bump_python/main.py

import time
import ipdb
import json
import random
import qrcode
import requests
import base64
import re


SENDER_LENGTH = 4 
PASSWORD_LENGTH = 8 

from random_word import RandomWords

import secrets
from base64 import urlsafe_b64encode as b64e, urlsafe_b64decode as b64d

from cryptography.fernet import Fernet
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC

r = RandomWords()

backend = default_backend()
iterations = 100_000

def _derive_key(password: bytes, salt: bytes, iterations: int = iterations) -> bytes:
    """Derive a secret key from a given password and salt"""
    kdf = PBKDF2HMAC(
        algorithm=hashes.SHA256(), length=32, salt=salt,
        iterations=iterations, backend=backend)
    return b64e(kdf.derive(password))

def password_encrypt(message: bytes, password: str, iterations: int = iterations) -> bytes:
    salt = secrets.token_bytes(16)
    key = _derive_key(password.encode(), salt, iterations)
    return b64e(
        b'%b%b%b' % (
            salt,
            iterations.to_bytes(4, 'big'),
            b64d(Fernet(key).encrypt(message)),
        )
    )

def password_decrypt(token: bytes, password: str) -> bytes:
    decoded = b64d(token)
    salt, iter, token = decoded[:16], decoded[16:20], b64e(decoded[20:])
    iterations = int.from_bytes(iter, 'big')
    key = _derive_key(password.encode(), salt, iterations)
    return Fernet(key).decrypt(token)

class Bump:
    def __init__(self, secret=None, secret_file='.bump_secrets'):
        self.secrets = self.load_secrets(secret, secret_file)
        if self.secrets == []:
            self.generate_secret(secret_file)
            self.show_secrets()

        self.URL = "http://0.0.0.0:4000/api/"


    def load_secrets(self, secret, secrets_file='.bump_secrets'):
        try:
            with open(secrets_file, 'r') as f:
                secrets = f.read().splitlines()
        except FileNotFoundError:
            secrets = []
        if secret is not None and secret not in self.secrets:
            secrets.append(secret)

        return secrets

    def generate_secret(self, secret_file):
        WORDS = r.get_random_words()
        secret = ""
        for _ in range(SENDER_LENGTH + PASSWORD_LENGTH):
            secret += random.choice(WORDS) + "-"
        while len(secret[SENDER_LENGTH:]) < 32:
            secret += random.choice(WORDS) + "-"
        secret = secret[:-1]

        self.secrets.append(secret)

        with open(secret_file, 'a+') as f:
            f.write(secret + '\n')


    def show_secrets(self):
        for secret in self.secrets:
           qrcode.make(secret).show()
           print(secret)

    def get_password(self, index=0):
        secret = self.secrets[index].split('-')
        return "-".join(secret[SENDER_LENGTH:])


    def get_sender(self, index=0):
        words = self.secrets[index].split('-')
        return "-".join(words[0:SENDER_LENGTH])

    def encrypt(self, data):
        password = self.get_password()
        return password_encrypt(data.encode(), password)

    def decrypt(self, data):
        password = self.get_password()
        return password_decrypt(data, password).decode()

    def push_fake(self, data):
        print(self.encrypt(data))


    def push(self, title='', data=''):
        params = {
            'sender': self.get_sender(),
            'title': title,
            'data': self.encrypt(data)
        }
        return self.set_post("push", params)

    def firebase(self):
        params = {
            'token': "dTm8S2bfTdKYQTjrxnwFFg:APA91bHGgM7IdRS5uxD0ljmwmP6cAec2icX0VBs69iRB2ApsohyOWzTzontO7cBkjNYbWV87zvxrXIs5jHkJ-8mSWa_-RiU2Y8-XEy3g-Fep3z6dhDeM3KazP58jDRgbdB5cVpDcIEWL"
        }
        return self.set_post("firebase", params)
        
            
    def peek(self):
        return self.get_post("peek")

    def pop(self):
        return self.get_post("pop")

    def list(self):
        params = {
            'minutes': 2 
        }
        return self.get_post("list", params)


