def __init__(self):
self.crypto = VirgilCrypto()
self.api_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR"
self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3"
self.app_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4"
self.api_key = self.crypto.import_private_key(Utils.b64_decode(self.api_key_base64))
self.ttl = datetime.timedelta(hours=1).seconds
self.access_token_signer = AccessTokenSigner()
self.key_pair = self.crypto.generate_keys()
self.server_crypto = VirgilCrypto()
self.server_key_pair = self.server_crypto.generate_keys()
self.server_private_key_data = self.server_crypto.export_private_key(self.server_key_pair.private_key, "test password")
self.server_public_key_data = self.server_crypto.export_public_key(self.server_key_pair.public_key)
self.server_private_key_str = Utils.b64encode(self.server_private_key_data)
self.server_for_client_public = Utils.b64encode(self.server_public_key_data)
self.server_exporter = PrivateKeyExporter(self.server_crypto)
self.server_private_key_storage = PrivateKeyStorage(self.server_exporter)
self.server_public_key_str = self.server_key_pair.public_key
self.server_card_crypto = CardCrypto()
self.server_your_backend_white_list = WhiteList()
self.server_your_backend_white_list = VerifierCredentials(signer="Jonathan",public_key_base64 = self.server_public_key_str)
self.verifier = VirgilCardVerifier(self.server_card_crypto, white_lists = [self.server_your_backend_white_list])
self.access_token_provider = CallbackJwtProvider(self.get_token_from_server("Alice"))
self.card_manager = CardManager(
self.server_card_crypto,
self.access_token_provider,
self.verifier
)
def publish_card(self, user):
self.client_crypto = VirgilCrypto()
card_crypto = CardCrypto()
validator = VirgilCardVerifier(card_crypto)
token_provider = CallbackJwtProvider(self.get_token_from_server)
print('token_provider')
print(vars(token_provider))
card_manager = CardManager(card_crypto,
access_token_provider=token_provider,
card_verifier=validator)
key_pair = self.client_crypto.generate_keys()
username = user
public_key_data = self.client_crypto.export_public_key(
key_pair.public_key)
public_key_str = Utils.b64encode(public_key_data)
class DummyClass:
def __init__(self, raw_key):
self.raw_key = raw_key
dummy = DummyClass(key_pair.public_key.raw_key)
print(public_key_data)
print(public_key_str)
print(key_pair.public_key)
card = card_manager.publish_card(identity=username,
private_key=key_pair.private_key,
public_key=key_pair.public_key)
print(vars(card))
def test_get_invalid_card(self):
class FakeCardClient(object):
def __init__(self, raw_signed_model):
self._raw_signed_model = raw_signed_model
def publish_card(self, raw_signed_model, access_token):
return self._raw_signed_model
def get_card(self, card_id, access_token):
return self._raw_signed_model, False
def search_card(self, identity, access_token):
return [self._raw_signed_model]
validator = self.NegativeVerifier()
jwt_generator = JwtGenerator(config.VIRGIL_APP_ID,
self._app_private_key,
config.VIRGIL_API_KEY_ID,
datetime.timedelta(minutes=10).seconds,
AccessTokenSigner())
identity = Utils.b64encode(os.urandom(20))
token = jwt_generator.generate_token(identity)
access_token_provider = self.EchoTokenProvider(token)
key_pair = self._crypto.generate_keys()
virgil_key_pair = self._crypto.generate_keys()
additional_key_pair = self._crypto.generate_keys()
model = self._data_generator.generate_raw_signed_model(
key_pair, True, virgil_key_pair, additional_key_pair)
client = FakeCardClient(model)
card_id = self._data_generator.generate_card_id()
search_identity = Utils.b64encode(os.urandom(20))
manager = CardManager(CardCrypto(),
access_token_provider,
validator,
sign_callback=self.sign_callback)
manager._card_client = client
self.assertRaises(CardVerificationException, manager.import_card,
model.to_json())
self.assertRaises(CardVerificationException, manager.import_card,
model.to_string())
self.assertRaises(CardVerificationException, manager.get_card, card_id)
self.assertRaises(CardVerificationException, manager.publish_card,
model)
self.assertRaises(CardVerificationException, manager.search_card,
search_identity)
self.assertRaises(CardVerificationException, manager.import_card,
model)
def generate_card_manager(self, token_provider=None):
if not token_provider:
token_provider = self.generate_empty_access_token_provider()
return CardManager(
CardCrypto(),
token_provider,
VirgilCardVerifier(CardCrypto(), False, False)
)
def test_send_second_request_to_client_expired_token_retry_on_unauthorized(
self):
class FakeTokenProvider(object):
def __init__(self,
identity,
token_generator,
additional_token_generator=None):
self.identity = identity
self.token_generator = token_generator
self.additional_token_generator = additional_token_generator
def get_token(self, token_context):
if not token_context.force_reload and self.additional_token_generator:
token = self.additional_token_generator.generate_token(
identity)
return token
token = self.token_generator.generate_token(identity)
return token
expired_jwt_generator = JwtGenerator(config.VIRGIL_APP_ID,
self._app_private_key,
config.VIRGIL_API_KEY_ID, 1,
AccessTokenSigner())
jwt_generator = JwtGenerator(config.VIRGIL_APP_ID,
