log more errors during signature's checks (fixes #22615)
This commit is contained in:
parent
cd140d19cc
commit
d72561e3b8
|
@ -21,6 +21,8 @@ import hashlib
|
|||
import urllib
|
||||
import random
|
||||
import urlparse
|
||||
import logging
|
||||
|
||||
|
||||
'''Simple signature scheme for query strings'''
|
||||
# from http://repos.entrouvert.org/portail-citoyen.git/tree/portail_citoyen/apps/data_source_plugin/signature.py
|
||||
|
@ -64,18 +66,43 @@ def check_url(url, key, known_nonce=None, timedelta=30):
|
|||
|
||||
|
||||
def check_query(query, key, known_nonce=None, timedelta=30):
|
||||
res, error = check_query2(query, key, known_nonce=known_nonce, timedelta=timedelta)
|
||||
if not res:
|
||||
key_hash = 'md5:%s' % hashlib.md5(key).hexdigest()[:6]
|
||||
logging.getLogger(__name__).warning(
|
||||
'could not check signature of query %r with key %s: %s', query, key_hash, error)
|
||||
return res
|
||||
|
||||
|
||||
def check_query2(query, key, known_nonce, timedelta):
|
||||
parsed = urlparse.parse_qs(query)
|
||||
signature = base64.b64decode(parsed['signature'][0])
|
||||
algo = parsed['algo'][0]
|
||||
timestamp = parsed['timestamp'][0]
|
||||
timestamp = datetime.datetime.strptime(timestamp, '%Y-%m-%dT%H:%M:%SZ')
|
||||
nonce = parsed['nonce']
|
||||
try:
|
||||
signature = parsed['signature'][0]
|
||||
algo = parsed['algo'][0]
|
||||
timestamp = parsed['timestamp'][0]
|
||||
nonce = parsed['nonce'][0]
|
||||
except KeyError as e:
|
||||
return False, 'missing required field %r' % e.args[0]
|
||||
try:
|
||||
signature = base64.b64decode(parsed['signature'][0])
|
||||
except Exception as e:
|
||||
return False, 'could not decode base64 signature (%s)' % e
|
||||
|
||||
if algo not in hashlib.algorithms:
|
||||
return False, 'hash algorithm %s is not supported' % algo
|
||||
|
||||
try:
|
||||
timestamp = datetime.datetime.strptime(timestamp, '%Y-%m-%dT%H:%M:%SZ')
|
||||
except Exception as e:
|
||||
return False, 'could not parse the timestamp %s' % timestamp
|
||||
unsigned_query = query.split('&signature=')[0]
|
||||
if known_nonce is not None and known_nonce(nonce):
|
||||
return False
|
||||
return False, 'used nonce'
|
||||
if abs(datetime.datetime.utcnow() - timestamp) > datetime.timedelta(seconds=timedelta):
|
||||
return False
|
||||
return check_string(unsigned_query, signature, key, algo=algo)
|
||||
return False, 'timestamp is older than %d seconds' % timedelta
|
||||
if not check_string(unsigned_query, signature, key, algo=algo):
|
||||
return False, 'signature does not match'
|
||||
return True, None
|
||||
|
||||
|
||||
def check_string(s, signature, key, algo='sha256'):
|
||||
|
@ -88,8 +115,18 @@ def check_string(s, signature, key, algo='sha256'):
|
|||
res |= ord(a) ^ ord(b)
|
||||
return res == 0
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
logging.basicConfig()
|
||||
key = '12345'
|
||||
signed_query = sign_query('NameId=_12345&orig=montpellier', key)
|
||||
assert check_query(signed_query, key, timedelta=0) is False
|
||||
assert check_query(signed_query, key) is True
|
||||
signed_query2 = signed_query.split('&signature=', 1)[0] + '&signature=1111'
|
||||
assert check_query(signed_query2, key) is False
|
||||
signed_query3 = signed_query.replace('sha256', 'wtf')
|
||||
assert check_query(signed_query3, key) is False
|
||||
signed_query4 = signed_query.split('&signature=', 1)[0]
|
||||
assert check_query(signed_query4, key) is False
|
||||
signed_query5 = signed_query.split('&signature=', 1)[0] + '&signature=111'
|
||||
assert check_query(signed_query5, key) is False
|
||||
|
|
Loading…
Reference in New Issue