punix/Wire-Py
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 7 Wiki Activity

ssl encrypt and decrypt works now

Browse Source
This commit is contained in:
Désiré Werner Menrath 2025-03-19 21:24:33 +01:00
parent 1667682c9d
commit 13832d916f
9 changed files with 176 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Wire-Py.desktop Executable file → Normal file
View File

@ -4,4 +4,4 @@ Name=Wire-Py
Exec=/usr/local/bin/wg_main.py Exec=/usr/local/bin/wg_main.py
Terminal=false Terminal=false
Categories=Network; Categories=Network;
Icon=/usr/share/icons/wp-icons/128/wg_vpn.png Icon=/usr/share/icons/wp-icons/128/wg_vpn.png

BIN
__pycache__/cls_mth_fc.cpython-312.pyc
View File

Binary file not shown.

BIN
__pycache__/wg_main.cpython-312.pyc
View File

Binary file not shown.

115
cls_mth_fc.py
View File

@ -4,8 +4,8 @@ import gettext
import locale import locale
import os import os
import shutil import shutil
import subprocess
from subprocess import check_call from subprocess import check_call
import subprocess
import tkinter as tk import tkinter as tk
import zipfile import zipfile
from datetime import datetime from datetime import datetime
@ -13,6 +13,7 @@ from pathlib import Path
from tkinter import ttk from tkinter import ttk
import requests import requests
APP = 'wirepy' APP = 'wirepy'
LOCALE_DIR = "/usr/share/locale/" LOCALE_DIR = "/usr/share/locale/"
locale.bindtextdomain(APP, LOCALE_DIR) locale.bindtextdomain(APP, LOCALE_DIR)
@ -20,41 +21,98 @@ gettext.bindtextdomain(APP, LOCALE_DIR)
gettext.textdomain(APP) gettext.textdomain(APP)
_ = gettext.gettext _ = gettext.gettext
wg_set = Path(Path.home() / '.config/wire_py/settings') wg_set = Path(Path.home() / '.config/wire_py/settings')
def dirs_and_files(): class Create():
"""
This class is for the creation of the folders and files
required by Wire-Py, as well as for decryption
the tunnel from the user's home directory
"""
pth = Path.home() / '.config/wire_py' @staticmethod
pth.mkdir(parents=True, exist_ok=True) def dir_and_files():
sett = Path.home() / '.config/wire_py/settings'
ks = Path.home() / '.config/wire_py/keys'
if sett.exists(): pth = Path.home() / '.config/wire_py'
pass pth.mkdir(parents=True, exist_ok=True)
sett = Path.home() / '.config/wire_py/settings'
ks = Path.home() / '.config/wire_py/keys'
else: if sett.exists():
sett.touch() pass
sett.write_text('[UPDATES]\non\n[THEME]\nlight\n[TOOLTIP]\nTrue\n[AUTOSTART ON]\noff\n')
if ks.exists(): else:
pass sett.touch()
sett.write_text('[UPDATES]\non\n[THEME]\nlight\n[TOOLTIP]\nTrue\n[AUTOSTART ON]\noff\n')
else: if ks.exists():
ks.touch() pass
def files_for_autostart(): else:
ks.touch()
pth2 = Path.home() / '.config/systemd/user' @staticmethod
pth2.mkdir(parents=True, exist_ok=True) def files_for_autostart():
wg_ser = Path.home() / '.config/systemd/user/wg_start.service'
if wg_ser.exists(): pth2 = Path.home() / '.config/systemd/user'
pass pth2.mkdir(parents=True, exist_ok=True)
wg_ser = Path.home() / '.config/systemd/user/wg_start.service'
if wg_ser.exists():
pass
else:
wg_ser.touch()
wg_ser.write_text('[Unit]\nDescription=Automatic Tunnel Start\nAfter=network-online.target'
'\n\n[Service]\nType=oneshot\nExecStartPre=/bin/sleep 5\nExecStart=/usr/'
'local/bin/start_wg.py\n[Install]\nWantedBy=default.target')
check_call(['systemctl', '--user', 'enable', 'wg_start.service'])
@staticmethod
def make_dir():
''' Dirname "tlecdewg" = Tunnel Encrypt Decrypt Wireguard '''
dirname = Path('/tmp/tlecdcwg/')
if dirname.exists():
pass
else:
dirname.mkdir()
@staticmethod
def decrypt():
process = subprocess.run(['pkexec', '/usr/local/bin/ssl_decrypt.py'], stdout=subprocess.PIPE, text=True)
#print(process.stdout)
if process.returncode == 0:
print('File successfully decrypted...')
else:
print(f'Error with the following code... {process.returncode}')
@staticmethod
def encrypt():
process = subprocess.run(['pkexec', '/usr/local/bin/ssl_encrypt.py'], stdout=subprocess.PIPE, text=True)
print(process.stdout)
if process.returncode == 0:
print('All Files successfully encrypted...')
else:
print(f'Error with the following code... {process.returncode}')
class UOS:
"""
The class is only for unixoidal systems "UOS" = UnixOS
"""
"""
This method displays the user name of the logged-in user,
even if you are rooted in a shell
"""
@staticmethod
def username():
logname = str(Path.home())[6:]
file = Path.home() / '/tmp/.loguser'
with open(file, "w") as f:
f.write(logname)
else:
wg_ser.touch()
wg_ser.write_text('[Unit]\nDescription=Automatic Tunnel Start\nAfter=network-online.target\n\n[Service]\nType=oneshot\nExecStartPre=/bin/sleep 5\nExecStart=/usr/local/bin/start_wg.py\n[Install]\nWantedBy=default.target')
check_call(['systemctl', '--user', 'enable', 'wg_start.service'])
class GiteaUpdate: class GiteaUpdate:
@ -229,11 +287,13 @@ class Tunnel:
""" """
@staticmethod @staticmethod
def list(): def list():
dirname = '/tmp/tlecdcwg/'
dirname = Path('/tmp/tlecdcwg/')
wg_s = os.listdir(dirname) wg_s = os.listdir(dirname)
return wg_s return wg_s
""" """
This will export the tunnels. This will export the tunnels.
A zipfile with current date and time is created A zipfile with current date and time is created
@ -298,3 +358,4 @@ class Tipi:
return False return False
else: else:
return True return True

