#include <sstream>
#include <algorithm>

#include <Arduino.h> // for esp_random() and millis()
#include <mbedtls/sha256.h>

#include "ChallengeResponse.h"

#include "Config.h"

ChallengeResponse::ChallengeResponse(const std::string &pw)
    : m_passwd(pw), m_expireTime(0)
{
}

bool ChallengeResponse::verify(const std::string &hash)
{
    if(millis() > m_expireTime) {
        // challenge timed out
        return false;
    }

    std::ostringstream refResponse;
    refResponse << m_passwd << ":" << m_currentNonce << ":" << Config::instance().getCRSalt();

    // calculate hash of reference response
    uint8_t sha256sum[32];
    mbedtls_sha256_ret(reinterpret_cast<const unsigned char*>(refResponse.str().data()),
        refResponse.str().length(), sha256sum, 0);

    // convert hash to hex
    std::ostringstream hexHash;
    for(size_t i = 0; i < 32; i++) {
        static const char *conv = "0123456789abcdef";

        uint8_t b = sha256sum[i];

        hexHash << conv[(b >> 4)];
        hexHash << conv[(b &0x0F)];
    }

    std::string lowerHash;
    std::transform(hash.begin(), hash.end(), lowerHash.begin(),
        [](char c) { return std::tolower(c);});

    return hexHash.str() == hash;
}

uint32_t ChallengeResponse::nonce(void)
{
    m_currentNonce = esp_random();
    m_expireTime = millis() + NONCE_LIFETIME_MS;
    return m_currentNonce;
}