kaufmannga71933/DRM-fuer-ePA
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
GKJoker98 2021-02-11 20:38:39 +01:00
commit 024b42e96b
30 changed files with 5120 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
Contentserver/drm_server/drm_server/__init__.py Normal file
View File

BIN
Contentserver/drm_server/drm_server/__pycache__/__init__.cpython-38.pyc Normal file
View File

Binary file not shown.

BIN
Contentserver/drm_server/drm_server/__pycache__/settings.cpython-38.pyc Normal file
View File

Binary file not shown.

BIN
Contentserver/drm_server/drm_server/__pycache__/urls.cpython-38.pyc Normal file
View File

Binary file not shown.

BIN
Contentserver/drm_server/drm_server/__pycache__/wsgi.cpython-38.pyc Normal file
View File

Binary file not shown.

16
Contentserver/drm_server/drm_server/asgi.py Normal file
View File

@ -0,0 +1,16 @@
"""
ASGI config for drm_server project.
It exposes the ASGI callable as a module-level variable named ``application``.
For more information on this file, see
https://docs.djangoproject.com/en/3.1/howto/deployment/asgi/
"""
import os
from django.core.asgi import get_asgi_application
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'drm_server.settings')
application = get_asgi_application()

138
Contentserver/drm_server/drm_server/settings.py Normal file
View File

@ -0,0 +1,138 @@
"""
Django settings for drm_server project.
Generated by 'django-admin startproject' using Django 3.1.4.
For more information on this file, see
https://docs.djangoproject.com/en/3.1/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/3.1/ref/settings/
"""
from pathlib import Path
import os
# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = '#^9h3-tg+(r__c)5m9@51#iq+f!e+ifr2&(q3y_3w=-9h2aizr'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = ['192.168.192.75', '188.195.130.70', '0.0.0.0', 'localhost', '127.0.0.1']
CORS_ORIGIN_ALLOW_ALL=True
# Application definition
INSTALLED_APPS = [
'corsheaders',
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'health_view'
]
REST_FRAMEWORK = {
# Use Django's standard `django.contrib.auth` permissions,
# or allow read-only access for unauthenticated users.
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
],
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
'PAGE_SIZE': 10
}
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'drm_server.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [os.path.join(BASE_DIR, 'templates')],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'drm_server.wsgi.application'
# Database
# https://docs.djangoproject.com/en/3.1/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'db.sqlite3',
}
}
# Password validation
# https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/3.1/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'Europe/Berlin'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.1/howto/static-files/
STATIC_URL = '/static/'
LOGIN_REDIRECT_URL = '/'

18
Contentserver/drm_server/drm_server/urls.py Normal file
View File

@ -0,0 +1,18 @@
from django.urls import include, path
from rest_framework import routers
from health_view import views
from django.contrib import admin
router = routers.DefaultRouter()
router.register(r'users', views.UserViewSet)
router.register(r'groups', views.GroupViewSet)
router.register(r'folderpartnames', views.GetFolderPartNames)
# Wire up our API using automatic URL routing.
# Additionally, we include login URLs for the browsable API.
urlpatterns = [
path('admin/', admin.site.urls),
path('', include(router.urls)),
path('', include('health_view.urls')),
path('api-auth/', include('rest_framework.urls', namespace='rest_framework'))
]

16
Contentserver/drm_server/drm_server/wsgi.py Normal file
View File

@ -0,0 +1,16 @@
"""
WSGI config for drm_server project.
It exposes the WSGI callable as a module-level variable named ``application``.
For more information on this file, see
https://docs.djangoproject.com/en/3.1/howto/deployment/wsgi/
"""
import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'drm_server.settings')
application = get_wsgi_application()

5
Contentserver/drm_server/health_view/.babelrc Normal file
View File

@ -0,0 +1,5 @@
{
"presets": [
"@babel/preset-env", "@babel/preset-react"
]
}

0
Contentserver/drm_server/health_view/__init__.py Normal file
View File

22
Contentserver/drm_server/health_view/admin.py Normal file
View File

@ -0,0 +1,22 @@
from django.contrib import admin
from .models import FolderInfo, FolderPart, JustifiedKey, FolderPart_Name
admin.site.register(FolderInfo)
admin.site.register(FolderPart)
admin.site.register(FolderPart_Name)
admin.site.register(JustifiedKey)
#@admin.register(BookInstance)
#class BookInstanceAdmin(admin.ModelAdmin):
# list_display = ('book', 'status', 'borrower', 'due_back', 'id')
# list_filter = ('status', 'due_back')#
#
# fieldsets = (
# (None, {
# 'fields': ('book','imprint', 'id')
# }),
# ('Availability', {
# 'fields': ('status', 'due_back','borrower')
# }),
# )

