Browse Source

Break out zw_otp

tags/v0.2.0.6
Ryan Joseph 11 months ago
parent
commit
59e7cf6081
3 changed files with 52 additions and 36 deletions
  1. +1
    -36
      zero_watch.ino
  2. +39
    -0
      zw_otp.cpp
  3. +12
    -0
      zw_otp.h

+ 1
- 36
zero_watch.ino View File

@@ -16,10 +16,10 @@
#include "zw_redis.h"
#include "zw_provision.h"
#include "zw_displays.h"
#include "zw_otp.h"

#define OTA_RESET_DELAY 5
#define OTA_UPDATE_PRCNT_REPORT 10
#define OTP_WINDOW_MINUTES 2
#define CONTROL_POINT_SEP_CHAR '#'
#define SER_BAUD 115200
#define DEF_BRIGHT 0
@@ -254,41 +254,6 @@ bool runUpdate(const char *url, const char *md5, size_t sizeInBytes)
return false;
}

// the fudge table is use strictly to make a linear sequence appear
// non-linear over a short observation time period. security by obscurity ftw!
static const uint8_t fudgeTable[] = {42, 69, 3, 18, 25, 12, 51, 93, 54, 76};
static const uint8_t fudgeTableLen = 10;

// to generate anew, use ./scripts/otp-generate.pl
bool otpCheck(uint16_t otp)
{
dprint("[OTP] A: %d\n", otp);
dprint("[OTP] I: %ld\n", micros());
auto div = (unsigned long)1e6 * 60 * OTP_WINDOW_MINUTES;
auto now = micros();

if (now < div)
{
dprint("Can't calculate OTPs yet, must be running for at least %d minutes\n", OTP_WINDOW_MINUTES);
return false;
}

auto internalChecker = micros() / div;
dprint("[OTP] 0: %ld\n", internalChecker);

internalChecker += fudgeTable[internalChecker % fudgeTableLen];
dprint("[OTP] D: %ld\n", internalChecker);

for (int i = 0; i < gHostname.length(); i++)
{
internalChecker += gHostname.charAt(i);
dprint("[OTP] %d: %ld (+= %d)\n", i, internalChecker, (int)gHostname.charAt(i));
}

dprint("[OTP] F: %d\n", (uint16_t)internalChecker);
return (uint16_t)internalChecker == otp;
}

bool processUpdate(String &updateJson, ZWRedisResponder &responder)
{
JsonObject &updateObj = jsonBuf.parseObject(updateJson.c_str());


+ 39
- 0
zw_otp.cpp View File

@@ -0,0 +1,39 @@
#include "zw_otp.h"
#include "zw_logging.h"

extern String gHostname;

// the fudge table is use strictly to make a linear sequence appear
// non-linear over a short observation time period. security by obscurity ftw!
static const uint8_t fudgeTable[] = {42, 69, 3, 18, 25, 12, 51, 93, 54, 76};
static const uint8_t fudgeTableLen = 10;

// to generate anew, use ./scripts/otp-generate.pl
bool otpCheck(uint16_t otp)
{
dprint("[OTP] A: %d\n", otp);
dprint("[OTP] I: %ld\n", micros());
auto div = (unsigned long)1e6 * 60 * OTP_WINDOW_MINUTES;
auto now = micros();

if (now < div)
{
dprint("Can't calculate OTPs yet, must be running for at least %d minutes\n", OTP_WINDOW_MINUTES);
return false;
}

auto internalChecker = micros() / div;
dprint("[OTP] 0: %ld\n", internalChecker);

internalChecker += fudgeTable[internalChecker % fudgeTableLen];
dprint("[OTP] D: %ld\n", internalChecker);

for (int i = 0; i < gHostname.length(); i++)
{
internalChecker += gHostname.charAt(i);
dprint("[OTP] %d: %ld (+= %d)\n", i, internalChecker, (int)gHostname.charAt(i));
}

dprint("[OTP] F: %d\n", (uint16_t)internalChecker);
return (uint16_t)internalChecker == otp;
}

+ 12
- 0
zw_otp.h View File

@@ -0,0 +1,12 @@
#ifndef __ZW_OTP__H__
#define __ZW_OTP__H__

#include <Arduino.h>

#define OTP_WINDOW_MINUTES 2

// to generate anew, use ./scripts/otp-generate.pl

bool otpCheck(uint16_t otp);

#endif

Loading…
Cancel
Save