def revokeAuthorisedEntity(self, EntityID, HealthRecordType): # First check if this entity is authorised db = Database() date = time.strftime("%Y-%m-%d %H:%M:%S") rows = db.getAuthorisedEntities(self.ID, HealthRecordType, date) #Get all authorised entities that are authorised after 1999 if rows: for row in rows: if EntityID == row[0]: found = True # Found the entity for this specific recordType. Check signature DateStart = row[1] signature = bytesToObject(bytes(row[2], 'utf-8'), self.signGroup) if(self.verifySig(self.ID, DateStart, ''.join(self.ID + EntityID + HealthRecordType), signature)): # Valid signature found, now revoke it by setting the DateEnd to today and re-signing # First we need to wait 1 second otherwise the script is too fast! time.sleep(1) DateEnd = time.strftime("%Y-%m-%d %H:%M:%S") # mPK_bytes = db.getSignPubKey("master") # bytes of the master public key # mPK = bytesToObject(mPK_bytes, self.signGroup) # de-serialize the key before usage signature = objectToBytes(self.waters.sign(self.masterPK, self.signK, ''.join(self.ID + EntityID + HealthRecordType + DateEnd)), self.signGroup) db.revokeAuthorisedEntity(self.ID, EntityID, HealthRecordType, DateEnd, signature) print("Access for ", EntityID, " to write to ", HealthRecordType, " successfully revoked.") else: print("INVALID signature on authorisations") if found == False: print("Authorisation for ", EntityID, " to write to ", self.ID, "'s ", HealthRecordType, " data not found") else: print("Error: no authorisations found for ", self.ID, "'s ", HealthRecordType, " data!") db.done()
def read(self, recordType): if recordType.lower() == "general": ID = self.General[0] elif recordType.lower() == "medical": ID = self.Medical[0] elif recordType.lower() == "training": ID = self.Training[0] else: print("Please enter the correct record type") return # 1. Read MySql Database to obtain string object # 2. Re-construct Ciphertext by converting it to a byte object, then call Charm's deSerialisation API # 3. Pass reconstructed ciphertext to dec() function to get plaintext ##################### #MD: Todo: Add date checking ##################### db = Database() rows = db.selectRecord(ID) # Now fetch the ciphertexts and verify the signatures and print the result for row in rows : ctI_bytes = bytes(row[0], 'utf-8') # Integer element of CT ctI_Reconstruct = deserialize(ctI_bytes) ctPg_bytes = bytes(row[1], 'utf-8') # PairingGroup element of CT ctReconstruct = bytesToObject(ctPg_bytes, self.group) ctReconstruct['C']['C'] = ctI_Reconstruct # Complete Ciphertext from Integer and Pairing Group element pt = self.dec(recordType, ctReconstruct) # Decrypt the Ciphertext signerID = row[2] # get the id of the signer sig_bytes = bytes(row[3], 'utf-8') signature = bytesToObject(sig_bytes, self.signGroup) # Got the actual signature signdate = row[4] if self.verifySig(signerID, signdate, pt, signature): # Signature is valid, now check if entity was authorised at this date # Dont check our own data since we know it's valid if the signature checks out (we are always allowed to write to our own HealthRecord) if signerID == self.ID: print("Verified record from ", signerID, ": ", pt, "\n") else: rows = db.getAuthorisedEntities(self.ID, recordType, signdate) if rows: for row in rows: if signerID == row[0]: print("Verified record from ", signerID, ": ", pt, "\n") else: print("INVALID record from ", signerID, ": ", pt, "\n") else: #There were no authorisations for this date print("INVALID record from ", signerID, ": ", pt, "\n") else: print("INVALID signature from ", signerID, ": ", pt, "\n") db.done()