Maxim Integrated
MAXREFDES143#: DeepCover Embedded Security in IoT Authenticated Sensing & Notification
Dependencies: MaximInterface mbed
The MAXREFDES143# is an Internet of Things (IoT) embedded security reference design, built to protect an industrial sensing node by means of authentication and notification to a web server. The hardware includes a peripheral module representing a protected sensor node monitoring operating temperature and remaining life of a filter (simulated through ambient light sensing) and an mbed shield representing a controller node responsible for monitoring one or more sensor nodes. The design is hierarchical with each controller node communicating data from connected sensor nodes to a web server that maintains a centralized log and dispatches notifications as necessary. The mbed shield contains a Wi-Fi module, a DS2465 coprocessor with 1-Wire® master function, an LCD, LEDs, and pushbuttons. The protected sensor node contains a DS28E15 authenticator, a DS7505 temperature sensor, and a MAX44009 light sensor. The mbed shield communicates to a web server by the onboard Wi-Fi module and to the protected sensor node with I2C and 1-Wire. The MAXREFDES143# is equipped with a standard shield connector for immediate testing using an mbed board such as the MAX32600MBED#. The simplicity of this design enables rapid integration into any star-topology IoT network requiring the heightened security with low overhead provided by the SHA-256 symmetric-key algorithm.
More information about the MAXREFDES143# is available on the Maxim Integrated website.
WebServerInterface.cpp@29:590a7561318b, 2017-01-26 (annotated)
- Committer:
- IanBenzMaxim
- Date:
- Thu Jan 26 16:55:23 2017 -0600
- Revision:
- 29:590a7561318b
- Parent:
- 28:e5cdaf13d299
- Child:
- 30:0784010d6975
Rollback to mbed 2 for stability until online compiler issues with mbed 5 can be resolved.
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| IanBenzMaxim | 1:e1c7c1c636af | 1 | /******************************************************************************* |
| IanBenzMaxim | 1:e1c7c1c636af | 2 | * Copyright (C) 2016 Maxim Integrated Products, Inc., All Rights Reserved. |
| IanBenzMaxim | 1:e1c7c1c636af | 3 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 4 | * Permission is hereby granted, free of charge, to any person obtaining a |
| IanBenzMaxim | 1:e1c7c1c636af | 5 | * copy of this software and associated documentation files (the "Software"), |
| IanBenzMaxim | 1:e1c7c1c636af | 6 | * to deal in the Software without restriction, including without limitation |
| IanBenzMaxim | 1:e1c7c1c636af | 7 | * the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| IanBenzMaxim | 1:e1c7c1c636af | 8 | * and/or sell copies of the Software, and to permit persons to whom the |
| IanBenzMaxim | 1:e1c7c1c636af | 9 | * Software is furnished to do so, subject to the following conditions: |
| IanBenzMaxim | 1:e1c7c1c636af | 10 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 11 | * The above copyright notice and this permission notice shall be included |
| IanBenzMaxim | 1:e1c7c1c636af | 12 | * in all copies or substantial portions of the Software. |
| IanBenzMaxim | 1:e1c7c1c636af | 13 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 14 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
