Manage to perfom secure request
This commit is contained in:
parent
a6b283d023
commit
3b5d2abcc0
@ -1,3 +1,3 @@
|
||||
idf_component_register(SRCS "http_client.c" "ethernet.c" "unsecure_api.c" "system.c" "crypto.c" "random.c" "storage.c" "main.c"
|
||||
idf_component_register(SRCS "secure_api.c" "http_client.c" "ethernet.c" "unsecure_api.c" "system.c" "crypto.c" "random.c" "storage.c" "main.c"
|
||||
"dev_name.c"
|
||||
INCLUDE_DIRS ".")
|
||||
|
@ -127,6 +127,7 @@ char *http_client_exec(const http_request_opts *opts)
|
||||
.user_data = local_response_buffer,
|
||||
.url = opts->url,
|
||||
.disable_auto_redirect = true,
|
||||
.cert_pem = opts->root_ca,
|
||||
};
|
||||
esp_http_client_handle_t client = esp_http_client_init(&config);
|
||||
|
||||
|
@ -14,6 +14,7 @@ extern "C"
|
||||
typedef struct
|
||||
{
|
||||
char *url;
|
||||
char *root_ca;
|
||||
} http_request_opts;
|
||||
|
||||
/**
|
||||
|
@ -7,6 +7,7 @@
|
||||
#include "system.h"
|
||||
#include "crypto.h"
|
||||
#include "unsecure_api.h"
|
||||
#include "secure_api.h"
|
||||
#include "ethernet.h"
|
||||
#include "constants.h"
|
||||
|
||||
@ -18,12 +19,14 @@ void app_main(void)
|
||||
|
||||
ESP_LOGI(TAG, "SolarEnergy WT32-ETH01 device");
|
||||
|
||||
// Initialize storage
|
||||
if (storage_init() == false)
|
||||
{
|
||||
ESP_LOGE(TAG, "Failed to init storage!\n");
|
||||
reboot();
|
||||
}
|
||||
|
||||
// Give a name to the device
|
||||
if (dev_generate_name())
|
||||
{
|
||||
ESP_LOGI(TAG, "Generated a new device name\n");
|
||||
@ -33,6 +36,7 @@ void app_main(void)
|
||||
ESP_LOGI(TAG, "Dev name: %s\n", name);
|
||||
free(name);
|
||||
|
||||
// Generate private key, if needed
|
||||
if (crypto_gen_priv_key())
|
||||
{
|
||||
ESP_LOGI(TAG, "Generated device private key!\n");
|
||||
@ -40,14 +44,17 @@ void app_main(void)
|
||||
ESP_LOGI(TAG, "Device private key:\n");
|
||||
crypto_print_priv_key();
|
||||
|
||||
// Show current private key
|
||||
char *csr = crypto_get_csr();
|
||||
ESP_LOGI(TAG, "Current CSR:\n%s\n", csr);
|
||||
free(csr);
|
||||
|
||||
// Initialize network stack
|
||||
ESP_LOGI(TAG, "Initialize network\n");
|
||||
ethernet_init();
|
||||
ethernet_wait_for_network();
|
||||
|
||||
// Get if secure origin endpoint is known
|
||||
ESP_LOGI(TAG, "Check secure origin\n");
|
||||
if (storage_get_secure_origin(NULL) == 0)
|
||||
{
|
||||
@ -61,12 +68,14 @@ void app_main(void)
|
||||
free(sec_ori);
|
||||
}
|
||||
|
||||
// Print secure origin endpoint for debugging purposes
|
||||
ESP_LOGI(TAG, "Get secure origin\n");
|
||||
char *sec_ori = calloc(SEC_ORIG_LEN, 1);
|
||||
assert(storage_get_secure_origin(sec_ori) > 0);
|
||||
ESP_LOGI(TAG, "Current secure origin: %s", sec_ori);
|
||||
free(sec_ori);
|
||||
|
||||
// Check if root CA is available locally
|
||||
ESP_LOGI(TAG, "Check root CA");
|
||||
if (storage_get_root_ca(NULL) == 0)
|
||||
{
|
||||
@ -80,12 +89,18 @@ void app_main(void)
|
||||
free(root_ca);
|
||||
}
|
||||
|
||||
// Print root CA for debugging purposes
|
||||
ESP_LOGI(TAG, "Get root CA");
|
||||
