#!/usr/bin/python

sig="""
-----BEGIN PGP SIGNED MESSAGE-----

#
# protects a secret key file with random data from the entropy file.
#
# 2003/8/28
#
"""
import sys, os,  pure

EOL = "\n"
PASS = ""
MinPassLength = 10      # characters

######################################################################
def change_Secretkey_Encryption(P):

    # calculate PAD for otp method
    Hash = pure.hash256(P)
    ProtectedSecretkey = 0L
    ProtectedSecretkey =  pure.unlock_secretkey(Hash)
    Hash = pure.Modulus        # burning of secret information
    pure.print_securityhash()
    if ProtectedSecretkey :
          # write to file sys.argv[2]
          KeyData = ""
          KeyData = KeyData + "Modulus = " + pure.toString(pure.Modulus) + EOL
          KeyData = KeyData + "Encryption = " + pure.toString(pure.Encryption) + EOL
          KeyData = KeyData + "Decryption = " + pure.toString(ProtectedSecretkey) + EOL
          ProtectedSecretkey = pure.Modulus   # burning
          KeyData = KeyData + "HashModulus = " + pure.toString(pure.HashModulus) + EOL
          KeyData = KeyData + "Generator = " + pure.toString(pure.Generator) + EOL
          KeyData = KeyData + pure.UserID +  EOL
          KeyData = KeyData + "Protection = " + pure.protected + EOL
          KeyData = KeyData + "Securityhash = " + pure.toString(pure.Securityhash) + EOL
          pure.burn_secretkey()
          print EOL + "New key data: " + EOL
          print KeyData
          try:
              FILE = open(sys.argv[2], "w")
              FILE.write(KeyData)
              FILE.close()
          except:
              print "Unable to write the edited key data to file."
              sys.exit(3)

if len(sys.argv) != 3:
     print "usage: protect-secretkey \"encryptionkey\" | \"signingkey\" outfile"
     sys.exit(3)

######################################################################

if sys.argv[1] == "encryptionkey" :
    print "Reading data from "+ pure.Home + "/encryptionkey"
    pure.read_cryptosystem("encryptionkey")
elif sys.argv[1] == "signingkey" :
    print "Reading data from " + pure.Home + "/signingkey"
    pure.read_cryptosystem("signingkey")
else:
    print "Cannot read data from either signingkey or encryptionkey"
    sys.exit(2)

pure.print_banner()
pure.print_security_notice()
print
print "The protection of your secret key is : " ,pure.protected
print

print "****************************************"
print "Modulus = " + pure.toString(pure.Modulus)
print "Encryption = " + pure.toString(pure.Encryption)
print "Hashmodulus = " + pure.toString(pure.HashModulus)
print "Generator = " + pure.toString(pure.Generator)
print pure.UserID
print "Securityhash = " + pure.toString(pure.Securityhash)
print "****************************************"

PASS  = "yes"
PASS2 = "no"

if pure.protected == "None" :
     print "Your new passphrase must be at least ",MinPassLength , " characters long."
     pure.protected = "otp"
     if pure.OS == "unix":
          os.system("stty -echo")
     while PASS2 != PASS :
          print
          PASS = raw_input("Please enter your new passphrase to protect your secret key : ")
          print
          PASS2 = raw_input("Please reenter your passphrase to protect your secret key : ")
     if pure.OS == "unix":
          os.system("stty echo")
     if len(PASS) >= MinPassLength :
          print
          change_Secretkey_Encryption(PASS)
     else:
          print EOL+EOL + "Your new  passphrase is too short. Secret key remains unchanged." + EOL
          sys.exit(3)

elif pure.protected == "otp" :
     pure.load_secretkey()
     print "Your new passphrase must be at least ",MinPassLength , " characters long."
     if pure.OS == "unix":
          os.system("stty -echo")
     while PASS2 != PASS :
          print
          PASS = raw_input("Please enter your new passphrase to protect your secret key : ")
          print
          PASS2 = raw_input("Please reenter your passphrase to protect your secret key : ")
     if pure.OS == "unix":
          os.system("stty echo")
     if len(PASS) >= MinPassLength :
          print
          change_Secretkey_Encryption(PASS)
     else:
          print EOL+EOL + "Your new  passphrase is too short. Secret key remains unchanged." + EOL
          sys.exit(3)

else:
     print EOL + "Unknown method of protection." + EOL

PASS = PASS2 = str(pure.Modulus)

################################################################
# Copyright (c) 2003 Ralf Senderek                             #
################################################################

sys.exit(0)

sig="""

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3in
Charset: noconv

iQEVAwUBP02aRL6wVDeIE49tAQFsZQgAiC6XeTkrt4u/kA4VmLMamrstHzw6rpKZ
UcU/Uz05Wm5DS/V7HuirSdzSguedlpJO0UeXV8BpErJ2Cmbq87bwqhoYdTEfTp8k
rWm7qk45s/mDgrBtmPveK+HgaUv3XzGPtkUoBok9b71VjIZVcrtFDbadWOc/kAtn
2sFqwyb6TgMfGhYX58YeppOLtVIj6ypzjW0w+MAJhpTCO1QHL3DmRzWolujhSkg1
p2gKe2aQ3UNEfGpL5DpVbklF2XwbiJnbXNDF5scCMgX+X2SeK+6LsSiyvPNjzmlJ
pHhSjbGaybFs1RELF9ndF1M5EVae3cMMelStWmLhobPIP+roiKeriQ==
=lyx/
-----END PGP SIGNATURE-----
"""