5
Contentserver/drm_server/health_view/apps.py Normal file
View File

@ -0,0 +1,5 @@
from django.apps import AppConfig
class HealthViewConfig(AppConfig):
name = 'health_view'

103
Contentserver/drm_server/health_view/crypto_functions.py Normal file
View File

@ -0,0 +1,103 @@
import os
import codecs
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP, AES
from Crypto.Hash import SHA256
from Crypto.Signature import PKCS1_v1_5
from Crypto import Random
from base64 import b64decode, b64encode
BS = 16
pub_key_contentserver = '-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYI/jGk6f0LAT2Z6AAQUR7izbi\na5O4Zzaz4WtK00jr3AqbZMVeVZAs+As5RS35PY2BlCuEEza/J5XX1tlbUhGk/Nzu\nyYqlID6ILEk9kUqh1A6EAuNVrcCL174BRLy620pU5m+E61za0tIr1lU+Jhy4ikVK\niGQ+na5a5g0kuzZTHwIDAQAB\n-----END PUBLIC KEY-----'
private_key_contentserver = '-----BEGIN RSA PRIVATE KEY-----\nMIICXQIBAAKBgQDYI/jGk6f0LAT2Z6AAQUR7izbia5O4Zzaz4WtK00jr3AqbZMVe\nVZAs+As5RS35PY2BlCuEEza/J5XX1tlbUhGk/NzuyYqlID6ILEk9kUqh1A6EAuNV\nrcCL174BRLy620pU5m+E61za0tIr1lU+Jhy4ikVKiGQ+na5a5g0kuzZTHwIDAQAB\nAoGAFuf9CgKFBrYRkpGZ3d0M5nDzEJzpC1546ChoKAZrUH/B6gUMe7pirLle6yNf\nQ25YDFcJI5arsyd9VGITJ//zGZC1CC9MBL1v4Ey5Vm3OAwcn7aoiPYoZhtNUDGhE\nCKzIrKWlq5wQDfYCjL2zQnCIAq+nZWACI/X+k/bPd37FZpUCQQDdQNQ3Azaq0owx\nd2crResCW4OryvhTPipLNz8AaW2IMuDfxLUKEaTTkU3NOFRRhIddRRA9/vfcHbrw\nlgZ3Vo5NAkEA+hWX0tItz4lL4pSJTc38Tzjb9WyGQPuAINlntnDwOhtvvRYPfTLi\nLb/22btAfgQWSBICxFdO5Ze0A5Dx140VGwJARwVhWYtZh/nv8I0Ae/6EkowntwR/\nM9FXqC9CtPIiq76ROqMc7e999j/FNqPnRQeCoCjkLtJiY7DTahjuWG5bXQJBAIAD\nS5scAV0pz5FlLT+JgGzhEx729WYQF085WjB2cVGdN75Xq4gP4t0+VVKw2ltnJiyw\nI4BznKxD0l689D69Nh8CQQDLkom4Fhkl8CZQLB1cIX9PjNw+KCBkTV92dJmzdmR5\nGE+p7jO849HPS83W21AV6/eyL8VMqDyE6CBzHNr2ITJT\n-----END RSA PRIVATE KEY-----'
pub_key_licenseserver= "-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCG54kIgf8wi+WLrmg0OLXTsMF7BsYjJ8+mmx1/Ml1Hts2oVoisf8iKbfcC0jWBc1aEibi7EIZK9AWEmgpIHPZpf2Ezt36KX7pjA7CDgZBye/bw+G1CaDGxrN8a18db8c16hNxHMTMiqPm7WAgoyekOzlCT6/rqF+3w2oYuGx1tmQIDAQAB-----END PUBLIC KEY-----"
def make_key_pair_rsa(username):
random_generator = Random.new().read
priv_key = RSA.generate(1024, random_generator)
pub_key = priv_key.publickey()
print("new key pair")
print(priv_key.exportKey())
print(pub_key.exportKey())
user_smartcard_path = "/tmp/smartcards/" + str(username) + ".txt"
file_object = open(user_smartcard_path, "w+")
file_object.write(priv_key.exportKey().decode('utf-8'))
file_object.write("\n")
file_object.write(pub_key.exportKey().decode('utf-8'))
file_object.close()
return pub_key.exportKey().decode('utf-8')
def make_rand_key_aes():
return os.urandom(32)
def pad(s):
return s + (BS - len(s) % BS) * chr(BS - len(s) % BS).encode()
def unpad(s):
return s[:-ord(s[len(s)-1:])]
def encrypt_aes(message, key):
message = message.encode()
raw = pad(message)
cipher = AES.new(key, AES.MODE_ECB)
enc = cipher.encrypt(raw)
return b64encode(enc).decode('utf-8')
def decrypt_aes(enc, key):
enc = b64decode(enc)
cipher = AES.new(key, AES.MODE_ECB)
dec = cipher.decrypt(enc)
return dec.decode('utf-8')
def make_encrypted_key_content_server():
random_key = make_rand_key_aes()
key = RSA.importKey(pub_key_contentserver)
pub_key = key.publickey()
encrypted_key = encrypt(random_key, pub_key)
return encrypted_key.hex()
def decrypt(ciphertext):
key = RSA.importKey(private_key_contentserver)
cipher = PKCS1_OAEP.new(key)
ciphertext = codecs.decode(ciphertext, 'hex')
return cipher.decrypt(ciphertext)
def encrypt(message):
cipher = PKCS1_OAEP.new(pub_key_contentserver)
return cipher.encrypt(message)
def sign(message, priv_key):
priv_key = RSA.importKey(priv_key)
signer = PKCS1_v1_5.new(priv_key)
hash_gen = SHA256.new()
hash_gen.update(message.encode())
return b64encode(signer.sign(hash_gen)).decode('utf-8')
def verify(message, signature, pub_key):
pub_key = pub_key.replace("-----BEGIN PUBLIC KEY-----", "")
pub_key = pub_key.replace("-----END PUBLIC KEY-----", "")
pub_key = pub_key.replace(" ", "")
pub_key = ('\n'.join(pub_key[i:i + 64] for i in range(0, len(pub_key), 64)))
pub_key = "-----BEGIN PUBLIC KEY-----\n" + pub_key + "\n-----END PUBLIC KEY-----"
signature = b64decode(signature)
pub_key = RSA.importKey(pub_key)
verifier = PKCS1_v1_5.new(pub_key)
hash_gen = SHA256.new(message.encode())
return verifier.verify(hash_gen, signature)

