def test_signature( self ):
identity = Identity.generate(fast=True)
message = b'test message'
signature = identity.sign(message)
public_key = identity.get_public_key()
self.assertEqual(True, public_key.verify(message, signature))
self.assertEqual(False, public_key.verify(message, signature + b'x'))
self.assertEqual(False, public_key.verify(message + b'x', signature))
def test_proof_of_possession( self ):
transport_id = 'encrypted_tcp'
transport_request = self.make_tcp_transport_request(self.session_list, transport_id, obj_id='1', command_id='echo', test_param='hi')
response_transport_packets = self.remoting.process_packet(self.iface_registry, self.server, self.session_list, transport_request)
challenge = self.pick_pop_channelge_from_responses(transport_id, response_transport_packets)
identity_1 = Identity.generate(fast=True)
identity_2 = Identity.generate(fast=True)
pop_record_1 = tPopRecord(
identity_1.get_public_key().to_der(),
identity_1.sign(challenge))
pop_record_2 = tPopRecord(
identity_2.get_public_key().to_der(),
identity_2.sign(challenge + b'x')) # make invlid signature; verification must fail
transport_request = self.encode_pop_transport_request(transport_id, challenge, [pop_record_1, pop_record_2])
response_transport_packets = self.remoting.process_packet(self.iface_registry, self.server, self.session_list, transport_request)
session = self.session_list.get_transport_session(transport_id)
self.assertIn(identity_1.get_public_key(), session.peer_public_keys)
self.assertNotIn(identity_2.get_public_key(), session.peer_public_keys)
def main():
logging.basicConfig(level=logging.DEBUG, format='%(asctime)-15s %(message)s')
parser = argparse.ArgumentParser(description='Hyperapp server')
parser.add_argument('identity_fpath', help='path to identity file')
parser.add_argument('addr', nargs='?', help='address to listen at', default=DEFAULT_ADDR)
parser.add_argument('--test-delay', type=float, help='artificial delay for handling requests, seconds')
args = parser.parse_args()
identity = Identity.load_from_file(args.identity_fpath)
host, port = parse_addr(args.addr)
services = Services()
server = Server(identity, args.test_delay)
tcp_server = TcpServer(services.remoting, server, host, port)
management_url = services.modules.server_management.get_management_url(server.get_public_key())
url_with_routes = management_url.clone_with_routes(tcp_server.get_routes())
log.info('Management url: %s', url_with_routes.to_str())
tcp_server.run()
def create_identity( fpath, overwrite ):
private_fpath = fpath + '.identity.pem'
public_fpath = fpath + '.public.pem'
if os.path.exists(private_fpath) and not overwrite:
log.info('identity file %r is already exists', private_fpath)
return
if os.path.exists(public_fpath) and not overwrite:
log.info('identity file %r is already exists', public_fpath)
return
log.info('generating rsa key of size %d...', RSA_KEY_SIZE_SAFE)
sys.stdout.flush()
identity = Identity.generate()
log.info('generating rsa key ... done')
public_key = identity.private_key.public_key()
identity.save_to_file(private_fpath)
log.info('identity is written to %r', private_fpath)
identity.get_public_key().save_to_file(public_fpath)
log.info('public key is written to %r', public_fpath)
TYPE_MODULE_EXT = '.types'
DYN_MODULE_EXT = '.dyn.py'
logging.basicConfig(level=logging.DEBUG, format='%(asctime)-15s %(message)s')
test_iface = Interface('test_iface', commands=[
RequestCmd('echo', [Field('test_param', tString)], [Field('test_result', tString)]),
RequestCmd('required_auth', result_fields=[Field('test_result', tString)]),
RequestCmd('broadcast', [Field('message', tString)]),
],
diff_type=tString)
authorized_peer_identity = Identity.generate(fast=True)
class TestObject(Object):
class_name = 'test_object'
iface = test_iface
def __init__( self, module, id ):
Object.__init__(self)
self.module = module
self.id = id
def get_path( self ):
return self.module.make_path(self.class_name, self.id)