    def clear(self):
        return self.get_post("clear")

    def set_post(self, mechanism, add_params = None):
        url = self.URL + mechanism
        params = {
            'sender': self.get_sender(),
        }

        if add_params != None:
            params.update(add_params)

        messages = requests.post(url, params).json()
        print(messages)

    def get_post(self, mechanism, add_params = None):
        url = self.URL + mechanism

        params = {
            'sender': self.get_sender()
        }

        if add_params != None:
            params.update(add_params)

        messages = requests.post(url, params).json()

        if(messages == {} or messages == None or 
           "messages" in messages and messages["messages"] == []):
            return [{}]
        elif "messages" in messages:
            for message in messages.get("messages"):
                message['data'] = self.decrypt(message.get('data'))

            return messages
        else:
            messages['data'] = self.decrypt(messages.get('data'))
            return [messages]


    def load_log(self):
        with open('.bump_log', "r+") as f:
            return f.readlines()

    def save_log(self, message):
        with open('.bump_log', "a") as f:
            f.write(self.to_log_line(message))

    def to_log_line(self, message):    
        return json.dumps(message) + "\n"

    def alert(self, sleep_time=1):
        log = self.load_log()
        while True:
            time.sleep(sleep_time)
            messages = self.list()
            for message in messages:
                if self.to_log_line(message) not in log and message != {}:
                    print(message['data'])
                    self.save_log(message)
                    log = self.load_log()


if __name__ == '__main__':
    b = Bump()
    b.decrypt("M1dEAxKZ5HUHCJoRkgGOvAABhqCAAAAAAGG2eKTSlKXWLDQx5B_wssZsNwsanzQID2UyUm4KKuKYKgfwH5MG2N-qzt6K4mg3pfZmWPaiDB9PiqlX236k6zo9Yvvq")
adds alert for new messages - messages are checked from the server every second and compared with the local log. Any message within the last 2 minutes which were pushed onto the server are shown as a notification. 2021-12-10 18:29:03 +01:00			`import time`
			`import ipdb`
			`import json`
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00			`import random`
			`import qrcode`
			`import requests`
			`import base64`
			`import re`

updates list for new rest result - list is now a json object which contains "messages" which is a JSON Array list 2021-12-17 16:22:04 +01:00
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00			`SENDER_LENGTH = 4`
			`PASSWORD_LENGTH = 8`

			`from random_word import RandomWords`

			`import secrets`
			`from base64 import urlsafe_b64encode as b64e, urlsafe_b64decode as b64d`

			`from cryptography.fernet import Fernet`
			`from cryptography.hazmat.backends import default_backend`
			`from cryptography.hazmat.primitives import hashes`
			`from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC`

			`r = RandomWords()`

			`backend = default_backend()`
			`iterations = 100_000`

			`def _derive_key(password: bytes, salt: bytes, iterations: int = iterations) -> bytes:`
			`"""Derive a secret key from a given password and salt"""`
			`kdf = PBKDF2HMAC(`
			`algorithm=hashes.SHA256(), length=32, salt=salt,`
			`iterations=iterations, backend=backend)`
			`return b64e(kdf.derive(password))`

			`def password_encrypt(message: bytes, password: str, iterations: int = iterations) -> bytes:`
			`salt = secrets.token_bytes(16)`
			`key = _derive_key(password.encode(), salt, iterations)`
			`return b64e(`
			`b'%b%b%b' % (`
			`salt,`
			`iterations.to_bytes(4, 'big'),`
			`b64d(Fernet(key).encrypt(message)),`
			`)`
			`)`

			`def password_decrypt(token: bytes, password: str) -> bytes:`
			`decoded = b64d(token)`
			`salt, iter, token = decoded[:16], decoded[16:20], b64e(decoded[20:])`
			`iterations = int.from_bytes(iter, 'big')`
			`key = _derive_key(password.encode(), salt, iterations)`
			`return Fernet(key).decrypt(token)`

