def _schedule_expiration_check(self):
if self._timeout:
self.ioloop.remove_timeout(self._timeout)
self._timeout = None
while len(self._expires_list) > 0:
item_expiration, item_id = self._expires_list[0]
try:
item = self._items[item_id]
except KeyError:
del self._expires_list[0]
continue
now = Time.syncedNow()
if not item._active or item_expiration < now:
del self._expires_list[0]
del self._items[item_id]
self._delete_from_indexes(item)
continue
# No more expired items, schedule next check
self._timeout = self.ioloop.add_timeout(
item_expiration - now + datetime.timedelta(milliseconds=100),
self._schedule_expiration_check)
break
self._storage_change()
def _schedule_expiration_check(self):
if self._timeout:
self.ioloop.remove_timeout(self._timeout)
self._timeout = None
while len(self._expires_list) > 0:
item_expiration, item_id = self._expires_list[0]
try:
item = self._items[item_id]
except KeyError:
del self._expires_list[0]
continue
now = Time.syncedNow()
if not item._active or item_expiration < now:
del self._expires_list[0]
del self._items[item_id]
self._delete_from_indexes(item)
continue
# No more expired items, schedule next check
self._timeout = self.ioloop.add_timeout(
item_expiration - now + datetime.timedelta(milliseconds=100),
self._schedule_expiration_check
)
break
self._storage_change()
def generate_qr(self, wId):
webOTT = secrets.generate_ott(options.OTTLength,
self.application.server_secret.rng,
"hex")
nowTime = Time.syncedNow()
expirePinPadTime = nowTime + datetime.timedelta(
seconds=options.accessNumberExpireSeconds)
expireTime = expirePinPadTime + datetime.timedelta(
seconds=options.accessNumberExtendValiditySeconds)
self.storage.add(stage="auth",
expire_time=expireTime,
webOTT=webOTT,
wid=wId)
qrUrl = options.rpsBaseURL + "#" + wId
params = {
"ttlSeconds": options.accessNumberExpireSeconds,
"qrUrl": qrUrl,
"webOTT": webOTT,
"localTimeStart": Time.DateTimetoEpoch(nowTime),
"localTimeEnd": Time.DateTimetoEpoch(expirePinPadTime)
}
return params
def validate_pass2_value(self, mpin_id, u, ut, y, v):
"""Validate pass2 value.
y - pass 1 values
v - pass 2 value in question
"""
date = crypto.today()
check_dates = [date]
if Time.syncedNow().hour < 1:
check_dates.append(date - 1)
for date in check_dates:
hid, htid = crypto.mpin_server_1(mpin_id, date)
success, _, _ = crypto.mpin_server_2(self.server_secret, v, date, hid, htid, y, u, ut)
if success != -19:
break
return success
def generate_qr(self, wId):
webOTT = secrets.generate_ott(options.OTTLength, self.application.server_secret.rng, "hex")
nowTime = Time.syncedNow()
expirePinPadTime = nowTime + datetime.timedelta(seconds=options.accessNumberExpireSeconds)
expireTime = expirePinPadTime + datetime.timedelta(seconds=options.accessNumberExtendValiditySeconds)
self.storage.add(stage="auth", expire_time=expireTime, webOTT=webOTT, wid=wId)
qrUrl = options.rpsBaseURL + "#" + wId
params = {
"ttlSeconds": options.accessNumberExpireSeconds,
"qrUrl": qrUrl,
"webOTT": webOTT,
"localTimeStart": Time.DateTimetoEpoch(nowTime),
"localTimeEnd": Time.DateTimetoEpoch(expirePinPadTime)
}
return params
def __init__(self):
handlers = [
(r"/clientSecret", ClientSecretHandler),
(r"/serverSecret", ServerSecretHandler),
(r"/timePermit", TimePermitHandler),
(r"/timePermits", TimePermitsHandler),
(r"/status", StatusHandler),
(r"/(.*)", DefaultHandler),
]
settings = dict(xsrf_cookies=False)
super(Application, self).__init__(handlers, **settings)
Seed.getSeed(options.EntropySources
) # Get seed value for random number generator
self.master_secret = secrets.MasterSecret(
passphrase=options.passphrase,
salt=options.salt,
seed=Seed.seedValue,
backup_file=options.backup_file,
encrypt_master_secret=options.encrypt_master_secret,
time=Time.syncedNow())
def today():
"""Return time in slots since epoch using synced time"""
utc_dt = datetime.datetime.utcfromtimestamp(0)
return int((Time.syncedNow() - utc_dt).total_seconds() / 86400)
def today():
"""Return time in slots since epoch using synced time"""
utc_dt = datetime.datetime.utcfromtimestamp(0)
return int((Time.syncedNow() - utc_dt).total_seconds() / 86400)
def add(self, key, expires, value):
if expires:
self._execute("setex", key, (expires - Time.syncedNow()), value)
else:
self._execute("set", key, value)
def add(self, key, expires, value):
if expires:
self._execute("setex", key, (expires - Time.syncedNow()), value)
else:
self._execute("set", key, value)