def create_device(device_type_id, device_name, password, token): password_hash = pbkdf2_hash(password) bi_key = os.urandom(32) device_name_key = key_to_hex( os.urandom(32)) # NOTE: retrieve key as `key_to_hex(key)` device_status_key = key_to_hex(os.urandom(32)) data = { "type_id": device_type_id, "name": hex_to_fernet(device_name_key).encrypt(device_name.encode()), "correctness_hash": correctness_hash(device_name), "name_bi": blind_index(bi_key, device_name), "password": password_hash } r = requests.post(URL_CREATE_DEVICE, headers={"Authorization": token}, data=data, verify=VERIFY_CERTS) content = json.loads(r.content.decode('unicode-escape')) if content["success"]: insert_into_tinydb( path, 'device_keys', { 'device_id': str(content["id"]), 'bi_key': key_to_hex(bi_key), 'device:name': device_name_key, 'device:status': device_status_key }) click.echo(r.content.decode('unicode-escape'))
def test_device_type_uuid(app_and_ctx): app, ctx = app_and_ctx with app.app_context(): dt = DeviceType(description=b"nothing", correctness_hash=correctness_hash("nothing")) db.session.add(dt) db.session.commit() assert is_valid_uuid(str(dt.type_id))
def create_row(data, num_data, tid, added): user_data = get_user_data() encrypted = encrypt_row( { "added": added, "num_data": num_data, "data": pad_payload_attr(str(data)), "tid": str(tid) }, get_key_type_pair(user_data)) encrypted["correctness_hash"] = correctness_hash( added, pad_payload_attr(str(data)), num_data, tid) encrypted["tid_bi"] = blind_index(hex_to_key(get_bi_key()), str(tid)) return encrypted
def create_device_type(description, token): if len(get_tinydb_table(path, 'device_type_keys')) == 0: init_device_type_keys() table = get_tinydb_table(path, 'device_type_keys') doc = table.all()[0] desc_ciphertext = encrypt_using_fernet_hex(doc["description"], description) data = { "description": desc_ciphertext, "correctness_hash": correctness_hash(description) } r = requests.post(URL_CREATE_DEVICE_TYPE, headers={"Authorization": token}, data=data, verify=VERIFY_CERTS) click.echo(r.content.decode('unicode-escape'))
def get_fake_tuple(bound): try: table = get_tinydb_table(path, 'users') doc = get_user_data() if bound == "lower_bound" and not can_remove_fake_row( doc["integrity"]["device_data"]): return # "Can't remove row that was not yet inserted (lower bound equals upper bound)" fake_tuple = {**generate(doc["integrity"]["device_data"], bound=bound)} fake_tuple["data"] = pad_payload_attr(str(fake_tuple["data"]), fake=True) keys = get_key_type_pair(doc) fake_tuple_hash = correctness_hash([ fake_tuple["added"], fake_tuple["data"], fake_tuple["num_data"], fake_tuple["tid"] ]) encrypted_fake_tuple = encrypt_row(fake_tuple, keys) row = { **encrypted_fake_tuple, "correctness_hash": fake_tuple_hash, "tid_bi": blind_index(hex_to_key(get_bi_key()), str(fake_tuple["tid"])) } if bound == "upper_bound": doc["integrity"]["device_data"] = increment_bounds( doc["integrity"]["device_data"]) if bound == "lower_bound": doc["integrity"]["device_data"] = increment_bounds( doc["integrity"]["device_data"], bound=bound) payload = dict_to_payload(**row) table.update(doc) click.echo(payload) except Exception as e: # pragma: no exc cover _, _, exc_tb = sys.exc_info() line = exc_tb.tb_lineno click.echo(f"{repr(e)} at line: {line}")
def create_scene(name, description, token): if not is_global_bi_key_missing( init_global_keys, "Blind index key for scene name is missing"): if len(get_tinydb_table(path, 'scene_keys')) == 0: init_scene_keys() table = get_tinydb_table(path, 'scene_keys') doc = table.all()[0] name_ciphertext = encrypt_using_fernet_hex(doc["name"], name) desc_ciphertext = encrypt_using_fernet_hex(doc["description"], description) data = { "name": name_ciphertext, "correctness_hash": correctness_hash(name), "name_bi": blind_index(get_global_bi_key(), name), "description": desc_ciphertext } r = requests.post(URL_CREATE_SCENE, headers={"Authorization": token}, data=data, verify=VERIFY_CERTS) click.echo(r.content.decode('unicode-escape'))
def set_action(device_id, name, token): doc = search_tinydb_doc(path, 'device_keys', Query().device_id == str(device_id)) if not doc: with click.Context(send_column_keys) as ctx: click.echo( f"Keys for device {device_id} not present, please use: {ctx.command.name}" ) click.echo(send_column_keys.get_help(ctx)) return data = { "device_id": device_id, "name": encrypt_using_fernet_hex(doc["action:name"], name), "correctness_hash": correctness_hash(name), "name_bi": blind_index(get_device_bi_key(device_id), name) } r = requests.post(URL_SET_ACTION, headers={"Authorization": token}, data=data, verify=VERIFY_CERTS) click.echo(r.content.decode('unicode-escape'))