0
Contentserver/drm_server/health_view/forms.py Normal file
View File

54
Contentserver/drm_server/health_view/models.py Normal file
View File

@ -0,0 +1,54 @@
from django.db import models
from django.contrib.auth.models import User
from django.dispatch import receiver
from django.db.models.signals import post_save
class FolderInfo(models.Model):
"""Adding attributes to default model user"""
patient = models.OneToOneField(User, on_delete=models.CASCADE, null=True, blank=True, default="")
pub_key = models.CharField(max_length=300, blank=True, default="")
def __str__(self):
"""String for representing the Model object."""
return str(self.id)
@receiver(post_save, sender=User)
def create_folderinfo(sender, instance, created, **kwargs):
"""Creates Folderinfo for user when he is created"""
if created:
FolderInfo.objects.create(patient=instance)
class FolderPart_Name(models.Model):
shortcut = models.CharField(max_length=3, default="x")
part_name = models.CharField(max_length=40, primary_key=True, default="x")
def __str__(self):
"""String for representing the Model object."""
return str(self.part_name)
class FolderPart(models.Model):
part_class = models.ForeignKey(FolderPart_Name, on_delete=models.CASCADE, default="")
folder_id = models.ForeignKey(FolderInfo, on_delete=models.CASCADE, default="")
part_context = models.CharField(max_length=500, default="nothing for you")
class Meta:
unique_together = ('part_class', 'folder_id')
def __str__(self):
"""String for representing the Model object."""
return self.part_class.part_name
class JustifiedKey(models.Model):
part = models.ForeignKey(FolderPart, on_delete=models.CASCADE, null=True, default="")
justified_name = models.ForeignKey(User, on_delete=models.CASCADE, default="")
key = models.CharField(max_length=260, default="")

