Compare commits

..

No commits in common. "ac40656c1c642fceee6b59af23e85d28fa32efa7" and "1fe03a6906c8233cedc00fe9f763d2185d74cc87" have entirely different histories.

3 changed files with 22 additions and 25 deletions

View File

@ -14,7 +14,7 @@
#pragma pack(push, 1) #pragma pack(push, 1)
enum class MessageType: uint8_t { typedef enum {
/// @brief The initial message from remote to device to request a challenge. /// @brief The initial message from remote to device to request a challenge.
initial = 0, initial = 0,
@ -28,7 +28,7 @@ enum class MessageType: uint8_t {
/// @brief The final message with the unlock result from the device to the remote /// @brief The final message with the unlock result from the device to the remote
response = 3, response = 3,
}; } MessageType;
enum class MessageResult: uint8_t { enum class MessageResult: uint8_t {
@ -36,31 +36,31 @@ enum class MessageResult: uint8_t {
MessageAccepted = 0, MessageAccepted = 0,
/// @brief The web socket received text while waiting for binary data. /// @brief The web socket received text while waiting for binary data.
TextReceivedOverSocket = 1, TextReceived = 1,
/// @brief An unexpected socket event occured while performing the exchange. /// @brief An unexpected socket event occured while performing the exchange.
UnexpectedSocketEvent = 2, UnexpectedSocketEvent = 2,
/// @brief The received message size is invalid. /// @brief The received message size is invalid.
InvalidMessageSizeFromRemote = 3, InvalidMessageSize = 3,
/// @brief The message signature was incorrect. /// @brief The message signature was incorrect.
InvalidSignatureFromRemote = 4, MessageAuthenticationFailed = 4,
/// @brief The server challenge of the message did not match previous messages /// @brief The server challenge of the message did not match previous messages
InvalidServerChallengeFromRemote = 5, ServerChallengeMismatch = 5,
/// @brief The client challenge of the message did not match previous messages /// @brief The client challenge of the message did not match previous messages
InvalidClientChallengeFromRemote = 6, ClientChallengeInvalid = 6,
/// @brief An unexpected or unsupported message type was received /// @brief An unexpected or unsupported message type was received
InvalidMessageTypeFromRemote = 7, InvalidMessageType = 7,
/// @brief A message is already being processed /// @brief A message is already being processed
TooManyRequests = 8, TooManyRequests = 8,
/// @brief The received message result was invalid /// @brief The received message result was invalid
InvalidMessageResultFromRemote = 9, InvalidMessageResult = 9,
/// @brief An invalid Url parameter was set sending a message to the device over a local connection /// @brief An invalid Url parameter was set sending a message to the device over a local connection
InvalidUrlParameter = 10, InvalidUrlParameter = 10,

