First Ethernet activation

This commit is contained in:
Pierre HUBERT 2024-08-17 17:19:47 +02:00
parent 0d90973842
commit d5dc6dae46
10 changed files with 216 additions and 35 deletions

View File

@ -21,6 +21,15 @@
"platform.h": "c",
"build_info.h": "c",
"config_adjust_ssl.h": "c",
"pk.h": "c"
"pk.h": "c",
"esp_http_client.h": "c",
"constants.h": "c",
"ethernet.h": "c",
"esp_err.h": "c",
"esp_eth.h": "c",
"task.h": "c",
"freertos.h": "c",
"unsecure_api.h": "c",
"esp_log.h": "c"
}
}

View File

@ -1,3 +1,3 @@
idf_component_register(SRCS "system.c" "crypto.c" "random.c" "storage.c" "main.c"
idf_component_register(SRCS "ethernet.c" "unsecure_api.c" "system.c" "crypto.c" "random.c" "storage.c" "main.c"
"dev_name.c"
INCLUDE_DIRS ".")

View File

@ -13,9 +13,12 @@
#include <mbedtls/sha256.h>
#include <mbedtls/pk.h>
#include <mbedtls/x509_csr.h>
#include "esp_log.h"
#define ECPARAMS MBEDTLS_ECP_DP_SECP256R1
static const char *TAG = "crypto";
static const char *pers = "ecdsa";
static void seed_ctr_drbg_context(mbedtls_entropy_context *entropy, mbedtls_ctr_drbg_context *ctr_drbg)
@ -25,12 +28,12 @@ static void seed_ctr_drbg_context(mbedtls_entropy_context *entropy, mbedtls_ctr_
mbedtls_entropy_init(entropy);
mbedtls_ctr_drbg_init(ctr_drbg);
printf("Seed Mbedtls\n");
ESP_LOGI(TAG, "Seed Mbedtls\n");
if ((ret = mbedtls_ctr_drbg_seed(ctr_drbg, mbedtls_entropy_func, entropy,
(const unsigned char *)pers,
strlen(pers))) != 0)
{
mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
ESP_LOGE(TAG, " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
reboot();
}
}
@ -50,31 +53,31 @@ bool crypto_gen_priv_key()
mbedtls_ctr_drbg_context ctr_drbg;
seed_ctr_drbg_context(&entropy, &ctr_drbg);
printf("PK info from type\n");
ESP_LOGI(TAG, "PK info from type\n");
if ((ret = mbedtls_pk_setup(&key, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY))) != 0)
{
mbedtls_printf(" failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int)-ret);
ESP_LOGE(TAG, " failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int)-ret);
reboot();
}
// Generate private key
printf("Generate private key\n");
ESP_LOGI(TAG, "Generate private key\n");
ret = mbedtls_ecp_gen_key(ECPARAMS,
mbedtls_pk_ec(key),
mbedtls_ctr_drbg_random, &ctr_drbg);
if (ret != 0)
{
mbedtls_printf(" failed\n ! mbedtls_ecp_gen_key returned -0x%04x",
ESP_LOGE(TAG, " failed\n ! mbedtls_ecp_gen_key returned -0x%04x",
(unsigned int)-ret);
reboot();
}
// Export private key
printf("Export private key\n");
ESP_LOGI(TAG, "Export private key\n");
