示例#1
0
    def test_modif_cheque(self):
        path = "./cryptobank/test/functionalTests/keys/"
        # empty the db
        open(path + "bank.db", "w").close()
        with open(path + "check.json", "r") as file_:
            signed_check = unserialize(file_.readline())

        base64_check = signed_check["base64_check"]
        dic_check = unserialize(base64_check)

        self.assertTrue(verify_check_first(dic_check, path + "bank.db"))
        # sauvegarde du check dans la db
        store_check(base64_check, path + "bank.db")

        # verification que il ne peut être re-encaisse
        with self.assertRaises(SystemExit) as cm:
            verify_check_first(dic_check, path + "bank.db")
        the_exception = cm.exception
        self.assertEqual(the_exception.code, 1)

        # verif utilisation du meme token pour deux cheque avec differents token
        with open(path + "checkSameToken.json", "r") as file_:
            signed_check_same_token = unserialize(file_.read())
        base64_check = signed_check_same_token["base64_check"]
        dic_check = unserialize(base64_check)
        # verification que il ne peut être re-encaisse
        with self.assertRaises(SystemExit) as cm:
            verify_check_first(dic_check, path + "bank.db")
        the_exception = cm.exception
        self.assertEqual(the_exception.code, 1)
示例#2
0
文件: bank.py 项目: calve/cryptobank
def deposit(arguments):
    """
    Verify that the check has been signed by an authorised person
    Verify that the content of the check has not been altered
    Verify that the check has not been already cashed
    Store the check in the db
    """
    with open(arguments[0], "r") as file_:
        signed_check = unserialize(file_.readline())

    client_key = Key.import_key_from_path(arguments[1])
    bank_key = Key.import_key_from_path(arguments[2])
    # the signature of the check
    check_signature = signed_check["signature"]
    # the check encoded in base64
    base64_check = signed_check["base64_check"]
    # the check as a string
    dic_check = unserialize(base64_check)
    # the customer's signature (the one used to sign the check)
    customer_signature = dic_check["signature_customer_public_key"]
    data_signed_by_customer = create_data_to_sign(base64_check)
    # if the customer is part of the bank, the signature present in the check should be OK
    # check that the check has not already been cashed-in/altered in some way
    if verify_signature_check(client_key, check_signature, data_signed_by_customer):

        if verify_check_first(dic_check):
            print("This check has been cashed in")
            store_check(base64_check)
            exit(0)
        else:
            print("This check has already been cashed-in")
            exit(1)
    else:
        print("This check has been altered and connot be cashed in")
        exit(1)
示例#3
0
 def test_merchant_changed_check(self):
     path = "./cryptobank/test/functionalTests/keys/"
     """
     Check that a merchant cannot change the content of a check without the bank noticing
     """
     client_key = Key.import_key_from_path(path + "customer.pubkey")
     with open(path + "check.json", "r") as file_:
         signed_check = unserialize(file_.readline())
     
     check_signature = signed_check["signature"]
     base64_check = signed_check["base64_check"]
      
     #self.assertTrue(verify_signature_check(client_key, check_signature, base64_check))
      
     # check that if someone has changed something to the check, the bank does not accept the check
     false_check = unserialize(base64_check)
     false_check["amount"] = 100 
     false_check_64 = serialize(false_check).decode()
     self.assertFalse(verify_signature_check(client_key, check_signature, false_check_64))
示例#4
0
def verify_transaction(arguments, bank_pubkey="bank.pubkey", customer_pubkey="customer.pubkey"):
    """
    Checks that the customer's key is valid
    Import le check et le transform en dic
    Import la transaction d'origine et la transforme en dic
    Verifie que les informations dans le cheque sont les même qu'il a envoyé
    Si OK
        Verifie que la signature est valide
        Si OK : renvoie 0 sur la sortie standard
        Sinon : renvoie 1
    """
    if check_key(arguments[3], bank_pubkey, customer_pubkey) is False:
        print("The client has not got an account with the bank")
        exit(1)
    
    with open(arguments[0]) as file_:
        original_transaction = unserialize(file_.readline())
    with open(arguments[1]) as file_:
        signed_check = unserialize(file_.readline())
    
    #this is the check that the customer has signed
    signed_transaction = unserialize(signed_check["base64_check"])
    signature = signed_check["signature"]     
    client_key = Key.import_key_from_path(arguments[2]) 
    data_signed_by_customer = create_data_to_sign(signed_check["base64_check"])

# if the two checks match, we just have to check that the signature is ok.
    if signed_transaction == original_transaction:
        if client_key.verify(data_signed_by_customer, signature):
            exit(0)
        else:
            print("The signature does not appear to have been made by the client. Could there be Charly in the middle ? Better being safe than sorry... exiting")
            exit(1)
    else:
        print("the check the customer has signed is not the same as the one the merchant signed. Exiting")
        exit(1)
示例#5
0
文件: bank.py 项目: calve/cryptobank
def verify_check_first(dic_check, bank_db="bank.db"):
    """
    Checks that the check has not been altered
    """
    with open(bank_db, "r") as file_:
        f = file_.readline()
        while f:
            f_u = unserialize(f)
            if f_u == dic_check:
                print("This check has already been cashed in.")
                exit(1)
            if f_u["token"] == dic_check["token"] and f_u["merchant_id"] == dic_check["merchant_id"]:
                print("the token has already been used... something fishy is going on, we cannot accept this check")
                exit(1)
            f = file_.readline()
        # if we cannot find the same check
        return True