Пример #1
0
 def revokeAuthorisedEntity(self, EntityID, HealthRecordType):
     # First check if this entity is authorised
     db = Database()
     date = time.strftime("%Y-%m-%d %H:%M:%S")
     rows = db.getAuthorisedEntities(self.ID, HealthRecordType, date) #Get all authorised entities that are authorised after 1999
     if rows:
         for row in rows:
             if EntityID == row[0]:
                 found = True
                 # Found the entity for this specific recordType. Check signature
                 DateStart = row[1]
                 signature = bytesToObject(bytes(row[2], 'utf-8'), self.signGroup)
                 if(self.verifySig(self.ID, DateStart, ''.join(self.ID + EntityID + HealthRecordType), signature)):
                     # Valid signature found, now revoke it by setting the DateEnd to today and re-signing
                     # First we need to wait 1 second otherwise the script is too fast!
                     time.sleep(1)
                     DateEnd = time.strftime("%Y-%m-%d %H:%M:%S")
                     # mPK_bytes = db.getSignPubKey("master")              # bytes of the master public key
                     # mPK = bytesToObject(mPK_bytes, self.signGroup)  # de-serialize the key before usage
                     signature = objectToBytes(self.waters.sign(self.masterPK, self.signK, ''.join(self.ID + EntityID + HealthRecordType + DateEnd)), self.signGroup)
                     db.revokeAuthorisedEntity(self.ID, EntityID, HealthRecordType, DateEnd, signature)
                     print("Access for ", EntityID, " to write to ", HealthRecordType, " successfully revoked.")
                 else:
                     print("INVALID signature on authorisations")
         if found == False:
             print("Authorisation for ", EntityID, " to write to ", self.ID, "'s ", HealthRecordType, " data not found")
     else:
         print("Error: no authorisations found for ", self.ID, "'s ", HealthRecordType, " data!")
     db.done()
Пример #2
0
    def read(self, recordType):
        if recordType.lower() == "general":
            ID = self.General[0]
        elif recordType.lower() == "medical":
            ID = self.Medical[0]
        elif recordType.lower() == "training":
            ID = self.Training[0]
        else:
            print("Please enter the correct record type")
            return

        # 1. Read MySql Database to obtain string object
        # 2. Re-construct Ciphertext by converting it to a byte object, then call Charm's deSerialisation API
        # 3. Pass reconstructed ciphertext to dec() function to get plaintext
        #####################
        #MD: Todo: Add date checking
        #####################
        db = Database()
        rows = db.selectRecord(ID) # Now fetch the ciphertexts and verify the signatures and print the result
        for row in rows :
            ctI_bytes = bytes(row[0], 'utf-8')              # Integer element of CT
            ctI_Reconstruct = deserialize(ctI_bytes)
            ctPg_bytes = bytes(row[1], 'utf-8')             # PairingGroup element of CT
            ctReconstruct = bytesToObject(ctPg_bytes, self.group)
            ctReconstruct['C']['C'] = ctI_Reconstruct       # Complete Ciphertext from Integer and Pairing Group element
            pt = self.dec(recordType, ctReconstruct) # Decrypt the Ciphertext
            signerID = row[2] # get the id of the signer
            sig_bytes = bytes(row[3], 'utf-8')
            signature = bytesToObject(sig_bytes, self.signGroup) # Got the actual signature
            signdate = row[4]

            if self.verifySig(signerID, signdate, pt, signature):
                # Signature is valid, now check if entity was authorised at this date
                # Dont check our own data since we know it's valid if the signature checks out (we are always allowed to write to our own HealthRecord)
                if signerID == self.ID:
                    print("Verified record from ", signerID, ": ", pt, "\n")
                else:
                    rows = db.getAuthorisedEntities(self.ID, recordType, signdate)
                    if rows:
                        for row in rows:
                            if signerID == row[0]:
                                print("Verified record from ", signerID, ": ", pt, "\n")
                            else:
                                print("INVALID record from ", signerID, ": ", pt, "\n")
                    else:
                        #There were no authorisations for this date
                        print("INVALID record from ", signerID, ": ", pt, "\n")
            else:
                print("INVALID signature from ", signerID, ": ", pt, "\n")

        db.done()