SolarEnergy/esp32_device/main/secure_api.c

#include <stdlib.h>
#include <string.h>
#include <stdio.h>

#include "secure_api.h"
#include "http_client.h"
#include "constants.h"
#include "crypto.h"
#include "cJSON.h"
#include "dev_name.h"
#include "storage.h"
#include "http_client.h"

#include "esp_log.h"

static const char *TAG = "secure_api";

static char *process_secure_request(const char *uri, const char *body)
{
    char *url = calloc(1, 255);
    assert(url);
    size_t orig_len = storage_get_secure_origin(url);
    assert(orig_len > 0);
    strcat(url + strlen(url), uri);
    ESP_LOGI(TAG, "HTTP request on %s", url);

    char *root_cat = calloc(1, ROOT_CA_MAX_BYTES);
    assert(root_cat);
    assert(storage_get_root_ca(root_cat) > 0);

    http_request_opts opts = {
        .url = url,
        .root_ca = root_cat,
        .body = body,
        .method = body == NULL ? MethodGET : MethodPOST,
        .content_type = body == NULL ? NULL : "application/json"};
    char *res = http_client_exec(&opts);

    free(url);
    free(root_cat);

    return res;
}

static char *dev_escaped_name()
{
    unsigned char *name = (unsigned char *)dev_name();
    assert(name);
    size_t escaped_name_len = http_client_escape_uri(NULL, name, strlen((char *)name));
    unsigned char *escaped_name = calloc(1, escaped_name_len + 1);
    assert(escaped_name);
    http_client_escape_uri(escaped_name, name, strlen((char *)name));
    free(name);

    return (char *)escaped_name;
}

enum DevEnrollmentStatus secure_api_get_device_enrollment_status()
{
    ESP_LOGI(TAG, "Will check device enrollment status");

    // Prepare URI
    char *escaped_name = dev_escaped_name();
    char *uri = calloc(1, 255);
    assert(uri);
    sprintf(uri, "/devices_api/mgmt/enrollment_status?id=%s", escaped_name);
    free(escaped_name);

    char *res = process_secure_request(uri, NULL);

    free(uri);

    if (res == NULL)
    {
        ESP_LOGE(TAG, "Failed to query device enrollment status!");
        return DevEnrollError;
    }

    enum DevEnrollmentStatus s = DevEnrollError;
    cJSON *root = cJSON_Parse(res);
    if (root == NULL)
    {
        ESP_LOGE(TAG, "Failed to decode JSON response from server!");
        goto fail;
    }

    cJSON *status = cJSON_GetObjectItem(root, "status");
    if (status == NULL)
    {
        ESP_LOGE(TAG, "Status missing in response from server!");
        goto fail;
    }

    if (!strcmp(status->valuestring, "Unknown"))
        s = DevEnrollUnknown;
    else if (!strcmp(status->valuestring, "Pending"))
        s = DevEnrollPending;
    else if (!strcmp(status->valuestring, "Validated"))
        s = DevEnrollValidated;
    else
    {
        ESP_LOGE(TAG, "Unknown enrollment status: %s", status->valuestring);
        goto fail;
    }

fail:

    cJSON_Delete(root);
    free(res);

    return s;
}

/**
 * Generate device information. Pointer to be released by caller
 */
static cJSON *genDevInfo()
{
    cJSON *json = cJSON_CreateObject();
    if (!json)
        return NULL;
    cJSON_AddStringToObject(json, "reference", DEV_REFERENCE);
    cJSON_AddStringToObject(json, "version", DEV_VERSION);
    cJSON_AddNumberToObject(json, "max_relays", DEV_MAX_RELAYS);
    return json;
}

int secure_api_enroll_device()
{
    char *csr = crypto_get_csr();
    if (!csr)
    {
        ESP_LOGE(TAG, "Failed to get CSR!");
        return 1;
    }

    cJSON *obj = cJSON_CreateObject();
    if (!obj)
    {
        ESP_LOGE(TAG, "Failed allocate memory to store JSON object!");
        free(csr);
        return 1;
    }

    cJSON_AddItemToObject(obj, "info", genDevInfo());
    cJSON_AddStringToObject(obj, "csr", csr);
    free(csr);

    char *body = cJSON_PrintUnformatted(obj);
    if (!body)
    {
        ESP_LOGE(TAG, "Failed to generate JSON body!");
        cJSON_Delete(obj);
        return 1;
    }

    char *res = process_secure_request("/devices_api/mgmt/enroll", body);

    cJSON_Delete(obj);
    free(body);

    if (res == NULL)
    {
        ESP_LOGE(TAG, "Request failed!");
        return 1;
    }

    free(res);

    return 0;
}

char *secure_api_get_dev_certificate()
{
    ESP_LOGI(TAG, "Will request device certificate");