View File

@ -78,7 +78,7 @@ void SesameController::handleLocalMessage(AsyncWebServerRequest *request) {
String encoded = request->getParam(messageUrlParameter)->value(); String encoded = request->getParam(messageUrlParameter)->value();
if (!convertHexMessageToBinary(encoded.c_str())) { if (!convertHexMessageToBinary(encoded.c_str())) {
Serial.println("Invalid hex encoding"); Serial.println("Invalid hex encoding");
prepareResponseBuffer(MessageResult::InvalidMessageSizeFromRemote); prepareResponseBuffer(MessageResult::InvalidMessageSize);
return; return;
} }
processMessage(&receivedLocalMessage); processMessage(&receivedLocalMessage);
@ -86,7 +86,7 @@ void SesameController::handleLocalMessage(AsyncWebServerRequest *request) {
void SesameController::sendPreparedLocalResponse(AsyncWebServerRequest *request) { void SesameController::sendPreparedLocalResponse(AsyncWebServerRequest *request) {
request->send_P(200, "application/octet-stream", (uint8_t*) &outgoingMessage, SIGNED_MESSAGE_SIZE); request->send_P(200, "application/octet-stream", (uint8_t*) &outgoingMessage, SIGNED_MESSAGE_SIZE);
Serial.printf("[INFO] Local response %u,%u\n", outgoingMessage.message.messageType, outgoingMessage.message.result); Serial.printf("[INFO] Local response %u\n", outgoingMessage.message.messageType);
} }
// MARK: Server // MARK: Server
@ -99,7 +99,7 @@ void SesameController::sendServerError(MessageResult result) {
void SesameController::handleServerMessage(uint8_t* payload, size_t length) { void SesameController::handleServerMessage(uint8_t* payload, size_t length) {
if (length != SIGNED_MESSAGE_SIZE) { if (length != SIGNED_MESSAGE_SIZE) {
// No message saved to discard, don't accidentally delete for other operation // No message saved to discard, don't accidentally delete for other operation
sendServerError(MessageResult::InvalidMessageSizeFromRemote); sendServerError(MessageResult::InvalidMessageSize);
return; return;
} }
processMessage((SignedMessage*) payload); processMessage((SignedMessage*) payload);
@ -108,7 +108,7 @@ void SesameController::handleServerMessage(uint8_t* payload, size_t length) {
void SesameController::sendPreparedResponseToServer() { void SesameController::sendPreparedResponseToServer() {
server.sendResponse((uint8_t*) &outgoingMessage, SIGNED_MESSAGE_SIZE); server.sendResponse((uint8_t*) &outgoingMessage, SIGNED_MESSAGE_SIZE);
Serial.printf("[INFO] Server response %u,%u\n", outgoingMessage.message.messageType, outgoingMessage.message.result); Serial.printf("[INFO] Server response %u\n", outgoingMessage.message.messageType);
} }
// MARK: Message handling // MARK: Message handling
@ -116,11 +116,11 @@ void SesameController::sendPreparedResponseToServer() {
void SesameController::processMessage(SignedMessage* message) { void SesameController::processMessage(SignedMessage* message) {
// Result must be empty // Result must be empty
if (message->message.result != MessageResult::MessageAccepted) { if (message->message.result != MessageResult::MessageAccepted) {
prepareResponseBuffer(MessageResult::InvalidMessageResultFromRemote); prepareResponseBuffer(MessageResult::InvalidMessageResult);
return; return;
} }
if (!isAuthenticMessage(message, keyConfig.remoteKey)) { if (!isAuthenticMessage(message, keyConfig.remoteKey)) {
prepareResponseBuffer(MessageResult::InvalidSignatureFromRemote); prepareResponseBuffer(MessageResult::MessageAuthenticationFailed);
return; return;
} }
switch (message->message.messageType) { switch (message->message.messageType) {
@ -131,7 +131,7 @@ void SesameController::processMessage(SignedMessage* message) {
completeUnlockRequest(&message->message); completeUnlockRequest(&message->message);
return; return;
default: default:
prepareResponseBuffer(MessageResult::InvalidMessageTypeFromRemote); prepareResponseBuffer(MessageResult::InvalidMessageType);
return; return;
} }
} }
@ -139,7 +139,7 @@ void SesameController::processMessage(SignedMessage* message) {
void SesameController::checkAndPrepareChallenge(Message* message) { void SesameController::checkAndPrepareChallenge(Message* message) {
// Server challenge must be empty // Server challenge must be empty
if (message->serverChallenge != 0) { if (message->serverChallenge != 0) {
prepareResponseBuffer(MessageResult::InvalidClientChallengeFromRemote); prepareResponseBuffer(MessageResult::ClientChallengeInvalid);
return; return;
} }
prepareChallenge(message); prepareChallenge(message);
@ -153,7 +153,6 @@ void SesameController::prepareChallenge(Message* message) {
// Set challenge and respond // Set challenge and respond
currentClientChallenge = message->clientChallenge; currentClientChallenge = message->clientChallenge;
currentServerChallenge = randomChallenge(); currentServerChallenge = randomChallenge();
message->serverChallenge = currentServerChallenge;
currentChallengeExpiry = currentTime + keyConfig.challengeExpiryMs; currentChallengeExpiry = currentTime + keyConfig.challengeExpiryMs;
prepareResponseBuffer(MessageResult::MessageAccepted, message); prepareResponseBuffer(MessageResult::MessageAccepted, message);
@ -162,11 +161,11 @@ void SesameController::prepareChallenge(Message* message) {
void SesameController::completeUnlockRequest(Message* message) { void SesameController::completeUnlockRequest(Message* message) {
// Client and server challenge must match // Client and server challenge must match
if (message->clientChallenge != currentClientChallenge) { if (message->clientChallenge != currentClientChallenge) {
prepareResponseBuffer(MessageResult::InvalidClientChallengeFromRemote, message); prepareResponseBuffer(MessageResult::ClientChallengeInvalid, message);
return; return;
} }
if (message->serverChallenge != currentServerChallenge) { if (message->serverChallenge != currentServerChallenge) {
prepareResponseBuffer(MessageResult::InvalidServerChallengeFromRemote, message); prepareResponseBuffer(MessageResult::ServerChallengeMismatch, message);
return; return;
} }
if (!hasCurrentChallenge()) { if (!hasCurrentChallenge()) {
@ -198,8 +197,8 @@ void SesameController::prepareResponseBuffer(MessageResult result, Message* mess
outgoingMessage.message.messageType = MessageType::response; outgoingMessage.message.messageType = MessageType::response;
} }
} else { } else {
outgoingMessage.message.clientChallenge = 0; outgoingMessage.message.clientChallenge = message->clientChallenge;
outgoingMessage.message.serverChallenge = 0; outgoingMessage.message.serverChallenge = message->serverChallenge;
outgoingMessage.message.messageType = MessageType::response; outgoingMessage.message.messageType = MessageType::response;
} }

View File

@ -76,7 +76,7 @@ switch(type) {
didConnect(); didConnect();
break; break;
case WStype_TEXT: case WStype_TEXT:
controller->sendServerError(MessageResult::TextReceivedOverSocket); controller->sendServerError(MessageResult::TextReceived);
break; break;
case WStype_BIN: case WStype_BIN:
controller->handleServerMessage(payload, length); controller->handleServerMessage(payload, length);
@ -99,7 +99,5 @@ switch(type) {
void ServerConnection::sendResponse(uint8_t* buffer, uint16_t length) { void ServerConnection::sendResponse(uint8_t* buffer, uint16_t length) {
if (socketIsConnected()) { if (socketIsConnected()) {
webSocket.sendBIN(buffer, length); webSocket.sendBIN(buffer, length);
} else {
Serial.println("Failed to send response, socket not connected.");
} }
} }