8
install
View File

@ -9,13 +9,13 @@ install_file_with(){
mkdir -p ~/.config/wire_py && touch ~/.config/wire_py/keys && cp -u settings ~/.config/wire_py/ && \ mkdir -p ~/.config/wire_py && touch ~/.config/wire_py/keys && cp -u settings ~/.config/wire_py/ && \
mkdir -p ~/.config/systemd/user && cp -u wg_start.service ~/.config/systemd/user/ && \ mkdir -p ~/.config/systemd/user && cp -u wg_start.service ~/.config/systemd/user/ && \
systemctl --user enable wg_start.service systemctl --user enable wg_start.service
sudo cp -u org.sslcrypt.policy /usr/share/polkit-1/actions/ && \ sudo cp -f org.sslcrypt.policy /usr/share/polkit-1/actions/ && \
sudo apt install python3-tk && \ sudo apt install python3-tk && \
sudo cp -u wg_main.py start_wg.py cls_mth_fc.py ssl_encrypt.py ssl_decrypt.py /usr/local/bin/ && \ sudo cp -fv wg_main.py start_wg.py cls_mth_fc.py ssl_encrypt.py ssl_decrypt.py /usr/local/bin/ && \
sudo cp -uR wp-icons lx-icons /usr/share/icons/ && sudo cp -uR TK-Themes /usr/share/ && \ sudo cp -uR wp-icons lx-icons /usr/share/icons/ && sudo cp -uR TK-Themes /usr/share/ && \
sudo cp -u languages/de/*.mo /usr/share/locale/de/LC_MESSAGES/ && \ sudo cp -u languages/de/*.mo /usr/share/locale/de/LC_MESSAGES/ && \
sudo ln -sf /usr/local/bin/wg_main.py /usr/local/bin/wirepy && \ sudo ln -sf /usr/local/bin/wg_main.py /usr/local/bin/wirepy && \
sudo cp -u Wire-Py.desktop /usr/share/applications/ sudo cp -f Wire-Py.desktop /usr/share/applications/
} }
install_arch_d(){ install_arch_d(){
@ -128,7 +128,7 @@ else
clear clear
exit 0 exit 0
fi fi
clear #clear
read -n 1 -s -r -p $"To close the Window press a button" read -n 1 -s -r -p $"To close the Window press a button"
clear clear

2
org.sslcrypt.policy
View File

@ -33,8 +33,10 @@ License along with this library. If not, see
<action id="org.ssl_decrypt"> <action id="org.ssl_decrypt">
<defaults> <defaults>
<allow_any>auth_admin_keep</allow_any> <allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive>
<allow_active>yes</allow_active> <allow_active>yes</allow_active>
</defaults> </defaults>
<annotate key="org.freedesktop.policykit.exec.path">/usr/local/bin/ssl_decrypt.py</annotate> <annotate key="org.freedesktop.policykit.exec.path">/usr/local/bin/ssl_decrypt.py</annotate>
</action> </action>
</policyconfig> </policyconfig>

