def revokeAuthorisedEntity(self, EntityID, HealthRecordType):
# First check if this entity is authorised
db = Database()
date = time.strftime("%Y-%m-%d %H:%M:%S")
rows = db.getAuthorisedEntities(self.ID, HealthRecordType, date) #Get all authorised entities that are authorised after 1999
if rows:
for row in rows:
if EntityID == row[0]:
found = True
# Found the entity for this specific recordType. Check signature
DateStart = row[1]
signature = bytesToObject(bytes(row[2], 'utf-8'), self.signGroup)
if(self.verifySig(self.ID, DateStart, ''.join(self.ID + EntityID + HealthRecordType), signature)):
# Valid signature found, now revoke it by setting the DateEnd to today and re-signing
# First we need to wait 1 second otherwise the script is too fast!
time.sleep(1)
DateEnd = time.strftime("%Y-%m-%d %H:%M:%S")
# mPK_bytes = db.getSignPubKey("master") # bytes of the master public key
# mPK = bytesToObject(mPK_bytes, self.signGroup) # de-serialize the key before usage
signature = objectToBytes(self.waters.sign(self.masterPK, self.signK, ''.join(self.ID + EntityID + HealthRecordType + DateEnd)), self.signGroup)
db.revokeAuthorisedEntity(self.ID, EntityID, HealthRecordType, DateEnd, signature)
print("Access for ", EntityID, " to write to ", HealthRecordType, " successfully revoked.")
else:
print("INVALID signature on authorisations")
if found == False:
print("Authorisation for ", EntityID, " to write to ", self.ID, "'s ", HealthRecordType, " data not found")
else:
print("Error: no authorisations found for ", self.ID, "'s ", HealthRecordType, " data!")
db.done()
def read(self, recordType):
if recordType.lower() == "general":
ID = self.General[0]
elif recordType.lower() == "medical":
ID = self.Medical[0]
elif recordType.lower() == "training":
ID = self.Training[0]
else:
print("Please enter the correct record type")
return
# 1. Read MySql Database to obtain string object
# 2. Re-construct Ciphertext by converting it to a byte object, then call Charm's deSerialisation API
# 3. Pass reconstructed ciphertext to dec() function to get plaintext
#####################
#MD: Todo: Add date checking
#####################
db = Database()
rows = db.selectRecord(ID) # Now fetch the ciphertexts and verify the signatures and print the result
for row in rows :
ctI_bytes = bytes(row[0], 'utf-8') # Integer element of CT
ctI_Reconstruct = deserialize(ctI_bytes)
ctPg_bytes = bytes(row[1], 'utf-8') # PairingGroup element of CT
ctReconstruct = bytesToObject(ctPg_bytes, self.group)
ctReconstruct['C']['C'] = ctI_Reconstruct # Complete Ciphertext from Integer and Pairing Group element
pt = self.dec(recordType, ctReconstruct) # Decrypt the Ciphertext
signerID = row[2] # get the id of the signer
sig_bytes = bytes(row[3], 'utf-8')
signature = bytesToObject(sig_bytes, self.signGroup) # Got the actual signature
signdate = row[4]
if self.verifySig(signerID, signdate, pt, signature):
# Signature is valid, now check if entity was authorised at this date
# Dont check our own data since we know it's valid if the signature checks out (we are always allowed to write to our own HealthRecord)
if signerID == self.ID:
print("Verified record from ", signerID, ": ", pt, "\n")
else:
rows = db.getAuthorisedEntities(self.ID, recordType, signdate)
if rows:
for row in rows:
if signerID == row[0]:
print("Verified record from ", signerID, ": ", pt, "\n")
else:
print("INVALID record from ", signerID, ": ", pt, "\n")
else:
#There were no authorisations for this date
print("INVALID record from ", signerID, ": ", pt, "\n")
else:
print("INVALID signature from ", signerID, ": ", pt, "\n")
db.done()