4159
Contentserver/drm_server/health_view/package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

39
Contentserver/drm_server/health_view/package.json Normal file
View File

@ -0,0 +1,39 @@
{
"name": "frontend",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1",
"dev": "webpack --mode development ./src/index.js --output-path ./static/frontend/",
"build": "webpack --mode production ./src/index.js --output-path ./static/frontend/"
},
"keywords": [],
"author": "",
"license": "ISC",
"devDependencies": {
"@babel/core": "^7.12.10",
"@babel/plugin-transform-runtime": "^7.12.10",
"@babel/preset-env": "^7.12.11",
"@babel/preset-react": "^7.12.10",
"@babel/runtime": "^7.12.5",
"babel-loader": "^8.2.2",
"babelify": "^10.0.0",
"react": "^17.0.1",
"react-dom": "^17.0.1",
"webpack": "^5.11.0",
"webpack-cli": "^4.2.0"
},
"dependencies": {
"assert": "^2.0.0",
"browserify": "^17.0.0",
"buffer": "^6.0.3",
"buffer-browserify": "^0.2.5",
"create-react-class": "^15.7.0",
"crypto": "^1.0.1",
"crypto-browserify": "^3.12.0",
"jquery": "^3.5.1",
"process": "^0.11.10",
"stream-browserify": "^3.0.0"
}
}

64
Contentserver/drm_server/health_view/serializers.py Normal file
View File

@ -0,0 +1,64 @@
from abc import ABC
from django.contrib.auth.models import User, Group
from rest_framework import serializers
from health_view.models import FolderPart, JustifiedKey, FolderPart_Name, FolderInfo
class UserSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = User
fields = ['url', 'username', 'email', 'groups']
class GroupSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = Group
fields = ['url', 'name']
class KeySerializer(serializers.Serializer):
part = serializers.CharField()
justified_name = serializers.CharField(max_length=100)
key = serializers.CharField(max_length=260)
def create(self, validated_data):
part = FolderPart.objects.get(pk=validated_data.get("part_class"))
justified_name = FolderPart.objects.get(pk=validated_data.get("part_class"))
key = validated_data.get("part_key")
JustifiedKey(part=part, justified_name=justified_name, key=key)
return True
def update(self, instance, validated_data):
instance.part = FolderPart.objects.get(pk=validated_data.get("part_class"))
instance.justified_name = FolderPart.objects.get(pk=validated_data.get("part_class"))
instance.key = instance.part_context = validated_data.get("part_key")
instance.save()
return True
class ContentSerializer(serializers.Serializer):
part_class = serializers.CharField()
folder_id = serializers.CharField()
part_context = serializers.CharField()
def update(self, instance, validated_data):
instance.part_class = FolderPart_Name.objects.get(pk=validated_data.get("part_class"))
instance.folder_id = FolderInfo.objects.get(pk=validated_data.get("folder_id"))
instance.part_context = validated_data.get("part_context")
instance.save()
return instance
class FolderPartSerializer(serializers.Serializer):
part = serializers.CharField()
justified_name = serializers.CharField()
key = serializers.CharField()
class FolderPartNameSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = FolderPart_Name()
fields = ['part_name']

