Sesame-Device/include/fresh.h

#pragma once

#include <stdint.h>
#include "config.h"

class TimeCheck {

public:

    /**
     * @brief Create a time checker instance
     * 
     * Specify the allowed discrepancy between the time of a received message
     * and the device time (in seconds).
     * 
     * A stricter (lower) value better prevents against replay attacks,
     * but may lead to issues when dealing with slow networks and other
     * routing delays.
     * 
     * @param offset The allowed time discrepancy in both directions (seconds)
     */
    TimeCheck(uint32_t allowedTimeOffset = 60);

    /**
     * @brief Configure an NTP server to get the current time
     * 
     * @param offsetToGMT The timezone offset in seconds
     * @param offsetDaylightSavings The daylight savings offset in seconds
     * @param serverUrl The url of the NTP server
     */
    void configureNTP(int32_t offsetToGMT, int32_t offsetDaylightSavings, const char* serverUrl);

    /**
     * @brief Print the current time to the serial output
     * 
     * The time must be initialized by calling `configureNTP()` before use.
     */
    void printLocalTime();

    /** 
     * Gets the current epoch time
     */
    uint32_t getEpochTime();

    /**
     * @brief The allowed time discrepancy (in seconds)
     * 
     * Specifies the allowed discrepancy between the time of a received message
     * and the device time (in seconds).
     * 
     * A stricter (lower) value better prevents against replay attacks,
     * but may lead to issues when dealing with slow networks and other
     * routing delays.
     * 
     * @param offset The offset in both directions (seconds)
     */
    void setMessageTimeAllowedOffset(uint32_t offset);

    /**
     * @brief Check wether the time of a message is within the allowed bounds regarding freshness.
     * 
     * The timestamp is used to ensure 'freshness' of the messages,
     * i.e. that they are not unreasonably delayed or captured and
     * later replayed by an attacker.
     * 
     * @param messageTime The timestamp of the message (seconds since epoch) 
     * @return true The time is within the acceptable offset of the local time
     * @return false The message time is invalid
     */
    bool isMessageTimeAcceptable(uint32_t messageTime);

private:
    
    /**
     * @brief The allowed discrepancy between the time of a received message
     * and the device time (in seconds)
     * 
     * A stricter (lower) value better prevents against replay attacks,
     * but may lead to issues when dealing with slow networks and other
     * routing delays.
     */
    uint32_t allowedOffset;
};
Restructure, use HMAC, NTP Remove config details 2022-04-07 17:45:23 +02:00			`#pragma once`

			`#include <stdint.h>`
Add device id to support multiple remotes 2023-08-07 15:17:04 +02:00			`#include "config.h"`
Restructure, use HMAC, NTP Remove config details 2022-04-07 17:45:23 +02:00
Create time class 2023-08-09 13:25:19 +02:00			`class TimeCheck {`

			`public:`

			`/**`
			`* @brief Create a time checker instance`
			`*`
			`* Specify the allowed discrepancy between the time of a received message`
			`* and the device time (in seconds).`
			`*`
			`* A stricter (lower) value better prevents against replay attacks,`
			`* but may lead to issues when dealing with slow networks and other`
			`* routing delays.`
			`*`
			`* @param offset The allowed time discrepancy in both directions (seconds)`
			`*/`
			`TimeCheck(uint32_t allowedTimeOffset = 60);`

			`/**`
			`* @brief Configure an NTP server to get the current time`
			`*`
			`* @param offsetToGMT The timezone offset in seconds`
			`* @param offsetDaylightSavings The daylight savings offset in seconds`
			`* @param serverUrl The url of the NTP server`
			`*/`
			`void configureNTP(int32_t offsetToGMT, int32_t offsetDaylightSavings, const char* serverUrl);`

			`/**`
			`* @brief Print the current time to the serial output`
			`*`
			* The time must be initialized by calling `configureNTP()` before use.
			`*/`
			`void printLocalTime();`

			`/**`
			`* Gets the current epoch time`
			`*/`
			`uint32_t getEpochTime();`

			`/**`
			`* @brief The allowed time discrepancy (in seconds)`
			`*`
			`* Specifies the allowed discrepancy between the time of a received message`
			`* and the device time (in seconds).`
			`*`
			`* A stricter (lower) value better prevents against replay attacks,`
			`* but may lead to issues when dealing with slow networks and other`
			`* routing delays.`
			`*`
			`* @param offset The offset in both directions (seconds)`
			`*/`
			`void setMessageTimeAllowedOffset(uint32_t offset);`

			`/**`
			`* @brief Check wether the time of a message is within the allowed bounds regarding freshness.`
			`*`
			`* The timestamp is used to ensure 'freshness' of the messages,`
			`* i.e. that they are not unreasonably delayed or captured and`
			`* later replayed by an attacker.`
			`*`
			`* @param messageTime The timestamp of the message (seconds since epoch)`
			`* @return true The time is within the acceptable offset of the local time`
			`* @return false The message time is invalid`
			`*/`
			`bool isMessageTimeAcceptable(uint32_t messageTime);`

			`private:`

			`/**`
			`* @brief The allowed discrepancy between the time of a received message`
			`* and the device time (in seconds)`
			`*`
			`* A stricter (lower) value better prevents against replay attacks,`
			`* but may lead to issues when dealing with slow networks and other`
			`* routing delays.`
			`*/`
			`uint32_t allowedOffset;`
			`};`