24
ssl_decrypt.py
View File

@ -3,23 +3,18 @@
import os import os
from subprocess import check_call from subprocess import check_call
import shutil
from pathlib import Path from pathlib import Path
import shutil
uname = Path('/tmp/.loguser')
with open(uname, 'r') as f:
logname = f.readline()
''' Dirname "tlecdewg" = Tunnel Encrypt Decrypt Wireguard ''' ''' Dirname "tlecdewg" = Tunnel Encrypt Decrypt Wireguard '''
dirname = Path('/tmp/tlecdcwg/') dirname = Path('/tmp/tlecdcwg/')
keyfile = '/usr/local/etc/ssl/pwgk.pem' keyfile = '/usr/local/etc/ssl/pwgk.pem'
logname = os.getlogin()
''' Remove the folder when it is there ''' dirname2 = ('/home/' + logname + '/.config/wire_py/')
if os.path.exists(str(dirname)):
shutil.rmtree(str(dirname))
os.mkdir(dirname)
shutil.chown(dirname, 1000, 1000)
tl = os.listdir(str(dirname))
dirname2 = '/home/' + logname + '/.config/wire_py/'
detl = os.listdir(dirname2) detl = os.listdir(dirname2)
os.chdir(dirname2) os.chdir(dirname2)
detl.remove('keys') detl.remove('keys')
@ -30,9 +25,4 @@ if os.path.exists(dirname2 + 'pbwgk.pem'):
tlname2 = detunnels[:-4] + '.conf' tlname2 = detunnels[:-4] + '.conf'
extpath = str(dirname) + '/' + tlname2 extpath = str(dirname) + '/' + tlname2
check_call(['openssl', 'pkeyutl', '-decrypt', '-inkey', keyfile, '-in', detunnels, '-out', extpath]) check_call(['openssl', 'pkeyutl', '-decrypt', '-inkey', keyfile, '-in', detunnels, '-out', extpath])
shutil.chown(extpath, 1000, 1000)
def create_pub_key():
pth_with_keyname = '/home/' + logname + '/.config/wire_py/pbwgk.pem'
check_call(['openssl', 'rsa', '-in', keyfile, '-out', pth_with_keyname, '-outform', 'PEM', '-pubout'])
shutil.chown(pth_with_keyname, 1000, 1000)

38
ssl_encrypt.py
View File

@ -5,35 +5,45 @@ import os
from subprocess import check_call from subprocess import check_call
from pathlib import Path from pathlib import Path
import shutil import shutil
from ssl_decrypt import create_pub_key
logname = os.getlogin() uname = Path('/tmp/.loguser')
keyfile = Path('/home/', logname) / '.config/wire_py/pbwgk.pem'
with open(uname, 'r') as f:
logname = f.readline()
keyfile = Path(f'/home/{logname}/.config/wire_py/pbwgk.pem')
dirname = Path('/tmp/tlecdcwg/') dirname = Path('/tmp/tlecdcwg/')
pkeyfile = '/usr/local/etc/ssl/pwgk.pem'
if not keyfile.is_file(): if not keyfile.is_file():
create_pub_key()
else: check_call(['openssl', 'rsa', '-in', pkeyfile, '-out', keyfile, '-outform', 'PEM', '-pubout'])
shutil.chown(keyfile, 1000, 1000)
if dirname.exists(): if dirname.exists():
tl = os.listdir(dirname) tl = os.listdir(str(dirname))
print(tl) cpth = str(keyfile)
cryptfiles = cpth[:-9]
if keyfile.exists() and len(tl) != 0:
for tunnels in tl:
sourcetl = str(dirname) + '/' + tunnels
tlname = cryptfiles + tunnels[:-5] + '.dat'
check_call(['openssl', 'pkeyutl', '-encrypt', '-inkey', keyfile, '-pubin', '-in', sourcetl, '-out', tlname])
else:
if dirname.exists():
tl = os.listdir(str(dirname))
cpth = str(keyfile) cpth = str(keyfile)
cryptfiles = cpth[:-9] cryptfiles = cpth[:-9]
if keyfile.exists() and len(tl) != 0: if keyfile.exists() and len(tl) != 0:
for tunnels in tl: for tunnels in tl:
sourcetl = str(dirname) + '/' + tunnels sourcetl = str(dirname) + '/' + tunnels
print(source)
tlname = cryptfiles + tunnels[:-5] + '.dat' tlname = cryptfiles + tunnels[:-5] + '.dat'
check_call(['openssl', 'pkeyutl', '-encrypt', '-inkey', keyfile, '-pubin', '-in', sourcetl, '-out', tlname]) check_call(['openssl', 'pkeyutl', '-encrypt', '-inkey', keyfile, '-pubin', '-in', sourcetl, '-out', tlname])
else:
print('im else block')
#shutil.rmtree(dirname)
else:
print('im letzen else block')