char *root_ca = calloc(ROOT_CA_MAX_BYTES, 1);
|
||||
assert(storage_get_root_ca(root_ca) > 0);
|
||||
ESP_LOGI(TAG, "Current root CA:\n%s", root_ca);
|
||||
free(root_ca);
|
||||
|
||||
// Check current device enrollment status
|
||||
ESP_LOGI(TAG, "Check enrollment status");
|
||||
int status = secure_api_get_device_enrollment_status();
|
||||
printf("Current enrollment status: %d\n", status);
|
||||
|
||||
system_sleep(120);
|
||||
|
||||
reboot();
|
||||
|
62
esp32_device/main/secure_api.c
Normal file
62
esp32_device/main/secure_api.c
Normal file
@ -0,0 +1,62 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include "secure_api.h"
|
||||
#include "storage.h"
|
||||
#include "http_client.h"
|
||||
#include "constants.h"
|
||||
|
||||
#include "esp_log.h"
|
||||
|
||||
static const char *TAG = "secure_api";
|
||||
|
||||
static char *process_secure_request(const char *uri)
|
||||
{
|
||||
char *url = calloc(1, 255);
|
||||
assert(url);
|
||||
size_t orig_len = storage_get_secure_origin(url);
|
||||
assert(orig_len > 0);
|
||||
strcat(url + strlen(url), uri);
|
||||
ESP_LOGI(TAG, "HTTP request on %s", url);
|
||||
|
||||
char *root_cat = calloc(1, ROOT_CA_MAX_BYTES);
|
||||
assert(root_cat);
|
||||
assert(storage_get_root_ca(root_cat) > 0);
|
||||
|
||||
http_request_opts opts = {
|
||||
.url = url,
|
||||
.root_ca = root_cat};
|
||||
char *res = http_client_exec(&opts);
|
||||
|
||||
free(url);
|
||||
free(root_cat);
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
enum DevEnrollmentStatus secure_api_get_device_enrollment_status()
|
||||
{
|
||||
ESP_LOGI(TAG, "Will check device enrollment status");
|
||||
|
||||
// Prepare URI
|
||||
char *uri = calloc(1, 255);
|
||||
assert(uri);
|
||||
sprintf(uri, "/devices_api/mgmt/enrollment_status?id=");
|
||||
assert(storage_get_dev_name(uri + strlen(uri)) > 0);
|
||||
|
||||
char *res = process_secure_request(uri);
|
||||
free(uri);
|
||||
|
||||
if (res == NULL)
|
||||
{
|
||||
ESP_LOGE(TAG, "Failed to query device enrollment status!");
|
||||
return DevEnrollError;
|
||||
}
|
||||
|
||||
// TODO : parse reponse
|
||||
printf("response = %s\n", res);
|
||||
free(res);
|
||||
|
||||
return DevEnrollError;
|
||||
}
|
35
esp32_device/main/secure_api.h
Normal file
35
esp32_device/main/secure_api.h
Normal file
@ -0,0 +1,35 @@
|
||||
/**
|
||||
* Secure API functions
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
/**
|
||||
* Device enrollment status
|
||||
*/
|
||||
enum DevEnrollmentStatus
|
||||
{
|
||||
/** An error occurred while retrieving device status */
|
||||
DevEnrollError,
|
||||
/** Device is unknown by the backend */
|
||||
DevEnrollUnknown,
|
||||
/** Device hasn't been validated yet */
|
||||
DevEnrollPending,
|
||||
/** Device has been validated by the backend */
|
||||
DevEnrollValidated,
|
||||
};
|
||||
|
||||
/**
|
||||
* Get current device enrollment status
|
||||
*/
|
||||
enum DevEnrollmentStatus
|
||||
secure_api_get_device_enrollment_status();
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
Loading…
Reference in New Issue
Block a user