56
Contentserver/drm_server/health_view/templates/base_generic.html Normal file
View File

@ -0,0 +1,56 @@
<!DOCTYPE html>
<html lang="en">
<head>
{% block title %}<title>Gabriel's DRM</title>{% endblock %}
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css" integrity="sha384-TX8t27EcRE3e/ihU7zmQxVncDAy5uIKz4rEkgIXeMed4M0jlfIDPvg6uqKI2xXr2" crossorigin="anonymous">
<!--Add additional CSS in static file -->
{% load static %}
<link rel="stylesheet" href="{% static 'css/styles.css' %}">
<link rel="shortcut icon" type="image/png" href="{% static 'favicon.png' %}"/>
<style>
{% load static %}
body {
background-image: url('{% static "images/wall.jpg" %}');
color: black;
}
.col-sm-5{
margin-top: 20px;
border-radius: 25px;
padding: 20px;
box-shadow: 0 10px 20px rgba(0, 0, 0, .7);
backdrop-filter: blur(6px);
}
</style>
</head>
<body>
<div class="container-fluid">
<div class="row">
<div class="col-sm-2">
{% block sidebar %}
<ul class="sidebar-nav">
<li><a href="{% url 'index' %}">Home</a></li>
{% if user.is_authenticated %}
<li> Username: {{ user.get_username }}</li>
<li> Folder ID: {{ user.folderinfo }}</li>
<li><a href="{% url 'create-license' user.folderinfo.id %}">Create License</a></li>
<li><a href="{% url 'given-licenses' %}">Given Licenses</a></li>
<li><a href="{% url 'my-licenses' %}">My Licenses</a></li>
<li><a href="{% url 'logout'%}?next={{request.path}}">Logout</a></li>
{% else %}
<li><a href="{% url 'login'%}?next={{request.path}}">Login</a></li>
{% endif %}
<li id="app"></li>
</ul>
{% endblock %}
</div>
<div class="col-sm-5">{% block content %}{% endblock %}</div>
</div>
</div>
<script src="{% static 'frontend/main.js' %}"></script>
</body>
</html>

27
Contentserver/drm_server/health_view/templates/health_view/book_detail.html Normal file
View File

@ -0,0 +1,27 @@
{% extends "base_generic.html" %}
{% block content %}
<h1>Title: {{ book.title }}</h1>
<p><strong>Author:</strong> <a href="">{{ book.author }}</a></p> <!-- author detail link not yet defined -->
<p><strong>Summary:</strong> {{ book.summary }}</p>
<p><strong>ISBN:</strong> {{ book.isbn }}</p>
<p><strong>Language:</strong> {{ book.language }}</p>
<p><strong>Genre:</strong> {{ book.genre.all|join:", " }}</p>
<div style="margin-left:20px;margin-top:20px">
<h4>Copies</h4>
{% for copy in book.bookinstance_set.all %}
<hr>
<p class="{% if copy.status == 'a' %}text-success{% elif copy.status == 'm' %}text-danger{% else %}text-warning{% endif %}">
{{ copy.get_status_display }}
</p>
{% if copy.status != 'a' %}
<p><strong>Due to be returned:</strong> {{ copy.due_back }}</p>
{% endif %}
<p><strong>Imprint:</strong> {{ copy.imprint }}</p>
<p class="text-muted"><strong>Id:</strong> {{ copy.id }}</p>
{% endfor %}
</div>
{% endblock %}

16
Contentserver/drm_server/health_view/templates/health_view/book_list.html Normal file
View File

@ -0,0 +1,16 @@
{% extends "base_generic.html" %}
{% block content %}
<h1>Book List</h1>
{% if book_list %}
<ul>
{% for book in book_list %}
<li>
<a href="{{ book.get_absolute_url }}">{{ book.title }}</a> ({{book.author}})
</li>
{% endfor %}
</ul>
{% else %}
<p>There are no books in the library.</p>
{% endif %}
{% endblock %}

19
Contentserver/drm_server/health_view/templates/health_view/bookinstance_list_borrowed_user.html Normal file
View File

@ -0,0 +1,19 @@
{% extends "base_generic.html" %}
{% block content %}
<h1>Borrowed books</h1>
{% if bookinstance_list %}
<ul>
{% for bookinst in bookinstance_list %}
<li class="{% if bookinst.is_overdue %}text-danger{% endif %}">
<a href="{% url 'book-detail' bookinst.book.pk %}">{{bookinst.book.title}}</a> ({{ bookinst.due_back }})
</li>
{% endfor %}
</ul>
{% else %}
<p>There are no books borrowed.</p>
{% endif %}
{% endblock %}

