implement signature algorithm

owrx/controllers/__init__.py

@@ -7,14 +7,18 @@ class Controller(object):
         self.request = request
         self.options = options
 
-    def send_response(self, content, code=200, content_type="text/html", last_modified: datetime = None, max_age=None):
+    def send_response(self, content, code=200, content_type="text/html", last_modified: datetime = None, max_age=None, headers=None):
         self.handler.send_response(code)
+        if headers is None:
+            headers = {}
         if content_type is not None:
-            self.handler.send_header("Content-Type", content_type)
+            headers["Content-Type"] = content_type
         if last_modified is not None:
-            self.handler.send_header("Last-Modified", last_modified.strftime("%a, %d %b %Y %H:%M:%S GMT"))
+            headers["Last-Modified"] = last_modified.strftime("%a, %d %b %Y %H:%M:%S GMT")
         if max_age is not None:
-            self.handler.send_header("Cache-Control", "max-age: {0}".format(max_age))
+            headers["Cache-Control"] = "max-age: {0}".format(max_age)
+        for key, value in headers.items():
+            self.handler.send_header(key, value)
         self.handler.end_headers()
         if type(content) == str:
             content = content.encode()

owrx/controllers/status.py

@@ -29,9 +29,10 @@ class StatusController(Controller):
 
     def indexAction(self):
         pm = Config.get()
+        headers = None
         if "Authorization" in self.request.headers:
             try:
-                ReceiverId.getResponseHeader(self.request.headers["Authorization"])
+                headers = ReceiverId.getResponseHeader(self.request.headers["Authorization"])
             except KeyException:
                 logger.exception("error processing authorization header")
         status = {
@@ -46,4 +47,4 @@ class StatusController(Controller):
             "version": openwebrx_version,
             "sdrs": [self.getReceiverStats(r) for r in SdrService.getSources().values()]
         }
-        self.send_response(json.dumps(status), content_type="application/json")
+        self.send_response(json.dumps(status), content_type="application/json", headers=headers)

owrx/receiverid.py

@@ -1,5 +1,7 @@
 import re
 import logging
+import hashlib
+from datetime import datetime
 from owrx.config import Config
 
 logger = logging.getLogger(__name__)
@@ -47,7 +49,11 @@ class ReceiverId(object):
             raise KeyException("invalid authorization header")
         challenge = KeyChallenge(matches.group(1))
         key = ReceiverId.findKey(challenge)
-        # TODO sign challenge and respond
+        time, signature = ReceiverId.signChallenge(challenge, key)
+        return {
+            "Signature": signature,
+            "Time": time,
+        }
 
     @staticmethod
     def findKey(challenge):
@@ -61,3 +67,11 @@ class ReceiverId(object):
         if matching_keys:
             return matching_keys[0]
         return None
+
+    @staticmethod
+    def signChallenge(challenge, key):
+        now = datetime.utcnow().isoformat()
+        signString = "{challenge}:{time}".format(challenge=challenge.challenge, time=now)
+        m = hashlib.sha256()
+        m.update(signString.encode())
+        return now, m.hexdigest()