    // Prepare URI
    char *escaped_name = dev_escaped_name();
    char *uri = calloc(1, 255);
    assert(uri);
    sprintf(uri, "/devices_api/mgmt/get_certificate?id=%s", escaped_name);
    free(escaped_name);

    char *res = process_secure_request(uri, NULL);

    free(uri);

    if (res == NULL)
    {
        ESP_LOGE(TAG, "Failed to query device certificate!");
        return NULL;
    }

    return res;
}
Manage to perfom secure request 2024-08-18 18:13:03 +00:00			`#include <stdlib.h>`
			`#include <string.h>`
			`#include <stdio.h>`

			`#include "secure_api.h"`
			`#include "http_client.h"`
			`#include "constants.h"`
WIP enroll device 2024-08-23 19:00:18 +00:00			`#include "crypto.h"`
Decode enrollment status JSON response 2024-08-18 18:33:26 +00:00			`#include "cJSON.h"`
Submit CSR to server 2024-08-23 21:06:14 +00:00			`#include "dev_name.h"`
			`#include "storage.h"`
			`#include "http_client.h"`
Manage to perfom secure request 2024-08-18 18:13:03 +00:00
			`#include "esp_log.h"`

			`static const char *TAG = "secure_api";`

WIP enroll device 2024-08-23 19:00:18 +00:00			`static char process_secure_request(const char uri, const char *body)`
Manage to perfom secure request 2024-08-18 18:13:03 +00:00			`{`
			`char *url = calloc(1, 255);`
			`assert(url);`
			`size_t orig_len = storage_get_secure_origin(url);`
			`assert(orig_len > 0);`
			`strcat(url + strlen(url), uri);`
			`ESP_LOGI(TAG, "HTTP request on %s", url);`

			`char *root_cat = calloc(1, ROOT_CA_MAX_BYTES);`
			`assert(root_cat);`
			`assert(storage_get_root_ca(root_cat) > 0);`

			`http_request_opts opts = {`
			`.url = url,`
Submit CSR to server 2024-08-23 21:06:14 +00:00			`.root_ca = root_cat,`
			`.body = body,`
			`.method = body == NULL ? MethodGET : MethodPOST,`
			`.content_type = body == NULL ? NULL : "application/json"};`
Manage to perfom secure request 2024-08-18 18:13:03 +00:00			`char *res = http_client_exec(&opts);`

			`free(url);`
			`free(root_cat);`

			`return res;`
			`}`

Request device certificate 2024-08-28 22:09:47 +00:00			`static char *dev_escaped_name()`
Manage to perfom secure request 2024-08-18 18:13:03 +00:00			`{`
Submit CSR to server 2024-08-23 21:06:14 +00:00			`unsigned char name = (unsigned char )dev_name();`
			`assert(name);`
			`size_t escaped_name_len = http_client_escape_uri(NULL, name, strlen((char *)name));`
			`unsigned char *escaped_name = calloc(1, escaped_name_len + 1);`
			`assert(escaped_name);`
			`http_client_escape_uri(escaped_name, name, strlen((char *)name));`
			`free(name);`

Request device certificate 2024-08-28 22:09:47 +00:00			`return (char *)escaped_name;`
			`}`

			`enum DevEnrollmentStatus secure_api_get_device_enrollment_status()`
			`{`
			`ESP_LOGI(TAG, "Will check device enrollment status");`

			`// Prepare URI`
			`char *escaped_name = dev_escaped_name();`
Manage to perfom secure request 2024-08-18 18:13:03 +00:00			`char *uri = calloc(1, 255);`
			`assert(uri);`
Submit CSR to server 2024-08-23 21:06:14 +00:00			`sprintf(uri, "/devices_api/mgmt/enrollment_status?id=%s", escaped_name);`
			`free(escaped_name);`
Manage to perfom secure request 2024-08-18 18:13:03 +00:00
WIP enroll device 2024-08-23 19:00:18 +00:00			`char *res = process_secure_request(uri, NULL);`
Decode enrollment status JSON response 2024-08-18 18:33:26 +00:00
Manage to perfom secure request 2024-08-18 18:13:03 +00:00			`free(uri);`

			`if (res == NULL)`
			`{`
			`ESP_LOGE(TAG, "Failed to query device enrollment status!");`
			`return DevEnrollError;`
			`}`