self._app_private_key,
config.VIRGIL_API_KEY_ID,
datetime.timedelta(minutes=10).seconds,
AccessTokenSigner())
identity = str(binascii.hexlify(os.urandom(20)).decode())
access_token_provider = FakeTokenProvider(identity, jwt_generator,
expired_jwt_generator)
validator = VirgilCardVerifier(CardCrypto())
card_manager = CardManager(card_crypto=CardCrypto(),
access_token_provider=access_token_provider,
card_verifier=validator,
sign_callback=self.sign_callback)
key_pair = self._crypto.generate_keys()
card = card_manager.publish_card(key_pair.private_key,
key_pair.public_key, identity)
self.assertIsNotNone(card)
searched_card = card_manager.search_card(identity)
self.assertEqual(len(searched_card), 1)
def __get_manager(self):
validator = VirgilCardVerifier(CardCrypto())
manager = CardManager(CardCrypto(),
access_token_provider=CallbackJwtProvider(
self._get_token_from_server),
sign_callback=self.sign_callback,
card_verifier=validator)
return manager
def test_gets_card_with_different_id(self):
class PositiveVerifier(object):
def verify_card(self):
return True
class FakeCardClient(object):
def __init__(self, raw_signed_model):
self._raw_signed_model = raw_signed_model
def get_card(self, card_id, access_token):
return self._raw_signed_model, False
validator = PositiveVerifier()
key_pair = self._crypto.generate_keys()
raw_card_content = RawCardContent(identity="test",
public_key=key_pair.public_key,
created_at=Utils.to_timestamp(
datetime.datetime.now()),
version="5.0")
model = RawSignedModel(raw_card_content.content_snapshot)
signer = ModelSigner(CardCrypto())
signer.self_sign(model,
key_pair.private_key,
extra_fields={"info": "some_additional_info"})
jwt_generator = JwtGenerator(config.VIRGIL_APP_ID,
self._app_private_key,
config.VIRGIL_API_KEY_ID,
datetime.timedelta(minutes=10).seconds,
AccessTokenSigner())
identity = Utils.b64encode(os.urandom(20))
token = jwt_generator.generate_token(identity)
access_token_provider = self.EchoTokenProvider(token)
card_id = self._data_generator.generate_app_id()
manager = CardManager(
card_crypto=CardCrypto(),
access_token_provider=access_token_provider,
card_verifier=validator,
)
manager.card_client = FakeCardClient(model)
self.assertRaises(CardVerificationException, manager.get_card, card_id)
class VirgilFlaskLib:
def __init__(self):
self.crypto = VirgilCrypto()
self.api_key_base64 = "MC4CAQAwBQYDK2VwBCIEIF+gQkN4StqMMFJGWE1tKXcitkLqHqmrBz+OaQZKGZFR"
self.app_id = "6af75f0dd9be50ebb77facad0f71eaf3"
self.app_key_id = "3def16346c7b43bbaed5b4b9acb9ac8affa4"
self.api_key = self.crypto.import_private_key(Utils.b64_decode(self.api_key_base64))
self.ttl = datetime.timedelta(hours=1).seconds
self.access_token_signer = AccessTokenSigner()
self.key_pair = self.crypto.generate_keys()
self.server_crypto = VirgilCrypto()
self.server_key_pair = self.server_crypto.generate_keys()
self.server_private_key_data = self.server_crypto.export_private_key(self.server_key_pair.private_key, "test password")
self.server_public_key_data = self.server_crypto.export_public_key(self.server_key_pair.public_key)
self.server_private_key_str = Utils.b64encode(self.server_private_key_data)
self.server_for_client_public = Utils.b64encode(self.server_public_key_data)
self.server_exporter = PrivateKeyExporter(self.server_crypto)
self.server_private_key_storage = PrivateKeyStorage(self.server_exporter)
self.server_public_key_str = self.server_key_pair.public_key
self.server_card_crypto = CardCrypto()
self.server_your_backend_white_list = WhiteList()
self.server_your_backend_white_list = VerifierCredentials(signer="Jonathan",public_key_base64 = self.server_public_key_str)
self.verifier = VirgilCardVerifier(self.server_card_crypto, white_lists = [self.server_your_backend_white_list])
self.access_token_provider = CallbackJwtProvider(self.get_token_from_server("Alice"))
self.card_manager = CardManager(
self.server_card_crypto,
self.access_token_provider,
self.verifier
)
def get_private_key(self):
return self.key_pair.private_key
def get_public_key(self):
return self.key_pair.public_key
#jwt token generation
def get_token_from_server(self, token_context):
#jwt_from_server = authficated_query_to_server(token_context)
#jwt_from_server = token_context
jwt_from_server = self.generate_JWT_for_user("Alice")
return jwt_from_server
#JWT generator with necessary paramters
def get_JWT_generator(self):
return JwtGenerator(self.app_id, self.api_key, self.app_key_id, self.ttl, self.access_token_signer)
def generate_JWT_for_user(self, identity):
jwt_generator = self.get_JWT_generator()
self.identity = identity
return jwt_generator.generate_token(identity)
#function is broken
def publish_card(self):
#self.card = self.card_manager.publish_card(identity = self.identity, private_key = self.server_key_pair.private_key, public_key = self.server_key_pair.public_key)
self.card = self.card_manager.publish_card(identity = self.identity, private_key = self.server_key_pair.private_key, public_key = self.server_key_pair.public_key)
def signAndEncrypt(self, message):
message_to_encrypt = message
data_to_encrypt = Utils.strtobytes(message)
alice_private_key, alice_private_key_additional_data = self.server_private_key_storage.load("Alice")