Can get root CA
This commit is contained in:
parent
3b6e79e5e4
commit
a6b283d023
@ -15,6 +15,11 @@
|
||||
*/
|
||||
#define PRV_KEY_DER_MAX_BYTES 1500
|
||||
|
||||
/**
|
||||
* Root CA max length
|
||||
*/
|
||||
#define ROOT_CA_MAX_BYTES 3000
|
||||
|
||||
/**
|
||||
* Secure origin len
|
||||
*/
|
||||
|
||||
@ -67,6 +67,25 @@ void app_main(void)
|
||||
ESP_LOGI(TAG, "Current secure origin: %s", sec_ori);
|
||||
free(sec_ori);
|
||||
|
||||
ESP_LOGI(TAG, "Check root CA");
|
||||
if (storage_get_root_ca(NULL) == 0)
|
||||
{
|
||||
char *root_ca = unsecure_api_get_root_ca();
|
||||
if (!root_ca)
|
||||
{
|
||||
ESP_LOGE(TAG, "Failed to fetch root CA!");
|
||||
reboot();
|
||||
}
|
||||
storage_set_root_ca(root_ca);
|
||||
free(root_ca);
|
||||
}
|
||||
|
||||
ESP_LOGI(TAG, "Get root CA");
|
||||
char *root_ca = calloc(ROOT_CA_MAX_BYTES, 1);
|
||||
assert(storage_get_root_ca(root_ca) > 0);
|
||||
ESP_LOGI(TAG, "Current root CA:\n%s", root_ca);
|
||||
free(root_ca);
|
||||
|
||||
system_sleep(120);
|
||||
|
||||
reboot();
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
#define DEV_NAME_KEY "dev_name"
|
||||
#define PRIVATE_KEY "prikey"
|
||||
#define SEC_ORIG_KEY "secureOrig"
|
||||
#define SEC_ROOT_CA_KEY "rootCA"
|
||||
|
||||
static const char *TAG = "storage";
|
||||
|
||||
@ -99,6 +100,10 @@ size_t storage_get_priv_key(unsigned char *key)
|
||||
return len;
|
||||
}
|
||||
|
||||
void storage_set_secure_origin(const char *name) { storage_set_str(SEC_ORIG_KEY, name); }
|
||||
void storage_set_secure_origin(const char *orig) { storage_set_str(SEC_ORIG_KEY, orig); }
|
||||
|
||||
size_t storage_get_secure_origin(char *dest) { return storage_get_str(SEC_ORIG_KEY, SEC_ORIG_LEN, dest); }
|
||||
|
||||
void storage_set_root_ca(const char *ca) { storage_set_str(SEC_ROOT_CA_KEY, ca); }
|
||||
|
||||
size_t storage_get_root_ca(char *dest) { return storage_get_str(SEC_ROOT_CA_KEY, ROOT_CA_MAX_BYTES, dest); }
|
||||
@ -40,13 +40,23 @@ extern "C"
|
||||
/**
|
||||
* Write secure origin
|
||||
*/
|
||||
void storage_set_secure_origin(const char *name);
|
||||
void storage_set_secure_origin(const char *orig);
|
||||
|
||||
/**
|
||||
* Get current secure origin
|
||||
*/
|
||||
size_t storage_get_secure_origin(char *dest);
|
||||
|
||||
/**
|
||||
* Write root CA
|
||||
*/
|
||||
void storage_set_root_ca(const char *ca);
|
||||
|
||||
/**
|
||||
* Get current root CA
|
||||
*/
|
||||
size_t storage_get_root_ca(char *dest);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -20,3 +20,19 @@ char *unsecure_api_get_secure_origin()
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
char *unsecure_api_get_root_ca()
|
||||
{
|
||||
const char *url = BACKEND_UNSECURE_URL "/pki/root_ca.crt";
|
||||
|
||||
http_request_opts opts = {.url = url};
|
||||
char *res = http_client_exec(&opts);
|
||||
|
||||
if (!res)
|
||||
{
|
||||
ESP_LOGE(TAG, "Failed to query root CA!");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return res;
|
||||
}
|
||||
@ -17,6 +17,14 @@ extern "C"
|
||||
*/
|
||||
char *unsecure_api_get_secure_origin();
|
||||
|
||||
/**
|
||||
* Get root CA
|
||||
*
|
||||
* @returns The root CA or NULL in case of failure. Value must be
|
||||
* released by caller.
|
||||
*/
|
||||
char *unsecure_api_get_root_ca();
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
Loading…
Reference in New Issue
Block a user