fernet import Fernet`
Bugfixes in keygen.py - Handle if uploadkeys becomes corrupted - Disambiguate variable names - Handle case where the uploadkeys file doesn't already exist 2020-08-31 20:32:00 -05:00			`from cryptography.fernet import InvalidToken`
added encryption to uploadkeys and added a key generator 2020-08-31 19:12:39 -05:00			`from pathlib import Path`
			`import settings`
			`import string`
			`import secrets`
			`import sys`
			`import os`

Bugfixes in keygen.py - Handle if uploadkeys becomes corrupted - Disambiguate variable names - Handle case where the uploadkeys file doesn't already exist 2020-08-31 20:32:00 -05:00
Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`# Load secret`
			`def load_secret():`
			`with open(settings.ENCKEY_PATH, "rb") as sf:`
			`secret = sf.read()`
			`return secret`
added encryption to uploadkeys and added a key generator 2020-08-31 19:12:39 -05:00

			`# Encrypting and storing of key`
Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`def append_uploadkey(akey):`
			`with open('uploadkeys', 'a+') as uploadkeysf:`
			`print(str(akey), file=uploadkeysf)`


			`def decrypt_uploadkeys():`
			`with open("uploadkeys", "rb") as uploadkeysf:`
			`uploadkeys_data = uploadkeysf.read()`

			`try:`
			`secret = load_secret()`
			`secretf = Fernet(secret)`
			`decrypted_data = secretf.decrypt(uploadkeys_data) # decrypt data`
			`with open("uploadkeys", "wb") as ukf:`
			`ukf.write(decrypted_data) # write the original file`
			`print("Done decrypting") # debug`
			`return True`
			`except InvalidToken:`
			`print("InvalidToken") # debug`
			`print("The encrypted key data is invalid and cannot be read.")`
			`print("It may be necessary to clear the file entirely, which will invalidate all tokens.")`
			`proceed = ask_yn("Do you wish to proceed to clearing the uploadkeys file? [y/n] ")`

			`if proceed:`
			`print("Proceed1")`
			`os.remove("uploadkeys")`
			`print("Removed uploadkeys file.")`
			`proceed2 = ask_yn("Would you like to continue and generate a new key? [y/n] ")`
			`if not proceed2:`
			`print("not proceed2")`
			`return False`
			`else:`
			`print("proceed2")`
			`return True`
			`else:`
			`print("not Proceed1")`
			`return False`
added encryption to uploadkeys and added a key generator 2020-08-31 19:12:39 -05:00

Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`def encrypt_uploadkeys():`
			`with open("uploadkeys", "rb") as uploadkeysf:`
			`uploadkeys_data = uploadkeysf.read()`
added encryption to uploadkeys and added a key generator 2020-08-31 19:12:39 -05:00
Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`secret = load_secret()`
			`secretf = Fernet(secret)`
			`encrypted_data = secretf.encrypt(uploadkeys_data)`
added encryption to uploadkeys and added a key generator 2020-08-31 19:12:39 -05:00
Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`with open("uploadkeys", "wb") as uploadkeysf:`
			`uploadkeysf.write(encrypted_data)`
added encryption to uploadkeys and added a key generator 2020-08-31 19:12:39 -05:00
Bugfixes in keygen.py - Handle if uploadkeys becomes corrupted - Disambiguate variable names - Handle case where the uploadkeys file doesn't already exist 2020-08-31 20:32:00 -05:00
			`def ask_yn(msg):`
			`resps = {"y": True, "n": False}`
			`ask = True`
			`while ask:`
			`proceedraw = input(msg)`
			`if proceedraw.lower() in resps.keys():`
			`proceed = resps[proceedraw]`
			`ask = False`
			`else:`
			`print("Invalid response.")`
			`return proceed`


Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`# Check if encryption secret already exists`
			`if Path(settings.ENCKEY_PATH).is_file():`
			`print("Encryption secret found.")`
Change keygen.py to not require root keygen.py now recommends that you run it as the user you want to have ownership of secret.key and uploadkeys (such as www-data for nginx). Then, if uploadkeys or secret.key don't exist, they will be created with the correct ownership. 2020-09-02 14:26:57 -05:00			`else:`
Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`print("Encryption secret not found.")`
			`print("Generating secret...")`
			`newsecret = Fernet.generate_key()`
			`with open(settings.ENCKEY_PATH, "wb") as secret_file:`
			`secret_file.write(newsecret)`
			`print("Encryption secret generated and stored in {0}".format(settings.ENCKEY_PATH))`
Bugfixes in keygen.py - Handle if uploadkeys becomes corrupted - Disambiguate variable names - Handle case where the uploadkeys file doesn't already exist 2020-08-31 20:32:00 -05:00
Change keygen.py to not require root keygen.py now recommends that you run it as the user you want to have ownership of secret.key and uploadkeys (such as www-data for nginx). Then, if uploadkeys or secret.key don't exist, they will be created with the correct ownership. 2020-09-02 14:26:57 -05:00
Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`if __name__ == "__main__":`
			`start = ask_yn("Have you run this program as the correct user (for example, nginx uses www-data)? [y/n] ")`
			`if not start:`
			`print("Please run this as the correct user with: sudo su [user] -s /bin/sh -c 'python3 keygen.py'")`
Change keygen.py to not require root keygen.py now recommends that you run it as the user you want to have ownership of secret.key and uploadkeys (such as www-data for nginx). Then, if uploadkeys or secret.key don't exist, they will be created with the correct ownership. 2020-09-02 14:26:57 -05:00
			`else:`
Clean up and reorganize keygen.py This makes it easier to add new features - Clearer variable names - Split up large functions into smaller ones for each action - Help make it easier to add new features 2020-09-03 20:20:22 -05:00			`# Decrypt the existing keyfile`
			`secret = load_secret()`
			`keyf = Fernet(secret)`

			`genkey = True`
			`uploadkeysp = Path("uploadkeys")`
			`if not uploadkeysp.is_file():`
			`uploadkeysp.touch()`
			`else:`
			`with open("uploadkeys", "rb") as ukf:`
			`# read the encrypted data`
			`encrypted_data = ukf.read()`


			`if genkey:`
			`if decrypt_uploadkeys(): # Decrypt the file`
			`N = 64 # Size of key`
			`key = ''.join(secrets.choice(string.ascii_letters + string.digits) for i in range(N))`
			`print("Your new key is: " + str(key)) # Print key`
			`append_uploadkey(key) # Save the new key to file unencrypted`
			`encrypt_uploadkeys() # Encrypt the uploadkeys file`
			`else:`
			`print("Exiting.")`