4.2 KiB
Overview of the task
The task was to implement a security-critical webshop that can be used to sell and buy animated images stored in a custom format. The webshop has to support CAFF (CrySyS Animated File Format). The system consists of a web service and a mobile or web client.
Overview of the implementation
During the design phase, we decided to implement a web client.
Our implementation consists of the following modules:
- CAFF previewer / caff-previewer: A program written in C that is used to extract a preview (a single frame) from a CAFF file. The extracted preview is saved in .tga (TARGA) format, which is a simple bitmap image format.
- CAFF previewer wrapper / caff-previewer-wrapper: A wrapper written in Python/Flask that provides a simple HTTP interface between CAFF previewer and the web client. The wrapper also converts the extracted preview to PNG using ImageMagick.
- Web application / webshop: A web client written in Python/Flask. This client implements the user functions.
Note: each module is hosted in its own repository.
CAFF previewer
This module is responsible for extracting previews from CAFF files. The module can be built using CMake, detailed instructions are available in the module's README file.
Error handling
Functions that perform a complex task can fail in multiple ways. In order to be able to pinpoint the exact issue, these functions always have to return with a status code. The type of the status code is uint8_t.
Successful execution is indicated by the status code 0x00. Any outputs of the function must be returned using pointers given in the parameters. The status code is almost always used as an exit code for the program, so users can easily identify the exact issue.
Each error type must have a status code that is unique in the whole program. The status codes are divided into two parts:
- First 4 bits: identifies a certain module of the previewer
- Last 4 bits: identifies the exact problem
Memory allocation
The module provides its own memory allocation library called MagicMemory.
The library can be used to create MagicMemory contexts. All memory allocation calls must be performed through this library. If a function allocates memory, it has to take a MagicMemory context (that has the type mm_ctx) as its first parameter and perform the memory allocation inside that context.
Before the program exits, all of the contexts must be freed up.
Data validation
There are two different kinds of functions that perform data validation:
- Validator: A validator only validates data according to its format specification.
- Parser: A parser validates data and then extracts some fields from the data.
It is not unusual for a parser function to call a validator function to validate its whole input before extracting the fields.
CAFF previewer wrapper
This module makes communication between the previewer and the web client possible.
Endpoint
The module provides only one endpoint:
POST /preview
Request: The endpoint expects a single CAFF file to be sent. The content of the CAFF file is expected to be senr in a raw binary format without any extra encapsulation. The content type must be set to application/octet-stream.
Response: If the preview extraction is successful, the response contains a single PNG image. The content type is set to image/png.
Web application
This module provides the web UI for the users.
Trying out our webshop
Since our webshop is a modern web application, it has quite a few dependencies. To make trying it out easier, we deployed the web application to our own secure Kubernetes cluster. It is available at unstablevortex.kmlabz.com.
The application connects to every dependency (Minio, CAFF previewer wrapper, SMTP and PostgreSQL server) over TLS and the configuration environment variables are stored in Vault.