def generate_response(self): (request, _) = netstring.consume_netstring(self.readbuf) (sig, request) = netstring.consume_netstring(request) sig = base64.standard_b64decode(sig) mysig = hmac.new(ACCESSKEY, request, hashlib.sha256).digest() if sig != mysig: self.writebuf = b"ERROR Bad signature" return (action, request) = netstring.consume_netstring(request) (mac, request) = netstring.consume_netstring(request) (time, request) = netstring.consume_netstring(request) if len(request) > 0: raise Exception("Invalid request: too long: " + repr(self.readbuf)) mac = MAC(mac.decode("ascii")) time = datetime.datetime.strptime(time.decode("ascii"), "%Y-%m-%dT%H:%M:%S") now = datetime.datetime.utcnow() if time < (now - TIMEWINDOW) or time > (now + TIMEWINDOW): self.writebuf = b"ERROR Time out of sync" return if action not in (b"grant", b"revoke"): self.writebuf = b"ERROR Invalid action" return LOGGER.info("Valid request to {0!r} {1!s}".format(action, mac)) if action == b"grant": print("grant", str(mac)) elif action == b"revoke": print("revoke", str(mac)) sys.stdout.flush() resp = sys.stdin.readline().strip() if resp == "OK": self.writebuf = netstring.encode_netstring(b"OK") else: self.writebuf = netstring.encode_netstring(b"ERROR " + resp.encode("ascii"))
def generate_response(self): (request, _) = netstring.consume_netstring(self.readbuf) (sig, request) = netstring.consume_netstring(request) sig = base64.standard_b64decode(sig) mysig = hmac.new(ACCESSKEY, request, hashlib.sha256).digest() if sig != mysig: self.writebuf = b'ERROR Bad signature' return (action, request) = netstring.consume_netstring(request) (mac, request) = netstring.consume_netstring(request) (time, request) = netstring.consume_netstring(request) if len(request) > 0: raise Exception('Invalid request: too long: ' + repr(self.readbuf)) mac = MAC(mac.decode('ascii')) time = datetime.datetime.strptime(time.decode('ascii'), '%Y-%m-%dT%H:%M:%S') now = datetime.datetime.utcnow() if time < (now - TIMEWINDOW) or time > (now + TIMEWINDOW): self.writebuf = b'ERROR Time out of sync' return if action not in (b'grant', b'revoke'): self.writebuf = b'ERROR Invalid action' return LOGGER.info('Valid request to {0!r} {1!s}'.format(action, mac)) if action == b'grant': print('grant', str(mac)) elif action == b'revoke': print('revoke', str(mac)) sys.stdout.flush() resp = sys.stdin.readline().strip() if resp == 'OK': self.writebuf = netstring.encode_netstring(b'OK') else: self.writebuf = netstring.encode_netstring(b'ERROR ' + resp.encode('ascii'))
def send_message(message, mac): # Law of Demeter? Hahahahaha date = netstring.encode_netstring(datetime.datetime.utcnow().replace( microsecond=0).isoformat().encode('ascii')) strtosign = (netstring.encode_netstring(message) + netstring.encode_netstring(mac.rawstr().encode('ascii')) + date) strtosend = netstring.encode_netstring( hmac_netstring(strtosign) + strtosign) sock = socket.create_connection((config.ACCESSHOST, config.ACCESSPORT), config.ACCESSTIMEOUT) try: sock.settimeout(config.ACCESSTIMEOUT) sock.sendall(strtosend) sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) resp = sock.recv(256) (resp, _) = netstring.consume_netstring(resp) if resp != b'OK': raise Exception('Error sending message {0!r}: {1!r}'.format( strtosend, resp)) finally: sock.close()
def send_message(message, mac): # Law of Demeter? Hahahahaha date = netstring.encode_netstring(datetime.datetime.utcnow() .replace(microsecond=0).isoformat().encode('ascii')) strtosign = (netstring.encode_netstring(message) + netstring.encode_netstring(mac.rawstr().encode('ascii')) + date) strtosend = netstring.encode_netstring(hmac_netstring(strtosign) + strtosign) sock = socket.create_connection((config.ACCESSHOST, config.ACCESSPORT), config.ACCESSTIMEOUT) try: sock.settimeout(config.ACCESSTIMEOUT) sock.sendall(strtosend) sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) resp = sock.recv(256) (resp, _) = netstring.consume_netstring(resp) if resp != b'OK': raise Exception('Error sending message {0!r}: {1!r}' .format(strtosend, resp)) finally: sock.close()
def hmac_netstring(s): return netstring.encode_netstring( base64.standard_b64encode( hmac.new(config.ACCESSKEY, s, hashlib.sha256).digest()))
def hmac_netstring(s): return netstring.encode_netstring(base64.standard_b64encode( hmac.new(config.ACCESSKEY, s, hashlib.sha256).digest()))