			`class Bump:`
			`def __init__(self, secret=None, secret_file='.bump_secrets'):`
			`self.secrets = self.load_secrets(secret, secret_file)`
			`if self.secrets == []:`
			`self.generate_secret(secret_file)`
			`self.show_secrets()`

			`self.URL = "http://0.0.0.0:4000/api/"`



			`def load_secrets(self, secret, secrets_file='.bump_secrets'):`
			`try:`
			`with open(secrets_file, 'r') as f:`
			`secrets = f.read().splitlines()`
			`except FileNotFoundError:`
			`secrets = []`
			`if secret is not None and secret not in self.secrets:`
			`secrets.append(secret)`

			`return secrets`

			`def generate_secret(self, secret_file):`
			`WORDS = r.get_random_words()`
			`secret = ""`
			`for _ in range(SENDER_LENGTH + PASSWORD_LENGTH):`
			`secret += random.choice(WORDS) + "-"`
			`while len(secret[SENDER_LENGTH:]) < 32:`
			`secret += random.choice(WORDS) + "-"`
			`secret = secret[:-1]`

			`self.secrets.append(secret)`

			`with open(secret_file, 'a+') as f:`
			`f.write(secret + '\n')`


			`def show_secrets(self):`
			`for secret in self.secrets:`
			`qrcode.make(secret).show()`
			`print(secret)`

			`def get_password(self, index=0):`
			`secret = self.secrets[index].split('-')`
			`return "-".join(secret[SENDER_LENGTH:])`


			`def get_sender(self, index=0):`
			`words = self.secrets[index].split('-')`
			`return "-".join(words[0:SENDER_LENGTH])`

			`def encrypt(self, data):`
			`password = self.get_password()`
			`return password_encrypt(data.encode(), password)`

			`def decrypt(self, data):`
			`password = self.get_password()`
			`return password_decrypt(data, password).decode()`

updates list for new rest result - list is now a json object which contains "messages" which is a JSON Array list 2021-12-17 16:22:04 +01:00			`def push_fake(self, data):`
			`print(self.encrypt(data))`


adds title to push 2022-01-03 12:28:35 +01:00			`def push(self, title='', data=''):`
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00			`params = {`
			`'sender': self.get_sender(),`
adds title to push 2022-01-03 12:28:35 +01:00			`'title': title,`
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00			`'data': self.encrypt(data)`
			`}`
adds firebase handler, extracts set functions 2021-12-30 16:10:49 +01:00			`return self.set_post("push", params)`
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00
adds firebase handler, extracts set functions 2021-12-30 16:10:49 +01:00			`def firebase(self):`
			`params = {`
adds title to push 2022-01-03 12:28:35 +01:00			`'token': "dTm8S2bfTdKYQTjrxnwFFg:APA91bHGgM7IdRS5uxD0ljmwmP6cAec2icX0VBs69iRB2ApsohyOWzTzontO7cBkjNYbWV87zvxrXIs5jHkJ-8mSWa_-RiU2Y8-XEy3g-Fep3z6dhDeM3KazP58jDRgbdB5cVpDcIEWL"`
adds firebase handler, extracts set functions 2021-12-30 16:10:49 +01:00			`}`
			`return self.set_post("firebase", params)`
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00

updates list for new rest result - list is now a json object which contains "messages" which is a JSON Array list 2021-12-17 16:22:04 +01:00			`def peek(self):`
			`return self.get_post("peek")`
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00
			`def pop(self):`
			`return self.get_post("pop")`

			`def list(self):`
fixes handling json list output 2021-12-10 17:59:52 +01:00			`params = {`
			`'minutes': 2`
			`}`
			`return self.get_post("list", params)`
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00
adds firebase handler, extracts set functions 2021-12-30 16:10:49 +01:00
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00			`def clear(self):`
			`return self.get_post("clear")`

adds firebase handler, extracts set functions 2021-12-30 16:10:49 +01:00			`def set_post(self, mechanism, add_params = None):`
			`url = self.URL + mechanism`
			`params = {`
			`'sender': self.get_sender(),`
			`}`

