punix/Wire-Py
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases 13 Wiki Activity

ssl encrypt and decrypt works now

Browse Source
This commit is contained in:
Désiré Werner Menrath
2025-03-19 21:24:33 +01:00
parent 1667682c9d
commit 13832d916f
9 changed files with 176 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
Wire-Py.desktop Executable file → Normal file
View File

BIN
__pycache__/cls_mth_fc.cpython-312.pyc
View File

Binary file not shown.

BIN
__pycache__/wg_main.cpython-312.pyc
View File

Binary file not shown.

71
cls_mth_fc.py
View File

@@ -4,8 +4,8 @@ import gettext
import locale
import os
import shutil
import subprocess
from subprocess import check_call
import subprocess
import tkinter as tk
import zipfile
from datetime import datetime
@@ -13,6 +13,7 @@ from pathlib import Path
from tkinter import ttk
import requests
APP = 'wirepy'
LOCALE_DIR = "/usr/share/locale/"
locale.bindtextdomain(APP, LOCALE_DIR)
@@ -22,7 +23,15 @@ _ = gettext.gettext
wg_set = Path(Path.home() / '.config/wire_py/settings')
def dirs_and_files():
class Create():
"""
This class is for the creation of the folders and files
required by Wire-Py, as well as for decryption
the tunnel from the user's home directory
"""
@staticmethod
def dir_and_files():
pth = Path.home() / '.config/wire_py'
pth.mkdir(parents=True, exist_ok=True)
@@ -42,7 +51,8 @@ def dirs_and_files():
else:
ks.touch()
def files_for_autostart():
@staticmethod
def files_for_autostart():
pth2 = Path.home() / '.config/systemd/user'
pth2.mkdir(parents=True, exist_ok=True)
@@ -53,9 +63,57 @@ def files_for_autostart():
else:
wg_ser.touch()
wg_ser.write_text('[Unit]\nDescription=Automatic Tunnel Start\nAfter=network-online.target\n\n[Service]\nType=oneshot\nExecStartPre=/bin/sleep 5\nExecStart=/usr/local/bin/start_wg.py\n[Install]\nWantedBy=default.target')
wg_ser.write_text('[Unit]\nDescription=Automatic Tunnel Start\nAfter=network-online.target'
'\n\n[Service]\nType=oneshot\nExecStartPre=/bin/sleep 5\nExecStart=/usr/'
'local/bin/start_wg.py\n[Install]\nWantedBy=default.target')
check_call(['systemctl', '--user', 'enable', 'wg_start.service'])
@staticmethod
def make_dir():
''' Dirname "tlecdewg" = Tunnel Encrypt Decrypt Wireguard '''
dirname = Path('/tmp/tlecdcwg/')
if dirname.exists():
pass
else:
dirname.mkdir()
@staticmethod
def decrypt():
process = subprocess.run(['pkexec', '/usr/local/bin/ssl_decrypt.py'], stdout=subprocess.PIPE, text=True)
#print(process.stdout)
if process.returncode == 0:
print('File successfully decrypted...')
else:
print(f'Error with the following code... {process.returncode}')
@staticmethod
def encrypt():
process = subprocess.run(['pkexec', '/usr/local/bin/ssl_encrypt.py'], stdout=subprocess.PIPE, text=True)
print(process.stdout)
if process.returncode == 0:
print('All Files successfully encrypted...')
else:
print(f'Error with the following code... {process.returncode}')
class UOS:
"""
The class is only for unixoidal systems "UOS" = UnixOS
"""
"""
This method displays the user name of the logged-in user,
even if you are rooted in a shell
"""
@staticmethod
def username():
logname = str(Path.home())[6:]
file = Path.home() / '/tmp/.loguser'
with open(file, "w") as f:
f.write(logname)
class GiteaUpdate:
"""
@@ -229,11 +287,13 @@ class Tunnel:
"""
@staticmethod
def list():
dirname = '/tmp/tlecdcwg/'
dirname = Path('/tmp/tlecdcwg/')
wg_s = os.listdir(dirname)
return wg_s
"""
This will export the tunnels.
A zipfile with current date and time is created
@@ -298,3 +358,4 @@ class Tipi:
return False
else:
return True

8
install
View File

@@ -9,13 +9,13 @@ install_file_with(){
mkdir -p ~/.config/wire_py && touch ~/.config/wire_py/keys && cp -u settings ~/.config/wire_py/ && \
mkdir -p ~/.config/systemd/user && cp -u wg_start.service ~/.config/systemd/user/ && \
systemctl --user enable wg_start.service
sudo cp -u org.sslcrypt.policy /usr/share/polkit-1/actions/ && \
sudo cp -f org.sslcrypt.policy /usr/share/polkit-1/actions/ && \
sudo apt install python3-tk && \
sudo cp -u wg_main.py start_wg.py cls_mth_fc.py ssl_encrypt.py ssl_decrypt.py /usr/local/bin/ && \
sudo cp -fv wg_main.py start_wg.py cls_mth_fc.py ssl_encrypt.py ssl_decrypt.py /usr/local/bin/ && \
sudo cp -uR wp-icons lx-icons /usr/share/icons/ && sudo cp -uR TK-Themes /usr/share/ && \
sudo cp -u languages/de/*.mo /usr/share/locale/de/LC_MESSAGES/ && \
sudo ln -sf /usr/local/bin/wg_main.py /usr/local/bin/wirepy && \
sudo cp -u Wire-Py.desktop /usr/share/applications/
sudo cp -f Wire-Py.desktop /usr/share/applications/
}
install_arch_d(){
@@ -128,7 +128,7 @@ else
clear
exit 0
fi
clear
#clear
read -n 1 -s -r -p $"To close the Window press a button"
clear

