def payload_encryption_test(): password = b'testpwd' payload = {'ccnum': '1111222233334444', 'expdate': '09/13/2018', 'cvc': '123', 'notes': 'adding user notes'} salt = Encrypt.generate_salt() print('ENCRYPT\TEST: salt: ', salt) sym_key_box = Encrypt.generate_key(password, salt) print('ENCRYPT\TEST: sym_key_box: ', sym_key_box) sym_key = Encrypt.decrypt_key(sym_key_box, password, salt) print('ENCRYPT\TEST: sym_key: ', sym_key) # Payload encryption (encrypt the payload) json_payload_string = json.dumps(payload) print('JSON PAYLOAD:', json_payload_string) encrypted_payload = Encrypt.encrypt_payload(sym_key, json_payload_string.encode()) print('ENCRYPT\TEST: encrypted_payload: ', encrypted_payload) decrypted_payload = Encrypt.decrypt_payload(sym_key, encrypted_payload) print('ENCRYPT\TEST: decrypted_payload: ', decrypted_payload) payload_dict = json.loads(decrypted_payload) print(payload_dict) print(payload_dict["ccnum"]) print(payload_dict["expdate"]) print(payload_dict["cvc"]) print(payload_dict["notes"])
def register(): print('SERVER/LOG: Opening registration page') if request.method == 'POST': user = request.form['username'] email = request.form['email'] pwd = request.form['password'] create_date = str(timestamp) print('SERVER/LOG: Account created by ', user, ' at ', create_date) # TODO: Server side logic to salt and encrypt password salt = Encrypt.generate_salt() session_key = Encrypt.generate_session_key() sym_key_box = Encrypt.generate_key(pwd.encode(), salt) values = (user, email, create_date, base64.b64encode(salt), base64.b64encode(session_key), base64.b64encode(sym_key_box)) db.insert_user(values) return render_template('register.html')
def full_encryption_test(): user = '******' password = b'testpwd' ccnum = '1111222233334444' salt = Encrypt.generate_salt() print('ENCRYPT\TEST: salt: ', salt) sym_key_box = Encrypt.generate_key(password, salt) print('ENCRYPT\TEST: sym_key_box: ', sym_key_box) sym_key = Encrypt.decrypt_key(sym_key_box, password, salt) print('ENCRYPT\TEST: sym_key: ', sym_key) # Payload encryption (encrypt the payload) encrypted_payload = Encrypt.encrypt_payload(sym_key, ccnum) print('ENCRYPT\TEST: encrypted_payload: ', encrypted_payload) decrypted_payload = Encrypt.decrypt_payload(sym_key, encrypted_payload) print('ENCRYPT\TEST: decrypted_payload: ', decrypted_payload)
def test_insert_full_user(): ''' Test registration logic, including encrypted storage :param values=(user, email, createDate, salt, auth, symmetricBox): ''' user = '******' email = '*****@*****.**' createDate = '12042017' password = b'testpwd' salt = Encrypt.generate_salt() session_key = Encrypt.generate_session_key() sym_key_box = Encrypt.generate_key(password, salt) values = (user, email, createDate, str(salt), str(session_key), str(sym_key_box)) insert_statement = ( "INSERT INTO user (user, email, createDate, salt, auth, symmetricBox)" "VALUE (%s, %s, %s, %s, %s, %s)") db.insert_row(insert_statement, values)\