implement signature algorithm

2020-06-10 22:50:16 +02:00 · 2020-06-10 22:50:16 +02:00 · eebe33f896
commit eebe33f896
parent 61d03b38b9
3 changed files with 26 additions and 7 deletions
--- a/owrx/controllers/init.py
+++ b/owrx/controllers/init.py
@ -7,14 +7,18 @@ class Controller(object):
        self.request = request
        self.options = options

-    def send_response(self, content, code=200, content_type="text/html", last_modified: datetime = None, max_age=None):
+    def send_response(self, content, code=200, content_type="text/html", last_modified: datetime = None, max_age=None, headers=None):
        self.handler.send_response(code)
+        if headers is None:
+            headers = {}
        if content_type is not None:
-            self.handler.send_header("Content-Type", content_type)
+            headers["Content-Type"] = content_type
        if last_modified is not None:
-            self.handler.send_header("Last-Modified", last_modified.strftime("%a, %d %b %Y %H:%M:%S GMT"))
+            headers["Last-Modified"] = last_modified.strftime("%a, %d %b %Y %H:%M:%S GMT")
        if max_age is not None:
-            self.handler.send_header("Cache-Control", "max-age: {0}".format(max_age))
+            headers["Cache-Control"] = "max-age: {0}".format(max_age)
+        for key, value in headers.items():
+            self.handler.send_header(key, value)
        self.handler.end_headers()
        if type(content) == str:
            content = content.encode()
--- a/owrx/controllers/status.py
+++ b/owrx/controllers/status.py
@ -29,9 +29,10 @@ class StatusController(Controller):

    def indexAction(self):
        pm = Config.get()
+        headers = None
        if "Authorization" in self.request.headers:
            try:
-                ReceiverId.getResponseHeader(self.request.headers["Authorization"])
+                headers = ReceiverId.getResponseHeader(self.request.headers["Authorization"])
            except KeyException:
                logger.exception("error processing authorization header")
        status = {
@ -46,4 +47,4 @@ class StatusController(Controller):
            "version": openwebrx_version,
            "sdrs": [self.getReceiverStats(r) for r in SdrService.getSources().values()]
        }
-        self.send_response(json.dumps(status), content_type="application/json")
+        self.send_response(json.dumps(status), content_type="application/json", headers=headers)
--- a/owrx/receiverid.py
+++ b/owrx/receiverid.py
@ -1,5 +1,7 @@
 import re
 import logging
+import hashlib
+from datetime import datetime
 from owrx.config import Config

 logger = logging.getLogger(__name__)
@ -47,7 +49,11 @@ class ReceiverId(object):
            raise KeyException("invalid authorization header")
        challenge = KeyChallenge(matches.group(1))
        key = ReceiverId.findKey(challenge)
-        # TODO sign challenge and respond
+        time, signature = ReceiverId.signChallenge(challenge, key)
+        return {
+            "Signature": signature,
+            "Time": time,
+        }

    @staticmethod
    def findKey(challenge):
@ -61,3 +67,11 @@ class ReceiverId(object):
        if matching_keys:
            return matching_keys[0]
        return None
+
+    @staticmethod
+    def signChallenge(challenge, key):
+        now = datetime.utcnow().isoformat()
+        signString = "{challenge}:{time}".format(challenge=challenge.challenge, time=now)
+        m = hashlib.sha256()
+        m.update(signString.encode())
+        return now, m.hexdigest()