| IanBenzMaxim | 1:e1c7c1c636af | 15 | * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| IanBenzMaxim | 1:e1c7c1c636af | 16 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
| IanBenzMaxim | 1:e1c7c1c636af | 17 | * IN NO EVENT SHALL MAXIM INTEGRATED BE LIABLE FOR ANY CLAIM, DAMAGES |
| IanBenzMaxim | 1:e1c7c1c636af | 18 | * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, |
| IanBenzMaxim | 1:e1c7c1c636af | 19 | * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR |
| IanBenzMaxim | 1:e1c7c1c636af | 20 | * OTHER DEALINGS IN THE SOFTWARE. |
| IanBenzMaxim | 1:e1c7c1c636af | 21 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 22 | * Except as contained in this notice, the name of Maxim Integrated |
| IanBenzMaxim | 1:e1c7c1c636af | 23 | * Products, Inc. shall not be used except as stated in the Maxim Integrated |
| IanBenzMaxim | 1:e1c7c1c636af | 24 | * Products, Inc. Branding Policy. |
| IanBenzMaxim | 1:e1c7c1c636af | 25 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 26 | * The mere transfer of this software does not imply any licenses |
| IanBenzMaxim | 1:e1c7c1c636af | 27 | * of trade secrets, proprietary technology, copyrights, patents, |
| IanBenzMaxim | 1:e1c7c1c636af | 28 | * trademarks, maskwork rights, or any other form of intellectual |
| IanBenzMaxim | 1:e1c7c1c636af | 29 | * property whatsoever. Maxim Integrated Products, Inc. retains all |
| IanBenzMaxim | 1:e1c7c1c636af | 30 | * ownership rights. |
| IanBenzMaxim | 1:e1c7c1c636af | 31 | ******************************************************************************* |
| IanBenzMaxim | 1:e1c7c1c636af | 32 | */ |
| IanBenzMaxim | 1:e1c7c1c636af | 33 | |
| IanBenzMaxim | 1:e1c7c1c636af | 34 | #include <vector> |
| IanBenzMaxim | 1:e1c7c1c636af | 35 | #include "WebServerInterface.hpp" |
| IanBenzMaxim | 29:590a7561318b | 36 | #include "ESP8266.hpp" |
| IanBenzMaxim | 16:6bce01c1dd90 | 37 | #include "Slaves/Authenticators/ISha256MacCoproc.h" |
| IanBenzMaxim | 25:37ea43ff81be | 38 | #include "SensorData.hpp" |
| IanBenzMaxim | 25:37ea43ff81be | 39 | #include "HexConversions.hpp" |
| IanBenzMaxim | 6:b6bafd0a7013 | 40 | #include "Serial.h" |
| IanBenzMaxim | 6:b6bafd0a7013 | 41 | #include "wait_api.h" |
| IanBenzMaxim | 6:b6bafd0a7013 | 42 | |
| IanBenzMaxim | 8:594529956266 | 43 | using OneWire::ISha256MacCoproc; |
| IanBenzMaxim | 1:e1c7c1c636af | 44 | |
| IanBenzMaxim | 29:590a7561318b | 45 | const char WebServerInterface::wifiSsid[] = "TWS iPhone"; |
| IanBenzMaxim | 29:590a7561318b | 46 | const char WebServerInterface::wifiPassword[] = "maxim1234"; |
| IanBenzMaxim | 12:5f8727ba1493 | 47 | const char WebServerInterface::serverAddress[] = "www.mxim-security.us"; |
| IanBenzMaxim | 3:ac723be395d9 | 48 | const unsigned int WebServerInterface::serverPort = 80; |
| IanBenzMaxim | 1:e1c7c1c636af | 49 | const char WebServerInterface::serverPostPath[] = "/post.php"; |
| IanBenzMaxim | 1:e1c7c1c636af | 50 | const char WebServerInterface::serverChallengePath[] = "/challenge.php"; |
| IanBenzMaxim | 1:e1c7c1c636af | 51 | |
| IanBenzMaxim | 1:e1c7c1c636af | 52 | // HTTP formatting constants |
| IanBenzMaxim | 1:e1c7c1c636af | 53 | static const char keyValSeparator = '='; |
| IanBenzMaxim | 1:e1c7c1c636af | 54 | static const char fieldSeparator = '&'; |
| IanBenzMaxim | 1:e1c7c1c636af | 55 | static const std::string newline = "\r\n"; |