Decode enrollment status JSON response 2024-08-18 18:33:26 +00:00			`enum DevEnrollmentStatus s = DevEnrollError;`
			`cJSON *root = cJSON_Parse(res);`
			`if (root == NULL)`
			`{`
			`ESP_LOGE(TAG, "Failed to decode JSON response from server!");`
			`goto fail;`
			`}`

			`cJSON *status = cJSON_GetObjectItem(root, "status");`
			`if (status == NULL)`
			`{`
			`ESP_LOGE(TAG, "Status missing in response from server!");`
			`goto fail;`
			`}`

			`if (!strcmp(status->valuestring, "Unknown"))`
			`s = DevEnrollUnknown;`
			`else if (!strcmp(status->valuestring, "Pending"))`
			`s = DevEnrollPending;`
			`else if (!strcmp(status->valuestring, "Validated"))`
			`s = DevEnrollValidated;`
			`else`
			`{`
			`ESP_LOGE(TAG, "Unknown enrollment status: %s", status->valuestring);`
			`goto fail;`
			`}`

			`fail:`

			`cJSON_Delete(root);`
Manage to perfom secure request 2024-08-18 18:13:03 +00:00			`free(res);`

Decode enrollment status JSON response 2024-08-18 18:33:26 +00:00			`return s;`
WIP enroll device 2024-08-23 19:00:18 +00:00			`}`

			`/**`
			`* Generate device information. Pointer to be released by caller`
			`*/`
			`static cJSON *genDevInfo()`
			`{`
			`cJSON *json = cJSON_CreateObject();`
			`if (!json)`
			`return NULL;`
			`cJSON_AddStringToObject(json, "reference", DEV_REFERENCE);`
			`cJSON_AddStringToObject(json, "version", DEV_VERSION);`
			`cJSON_AddNumberToObject(json, "max_relays", DEV_MAX_RELAYS);`
			`return json;`
			`}`

			`int secure_api_enroll_device()`
			`{`
			`char *csr = crypto_get_csr();`
			`if (!csr)`
			`{`
			`ESP_LOGE(TAG, "Failed to get CSR!");`
			`return 1;`
			`}`

			`cJSON *obj = cJSON_CreateObject();`
			`if (!obj)`
			`{`
			`ESP_LOGE(TAG, "Failed allocate memory to store JSON object!");`
Submit CSR to server 2024-08-23 21:06:14 +00:00			`free(csr);`
WIP enroll device 2024-08-23 19:00:18 +00:00			`return 1;`
			`}`

			`cJSON_AddItemToObject(obj, "info", genDevInfo());`
			`cJSON_AddStringToObject(obj, "csr", csr);`
Submit CSR to server 2024-08-23 21:06:14 +00:00			`free(csr);`
WIP enroll device 2024-08-23 19:00:18 +00:00
			`char *body = cJSON_PrintUnformatted(obj);`
			`if (!body)`
			`{`
			`ESP_LOGE(TAG, "Failed to generate JSON body!");`
Submit CSR to server 2024-08-23 21:06:14 +00:00			`cJSON_Delete(obj);`
WIP enroll device 2024-08-23 19:00:18 +00:00			`return 1;`
			`}`

Submit CSR to server 2024-08-23 21:06:14 +00:00			`char *res = process_secure_request("/devices_api/mgmt/enroll", body);`
WIP enroll device 2024-08-23 19:00:18 +00:00
			`cJSON_Delete(obj);`
			`free(body);`
Submit CSR to server 2024-08-23 21:06:14 +00:00
			`if (res == NULL)`
			`{`
			`ESP_LOGE(TAG, "Request failed!");`
			`return 1;`
			`}`

			`free(res);`
WIP enroll device 2024-08-23 19:00:18 +00:00
			`return 0;`
Request device certificate 2024-08-28 22:09:47 +00:00			`}`

			`char *secure_api_get_dev_certificate()`
			`{`
			`ESP_LOGI(TAG, "Will request device certificate");`

			`// Prepare URI`
			`char *escaped_name = dev_escaped_name();`
			`char *uri = calloc(1, 255);`
			`assert(uri);`
			`sprintf(uri, "/devices_api/mgmt/get_certificate?id=%s", escaped_name);`
			`free(escaped_name);`

			`char *res = process_secure_request(uri, NULL);`

			`free(uri);`

			`if (res == NULL)`
			`{`
			`ESP_LOGE(TAG, "Failed to query device certificate!");`
			`return NULL;`
			`}`

			`return res;`
Manage to perfom secure request 2024-08-18 18:13:03 +00:00			`}`