#include "selfdrive/ui/qt/api.h" #include #include #include #include #include #include #include #include #include #include "selfdrive/common/params.h" #include "selfdrive/common/util.h" #include "selfdrive/hardware/hw.h" #include "selfdrive/ui/qt/util.h" namespace CommaApi { QByteArray rsa_sign(const QByteArray &data) { static std::string key = util::read_file(Path::rsa_file()); if (key.empty()) { qDebug() << "No RSA private key found, please run manager.py or registration.py"; return {}; } BIO* mem = BIO_new_mem_buf(key.data(), key.size()); assert(mem); RSA* rsa_private = PEM_read_bio_RSAPrivateKey(mem, NULL, NULL, NULL); assert(rsa_private); auto sig = QByteArray(); sig.resize(RSA_size(rsa_private)); unsigned int sig_len; int ret = RSA_sign(NID_sha256, (unsigned char*)data.data(), data.size(), (unsigned char*)sig.data(), &sig_len, rsa_private); assert(ret == 1); assert(sig_len == sig.size()); BIO_free(mem); RSA_free(rsa_private); return sig; } QString create_jwt(const QJsonObject &payloads, int expiry) { QJsonObject header = {{"alg", "RS256"}}; auto t = QDateTime::currentSecsSinceEpoch(); QJsonObject payload = {{"identity", getDongleId().value_or("")}, {"nbf", t}, {"iat", t}, {"exp", t + expiry}}; for (auto it = payloads.begin(); it != payloads.end(); ++it) { payload.insert(it.key(), it.value()); } auto b64_opts = QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals; QString jwt = QJsonDocument(header).toJson(QJsonDocument::Compact).toBase64(b64_opts) + '.' + QJsonDocument(payload).toJson(QJsonDocument::Compact).toBase64(b64_opts); auto hash = QCryptographicHash::hash(jwt.toUtf8(), QCryptographicHash::Sha256); auto sig = rsa_sign(hash); jwt += '.' + sig.toBase64(b64_opts); return jwt; } } // namespace CommaApi HttpRequest::HttpRequest(QObject *parent, bool create_jwt, int timeout) : create_jwt(create_jwt), QObject(parent) { networkAccessManager = new QNetworkAccessManager(this); networkTimer = new QTimer(this); networkTimer->setSingleShot(true); networkTimer->setInterval(timeout); connect(networkTimer, &QTimer::timeout, this, &HttpRequest::requestTimeout); } bool HttpRequest::active() { return reply != nullptr; } void HttpRequest::sendRequest(const QString &requestURL, const HttpRequest::Method method) { if (active()) { qDebug() << "HttpRequest is active"; return; } QString token; if(create_jwt) { token = CommaApi::create_jwt(); } else { QString token_json = QString::fromStdString(util::read_file(util::getenv("HOME") + "/.comma/auth.json")); QJsonDocument json_d = QJsonDocument::fromJson(token_json.toUtf8()); token = json_d["access_token"].toString(); } QNetworkRequest request; request.setUrl(QUrl(requestURL)); request.setRawHeader("User-Agent", getUserAgent().toUtf8()); if (!token.isEmpty()) { request.setRawHeader(QByteArray("Authorization"), ("JWT " + token).toUtf8()); } if (method == HttpRequest::Method::GET) { reply = networkAccessManager->get(request); } else if (method == HttpRequest::Method::DELETE) { reply = networkAccessManager->deleteResource(request); } networkTimer->start(); connect(reply, &QNetworkReply::finished, this, &HttpRequest::requestFinished); } void HttpRequest::requestTimeout() { reply->abort(); } // This function should always emit something void HttpRequest::requestFinished() { bool success = false; if (reply->error() != QNetworkReply::OperationCanceledError) { networkTimer->stop(); QString response = reply->readAll(); if (reply->error() == QNetworkReply::NoError) { success = true; emit receivedResponse(response); } else { emit failedResponse(reply->errorString()); if (reply->error() == QNetworkReply::ContentAccessDenied || reply->error() == QNetworkReply::AuthenticationRequiredError) { qWarning() << ">> Unauthorized. Authenticate with tools/lib/auth.py <<"; } } } else { networkAccessManager->clearAccessCache(); networkAccessManager->clearConnectionCache(); emit timeoutResponse("timeout"); } emit requestDone(success); reply->deleteLater(); reply = nullptr; }