2
org.sslcrypt.policy
View File

@@ -33,8 +33,10 @@ License along with this library. If not, see
<action id="org.ssl_decrypt">
<defaults>
<allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.exec.path">/usr/local/bin/ssl_decrypt.py</annotate>
</action>
</policyconfig>

24
ssl_decrypt.py
View File

@@ -3,23 +3,18 @@
import os
from subprocess import check_call
import shutil
from pathlib import Path
import shutil
uname = Path('/tmp/.loguser')
with open(uname, 'r') as f:
logname = f.readline()
''' Dirname "tlecdewg" = Tunnel Encrypt Decrypt Wireguard '''
dirname = Path('/tmp/tlecdcwg/')
keyfile = '/usr/local/etc/ssl/pwgk.pem'
logname = os.getlogin()
''' Remove the folder when it is there '''
if os.path.exists(str(dirname)):
shutil.rmtree(str(dirname))
os.mkdir(dirname)
shutil.chown(dirname, 1000, 1000)
tl = os.listdir(str(dirname))
dirname2 = '/home/' + logname + '/.config/wire_py/'
dirname2 = ('/home/' + logname + '/.config/wire_py/')
detl = os.listdir(dirname2)
os.chdir(dirname2)
detl.remove('keys')
@@ -30,9 +25,4 @@ if os.path.exists(dirname2 + 'pbwgk.pem'):
tlname2 = detunnels[:-4] + '.conf'
extpath = str(dirname) + '/' + tlname2
check_call(['openssl', 'pkeyutl', '-decrypt', '-inkey', keyfile, '-in', detunnels, '-out', extpath])
def create_pub_key():
pth_with_keyname = '/home/' + logname + '/.config/wire_py/pbwgk.pem'
check_call(['openssl', 'rsa', '-in', keyfile, '-out', pth_with_keyname, '-outform', 'PEM', '-pubout'])
shutil.chown(pth_with_keyname, 1000, 1000)
shutil.chown(extpath, 1000, 1000)

36
ssl_encrypt.py
View File

@@ -5,35 +5,45 @@ import os
from subprocess import check_call
from pathlib import Path
import shutil
from ssl_decrypt import create_pub_key
logname = os.getlogin()
keyfile = Path('/home/', logname) / '.config/wire_py/pbwgk.pem'
uname = Path('/tmp/.loguser')
with open(uname, 'r') as f:
logname = f.readline()
keyfile = Path(f'/home/{logname}/.config/wire_py/pbwgk.pem')
dirname = Path('/tmp/tlecdcwg/')
pkeyfile = '/usr/local/etc/ssl/pwgk.pem'
if not keyfile.is_file():
create_pub_key()
else:
check_call(['openssl', 'rsa', '-in', pkeyfile, '-out', keyfile, '-outform', 'PEM', '-pubout'])
shutil.chown(keyfile, 1000, 1000)
if dirname.exists():
tl = os.listdir(dirname)
print(tl)
tl = os.listdir(str(dirname))
cpth = str(keyfile)
cryptfiles = cpth[:-9]
if keyfile.exists() and len(tl) != 0:
for tunnels in tl:
sourcetl = str(dirname) + '/' + tunnels
tlname = cryptfiles + tunnels[:-5] + '.dat'
check_call(['openssl', 'pkeyutl', '-encrypt', '-inkey', keyfile, '-pubin', '-in', sourcetl, '-out', tlname])
else:
if dirname.exists():
tl = os.listdir(str(dirname))
cpth = str(keyfile)
cryptfiles = cpth[:-9]
if keyfile.exists() and len(tl) != 0:
for tunnels in tl:
sourcetl = str(dirname) + '/' + tunnels
print(source)
tlname = cryptfiles + tunnels[:-5] + '.dat'
check_call(['openssl', 'pkeyutl', '-encrypt', '-inkey', keyfile, '-pubin', '-in', sourcetl, '-out', tlname])
else:
print('im else block')
#shutil.rmtree(dirname)
else:
print('im letzen else block')

