#!/usr/bin/env ruby
#==========================================================================
# Initial author of this file: Martin.Vahi@softf1.com
# This file is in public domain.
#
# It is written as a quick comment to a tweet at
# https://twitter.com/LBC/status/934854781926907904
# (archival copy: https://archive.fo/UKmUh )
#
# Tested with:  ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-linux]
#==========================================================================

require "digest"

# In practice the code would not be Ruby code, but
# C code, but this here is just an outline that aims
# to demonstrate the general idea.

ob_t=Time.now
s_date=""+
ob_t.year.to_s+"y_"+ 
ob_t.month.to_s+"m_"+
ob_t.day.to_s+"d_"+
ob_t.hour.to_s+"h_"+
ob_t.min.to_s+"m_"+
ob_t.sec.to_s+"s_"
s_uniq=s_date+rand(10**10).to_s+"r_"
i_n_of_passwords=2000
ix_secret_1=rand(i_n_of_passwords)
ix_secret_2=rand(i_n_of_passwords)
s_uniq<<(ix_secret_1.to_s+"ixpwd1_")
s_uniq<<(ix_secret_1.to_s+"ixpwd2_")
s_password_1=42.to_s # get_password_from_index(ix_secret_1)
s_password_2=42.to_s # get_password_from_index(ix_secret_2)
s_one_time_use_authentication_token=""+
    Digest::SHA256.hexdigest(s_password_1+s_uniq+s_password_2)
s_message=s_uniq+s_one_time_use_authentication_token+"X_"
s_command="open_doors"
s_message<<(s_command+"M_")
puts s_message # send_2_car(s_message)

# @ the car side tokens are accepted only,
# if the time stamp in them is "recent enough".
# The s_password_1 and s_password_2 must be 
# about 100 characters minimum to probabilistically 
# counter brute force attacks. In practice the 
# s_message might include multiple secure hashes.
# The suffixes like the "X_", "M_", are for
# making it possible to create a very simplistic
# parser that cuts the s_message back to its
# original components.
#
# The s_message looks something like this:
#
#     2017y_11m_27d_21h_19m_8s_8391617364r_1316ixpwd1_1316ixpwd2_b9bc13dad9c744f7ba2cb99f9b9b9d1376635128ad43b80f433c40deffc5c7caX_open_doorsM_
#