			`if add_params != None:`
			`params.update(add_params)`

			`messages = requests.post(url, params).json()`
			`print(messages)`

fixes handling json list output 2021-12-10 17:59:52 +01:00			`def get_post(self, mechanism, add_params = None):`
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00			`url = self.URL + mechanism`
fixes handling json list output 2021-12-10 17:59:52 +01:00
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00			`params = {`
			`'sender': self.get_sender()`
			`}`
fixes handling json list output 2021-12-10 17:59:52 +01:00
			`if add_params != None:`
			`params.update(add_params)`

adds alert for new messages - messages are checked from the server every second and compared with the local log. Any message within the last 2 minutes which were pushed onto the server are shown as a notification. 2021-12-10 18:29:03 +01:00			`messages = requests.post(url, params).json()`
fixes handling json list output 2021-12-10 17:59:52 +01:00
updates list for new rest result - list is now a json object which contains "messages" which is a JSON Array list 2021-12-17 16:22:04 +01:00			`if(messages == {} or messages == None or`
			`"messages" in messages and messages["messages"] == []):`
adds alert for new messages - messages are checked from the server every second and compared with the local log. Any message within the last 2 minutes which were pushed onto the server are shown as a notification. 2021-12-10 18:29:03 +01:00			`return [{}]`
updates list for new rest result - list is now a json object which contains "messages" which is a JSON Array list 2021-12-17 16:22:04 +01:00			`elif "messages" in messages:`
			`for message in messages.get("messages"):`
adds alert for new messages - messages are checked from the server every second and compared with the local log. Any message within the last 2 minutes which were pushed onto the server are shown as a notification. 2021-12-10 18:29:03 +01:00			`message['data'] = self.decrypt(message.get('data'))`
fixes handling json list output 2021-12-10 17:59:52 +01:00
			`return messages`
			`else:`
adds alert for new messages - messages are checked from the server every second and compared with the local log. Any message within the last 2 minutes which were pushed onto the server are shown as a notification. 2021-12-10 18:29:03 +01:00			`messages['data'] = self.decrypt(messages.get('data'))`
			`return [messages]`


			`def load_log(self):`
			`with open('.bump_log', "r+") as f:`
			`return f.readlines()`
fixes handling json list output 2021-12-10 17:59:52 +01:00
adds alert for new messages - messages are checked from the server every second and compared with the local log. Any message within the last 2 minutes which were pushed onto the server are shown as a notification. 2021-12-10 18:29:03 +01:00			`def save_log(self, message):`
			`with open('.bump_log', "a") as f:`
			`f.write(self.to_log_line(message))`

			`def to_log_line(self, message):`
			`return json.dumps(message) + "\n"`

			`def alert(self, sleep_time=1):`
			`log = self.load_log()`
fixes handling json list output 2021-12-10 17:59:52 +01:00			`while True:`
adds alert for new messages - messages are checked from the server every second and compared with the local log. Any message within the last 2 minutes which were pushed onto the server are shown as a notification. 2021-12-10 18:29:03 +01:00			`time.sleep(sleep_time)`
			`messages = self.list()`
			`for message in messages:`
			`if self.to_log_line(message) not in log and message != {}:`
			`print(message['data'])`
			`self.save_log(message)`
			`log = self.load_log()`

fixes handling json list output 2021-12-10 17:59:52 +01:00
adds all initial communication functionality - adds rest server wraper - adds secret generation - adds secret visualization 2021-12-10 17:46:53 +01:00
			`if __name__ == '__main__':`
			`b = Bump()`
updates list for new rest result - list is now a json object which contains "messages" which is a JSON Array list 2021-12-17 16:22:04 +01:00			`b.decrypt("M1dEAxKZ5HUHCJoRkgGOvAABhqCAAAAAAGG2eKTSlKXWLDQx5B_wssZsNwsanzQID2UyUm4KKuKYKgfwH5MG2N-qzt6K4mg3pfZmWPaiDB9PiqlX236k6zo9Yvvq")`