def create_device(device_type_id, device_name, password, token):
password_hash = pbkdf2_hash(password)
bi_key = os.urandom(32)
device_name_key = key_to_hex(
os.urandom(32)) # NOTE: retrieve key as `key_to_hex(key)`
device_status_key = key_to_hex(os.urandom(32))
data = {
"type_id": device_type_id,
"name": hex_to_fernet(device_name_key).encrypt(device_name.encode()),
"correctness_hash": correctness_hash(device_name),
"name_bi": blind_index(bi_key, device_name),
"password": password_hash
}
r = requests.post(URL_CREATE_DEVICE,
headers={"Authorization": token},
data=data,
verify=VERIFY_CERTS)
content = json.loads(r.content.decode('unicode-escape'))
if content["success"]:
insert_into_tinydb(
path, 'device_keys', {
'device_id': str(content["id"]),
'bi_key': key_to_hex(bi_key),
'device:name': device_name_key,
'device:status': device_status_key
})
click.echo(r.content.decode('unicode-escape'))
def test_device_type_uuid(app_and_ctx):
app, ctx = app_and_ctx
with app.app_context():
dt = DeviceType(description=b"nothing",
correctness_hash=correctness_hash("nothing"))
db.session.add(dt)
db.session.commit()
assert is_valid_uuid(str(dt.type_id))
def create_row(data, num_data, tid, added):
user_data = get_user_data()
encrypted = encrypt_row(
{
"added": added,
"num_data": num_data,
"data": pad_payload_attr(str(data)),
"tid": str(tid)
}, get_key_type_pair(user_data))
encrypted["correctness_hash"] = correctness_hash(
added, pad_payload_attr(str(data)), num_data, tid)
encrypted["tid_bi"] = blind_index(hex_to_key(get_bi_key()), str(tid))
return encrypted
def create_device_type(description, token):
if len(get_tinydb_table(path, 'device_type_keys')) == 0:
init_device_type_keys()
table = get_tinydb_table(path, 'device_type_keys')
doc = table.all()[0]
desc_ciphertext = encrypt_using_fernet_hex(doc["description"], description)
data = {
"description": desc_ciphertext,
"correctness_hash": correctness_hash(description)
}
r = requests.post(URL_CREATE_DEVICE_TYPE,
headers={"Authorization": token},
data=data,
verify=VERIFY_CERTS)
click.echo(r.content.decode('unicode-escape'))
def get_fake_tuple(bound):
try:
table = get_tinydb_table(path, 'users')
doc = get_user_data()
if bound == "lower_bound" and not can_remove_fake_row(
doc["integrity"]["device_data"]):
return # "Can't remove row that was not yet inserted (lower bound equals upper bound)"
fake_tuple = {**generate(doc["integrity"]["device_data"], bound=bound)}
fake_tuple["data"] = pad_payload_attr(str(fake_tuple["data"]),
fake=True)
keys = get_key_type_pair(doc)
fake_tuple_hash = correctness_hash([
fake_tuple["added"], fake_tuple["data"], fake_tuple["num_data"],
fake_tuple["tid"]
])
encrypted_fake_tuple = encrypt_row(fake_tuple, keys)
row = {
**encrypted_fake_tuple, "correctness_hash": fake_tuple_hash,
"tid_bi": blind_index(hex_to_key(get_bi_key()),
str(fake_tuple["tid"]))
}
if bound == "upper_bound":
doc["integrity"]["device_data"] = increment_bounds(
doc["integrity"]["device_data"])
if bound == "lower_bound":
doc["integrity"]["device_data"] = increment_bounds(
doc["integrity"]["device_data"], bound=bound)
payload = dict_to_payload(**row)
table.update(doc)
click.echo(payload)
except Exception as e: # pragma: no exc cover
_, _, exc_tb = sys.exc_info()
line = exc_tb.tb_lineno
click.echo(f"{repr(e)} at line: {line}")
def create_scene(name, description, token):
if not is_global_bi_key_missing(
init_global_keys, "Blind index key for scene name is missing"):
if len(get_tinydb_table(path, 'scene_keys')) == 0:
init_scene_keys()
table = get_tinydb_table(path, 'scene_keys')
doc = table.all()[0]
name_ciphertext = encrypt_using_fernet_hex(doc["name"], name)
desc_ciphertext = encrypt_using_fernet_hex(doc["description"],
description)
data = {
"name": name_ciphertext,
"correctness_hash": correctness_hash(name),
"name_bi": blind_index(get_global_bi_key(), name),
"description": desc_ciphertext
}
r = requests.post(URL_CREATE_SCENE,
headers={"Authorization": token},
data=data,
verify=VERIFY_CERTS)
click.echo(r.content.decode('unicode-escape'))
def set_action(device_id, name, token):
doc = search_tinydb_doc(path, 'device_keys',
Query().device_id == str(device_id))
if not doc:
with click.Context(send_column_keys) as ctx:
click.echo(
f"Keys for device {device_id} not present, please use: {ctx.command.name}"
)
click.echo(send_column_keys.get_help(ctx))
return
data = {
"device_id": device_id,
"name": encrypt_using_fernet_hex(doc["action:name"], name),
"correctness_hash": correctness_hash(name),
"name_bi": blind_index(get_device_bi_key(device_id), name)
}
r = requests.post(URL_SET_ACTION,
headers={"Authorization": token},
data=data,
verify=VERIFY_CERTS)
click.echo(r.content.decode('unicode-escape'))