On running test the sript generates 3 user where password == username

-> user1: 'alma' with passphrase: 'amla' -> user2: 'citrom' with passphrase: 'mortic' -> user1: 'dinnye' with passphrase: 'eynnid' The private keys are envrypted in DER format with pkcs#8 using the passphrase. The private keys are temporarly stored under config/{homeDir} The public keys are stored in the config file without encryption
2021-04-18 18:59:01 +02:00
parent 2f011de6f7
commit 81211b1dd5
2 changed files with 61 additions and 11 deletions
--- a/server/authentication.py
+++ b/server/authentication.py
@@ -4,7 +4,7 @@ import os
 import shutil
 import sys
 from base64 import b64encode
-
+from Crypto.PublicKey import RSA
 from Crypto.Hash import SHA256
 from Crypto.Protocol.KDF import bcrypt, bcrypt_check

@@ -16,6 +16,7 @@ class Authetication:
    ABSOLUTE_PATH = os.path.abspath(os.path.dirname(sys.argv[0]))
    HOME_DIRECTORY_LOCATION = ABSOLUTE_PATH + "\\home"
    CONFIG_DIRECTORY_LOCATION = ABSOLUTE_PATH + "\\config"
+    PRIVATE_KEY_DIRECTORY_LOCATION = CONFIG_DIRECTORY_LOCATION + "\\private_keys"
    USER_INDEX = 0

    def __init__(self):
@@ -25,6 +26,9 @@ class Authetication:
        if not os.path.isdir(self.CONFIG_DIRECTORY_LOCATION):
            os.mkdir(self.CONFIG_DIRECTORY_LOCATION)

+        if not os.path.isdir(self.PRIVATE_KEY_DIRECTORY_LOCATION):
+            os.mkdir(self.PRIVATE_KEY_DIRECTORY_LOCATION)
+
        if not os.path.isfile(self.CONFIG_DIRECTORY_LOCATION + "\\config.txt") or os.stat(
                self.CONFIG_DIRECTORY_LOCATION + "\\config.txt").st_size == 0:
            data = {'index': 0, 'user': []}
@@ -63,6 +67,37 @@ class Authetication:

        shutil.rmtree(self.HOME_DIRECTORY_LOCATION)
        os.mkdir(self.HOME_DIRECTORY_LOCATION)
+        shutil.rmtree(self.PRIVATE_KEY_DIRECTORY_LOCATION)
+        os.mkdir(self.PRIVATE_KEY_DIRECTORY_LOCATION)
+
+
+    def generatePrivateKeyForUser(self, username:str, user_passphrase:str) -> bool:
+        if self.checkUserExists(username):
+            with open(self.CONFIG_DIRECTORY_LOCATION + '\\config.txt') as json_file:
+                data = json.load(json_file)
+
+            private_key = RSA.generate(2048)
+            public_key = private_key.publickey()
+            private_key_value = str(private_key.export_key('DER', passphrase=user_passphrase, pkcs=8))
+            public_key_value = str(public_key.export_key('DER', pkcs=8))
+
+            ##Save private key in separate file
+            user_privatekey = {'passphrase': user_passphrase, 'privateKey': private_key_value}
+            with open(self.PRIVATE_KEY_DIRECTORY_LOCATION + '\\' + str(data['index']) + '.txt', 'w+') as outfile:
+                json.dump(user_privatekey, outfile)
+
+            ##Save public key in users
+            for user in data['user']:
+                if username == user['username']:
+                    user['publicKey'] = public_key_value
+                    with open(self.CONFIG_DIRECTORY_LOCATION + '\\config.txt', 'w') as outfile:
+                        json.dump(data, outfile)
+                    break
+
+            return True
+        else:
+            return False
+

    def saveUser(self, username: str, password: str) -> bool:
        bytePass = password.encode('utf-8')
@@ -72,23 +107,27 @@ class Authetication:
        with open(self.CONFIG_DIRECTORY_LOCATION + '\\config.txt') as json_file:
            data = json.load(json_file)

-        user = {
-            'username': username,
-            'password': bcrypt_hash.decode('utf-8'),
-            'homeDir': str(data['index'] + 1)
-        }
-
-        data['index'] = data['index'] + 1
-
        if self.checkUserExists(username):
            auth_logger.debug("User NOT saved! This username already exists!")
            return False
        else:
-            if not os.path.isdir(self.HOME_DIRECTORY_LOCATION + "\\" + str(user['homeDir'])):
-                os.mkdir(self.HOME_DIRECTORY_LOCATION + "\\" + str(user['homeDir']))
+            if not os.path.isdir(self.HOME_DIRECTORY_LOCATION + "\\" + str(data['index'] + 1)):
+                data['index'] = data['index'] + 1
+                user = {
+                    'username': username,
+                    'password': bcrypt_hash.decode('utf-8'),
+                    'homeDir': str(data['index']),
+                    'publicKey': ''
+                }
+
+                ##Create user HOME directory with index as name
+                os.mkdir(self.HOME_DIRECTORY_LOCATION + '\\' + str(data['index']))
+
+                ##Save user data
                data['user'].append(user)
                with open(self.CONFIG_DIRECTORY_LOCATION + '\\config.txt', 'w') as outfile:
                    json.dump(data, outfile)
+
                auth_logger.debug("User saved!")
            else:
                auth_logger.debug("User NOT saved! Home directory already exists")
--- a/server/authentication_test.py
+++ b/server/authentication_test.py
@@ -62,7 +62,18 @@ def testUserExists(username: str, password: str):
        logging.info('TEST 2 --> User exists with INVALID user :: PASSED')


+def productionInit():
+    auth = Authetication()
+    auth.initConfig()
+    auth.saveUser('alma','alma')
+    auth.generatePrivateKeyForUser('alma', 'amla')
+    auth.saveUser('citrom','citrom')
+    auth.generatePrivateKeyForUser('citrom', 'mortic')
+    auth.saveUser('dinnye','dinnye')
+    auth.generatePrivateKeyForUser('dinnye', 'eynnid')
+
 if __name__ == '__main__':
    testSaveUser("Diósbejglia", "Diósbejgli")
    testAuth("Diósbejglia", "Diósbejgli")
    testUserExists("Diósbejglia", "Diósbejgli")
+    productionInit()