| IanBenzMaxim | 1:e1c7c1c636af | 56 | static const char sessionIdKey[] = "SessionId"; |
| IanBenzMaxim | 1:e1c7c1c636af | 57 | |
| IanBenzMaxim | 1:e1c7c1c636af | 58 | // Authentication MAC constants |
| IanBenzMaxim | 6:b6bafd0a7013 | 59 | static const size_t challengeLen = 32; |
| IanBenzMaxim | 6:b6bafd0a7013 | 60 | static const uint8_t defaultPaddingByte = 0x00; |
| IanBenzMaxim | 1:e1c7c1c636af | 61 | |
| IanBenzMaxim | 1:e1c7c1c636af | 62 | /// Select the Transport Secret for the web server in the Controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 63 | /// @returns True on success. |
| IanBenzMaxim | 25:37ea43ff81be | 64 | static bool setHttpPostSecret(ISha256MacCoproc & MacCoproc, const OneWire::RomId & sessionId) |
| IanBenzMaxim | 1:e1c7c1c636af | 65 | { |
| IanBenzMaxim | 25:37ea43ff81be | 66 | ISha256MacCoproc::DevicePage fillData; |
| IanBenzMaxim | 25:37ea43ff81be | 67 | fillData.fill(defaultPaddingByte); |
| IanBenzMaxim | 25:37ea43ff81be | 68 | ISha256MacCoproc::SlaveSecretData secretData; |
| IanBenzMaxim | 25:37ea43ff81be | 69 | secretData.fill(defaultPaddingByte); |
| IanBenzMaxim | 25:37ea43ff81be | 70 | std::copy(sessionId.buffer.begin(), sessionId.buffer.end(), secretData.begin()); |
| IanBenzMaxim | 25:37ea43ff81be | 71 | return (MacCoproc.computeSlaveSecret(fillData, fillData, secretData) == ISha256MacCoproc::Success); |
| IanBenzMaxim | 1:e1c7c1c636af | 72 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 73 | |
| IanBenzMaxim | 29:590a7561318b | 74 | bool WebServerInterface::initialize() |
| IanBenzMaxim | 29:590a7561318b | 75 | { |
| IanBenzMaxim | 29:590a7561318b | 76 | esp8266.setPowered(true); |
| IanBenzMaxim | 29:590a7561318b | 77 | esp8266.reset(); |
| IanBenzMaxim | 29:590a7561318b | 78 | bool result = (esp8266.performSelfTest() == ESP8266::AT_OK); |
| IanBenzMaxim | 29:590a7561318b | 79 | if (result) |
| IanBenzMaxim | 29:590a7561318b | 80 | { |
| IanBenzMaxim | 29:590a7561318b | 81 | result = (esp8266.setCurrentWifiMode(ESP8266::softAP_station_mode) == ESP8266::AT_OK); |
| IanBenzMaxim | 29:590a7561318b | 82 | } |
| IanBenzMaxim | 29:590a7561318b | 83 | if (result) |
| IanBenzMaxim | 29:590a7561318b | 84 | { |
| IanBenzMaxim | 29:590a7561318b | 85 | result = (esp8266.setMaxRFTXPower(10) == ESP8266::AT_OK); |
| IanBenzMaxim | 29:590a7561318b | 86 | } |
| IanBenzMaxim | 29:590a7561318b | 87 | if (result) |
| IanBenzMaxim | 29:590a7561318b | 88 | { |
| IanBenzMaxim | 29:590a7561318b | 89 | result = (esp8266.joinCurrentAccessPoint(wifiSsid, wifiPassword) == ESP8266::AT_OK); |
| IanBenzMaxim | 29:590a7561318b | 90 | } |
| IanBenzMaxim | 29:590a7561318b | 91 | return result; |
| IanBenzMaxim | 29:590a7561318b | 92 | } |
| IanBenzMaxim | 29:590a7561318b | 93 | |
| IanBenzMaxim | 1:e1c7c1c636af | 94 | /// Format an HTTP GET request as a string for transmission. |
| IanBenzMaxim | 1:e1c7c1c636af | 95 | /// @param host Web server address. |
| IanBenzMaxim | 1:e1c7c1c636af | 96 | /// @param path Web server location to retrieve. |
| IanBenzMaxim | 1:e1c7c1c636af | 97 | /// @param sessionId Session ID used to identify this controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 98 | /// @returns GET request string. |
| IanBenzMaxim | 1:e1c7c1c636af | 99 | static std::string formatHttpGet(const std::string & host, const std::string & path, const std::string & sessionId) |
