54 lines
1.3 KiB
C++
54 lines
1.3 KiB
C++
#include <sstream>
|
|
#include <algorithm>
|
|
|
|
#include <Arduino.h> // for esp_random() and millis()
|
|
#include <mbedtls/sha256.h>
|
|
|
|
#include "ChallengeResponse.h"
|
|
|
|
#include "Config.h"
|
|
|
|
ChallengeResponse::ChallengeResponse(const std::string &pw)
|
|
: m_passwd(pw), m_expireTime(0)
|
|
{
|
|
}
|
|
|
|
bool ChallengeResponse::verify(const std::string &hash)
|
|
{
|
|
if(millis() > m_expireTime) {
|
|
// challenge timed out
|
|
return false;
|
|
}
|
|
|
|
std::ostringstream refResponse;
|
|
refResponse << m_passwd << ":" << m_currentNonce << ":" << Config::instance().getCRSalt();
|
|
|
|
// calculate hash of reference response
|
|
uint8_t sha256sum[32];
|
|
mbedtls_sha256_ret(reinterpret_cast<const unsigned char*>(refResponse.str().data()),
|
|
refResponse.str().length(), sha256sum, 0);
|
|
|
|
// convert hash to hex
|
|
std::ostringstream hexHash;
|
|
for(size_t i = 0; i < 32; i++) {
|
|
static const char *conv = "0123456789abcdef";
|
|
|
|
uint8_t b = sha256sum[i];
|
|
|
|
hexHash << conv[(b >> 4)];
|
|
hexHash << conv[(b &0x0F)];
|
|
}
|
|
|
|
std::string lowerHash;
|
|
std::transform(hash.begin(), hash.end(), lowerHash.begin(),
|
|
[](char c) { return std::tolower(c);});
|
|
|
|
return hexHash.str() == hash;
|
|
}
|
|
|
|
uint32_t ChallengeResponse::nonce(void)
|
|
{
|
|
m_currentNonce = esp_random();
|
|
m_expireTime = millis() + NONCE_LIFETIME_MS;
|
|
return m_currentNonce;
|
|
} |