14
Contentserver/drm_server/health_view/templates/health_view/create_license.html Normal file
View File

@ -0,0 +1,14 @@
{% extends "base_generic.html" %}
{% block content %}
<h1>Creating Process...</h1>
<form id="appl" action="" method="post">
{% csrf_token %}
<table>
{{ form.as_p }}
</table>
<input type="submit" value="Submit" id="submit_button">
<div id="appl2"/>
</form>
{% endblock %}

20
Contentserver/drm_server/health_view/templates/health_view/license_list.html Normal file
View File

@ -0,0 +1,20 @@
{% extends "base_generic.html" %}
{% block content %}
<h1>Licenses</h1>
{% if license_list %}
<ul>
{% for license in license_list %}
<li>
{% if request.get_full_path == "/health_view/mylicenses/" %}
<a href="{{ license.get_license_own }}">{{ license.patient }}</a> ({{license.justified}})
{% else %}
<a href="{{ license.get_license_given }}">{{ license.patient }}</a> ({{license.justified}})
{% endif %}
</li>
{% endfor %}
</ul>
{% else %}
<p>There are no Licenses.</p>
{% endif %}
{% endblock %}

14
Contentserver/drm_server/health_view/templates/index.html Normal file
View File

@ -0,0 +1,14 @@
{% extends "base_generic.html" %}
{% block title %}
<title>Gabriel's DRM</title>
{% endblock %}
{% block content %}
<h1>Local Health View</h1>
<p>Welcome to <em>Gabriel Kaufmann's </em>DRM System!</p>
<h2>Dynamic content</h2>
<p>The System has the following record counts:</p>
<ul>
<li><strong>User: </strong> {{ num_user }}</li>
<li><strong>Licenses:</strong> {{ num_licenses }}</li>
</ul>
{% endblock %}

3
Contentserver/drm_server/health_view/tests.py Normal file
View File

@ -0,0 +1,3 @@
from django.test import TestCase
# Create your tests here.

12
Contentserver/drm_server/health_view/urls.py Normal file
View File

@ -0,0 +1,12 @@
from django.urls import path
from . import views
urlpatterns = [
path('key/<name>/<justified>', views.get_key),
path('content/<name>/', views.get_content),
path('folder/create/', views.create_new_folder),
path('create/key/', views.create_key),
path('folder/read/', views.read_folder),
path('folder/write/', views.write_folder),
path('manage/delete/', views.delete_justified_key),
]