| IanBenzMaxim | 1:e1c7c1c636af | 100 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 101 | std::ostringstream httpGetStream; |
| IanBenzMaxim | 1:e1c7c1c636af | 102 | httpGetStream << "GET " << path; |
| IanBenzMaxim | 1:e1c7c1c636af | 103 | if (sessionId.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 104 | httpGetStream << '?' << sessionIdKey << keyValSeparator << sessionId; |
| IanBenzMaxim | 1:e1c7c1c636af | 105 | httpGetStream << " HTTP/1.1" << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 106 | httpGetStream << "Host: " << host << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 107 | httpGetStream << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 108 | return httpGetStream.str(); |
| IanBenzMaxim | 1:e1c7c1c636af | 109 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 110 | |
| IanBenzMaxim | 1:e1c7c1c636af | 111 | /// Computes a MAC using the Transport Secret to sign HTTP POST requests. |
| IanBenzMaxim | 1:e1c7c1c636af | 112 | /// @param macCoproc Coprocessor such as the DS2465 used to calculate the authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 113 | /// @param input Message array used for MAC calculation. |
| IanBenzMaxim | 1:e1c7c1c636af | 114 | /// @param ilen Length of array input. |
| IanBenzMaxim | 1:e1c7c1c636af | 115 | /// @param output Calculated MAC output. |
| IanBenzMaxim | 6:b6bafd0a7013 | 116 | static void calculateHttpPostMac(const ISha256MacCoproc & macCoproc, const uint8_t * input, size_t ilen, ISha256MacCoproc::Mac & output) |
| IanBenzMaxim | 1:e1c7c1c636af | 117 | { |
| IanBenzMaxim | 6:b6bafd0a7013 | 118 | ISha256MacCoproc::DeviceScratchpad block; |
| IanBenzMaxim | 6:b6bafd0a7013 | 119 | size_t index = 0; |
| IanBenzMaxim | 6:b6bafd0a7013 | 120 | ISha256MacCoproc::AuthMacData padding; |
| IanBenzMaxim | 25:37ea43ff81be | 121 | padding.fill(defaultPaddingByte); |
| IanBenzMaxim | 25:37ea43ff81be | 122 | output.fill(defaultPaddingByte); // Set initial hash value |
| IanBenzMaxim | 1:e1c7c1c636af | 123 | while (index < ilen) |
| IanBenzMaxim | 1:e1c7c1c636af | 124 | { |
| IanBenzMaxim | 25:37ea43ff81be | 125 | if ((index + block.size()) <= ilen) // Full block |
| IanBenzMaxim | 1:e1c7c1c636af | 126 | { |
| IanBenzMaxim | 25:37ea43ff81be | 127 | std::memcpy(block.data(), &input[index], block.size()); |
| IanBenzMaxim | 25:37ea43ff81be | 128 | index += block.size(); |
| IanBenzMaxim | 1:e1c7c1c636af | 129 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 130 | else // Partial block with padding |
| IanBenzMaxim | 1:e1c7c1c636af | 131 | { |
| IanBenzMaxim | 25:37ea43ff81be | 132 | std::memcpy(block.data(), &input[index], ilen - index); |
| IanBenzMaxim | 25:37ea43ff81be | 133 | std::memset(&block[ilen - index], defaultPaddingByte, block.size() - (ilen - index)); |
| IanBenzMaxim | 1:e1c7c1c636af | 134 | index = ilen; |
| IanBenzMaxim | 1:e1c7c1c636af | 135 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 136 | // Write data to coprocessor and hash block |
| IanBenzMaxim | 1:e1c7c1c636af | 137 | macCoproc.computeAuthMac(output, block, padding, output); |
| IanBenzMaxim | 1:e1c7c1c636af | 138 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 139 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 140 | |
| IanBenzMaxim | 1:e1c7c1c636af | 141 | /// Format an HTTP POST request as a string for transmission. |