62
wg_main.py
View File

@ -4,19 +4,25 @@ import gettext
import locale import locale
import webbrowser import webbrowser
import os import os
import shutil import sys
import signal
import subprocess import subprocess
import shutil
import tkinter as tk import tkinter as tk
from pathlib import Path from pathlib import Path
from subprocess import check_call from subprocess import check_call
from tkinter import filedialog, ttk, TclError from tkinter import filedialog, ttk, TclError
from cls_mth_fc import (Tunnel, dirs_and_files, msg_window, Tipi, GiteaUpdate ,files_for_autostart) from cls_mth_fc import (Tunnel, Create, msg_window, Tipi, GiteaUpdate, UOS)
check_call(['pkexec', '/usr/local/bin/ssl_decrypt.py']) UOS.username()
Create.dir_and_files()
Create.make_dir()
Create.decrypt()
tcl_path = Path('/usr/share/TK-Themes') tcl_path = Path('/usr/share/TK-Themes')
wg_set = Path(Path.home() / '.config/wire_py/settings') wg_set = Path(Path.home() / '.config/wire_py/settings')
wg_tips = Tipi.if_tip(wg_set) wg_tips = Tipi.if_tip(wg_set)
dirname = Path('/tmp/tlecdcwg/')
''' 1 = 1. Year, 09 = Month of the Year, 2924 = Day and Year of the Year ''' ''' 1 = 1. Year, 09 = Month of the Year, 2924 = Day and Year of the Year '''
version = 'v. 2.03.0325' version = 'v. 2.03.0325'
@ -31,6 +37,31 @@ gettext.bindtextdomain(APP, LOCALE_DIR)
gettext.textdomain(APP) gettext.textdomain(APP)
_ = gettext.gettext _ = gettext.gettext
def signalHandler(signum, frame):
''' Determine clear text names for signal numbers '''
SIGNALS_TO_NAMES_DICT = dict((getattr(signal, n), n) \
for n in dir(signal) if n.startswith('SIG') and '_' not in n )
signame = SIGNALS_TO_NAMES_DICT.get(signum, "Unnamed signal: %d" % signum)
'''
End program for certain signals,
report to others only reception
'''
if signum in (signal.SIGINT, signal.SIGTERM):
exitCode = 1
print("\nSignal '%s' (%d) received. => Aborting with exit code %d." % (signame, signum, exitCode))
shutil.rmtree(dirname)
Path.unlink('/tmp/.loguser')
print('Breakdown by user...')
sys.exit(exitCode)
else:
print("Signal %d received and ignored." % signum)
shutil.rmtree(dirname)
Path.unlink('/tmp/.loguser')
print('Process unexpectedly ended...')
signal.signal(signal.SIGINT, signalHandler)
signal.signal(signal.SIGTERM, signalHandler)
signal.signal(signal.SIGHUP, signalHandler)
class MainWindow(tk.Tk): class MainWindow(tk.Tk):
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
@ -62,9 +93,9 @@ class MainWindow(tk.Tk):
''' Set it as the window icon ''' ''' Set it as the window icon '''
self.iconphoto(True, self.wg_icon) self.iconphoto(True, self.wg_icon)
FrameWidgets(self).grid() FrameWidgets(self).grid()
class FrameWidgets(ttk.Frame): class FrameWidgets(ttk.Frame):
def __init__(self, container, **kwargs): def __init__(self, container, **kwargs):
@ -334,7 +365,7 @@ class FrameWidgets(ttk.Frame):
''' Listbox with Scrollbar ''' ''' Listbox with Scrollbar '''
def enable_check_box(_): def enable_check_box(_):
files_for_autostart() Create.files_for_autostart()
if self.l_box.size() != 0: if self.l_box.size() != 0:
self.wg_autostart.configure(state='normal') self.wg_autostart.configure(state='normal')
self.lb_rename.config(state='normal') self.lb_rename.config(state='normal')
@ -351,6 +382,7 @@ class FrameWidgets(ttk.Frame):
self.l_box.configure(yscrollcommand=self.scrollbar.set) self.l_box.configure(yscrollcommand=self.scrollbar.set)