unsigned char *key_buff = malloc(PRV_KEY_DER_MAX_BYTES);
if ((ret = mbedtls_pk_write_key_der(&key, key_buff, PRV_KEY_DER_MAX_BYTES)) < 1)
{
mbedtls_printf(" failed\n ! mbedtls_pk_write_key_der returned -0x%04x",
ESP_LOGE(TAG, " failed\n ! mbedtls_pk_write_key_der returned -0x%04x",
(unsigned int)-ret);
reboot();
}
@ -104,26 +107,26 @@ void crypto_print_priv_key()
mbedtls_ctr_drbg_context ctr_drbg;
seed_ctr_drbg_context(&entropy, &ctr_drbg);
printf("Parse private key (len = %d)\n", key_len);
ESP_LOGI(TAG, "Parse private key (len = %d)\n", key_len);
if ((ret = mbedtls_pk_parse_key(&key, key_buff, key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0)
{
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%04x",
ESP_LOGE(TAG, " failed\n ! mbedtls_pk_parse_key returned -0x%04x",
(unsigned int)-ret);
reboot();
}
free(key_buff);
printf("Show private key\n");
ESP_LOGI(TAG, "Show private key\n");
unsigned char *out = malloc(16000);
memset(out, 0, 16000);
if ((ret = mbedtls_pk_write_key_pem(&key, out, 16000)) != 0)
{
mbedtls_printf(" failed\n ! mbedtls_pk_write_key_pem returned -0x%04x",
ESP_LOGE(TAG, " failed\n ! mbedtls_pk_write_key_pem returned -0x%04x",
(unsigned int)-ret);
reboot();
}
printf("%s", out);
ESP_LOGI(TAG, "%s", out);
free(out);
mbedtls_pk_free(&key);
@ -146,10 +149,10 @@ char *crypto_get_csr()
mbedtls_ctr_drbg_context ctr_drbg;
seed_ctr_drbg_context(&entropy, &ctr_drbg);
printf("Parse private key (len = %d)\n", key_len);
ESP_LOGI(TAG, "Parse private key (len = %d)\n", key_len);
if ((ret = mbedtls_pk_parse_key(&key, key_buff, key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0)
{
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%04x",
ESP_LOGE(TAG, " failed\n ! mbedtls_pk_parse_key returned -0x%04x",
(unsigned int)-ret);
reboot();
}
@ -166,17 +169,17 @@ char *crypto_get_csr()
free(n);
if ((ret = mbedtls_x509write_csr_set_subject_name(&req, subj)) != 0)
{
mbedtls_printf(" failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret);
ESP_LOGE(TAG, " failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret);
reboot();
}
printf("Sign CSR with private key\n");
ESP_LOGI(TAG, "Sign CSR with private key\n");
mbedtls_x509write_csr_set_key(&req, &key);
char *csr = malloc(4096);
if ((ret = mbedtls_x509write_csr_pem(&req, (u_char *)csr, 4096, mbedtls_ctr_drbg_random, &ctr_drbg)) < 0)
{
mbedtls_printf(" failed\n ! mbedtls_x509write_csr_pem returned %d", ret);
ESP_LOGE(TAG, " failed\n ! mbedtls_x509write_csr_pem returned %d", ret);
reboot();
}