| IanBenzMaxim | 1:e1c7c1c636af | 142 | /// @param host Web server address. |
| IanBenzMaxim | 1:e1c7c1c636af | 143 | /// @param path Web server location to receive POST. |
| IanBenzMaxim | 1:e1c7c1c636af | 144 | /// @param sessionId Session ID used to identify this Controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 145 | /// @param macCoproc Coprocessor such as the DS2465 used to calculate the authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 146 | /// @param event Event message type. |
| IanBenzMaxim | 1:e1c7c1c636af | 147 | /// @param initialPostBody Message body as determined by the event message type. |
| IanBenzMaxim | 1:e1c7c1c636af | 148 | /// @param challenge Challenge previously received from web server for use in authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 149 | /// @returns POST request string. |
| IanBenzMaxim | 1:e1c7c1c636af | 150 | static std::string formatHttpPost(const std::string & host, const std::string & path, const std::string & sessionId, |
| IanBenzMaxim | 6:b6bafd0a7013 | 151 | const ISha256MacCoproc & macCoproc, PostEvent event, const std::string & initialPostBody, |
| IanBenzMaxim | 6:b6bafd0a7013 | 152 | const uint8_t (&challenge)[challengeLen]) |
| IanBenzMaxim | 1:e1c7c1c636af | 153 | { |
| IanBenzMaxim | 6:b6bafd0a7013 | 154 | const size_t headerReserve = 115, bodyReserve = 200; |
| IanBenzMaxim | 1:e1c7c1c636af | 155 | |
| IanBenzMaxim | 1:e1c7c1c636af | 156 | std::string httpPost; |
| IanBenzMaxim | 1:e1c7c1c636af | 157 | httpPost.reserve(initialPostBody.length() + headerReserve + bodyReserve); |
| IanBenzMaxim | 1:e1c7c1c636af | 158 | |
| IanBenzMaxim | 1:e1c7c1c636af | 159 | // Add session ID to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 160 | if (sessionId.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 161 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 162 | httpPost += sessionIdKey; |
| IanBenzMaxim | 1:e1c7c1c636af | 163 | httpPost += keyValSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 164 | httpPost += sessionId; |
| IanBenzMaxim | 1:e1c7c1c636af | 165 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 166 | |
| IanBenzMaxim | 1:e1c7c1c636af | 167 | // Add event to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 168 | std::string eventString; |
| IanBenzMaxim | 1:e1c7c1c636af | 169 | switch (event) |
| IanBenzMaxim | 1:e1c7c1c636af | 170 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 171 | case SensorDataEvent: |
| IanBenzMaxim | 1:e1c7c1c636af | 172 | eventString = "SensorData"; |
| IanBenzMaxim | 1:e1c7c1c636af | 173 | break; |
| IanBenzMaxim | 1:e1c7c1c636af | 174 | |
| IanBenzMaxim | 1:e1c7c1c636af | 175 | case InvalidSensorEvent: |
| IanBenzMaxim | 1:e1c7c1c636af | 176 | eventString = "InvalidSensor"; |
| IanBenzMaxim | 1:e1c7c1c636af | 177 | break; |
| IanBenzMaxim | 1:e1c7c1c636af | 178 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 179 | if (eventString.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 180 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 181 | if (httpPost.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 182 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 183 | httpPost += "Event"; |
| IanBenzMaxim | 1:e1c7c1c636af | 184 | httpPost += keyValSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 185 | httpPost += eventString; |
