def notify_error(agent, msgtype='revocation'): if not config.getboolean('cloud_verifier', 'revocation_notifier'): return # prepare the revocation message: revocation = { 'type': msgtype, 'ip': agent['ip'], 'agent_id': agent['agent_id'], 'port': agent['port'], 'tpm_policy': agent['tpm_policy'], 'vtpm_policy': agent['vtpm_policy'], 'meta_data': agent['meta_data'], 'event_time': time.asctime() } tosend = {'msg': json.dumps(revocation).encode('utf-8')} # also need to load up private key for signing revocations if agent['revocation_key'] != "": signing_key = crypto.rsa_import_privkey(agent['revocation_key']) tosend['signature'] = crypto.rsa_sign(signing_key, tosend['msg']) else: tosend['signature'] = "none" revocation_notifier.notify(tosend)
def prepare_error(agent, msgtype="revocation", event=None): # prepare the revocation message: revocation = { "type": msgtype, "ip": agent["ip"], "agent_id": agent["agent_id"], "port": agent["port"], "tpm_policy": agent["tpm_policy"], "meta_data": agent["meta_data"], "event_time": time.asctime(), } if event: revocation["event_id"] = event.event_id revocation["severity_label"] = event.severity_label.name revocation["context"] = event.context tosend = {"msg": json.dumps(revocation).encode("utf-8")} # also need to load up private key for signing revocations if agent["revocation_key"] != "": signing_key = crypto.rsa_import_privkey(agent["revocation_key"]) tosend["signature"] = crypto.rsa_sign(signing_key, tosend["msg"]) else: tosend["signature"] = "none" return tosend
def test_rsa_sign(self): message = b"a secret message!" private = rsa_generate(2048) public_key = get_public_key(private) signature = rsa_sign(private, message) self.assertTrue(rsa_verify(public_key, message, signature)) message = b"another message!" self.assertFalse(rsa_verify(public_key, message, signature))
def notify_error(agent, msgtype='revocation', event=None): send_mq = config.getboolean('cloud_verifier', 'revocation_notifier') send_webhook = config.getboolean('cloud_verifier', 'revocation_notifier_webhook', fallback=False) if not (send_mq or send_webhook): return # prepare the revocation message: revocation = { 'type': msgtype, 'ip': agent['ip'], 'agent_id': agent['agent_id'], 'port': agent['port'], 'tpm_policy': agent['tpm_policy'], 'vtpm_policy': agent['vtpm_policy'], 'meta_data': agent['meta_data'], 'event_time': time.asctime() } if event: revocation['event_id'] = event.event_id revocation['severity_label'] = event.severity_label.name revocation['context'] = event.context tosend = {'msg': json.dumps(revocation).encode('utf-8')} # also need to load up private key for signing revocations if agent['revocation_key'] != "": signing_key = crypto.rsa_import_privkey(agent['revocation_key']) tosend['signature'] = crypto.rsa_sign(signing_key, tosend['msg']) else: tosend['signature'] = "none" if send_mq: revocation_notifier.notify(tosend) if send_webhook: revocation_notifier.notify_webhook(tosend)
def notify_error(agent, msgtype="revocation", event=None): send_mq = config.getboolean("cloud_verifier", "revocation_notifier") send_webhook = config.getboolean("cloud_verifier", "revocation_notifier_webhook", fallback=False) if not (send_mq or send_webhook): return # prepare the revocation message: revocation = { "type": msgtype, "ip": agent["ip"], "agent_id": agent["agent_id"], "port": agent["port"], "tpm_policy": agent["tpm_policy"], "meta_data": agent["meta_data"], "event_time": time.asctime(), } if event: revocation["event_id"] = event.event_id revocation["severity_label"] = event.severity_label.name revocation["context"] = event.context tosend = {"msg": json.dumps(revocation).encode("utf-8")} # also need to load up private key for signing revocations if agent["revocation_key"] != "": signing_key = crypto.rsa_import_privkey(agent["revocation_key"]) tosend["signature"] = crypto.rsa_sign(signing_key, tosend["msg"]) else: tosend["signature"] = "none" if send_mq: revocation_notifier.notify(tosend) if send_webhook: revocation_notifier.notify_webhook(tosend)