Store central secure origin

This commit is contained in:
Pierre HUBERT 2024-08-18 17:40:41 +02:00
parent 3867a38ff9
commit 3b6e79e5e4
6 changed files with 80 additions and 23 deletions

View File

@ -13,4 +13,9 @@
/**
* Private key max length
*/
#define PRV_KEY_DER_MAX_BYTES 1500
#define PRV_KEY_DER_MAX_BYTES 1500
/**
* Secure origin len
*/
#define SEC_ORIG_LEN 255

View File

@ -118,7 +118,7 @@ esp_err_t _http_event_handler(esp_http_client_event_t *evt)
char *http_client_exec(const http_request_opts *opts)
{
char local_response_buffer[MAX_HTTP_OUTPUT_BUFFER + 1] = {0};
char *local_response_buffer = calloc(MAX_HTTP_OUTPUT_BUFFER + 1, 1);
ESP_LOGI(TAG, "Perform HTTP request on %s", opts->url);
@ -129,26 +129,39 @@ char *http_client_exec(const http_request_opts *opts)
.disable_auto_redirect = true,
};
esp_http_client_handle_t client = esp_http_client_init(&config);
if (client == NULL)
{
ESP_LOGE(TAG, "Failed to initialize HTTP connection!");
free(local_response_buffer);
return NULL;
}
ESP_LOGD(TAG, "esp_http_client_perform start");
esp_err_t err = esp_http_client_perform(client);
ESP_LOGD(TAG, "esp_http_client_perform end");
if (err != ESP_OK)
{
esp_http_client_cleanup(client);
free(local_response_buffer);
ESP_LOGE(TAG, "HTTP request failed with code %d!", err);
return NULL;
}
const int status = esp_http_client_get_status_code(client);
const int64_t resp_len = esp_http_client_get_content_length(client);
esp_http_client_cleanup(client);
if (err != ESP_OK)
{
ESP_LOGE(TAG, "HTTP request failed with code %xd!", err);
return NULL;
}
if (status < 200 || status > 299)
{
ESP_LOGE(TAG, "HTTP request failed with status %d!", status);
free(local_response_buffer);
return NULL;
}
local_response_buffer[resp_len] = 0;
return strdup(local_response_buffer);
return local_response_buffer;
}

View File

@ -8,6 +8,7 @@
#include "crypto.h"
#include "unsecure_api.h"
#include "ethernet.h"
#include "constants.h"
static const char *TAG = "main";
@ -48,9 +49,23 @@ void app_main(void)
ethernet_wait_for_network();
ESP_LOGI(TAG, "Check secure origin\n");
char *sec_orig = unsecure_api_get_secure_origin();
assert(sec_orig != NULL);
printf("Res = %s\n", sec_orig);
if (storage_get_secure_origin(NULL) == 0)
{
char *sec_ori = unsecure_api_get_secure_origin();
if (!sec_ori)
{
ESP_LOGE(TAG, "Failed to fetch secure origin!");
reboot();
}
storage_set_secure_origin(sec_ori);
free(sec_ori);
}
ESP_LOGI(TAG, "Get secure origin\n");
char *sec_ori = calloc(SEC_ORIG_LEN, 1);
assert(storage_get_secure_origin(sec_ori) > 0);
ESP_LOGI(TAG, "Current secure origin: %s", sec_ori);
free(sec_ori);
system_sleep(120);

View File

@ -9,6 +9,7 @@
#define DEV_NAME_KEY "dev_name"
#define PRIVATE_KEY "prikey"
#define SEC_ORIG_KEY "secureOrig"
static const char *TAG = "storage";
@ -28,25 +29,25 @@ bool storage_init()
return err == ESP_OK;
}
void storage_set_dev_name(const char *name)
static void storage_set_str(const char *key, const char *value)
{
nvs_handle_t my_handle;
ESP_ERROR_CHECK(nvs_open(STORAGE_NAMESPACE, NVS_READWRITE, &my_handle));
ESP_ERROR_CHECK(nvs_set_blob(my_handle, DEV_NAME_KEY, name, strlen(name) + 1));
ESP_ERROR_CHECK(nvs_set_blob(my_handle, key, value, strlen(value) + 1));
nvs_close(my_handle);
}
size_t storage_get_dev_name(char *dest)
static size_t storage_get_str(const char *key, size_t dest_len, char *dest)
{
nvs_handle_t my_handle;
ESP_ERROR_CHECK(nvs_open(STORAGE_NAMESPACE, NVS_READWRITE, &my_handle));
size_t len = (dest == NULL ? 0 : DEV_NAME_LEN);
esp_err_t res = nvs_get_blob(my_handle, DEV_NAME_KEY, dest, &len);
size_t len = (dest == NULL ? 0 : dest_len);
esp_err_t res = nvs_get_blob(my_handle, key, dest, &len);
nvs_close(my_handle);
@ -58,6 +59,16 @@ size_t storage_get_dev_name(char *dest)
return len;
}
void storage_set_dev_name(const char *name)
{
storage_set_str(DEV_NAME_KEY, name);
}
size_t storage_get_dev_name(char *dest)
{
return storage_get_str(DEV_NAME_KEY, DEV_NAME_LEN, dest);
}
void storage_set_priv_key(unsigned char *key, size_t len)
{
nvs_handle_t my_handle;
@ -86,4 +97,8 @@ size_t storage_get_priv_key(unsigned char *key)
ESP_ERROR_CHECK(res);
return len;
}
}
void storage_set_secure_origin(const char *name) { storage_set_str(SEC_ORIG_KEY, name); }
size_t storage_get_secure_origin(char *dest) { return storage_get_str(SEC_ORIG_KEY, SEC_ORIG_LEN, dest); }

View File

@ -37,6 +37,16 @@ extern "C"
*/
size_t storage_get_priv_key(unsigned char *key);
/**
* Write secure origin
*/
void storage_set_secure_origin(const char *name);
/**
* Get current secure origin
*/
size_t storage_get_secure_origin(char *dest);
#ifdef __cplusplus
}
#endif

View File

@ -1127,14 +1127,13 @@ CONFIG_HEAP_TRACING_OFF=y
# CONFIG_LOG_DEFAULT_LEVEL_NONE is not set
# CONFIG_LOG_DEFAULT_LEVEL_ERROR is not set
# CONFIG_LOG_DEFAULT_LEVEL_WARN is not set
CONFIG_LOG_DEFAULT_LEVEL_INFO=y
# CONFIG_LOG_DEFAULT_LEVEL_DEBUG is not set
# CONFIG_LOG_DEFAULT_LEVEL_INFO is not set
CONFIG_LOG_DEFAULT_LEVEL_DEBUG=y
# CONFIG_LOG_DEFAULT_LEVEL_VERBOSE is not set
CONFIG_LOG_DEFAULT_LEVEL=3
CONFIG_LOG_DEFAULT_LEVEL=4
CONFIG_LOG_MAXIMUM_EQUALS_DEFAULT=y
# CONFIG_LOG_MAXIMUM_LEVEL_DEBUG is not set
# CONFIG_LOG_MAXIMUM_LEVEL_VERBOSE is not set
CONFIG_LOG_MAXIMUM_LEVEL=3
CONFIG_LOG_MAXIMUM_LEVEL=4
# CONFIG_LOG_MASTER_LEVEL is not set
CONFIG_LOG_COLORS=y
CONFIG_LOG_TIMESTAMP_SOURCE_RTOS=y