| IanBenzMaxim | 1:e1c7c1c636af | 186 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 187 | |
| IanBenzMaxim | 1:e1c7c1c636af | 188 | // Add initial post body |
| IanBenzMaxim | 1:e1c7c1c636af | 189 | if (initialPostBody.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 190 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 191 | if (httpPost.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 192 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 193 | httpPost += initialPostBody; |
| IanBenzMaxim | 1:e1c7c1c636af | 194 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 195 | |
| IanBenzMaxim | 1:e1c7c1c636af | 196 | // Combine initial post body with initial secret and hash |
| IanBenzMaxim | 6:b6bafd0a7013 | 197 | std::vector<uint8_t> hashInput; |
| IanBenzMaxim | 1:e1c7c1c636af | 198 | hashInput.reserve(challengeLen + httpPost.length()); |
| IanBenzMaxim | 25:37ea43ff81be | 199 | hashInput.assign(challenge, challenge + challengeLen); |
| IanBenzMaxim | 1:e1c7c1c636af | 200 | hashInput.insert(hashInput.end(), httpPost.begin(), httpPost.end()); |
| IanBenzMaxim | 6:b6bafd0a7013 | 201 | ISha256MacCoproc::Mac mac; |
| IanBenzMaxim | 1:e1c7c1c636af | 202 | calculateHttpPostMac(macCoproc, &hashInput[0], hashInput.size(), mac); |
| IanBenzMaxim | 1:e1c7c1c636af | 203 | |
| IanBenzMaxim | 1:e1c7c1c636af | 204 | char contentLen[5]; |
| IanBenzMaxim | 25:37ea43ff81be | 205 | snprintf(contentLen, sizeof(contentLen) / sizeof(contentLen[0]), "%u", (hashInput.size() - challengeLen) + (mac.size() * charsPerByte) + 5 /* &MAC= */); |
| IanBenzMaxim | 1:e1c7c1c636af | 206 | |
| IanBenzMaxim | 1:e1c7c1c636af | 207 | // Construct full post request |
| IanBenzMaxim | 1:e1c7c1c636af | 208 | httpPost = ""; |
| IanBenzMaxim | 1:e1c7c1c636af | 209 | httpPost += "POST "; |
| IanBenzMaxim | 1:e1c7c1c636af | 210 | httpPost += path; |
| IanBenzMaxim | 1:e1c7c1c636af | 211 | httpPost += " HTTP/1.1"; |
| IanBenzMaxim | 1:e1c7c1c636af | 212 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 213 | httpPost += "Host: "; |
| IanBenzMaxim | 1:e1c7c1c636af | 214 | httpPost += host; |
| IanBenzMaxim | 1:e1c7c1c636af | 215 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 216 | httpPost += "Accept: */*"; |
| IanBenzMaxim | 1:e1c7c1c636af | 217 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 218 | httpPost += "Content-Length: "; |
| IanBenzMaxim | 1:e1c7c1c636af | 219 | httpPost += contentLen; |
| IanBenzMaxim | 1:e1c7c1c636af | 220 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 221 | httpPost += "Content-Type: application/x-www-form-urlencoded"; |
| IanBenzMaxim | 1:e1c7c1c636af | 222 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 223 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 224 | // Add post body |
| IanBenzMaxim | 1:e1c7c1c636af | 225 | httpPost.append(reinterpret_cast<char *>(&hashInput[challengeLen]), hashInput.size() - challengeLen); |
| IanBenzMaxim | 1:e1c7c1c636af | 226 | // Convert hash to hex string and add to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 227 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 228 | httpPost += "MAC"; |
| IanBenzMaxim | 1:e1c7c1c636af | 229 | httpPost += keyValSeparator; |
| IanBenzMaxim | 25:37ea43ff81be | 230 | byteArrayToHexString(mac.data(), mac.size(), httpPost); |
