perform actual hmac signature

2020-06-11 00:00:16 +02:00 · 2020-06-11 00:00:16 +02:00 · 0e4f772c69
commit 0e4f772c69
parent 8278ece803
1 changed files with 7 additions and 4 deletions
--- a/owrx/receiverid.py
+++ b/owrx/receiverid.py
@ -1,6 +1,7 @@
 import re
 import logging
 import hashlib
+import hmac
 from datetime import datetime
 from owrx.config import Config

@ -49,6 +50,8 @@ class ReceiverId(object):
            raise KeyException("invalid authorization header")
        challenge = KeyChallenge(matches.group(1))
        key = ReceiverId.findKey(challenge)
+        if key is None:
+            return {}
        time, signature = ReceiverId.signChallenge(challenge, key)
        return {
            "Signature": signature,
@ -60,9 +63,10 @@ class ReceiverId(object):
        def parseKey(keyString):
            try:
                return Key(keyString)
-            except KeyError as e:
+            except KeyException as e:
                logger.error(e)
-        keys = [key for key in (parseKey(keyString) for keyString in Config.get()['receiver_keys']) if key is not None]
+        keys = [parseKey(keyString) for keyString in Config.get()['receiver_keys']]
+        keys = [key for key in keys if key is not None]
        matching_keys = [key for key in keys if key.source == challenge.source and key.id == challenge.id]
        if matching_keys:
            return matching_keys[0]
@ -72,6 +76,5 @@ class ReceiverId(object):
    def signChallenge(challenge, key):
        now = datetime.utcnow().isoformat()
        signString = "{challenge}:{time}".format(challenge=challenge.challenge, time=now)
-        m = hashlib.sha256()
-        m.update(signString.encode())
+        m = hmac.new(bytes.fromhex(key.secret), msg=signString.encode('utf8'), digestmod=hashlib.sha256)
        return now, m.hexdigest()