270
Contentserver/drm_server/health_view/views.py Normal file
View File

@ -0,0 +1,270 @@
from rest_framework import viewsets, permissions
from django.http import HttpResponse, JsonResponse
from django.views.decorators.csrf import csrf_exempt
from rest_framework.parsers import JSONParser
from health_view.serializers import *
from health_view.crypto_functions import *
from datetime import datetime
from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import IsAdminUser
from rest_framework.response import Response
import json
@csrf_exempt
def get_key(request, name, part_name="", justified=""):
user_obj = User.objects.get(username=name)
justified_obj = User.objects.get(username=justified)
folderinfo = user_obj.folderinfo
folderpart_obj = FolderPart.objects.get(part_class=part_name, folder_id=folderinfo)
key = JustifiedKey.objects.filter(justified_name=justified_obj, part=folderpart_obj).first()
if request.method == 'GET':
serializer = KeySerializer(key)
return JsonResponse(serializer.data)
elif request.method == 'POST':
data = JSONParser().parse(request)
serializer = KeySerializer(key, data=data)
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data, status=201)
return JsonResponse(serializer.errors, status=400)
@csrf_exempt
def get_content(request, name, part_name=""):
user_obj = User.objects.get(username=name)
folderinfo = user_obj.folderinfo
folderpart_obj = FolderPart.objects.get(part_class=part_name, folder_id=folderinfo)
if request.method == 'GET':
serializer = ContentSerializer(folderpart_obj)
return JsonResponse(serializer.data)
elif request.method == 'POST':
data = json.loads(request.body)
serializer = ContentSerializer(folderpart_obj, data=data)
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data, status=201)
return JsonResponse(serializer.errors, status=400)
def create_signature_string(license):
signature_string = license["patient"] + "&" + license["justified"] + "&" + license["creator"] + "&" + license["expdate"].replace(" ", ",") + "&" + license["permissions"] + "&" + license["folderparts"]
signature_string = signature_string.replace(" ", "")
return signature_string
def create_signature_string_certificate(license):
signature_string = license["patient"] + "&" + license["justified"] + "&" + license["creator"] + "&" + license["expdate"].replace(" ", ",") + "&" + license["permissions"] + "&" + license["folderparts"] + "&" + license["signature"] + "&" + license['content_key']
signature_string = signature_string.replace(" ", "")
return signature_string
def get_creator(license):
creator = User.objects.get(username=license["creator"])
return creator
def get_pubkey(user):
pubkey = user.folderinfo.pub_key
return pubkey
def check_expiration_date(license):
exp_date = license["expdate"]
print(exp_date)
for fmt in ('%d-%m-%Y %H:%M', '%d/%m/%Y %H:%M', '%d/%m/%Y', '%d-%m-%Y'):
try:
datetime_object = datetime.strptime(exp_date, fmt)
break
except ValueError:
pass
try:
return datetime.now() < datetime_object
except Exception:
return False
def check_permissions(license, part, permission):
if part == "":
return True
if permission not in license["permissions"]:
return False
if part not in license["folderparts"]:
return False
return True
def check_change_siganture(pubkey, user_sign, datetime_given, content):
message = datetime_given + "|" + content
if verify(message, user_sign, pubkey):
return True
return False
def check_license(license, folderpart="", permission=""):
creator = get_creator(license)
if not verify(create_signature_string(license), license['signature'], get_pubkey(creator)):
return False
if not verify(create_signature_string_certificate(license), license['serversign'], pub_key_licenseserver):
return False
if not check_expiration_date(license):
return False
if not check_permissions(license, folderpart, permission):
return False
return True
@csrf_exempt
def read_folder(request):
if request.method == 'POST':
data = json.loads(request.body)
license = data[0]
folderpart = data[1]
if not check_license(license, folderpart, "Read"):
return HttpResponse(status=404)
content_key = license['content_key']
content_key_decrypted = decrypt(content_key)
patient = User.objects.get(username=license["patient"])
part_class = FolderPart_Name.objects.get(part_name=folderpart)
part = FolderPart.objects.get(folder_id=patient.folderinfo, part_class=part_class)
justified = User.objects.get(username=license["justified"])
pubkey_justified = justified.folderinfo.pub_key
if len(data) == 3:
justified = User.objects.get(username=license["creator"])
key_obj = JustifiedKey.objects.get(part=part, justified_name=justified)
content = part.part_context
decrypt_content = decrypt_aes(content, content_key_decrypted)
response_obj = {'content': decrypt_content,
'key': key_obj.key,
'pubkey': pubkey_justified}
return JsonResponse(response_obj, status=201)
@csrf_exempt
def write_folder(request):
if request.method == 'POST':
data = json.loads(request.body)
license = data[0]
folderpart = data[1]
content = data[2]
datetime_given = data[3]
user_sign = data[4]
if not check_license(license, folderpart, "Write"):
return HttpResponse(status=404)
content_key = license['content_key']
datetime_given_formatted = datetime.strptime(datetime_given, '%Y-%m-%d|%H:%M:%S')