| IanBenzMaxim | 1:e1c7c1c636af | 231 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 232 | |
| IanBenzMaxim | 1:e1c7c1c636af | 233 | return httpPost; |
| IanBenzMaxim | 1:e1c7c1c636af | 234 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 235 | |
| IanBenzMaxim | 6:b6bafd0a7013 | 236 | bool WebServerInterface::authPostHttpEvent(ISha256MacCoproc & macCoproc, PostEvent event, const std::string & postData, bool setSecret) |
| IanBenzMaxim | 1:e1c7c1c636af | 237 | { |
| IanBenzMaxim | 29:590a7561318b | 238 | const std::string challengeSearch(newline + newline); |
| IanBenzMaxim | 1:e1c7c1c636af | 239 | bool result; |
| IanBenzMaxim | 29:590a7561318b | 240 | uint8_t challenge[challengeLen]; |
| IanBenzMaxim | 29:590a7561318b | 241 | std::string response; |
| IanBenzMaxim | 29:590a7561318b | 242 | |
| IanBenzMaxim | 29:590a7561318b | 243 | std::memset(challenge, defaultPaddingByte, challengeLen); |
| IanBenzMaxim | 29:590a7561318b | 244 | response.reserve(300); |
| IanBenzMaxim | 1:e1c7c1c636af | 245 | |
| IanBenzMaxim | 1:e1c7c1c636af | 246 | if (setSecret) |
| IanBenzMaxim | 1:e1c7c1c636af | 247 | { |
| IanBenzMaxim | 25:37ea43ff81be | 248 | result = setHttpPostSecret(macCoproc, m_sessionId); |
| IanBenzMaxim | 1:e1c7c1c636af | 249 | if (!result) |
| IanBenzMaxim | 1:e1c7c1c636af | 250 | return result; |
| IanBenzMaxim | 1:e1c7c1c636af | 251 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 252 | |
| IanBenzMaxim | 1:e1c7c1c636af | 253 | // Open connection |
| IanBenzMaxim | 29:590a7561318b | 254 | esp8266.clearRecvData(); // Clear received data buffer |
| IanBenzMaxim | 29:590a7561318b | 255 | result = (esp8266.openConnection(ESP8266::TCP, serverAddress, 80) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 256 | if (result) |
| IanBenzMaxim | 1:e1c7c1c636af | 257 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 258 | // Request challenge |
| IanBenzMaxim | 29:590a7561318b | 259 | result = (esp8266.sendData(formatHttpGet(serverAddress, serverChallengePath, m_sessionIdString)) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 260 | if (result) |
| IanBenzMaxim | 1:e1c7c1c636af | 261 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 262 | // Receive server response |
| IanBenzMaxim | 29:590a7561318b | 263 | for (int i = 0; i < 10; i++) |
| IanBenzMaxim | 29:590a7561318b | 264 | { |
| IanBenzMaxim | 29:590a7561318b | 265 | while (esp8266.recvIpDataReadable()) |
| IanBenzMaxim | 1:e1c7c1c636af | 266 | { |
| IanBenzMaxim | 29:590a7561318b | 267 | char read = esp8266.getcRecvIpData(); |
| IanBenzMaxim | 29:590a7561318b | 268 | if (response.length() < response.capacity()) |
| IanBenzMaxim | 1:e1c7c1c636af | 269 | { |
| IanBenzMaxim | 29:590a7561318b | 270 | response += read; |
| IanBenzMaxim | 1:e1c7c1c636af | 271 | } |
| IanBenzMaxim | 29:590a7561318b | 272 | else |
| IanBenzMaxim | 1:e1c7c1c636af | 273 | { |
| IanBenzMaxim | 29:590a7561318b | 274 | wait_ms(ESP8266::sendDataRecoveryTimeMs); // Wait for ESP8266 specified recovery time |
| IanBenzMaxim | 29:590a7561318b | 275 | goto close_get_connection; |
| IanBenzMaxim | 1:e1c7c1c636af | 276 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 277 | } |
| IanBenzMaxim | 29:590a7561318b | 278 | wait_ms(100); |
| IanBenzMaxim | 29:590a7561318b | 279 | } |
| IanBenzMaxim | 29:590a7561318b | 280 | // Close connection |
| IanBenzMaxim | 29:590a7561318b | 281 | close_get_connection: |
