def payload_encryption_test():
    password = b'testpwd'
    payload = {'ccnum': '1111222233334444', 'expdate': '09/13/2018', 'cvc': '123', 'notes': 'adding user notes'}

    salt = Encrypt.generate_salt()
    print('ENCRYPT\TEST: salt: ', salt)

    sym_key_box = Encrypt.generate_key(password, salt)
    print('ENCRYPT\TEST: sym_key_box: ', sym_key_box)

    sym_key = Encrypt.decrypt_key(sym_key_box, password, salt)
    print('ENCRYPT\TEST: sym_key: ', sym_key)

    # Payload encryption (encrypt the payload)
    json_payload_string = json.dumps(payload)
    print('JSON PAYLOAD:', json_payload_string)

    encrypted_payload = Encrypt.encrypt_payload(sym_key, json_payload_string.encode())
    print('ENCRYPT\TEST: encrypted_payload: ', encrypted_payload)

    decrypted_payload = Encrypt.decrypt_payload(sym_key, encrypted_payload)
    print('ENCRYPT\TEST: decrypted_payload: ', decrypted_payload)

    payload_dict = json.loads(decrypted_payload)
    print(payload_dict)
    print(payload_dict["ccnum"])
    print(payload_dict["expdate"])
    print(payload_dict["cvc"])
    print(payload_dict["notes"])
Exemple #2
0
def register():
    print('SERVER/LOG: Opening registration page')
    if request.method == 'POST':
        user = request.form['username']
        email = request.form['email']
        pwd = request.form['password']
        create_date = str(timestamp)
        print('SERVER/LOG: Account created by ', user, ' at ', create_date)
        # TODO: Server side logic to salt and encrypt password
        salt = Encrypt.generate_salt()
        session_key = Encrypt.generate_session_key()
        sym_key_box = Encrypt.generate_key(pwd.encode(), salt)

        values = (user, email, create_date, base64.b64encode(salt),
                  base64.b64encode(session_key), base64.b64encode(sym_key_box))
        db.insert_user(values)
    return render_template('register.html')
def full_encryption_test():
    user = '******'
    password = b'testpwd'
    ccnum = '1111222233334444'

    salt = Encrypt.generate_salt()
    print('ENCRYPT\TEST: salt: ', salt)

    sym_key_box = Encrypt.generate_key(password, salt)
    print('ENCRYPT\TEST: sym_key_box: ', sym_key_box)

    sym_key = Encrypt.decrypt_key(sym_key_box, password, salt)
    print('ENCRYPT\TEST: sym_key: ', sym_key)

    # Payload encryption (encrypt the payload)
    encrypted_payload = Encrypt.encrypt_payload(sym_key, ccnum)
    print('ENCRYPT\TEST: encrypted_payload: ', encrypted_payload)

    decrypted_payload = Encrypt.decrypt_payload(sym_key, encrypted_payload)
    print('ENCRYPT\TEST: decrypted_payload: ', decrypted_payload)
def test_insert_full_user():
    '''
    Test registration logic, including encrypted storage
    :param values=(user, email, createDate, salt, auth, symmetricBox):
    '''

    user = '******'
    email = '*****@*****.**'
    createDate = '12042017'
    password = b'testpwd'

    salt = Encrypt.generate_salt()
    session_key = Encrypt.generate_session_key()
    sym_key_box = Encrypt.generate_key(password, salt)

    values = (user, email, createDate, str(salt), str(session_key),
              str(sym_key_box))

    insert_statement = (
        "INSERT INTO user (user, email, createDate, salt, auth, symmetricBox)"
        "VALUE (%s, %s, %s, %s, %s, %s)")
    db.insert_row(insert_statement, values)\