Implement signed event handler

2024-11-22 08:01:31 +00:00 · 2019-08-05 13:47:05 +02:00 · 2019-08-05 13:47:05 +02:00 · e87a16991c
commit e87a16991c
parent 0a218c8d6d
4 changed files with 24 additions and 8 deletions
--- a/tfw/components/fsm/fsm_handler.py
+++ b/tfw/components/fsm/fsm_handler.py
@ -24,11 +24,10 @@ class FSMHandler:
    An 'fsm_update' message is broadcasted after every successful
    command.
    """
-    def __init__(self, *, fsm_type, require_signature=False):
+    def __init__(self, *, fsm_type):
        self.fsm = fsm_type()
        self._fsm_updater = FSMUpdater(self.fsm)
        self.auth_key = KeyManager().auth_key
-        self._require_signature = require_signature

        self.command_handlers = {
            'trigger': self.handle_trigger,
@ -54,10 +53,6 @@ class FSMHandler:
                        the action to try triggering in data['value']
        """
        trigger = message['data']['value']
-        if self._require_signature:
-            if not verify_message(self.auth_key, message):
-                LOG.error('Ignoring unsigned trigger command: %s', message)
-                return None
        if self.fsm.step(trigger):
            return message
        return None
--- a/tfw/event_handlers.py
+++ b/tfw/event_handlers.py
@ -1,2 +1,2 @@
 # pylint: disable=unused-import
-from tfw.internals.event_handling import EventHandler, FSMAwareEventHandler
+from tfw.internals.event_handling import EventHandler, FSMAwareEventHandler, SignedEventHandler
--- a/tfw/internals/event_handling/init.py
+++ b/tfw/internals/event_handling/init.py
@ -1,3 +1,4 @@
-from .event_handler_factory_base import EventHandlerFactoryBase
 from .event_handler import EventHandler
+from .event_handler_factory_base import EventHandlerFactoryBase
 from .fsm_aware_event_handler import FSMAwareEventHandler
+from .signed_event_handler import SignedEventHandler
--- a/tfw/internals/event_handling/signed_event_handler.py
+++ b/tfw/internals/event_handling/signed_event_handler.py
@ -0,0 +1,20 @@
+import logging
+
+from tfw.internals.crypto import KeyManager, verify_message
+
+from .event_handler import EventHandler
+
+LOG = logging.getLogger(__name__)
+
+
+# pylint: disable=abstract-method
+class SignedEventHandler(EventHandler):
+    def __init__(self, connector):
+        self._auth_key = KeyManager().auth_key
+        super().__init__(connector)
+
+    def _event_callback(self, message):
+        if verify_message(self._auth_key, message):
+            self.handle_event(message, self.connector)
+        else:
+            LOG.error('Message does not have valid signature: %s', message)