''' Tunnel List ''' ''' Tunnel List '''
self.tl = Tunnel.list() self.tl = Tunnel.list()
for tunnels in self.tl: for tunnels in self.tl:
self.l_box.insert("end", tunnels[:-5]) self.l_box.insert("end", tunnels[:-5])
@ -659,6 +691,8 @@ class FrameWidgets(ttk.Frame):
with open(wg_set, 'w') as theme_set5: with open(wg_set, 'w') as theme_set5:
theme_set5.writelines(lines5) theme_set5.writelines(lines5)
self.autoconnect_var.set(value=new_a_connect) self.autoconnect_var.set(value=new_a_connect)
Create.encrypt()
return select_tl return select_tl
@ -744,7 +778,7 @@ class FrameWidgets(ttk.Frame):
If in each case false comes out, a corresponding window comes to inform the user that something is wrong. If in each case false comes out, a corresponding window comes to inform the user that something is wrong.
""" """
dirs_and_files() Create.dir_and_files()
try: try:
filepath = filedialog.askopenfilename(initialdir=str(Path.home()), title=_('Select Wireguard config File'), filepath = filedialog.askopenfilename(initialdir=str(Path.home()), title=_('Select Wireguard config File'),
@ -787,6 +821,8 @@ class FrameWidgets(ttk.Frame):
subprocess.check_output(['nmcli', 'connection', 'import', 'type', subprocess.check_output(['nmcli', 'connection', 'import', 'type',
'wireguard', 'file', new_conf], text=True) 'wireguard', 'file', new_conf], text=True)
Create.encrypt()
else: else:
shutil.copy(filepath, '/tmp/tlecdcwg/') shutil.copy(filepath, '/tmp/tlecdcwg/')
if self.a != '': if self.a != '':
@ -796,6 +832,8 @@ class FrameWidgets(ttk.Frame):
subprocess.check_output(['nmcli', 'connection', 'import', 'type', subprocess.check_output(['nmcli', 'connection', 'import', 'type',
'wireguard', 'file', filepath], text=True) 'wireguard', 'file', filepath], text=True)
Create.encrypt()
self.StrVar.set('') self.StrVar.set('')
self.a = Tunnel.active() self.a = Tunnel.active()
self.l_box.insert(0, self.a) self.l_box.insert(0, self.a)
@ -882,9 +920,6 @@ class FrameWidgets(ttk.Frame):
self.show_data() self.show_data()
check_call(['nmcli', 'con', 'mod', self.a, 'connection.autoconnect', 'no']) check_call(['nmcli', 'con', 'mod', self.a, 'connection.autoconnect', 'no'])
Path.chmod(wg_read, 0o600) Path.chmod(wg_read, 0o600)
''' Here encrypt import files '''
check_call(['pkexec', '/usr/local/bin/ssl_encrypt.py'])
if 'PrivateKey = ' and 'Endpoint = ' not in read: if 'PrivateKey = ' and 'Endpoint = ' not in read:
"""img_w, img_i, w_title, w_txt hand over""" """img_w, img_i, w_title, w_txt hand over"""
@ -903,7 +938,7 @@ class FrameWidgets(ttk.Frame):
except subprocess.CalledProcessError: except subprocess.CalledProcessError:
print('Tunnel exist!') print('Tunnel exist!')
def box_set(self): def box_set(self):
""" """
This Method will display the autostart label which This Method will display the autostart label which
@ -1157,7 +1192,6 @@ class MyToolTip(tk.Toplevel):
self.destroy() self.destroy()
if __name__ == '__main__': if __name__ == '__main__':
window = MainWindow() window = MainWindow()
""" """
@ -1171,3 +1205,7 @@ if __name__ == '__main__':
window.tk.call('set', '::tk::dialog::file::showHiddenBtn', '0') window.tk.call('set', '::tk::dialog::file::showHiddenBtn', '0')
window.tk.call('set', '::tk::dialog::file::showHiddenVar', '0') window.tk.call('set', '::tk::dialog::file::showHiddenVar', '0')
window.mainloop() window.mainloop()
shutil.rmtree(dirname)
Path.unlink('/tmp/.loguser')
sys.exit(0)