View File

@ -6,8 +6,12 @@
#include "constants.h"
#include "string.h"
#include "esp_log.h"
#define DEV_PREFIX "ESP32 "
static const char *TAG = "dev_name";
bool dev_generate_name()
{
// Check if a device name has already been defined
@ -29,7 +33,7 @@ char *dev_name()
char *dev = malloc(len + strlen(DEV_PREFIX) + 1);
if (dev == NULL)
{
printf("Failed to allocate memory to store dev name!\n");
ESP_LOGE(TAG, "Failed to allocate memory to store dev name!\n");
return NULL;
}

View File

@ -0,0 +1,112 @@
#define CONFIG_ETH_USE_ESP32_EMAC
#include "esp_eth.h"
#include "esp_eth_mac.h"
#include "esp_eth_com.h"
#include "esp_eth_mac.h"
#include "esp_eth_phy.h"
#include "esp_err.h"
#include "esp_event.h"
#include "esp_netif.h"
#include "driver/gpio.h"
#include "esp_log.h"
#include "system.h"
static const char *TAG = "ethernet";
void ethernet_init()
{
if (esp_netif_init() != ESP_OK)
{
ESP_LOGE(TAG, "esp_netif_init failed!");
reboot();
}
esp_err_t err = esp_event_loop_create_default();
if (err != ESP_OK && err != ESP_ERR_INVALID_STATE)
{
ESP_LOGE(TAG, "esp_event_loop_create_default failed!");
reboot();
}
ESP_LOGI(TAG, "Initializing Ethernet MAC for WirelessTag WT32-ETH01...");
eth_esp32_emac_config_t mac_config = ETH_ESP32_EMAC_DEFAULT_CONFIG();
mac_config.clock_config.rmii.clock_mode = EMAC_CLK_EXT_IN;
mac_config.clock_config.rmii.clock_gpio = EMAC_CLK_IN_GPIO;
mac_config.smi_mdc_gpio_num = GPIO_NUM_23;
mac_config.smi_mdio_gpio_num = GPIO_NUM_18;
eth_mac_config_t eth_mac_config = ETH_MAC_DEFAULT_CONFIG();
eth_mac_config.sw_reset_timeout_ms = 1000;
esp_eth_mac_t *mac = esp_eth_mac_new_esp32(&mac_config, &eth_mac_config);
if (mac == NULL)
{
ESP_LOGE(TAG, "esp_eth_mac_new_esp32 failed!");
reboot();
}
ESP_LOGI(TAG, "Initializing Ethernet PHY (LAN8720A) for WT32-ETH01...");
eth_phy_config_t phy_config = ETH_PHY_DEFAULT_CONFIG();
phy_config.phy_addr = 1;
phy_config.reset_gpio_num = -1;
esp_eth_phy_t *phy = esp_eth_phy_new_lan87xx(&phy_config);
// Enable external oscillator (pulled down at boot to allow IO0 strapping)
ESP_ERROR_CHECK(gpio_set_direction(GPIO_NUM_16, GPIO_MODE_OUTPUT));
ESP_ERROR_CHECK(gpio_set_level(GPIO_NUM_16, 1));
ESP_LOGI(TAG, "Starting Ethernet interface...");
// Install and start Ethernet driver
esp_eth_config_t eth_config = ETH_DEFAULT_CONFIG(mac, phy);
esp_eth_handle_t eth_handle = NULL;
ESP_ERROR_CHECK(esp_eth_driver_install(&eth_config, &eth_handle));
if (eth_handle == NULL)
{
ESP_LOGE(TAG, "esp_eth_driver_install failed!");
reboot();
}
esp_netif_config_t const netif_config = ESP_NETIF_DEFAULT_ETH();
esp_netif_t *global_netif = esp_netif_new(&netif_config);
esp_eth_netif_glue_handle_t eth_netif_glue = esp_eth_new_netif_glue(eth_handle);
if (eth_netif_glue == NULL)
{
ESP_LOGE(TAG, "esp_eth_new_netif_glue failed!");
reboot();
}
ESP_ERROR_CHECK(esp_netif_attach(global_netif, eth_netif_glue));
ESP_ERROR_CHECK(esp_eth_start(eth_handle));
printf("Start Ethernet interface!\n");
/*ESP_LOGI(TAG, "Initializing Ethernet MAC for WirelessTag WT32-ETH01...");
eth_mac_config_t mac_config = ETH_MAC_DEFAULT_CONFIG();
eth_phy_config_t phy_config = ETH_PHY_DEFAULT_CONFIG();
phy_config.clock_config.rmii.clock_mode = EMAC_CLK_EXT_IN;
mac_config.clock_config.rmii.clock_gpio = EMAC_CLK_IN_GPIO;
phy_config.smi_mdc_gpio_num = 23;
phy_config.smi_mdio_gpio_num = 18;
mac_config.sw_reset_timeout_ms = 1000; // from ETH.cpp
mac = esp_eth_mac_new_esp32(&mac_config);
ESP_LOGI(TAG, "Initializing Ethernet PHY (LAN8720A) for WT32-ETH01...");
eth_phy_config_t phy_config = ETH_PHY_DEFAULT_CONFIG();
phy_config.phy_addr = 1;
phy_config.reset_gpio_num = -1;
phy = esp_eth_phy_new_lan87xx(&phy_config);
// Enable external oscillator (pulled down at boot to allow IO0 strapping)
ESP_ERROR_CHECK(gpio_set_direction(GPIO_NUM_16, GPIO_MODE_OUTPUT));
ESP_ERROR_CHECK(gpio_set_level(GPIO_NUM_16, 1));
ESP_LOGI(TAG, "Starting Ethernet interface...");
// Install and start Ethernet driver
esp_eth_config_t eth_config = ETH_DEFAULT_CONFIG(mac, phy);
esp_eth_handle_t eth_handle = nullptr;
ESP_ERROR_CHECK(esp_eth_driver_install(&eth_config, &eth_handle));
esp_netif_config_t const netif_config = ESP_NETIF_DEFAULT_ETH();
global_netif = esp_netif_new(&netif_config);
auto const eth_netif_glue = esp_eth_new_netif_glue(eth_handle);
ESP_ERROR_CHECK(esp_netif_attach(global_netif, eth_netif_glue));
ESP_ERROR_CHECK(esp_eth_start(eth_handle));*/
}

