# Overview of the task

The task was to implement a security-critical webshop that can be used to sell and buy animated images stored in a custom format. The webshop has to support CAFF (_CrySyS Animated File Format_). The system consists of a web service and a mobile or web client.

# Overview of the implementation

During the design phase, we decided to implement a web client.

Our implementation consists of the following modules:

- **CAFF previewer** / [caff-previewer](https://github.com/UnstableVortexSecurity/caff-previewer): A program written in C that is used to extract a preview (a single frame) from a CAFF file. The extracted preview is saved in .tga (TARGA) format, which is a simple bitmap image format.
- **CAFF previewer wrapper**  / [caff-previewer-wrapper](https://github.com/UnstableVortexSecurity/caff-previewer-wrapper): A wrapper written in Python/Flask that provides a simple HTTP interface between CAFF previewer and the web client. The wrapper also converts the extracted preview to PNG using ImageMagick.
- **Web application** / [webshop](https://github.com/UnstableVortexSecurity/webshop): A web client written in Python/Flask. This client implements the user functions.

Note: each module is hosted in its own repository.

# CAFF previewer
This module is responsible for extracting previews from CAFF files.

# CAFF previewer wrapper
This module makes communication between the previewer and the web client possible.

# Web application
This module provides the web UI for the users.

# Trying out our webshop
Since our webshop is a modern web application it has quite a few dependencies. To make trying it out easier we deployed to our own secure Kubernetes cluster. It is available at https://unstablevortex.kmlabz.com/ .

The application connects to every dependency (Minio, Caff Previewer Wrapper, SMTP and PostgreSQL server) over TLS and the configuration environment variables are stored in Vault.