56
wg_main.py
View File

@@ -4,19 +4,25 @@ import gettext
import locale
import webbrowser
import os
import shutil
import sys
import signal
import subprocess
import shutil
import tkinter as tk
from pathlib import Path
from subprocess import check_call
from tkinter import filedialog, ttk, TclError
from cls_mth_fc import (Tunnel, dirs_and_files, msg_window, Tipi, GiteaUpdate ,files_for_autostart)
from cls_mth_fc import (Tunnel, Create, msg_window, Tipi, GiteaUpdate, UOS)
check_call(['pkexec', '/usr/local/bin/ssl_decrypt.py'])
UOS.username()
Create.dir_and_files()
Create.make_dir()
Create.decrypt()
tcl_path = Path('/usr/share/TK-Themes')
wg_set = Path(Path.home() / '.config/wire_py/settings')
wg_tips = Tipi.if_tip(wg_set)
dirname = Path('/tmp/tlecdcwg/')
''' 1 = 1. Year, 09 = Month of the Year, 2924 = Day and Year of the Year '''
version = 'v. 2.03.0325'
@@ -31,6 +37,31 @@ gettext.bindtextdomain(APP, LOCALE_DIR)
gettext.textdomain(APP)
_ = gettext.gettext
def signalHandler(signum, frame):
''' Determine clear text names for signal numbers '''
SIGNALS_TO_NAMES_DICT = dict((getattr(signal, n), n) \
for n in dir(signal) if n.startswith('SIG') and '_' not in n )
signame = SIGNALS_TO_NAMES_DICT.get(signum, "Unnamed signal: %d" % signum)
'''
End program for certain signals,
report to others only reception
'''
if signum in (signal.SIGINT, signal.SIGTERM):
exitCode = 1
print("\nSignal '%s' (%d) received. => Aborting with exit code %d." % (signame, signum, exitCode))
shutil.rmtree(dirname)
Path.unlink('/tmp/.loguser')
print('Breakdown by user...')
sys.exit(exitCode)
else:
print("Signal %d received and ignored." % signum)
shutil.rmtree(dirname)
Path.unlink('/tmp/.loguser')
print('Process unexpectedly ended...')
signal.signal(signal.SIGINT, signalHandler)
signal.signal(signal.SIGTERM, signalHandler)
signal.signal(signal.SIGHUP, signalHandler)
class MainWindow(tk.Tk):
def __init__(self, *args, **kwargs):
@@ -334,7 +365,7 @@ class FrameWidgets(ttk.Frame):
''' Listbox with Scrollbar '''
def enable_check_box(_):
files_for_autostart()
Create.files_for_autostart()
if self.l_box.size() != 0:
self.wg_autostart.configure(state='normal')
self.lb_rename.config(state='normal')
@@ -351,6 +382,7 @@ class FrameWidgets(ttk.Frame):
self.l_box.configure(yscrollcommand=self.scrollbar.set)
''' Tunnel List '''
self.tl = Tunnel.list()
for tunnels in self.tl:
self.l_box.insert("end", tunnels[:-5])
@@ -660,6 +692,8 @@ class FrameWidgets(ttk.Frame):
theme_set5.writelines(lines5)
self.autoconnect_var.set(value=new_a_connect)
Create.encrypt()
return select_tl
except IndexError:
@@ -744,7 +778,7 @@ class FrameWidgets(ttk.Frame):
If in each case false comes out, a corresponding window comes to inform the user that something is wrong.
"""
dirs_and_files()
Create.dir_and_files()
try:
filepath = filedialog.askopenfilename(initialdir=str(Path.home()), title=_('Select Wireguard config File'),
@@ -787,6 +821,8 @@ class FrameWidgets(ttk.Frame):
subprocess.check_output(['nmcli', 'connection', 'import', 'type',
'wireguard', 'file', new_conf], text=True)
Create.encrypt()
else:
shutil.copy(filepath, '/tmp/tlecdcwg/')
if self.a != '':
@@ -796,6 +832,8 @@ class FrameWidgets(ttk.Frame):
subprocess.check_output(['nmcli', 'connection', 'import', 'type',
'wireguard', 'file', filepath], text=True)
Create.encrypt()
self.StrVar.set('')
self.a = Tunnel.active()
self.l_box.insert(0, self.a)
@@ -883,9 +921,6 @@ class FrameWidgets(ttk.Frame):
check_call(['nmcli', 'con', 'mod', self.a, 'connection.autoconnect', 'no'])
Path.chmod(wg_read, 0o600)
''' Here encrypt import files '''
check_call(['pkexec', '/usr/local/bin/ssl_encrypt.py'])
if 'PrivateKey = ' and 'Endpoint = ' not in read:
"""img_w, img_i, w_title, w_txt hand over"""
iw = r'/usr/share/icons/lx-icons/64/error.png'
@@ -1157,7 +1192,6 @@ class MyToolTip(tk.Toplevel):
self.destroy()
if __name__ == '__main__':
window = MainWindow()
"""
@@ -1171,3 +1205,7 @@ if __name__ == '__main__':
window.tk.call('set', '::tk::dialog::file::showHiddenBtn', '0')
window.tk.call('set', '::tk::dialog::file::showHiddenVar', '0')
window.mainloop()
shutil.rmtree(dirname)
Path.unlink('/tmp/.loguser')
sys.exit(0)