View File

@ -0,0 +1,24 @@
/**
* Unsecure API functions
*/
#pragma once
#ifdef __cplusplus
extern "C"
{
#endif
/**
* Initialize Ethernet connection
*/
void ethernet_init();
/**
* De-initialize Ethernet connection
*/
void ethernet_deinit();
#ifdef __cplusplus
}
#endif

View File

@ -1,46 +1,57 @@
#include <stdio.h>
#include "esp_system.h"
#include "esp_log.h"
#include "dev_name.h"
#include "storage.h"
#include "system.h"
#include "crypto.h"
#include "unsecure_api.h"
#include "ethernet.h"
static const char *TAG = "main";
void app_main(void)
{
printf("\n");
esp_log_level_set("*", ESP_LOG_VERBOSE);
ESP_LOGI(TAG, "SolarEnergy WT32-ETH01 device");
if (storage_init() == false)
{
printf("Failed to init storage!\n");
ESP_LOGE(TAG, "Failed to init storage!\n");
reboot();
}
if (dev_generate_name())
{
printf("Generated a new device name\n");
ESP_LOGI(TAG, "Generated a new device name\n");
}
char *name = dev_name();
printf("Dev name: %s\n", name);
ESP_LOGI(TAG, "Dev name: %s\n", name);
free(name);
if (crypto_gen_priv_key())
{
printf("Generated device private key!\n");
ESP_LOGI(TAG, "Generated device private key!\n");
}
printf("Device private key:\n");
ESP_LOGI(TAG, "Device private key:\n");
crypto_print_priv_key();
char *csr = crypto_get_csr();
printf("Current CSR:\n%s\n", csr);
ESP_LOGI(TAG, "Current CSR:\n%s\n", csr);
free(csr);
printf("Check secure origin\n");
ESP_LOGI(TAG, "Initialize network\n");
ethernet_init();
ESP_LOGI(TAG, "Check secure origin\n");
char *sec_orig = unsecure_api_get_secure_origin();
assert(sec_orig != NULL);
printf("Res = %s\n", sec_orig);
system_sleep(20);
reboot();
}

View File

@ -2,6 +2,7 @@
#include "storage.h"
#include "nvs_flash.h"
#include "nvs.h"
#include "esp_log.h"
#include <string.h>
#define STORAGE_NAMESPACE "storage"
@ -9,12 +10,14 @@
#define DEV_NAME_KEY "dev_name"
#define PRIVATE_KEY "prikey"
static const char *TAG = "storage";
bool storage_init()
{
esp_err_t err = nvs_flash_init();
if (err == ESP_ERR_NVS_NO_FREE_PAGES || err == ESP_ERR_NVS_NEW_VERSION_FOUND)
{
printf("Need to reset storage\n");
ESP_LOGI(TAG, "Need to reset storage\n");
// NVS partition was truncated and needs to be erased
// Retry nvs_flash_init

View File

@ -2,6 +2,14 @@
#include "esp_system.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
void system_sleep(size_t secs)
{
vTaskDelay((1000 * secs) / portTICK_PERIOD_MS);
}
void reboot()
{
fflush(stdout);

View File

@ -4,11 +4,18 @@
#pragma once
#include "stddef.h"
#ifdef __cplusplus
extern "C"
{
#endif
/**
* Sleep for a given amount of time
*/
void system_sleep(size_t secs);
/**
* Reboot ESP32
*/