date_difference = datetime.now() - datetime_given_formatted
content_key_decrypt = decrypt(content_key)
patient = User.objects.get(username=license["patient"])
part_class = FolderPart_Name.objects.get(part_name=folderpart)
part = FolderPart.objects.get(folder_id=patient.folderinfo, part_class=part_class)
justified = User.objects.get(username=license["justified"])
if date_difference.seconds//60.0 > 4.0 or not check_change_siganture(get_pubkey(justified), user_sign, datetime_given, content):
return HttpResponse(status=404)
content = folderpart + content
part.part_context = encrypt_aes(content, content_key_decrypt)
if JustifiedKey.objects.filter(part=part, justified_name=justified).exists():
part.save()
json_obj = {'works': 'fined'}
return JsonResponse(json_obj, status=201)
@csrf_exempt
def create_new_folder(request):
if request.method == 'POST':
data = json.loads(request.body)
print(data)
license = data[0]
if not check_license(license):
return HttpResponse(status=404)
content_key = license['content_key']
content_key_decrypt = decrypt(content_key)
patient = User.objects.get(username=license["patient"])
for c in range(1, len(data)):
part_class = data[c]["part_class"]
content = data[c]["content"]
content = part_class + content
encrypted_key = data[c]["encrypted_key"]
encrypted_content = encrypt_aes(content, content_key_decrypt)
part_class = FolderPart_Name.objects.get(part_name=part_class)
part = FolderPart(folder_id=patient.folderinfo, part_class=part_class, part_context=encrypted_content)
part.save()
justified = User.objects.get(username=license["justified"])
justified_key = JustifiedKey(part=part, justified_name=justified, key=encrypted_key)
justified_key.save()
json_obj = {'works': 'fined'}
return JsonResponse(json_obj, status=201)
@csrf_exempt
def create_key(request):
if request.method == 'POST':
data = json.loads(request.body)
license = data[0]
part_class = data[1]
key = data[2]
if not check_license(license):
return HttpResponse(status=404)
patient = User.objects.get(username=license["patient"])
part_class = FolderPart_Name.objects.get(part_name=part_class)
justified = User.objects.get(username=license["justified"])
part = FolderPart.objects.get(folder_id=patient.folderinfo, part_class=part_class)
if not JustifiedKey.objects.filter(part=part, justified_name=justified, key=key).exists():
justified_key = JustifiedKey(part=part, justified_name=justified, key=key)
justified_key.save()
content_response = {"done": 1}
return JsonResponse(content_response, status=201)
@api_view(['POST'])
@csrf_exempt
@permission_classes([IsAdminUser])
def delete_justified_key(request):
post_content = json.loads(request.body)
print(post_content)
patient = post_content['patient']
justified = post_content['justified']
folder_parts_delete_key = post_content['folder_parts']
old_total_key = post_content['old_total_key']
new_total_key = post_content['new_total_key']
old_total_key_decrypt = decrypt(old_total_key)
new_total_key_decrypt = decrypt(new_total_key)
patient = User.objects.get(username=patient)
justified = User.objects.get(username=justified)
all_folder_parts = FolderPart_Name.objects.all().values_list()
for part in all_folder_parts:
folder_part_name_object = FolderPart_Name.objects.get(part_name=part[1])
folder_part_object = FolderPart.objects.get(part_class=folder_part_name_object,folder_id=patient.folderinfo)
decrypted_content = decrypt_aes(folder_part_object.part_context, old_total_key_decrypt)
encrypted_content = encrypt_aes(decrypted_content, new_total_key_decrypt)
folder_part_object.part_context = encrypted_content
folder_part_object.save()
for part in folder_parts_delete_key:
folder_part_name_object = FolderPart_Name.objects.get(part_name=part)
folder_part_object = FolderPart.objects.get(folder_id=patient.folderinfo, part_class=folder_part_name_object)
key = JustifiedKey.objects.filter(part=folder_part_object, justified_name=justified)
key.delete()
return Response(status=201)
class UserViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows users to be viewed or edited.
"""
queryset = User.objects.all().order_by('-date_joined')
serializer_class = UserSerializer
permission_classes = [permissions.IsAuthenticated]
class GroupViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows groups to be viewed or edited.
"""
queryset = Group.objects.all()
serializer_class = GroupSerializer
permission_classes = [permissions.IsAuthenticated]
class GetFolderPartNames(viewsets.ModelViewSet):
queryset = FolderPart_Name.objects.all()
serializer_class = FolderPartNameSerializer

30
Contentserver/drm_server/health_view/webpack.config.js Normal file
View File

@ -0,0 +1,30 @@
const webpack = require('webpack');
module.exports = {
resolve:{fallback: { "crypto": require.resolve("crypto-browserify"),
"stream": require.resolve("stream-browserify"),
"buffer": require.resolve("buffer-browserify"),
"path": require.resolve("path-browserify"),
"assert": require.resolve("assert/")}},
module: {
rules: [
{
test: /\.js$/,
exclude: /node_modules/,
use: {
loader: "babel-loader",
options: {
presets: ["@babel/preset-env", "@babel/preset-react"],
}
}
}
]
},
plugins: [
new webpack.ProvidePlugin({
process: 'process/browser',
'process.env.POUCHDB_NAME': JSON.stringify(process.env.POUCHDB_NAME || 'mydb'),
})
],
}