wg-meshconf/wg_meshconf/wireguard.py
2021-01-12 00:13:11 -05:00

88 lines
2.2 KiB
Python
Executable File

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""
Name: WireGuard Python Bindings
Dev: K4YT3X
Date Created: October 11, 2019
Last Modified: July 19, 2020
"""
# built-in imports
import pathlib
import subprocess
class WireGuard:
""" WireGuard utility controller
This class handles the interactions with the wg binary,
including:
- genkey
- pubkey
- genpsk
"""
def __init__(self, wg_binary=pathlib.Path("/usr/bin/wg")):
"""
Keyword Arguments:
wg_binary {pathlib.Path} -- path of wg binary (default: {pathlib.Path("/usr/bin/wg")})
Since the script might have to be run as root, it is bad practice to find wg using
pathlib.Path(shutil.which("wg") since a malicious binary named wg can be under the current
directory to intercept root privilege if SUID permission is given to the script.
"""
self.wg_binary = wg_binary
def genkey(self):
""" generate WG private key
Generate a new wireguard private key via
wg command.
"""
return (
subprocess.run(
[str(self.wg_binary.absolute()), "genkey"],
check=True,
stdout=subprocess.PIPE,
)
.stdout.decode()
.strip()
)
def pubkey(self, privkey: str) -> str:
""" convert WG private key into public key
Uses wg pubkey command to convert the wg private
key into a public key.
Arguments:
privkey {str} -- wg privkey
Returns:
str -- pubkey derived from privkey
"""
return (
subprocess.run(
[str(self.wg_binary.absolute()), "pubkey"],
check=True,
stdout=subprocess.PIPE,
input=privkey.encode("utf-8"),
)
.stdout.decode()
.strip()
)
def genpsk(self):
""" generate a random base64 PSK
"""
return (
subprocess.run(
[str(self.wg_binary.absolute()), "genpsk"],
check=True,
stdout=subprocess.PIPE,
)
.stdout.decode()
.strip()
)