| IanBenzMaxim | 29:590a7561318b | 282 | esp8266.closeConnection(); |
| IanBenzMaxim | 29:590a7561318b | 283 | |
| IanBenzMaxim | 29:590a7561318b | 284 | // Parse challenge from response |
| IanBenzMaxim | 29:590a7561318b | 285 | size_t challengePos = response.find(challengeSearch); |
| IanBenzMaxim | 29:590a7561318b | 286 | if ((challengePos != std::string::npos) && ((challengePos + challengeSearch.length() + (challengeLen * charsPerByte)) <= response.length())) |
| IanBenzMaxim | 29:590a7561318b | 287 | { |
| IanBenzMaxim | 29:590a7561318b | 288 | challengePos += challengeSearch.length(); |
| IanBenzMaxim | 29:590a7561318b | 289 | for (size_t i = 0; i < challengeLen; i++) |
| IanBenzMaxim | 29:590a7561318b | 290 | { |
| IanBenzMaxim | 29:590a7561318b | 291 | std::sscanf(response.substr(challengePos + (i * charsPerByte), charsPerByte).c_str(), "%2hhx", &challenge[i]); |
| IanBenzMaxim | 29:590a7561318b | 292 | } |
| IanBenzMaxim | 29:590a7561318b | 293 | } |
| IanBenzMaxim | 29:590a7561318b | 294 | |
| IanBenzMaxim | 29:590a7561318b | 295 | // Post sensor data |
| IanBenzMaxim | 29:590a7561318b | 296 | result = (esp8266.openConnection(ESP8266::TCP, serverAddress, serverPort) == ESP8266::AT_OK); |
| IanBenzMaxim | 29:590a7561318b | 297 | if (result) |
| IanBenzMaxim | 29:590a7561318b | 298 | { |
| IanBenzMaxim | 29:590a7561318b | 299 | result = (esp8266.sendData(formatHttpPost(serverAddress, serverPostPath, m_sessionIdString, macCoproc, event, postData, challenge)) == ESP8266::AT_OK); |
| IanBenzMaxim | 29:590a7561318b | 300 | wait_ms(ESP8266::sendDataRecoveryTimeMs); // Wait for ESP8266 specified recovery time |
| IanBenzMaxim | 1:e1c7c1c636af | 301 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 302 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 303 | |
| IanBenzMaxim | 1:e1c7c1c636af | 304 | // Close connection |
| IanBenzMaxim | 29:590a7561318b | 305 | esp8266.closeConnection(); |
| IanBenzMaxim | 1:e1c7c1c636af | 306 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 307 | |
| IanBenzMaxim | 1:e1c7c1c636af | 308 | return result; |
| IanBenzMaxim | 1:e1c7c1c636af | 309 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 310 | |
| IanBenzMaxim | 1:e1c7c1c636af | 311 | std::string WebServerInterface::formatSensorDataPostBody(const SensorData & sensorData) |
| IanBenzMaxim | 1:e1c7c1c636af | 312 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 313 | // Create initial post body string from input data |
| IanBenzMaxim | 1:e1c7c1c636af | 314 | std::ostringstream postBodyStream; |
| IanBenzMaxim | 1:e1c7c1c636af | 315 | postBodyStream << "Temp" << keyValSeparator << static_cast<int>(sensorData.temp); |
| IanBenzMaxim | 1:e1c7c1c636af | 316 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 317 | postBodyStream << "FilterLife" << keyValSeparator << static_cast<unsigned>(sensorData.filterLife); |
| IanBenzMaxim | 1:e1c7c1c636af | 318 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 319 | postBodyStream << "TempAlarm" << keyValSeparator << (sensorData.tempAlarm() ? "true" : "false"); |
| IanBenzMaxim | 1:e1c7c1c636af | 320 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 321 | postBodyStream << "FilterLifeAlarm" << keyValSeparator << (sensorData.filterLifeAlarm() ? "true" : "false"); |
| IanBenzMaxim | 1:e1c7c1c636af | 322 | return postBodyStream.str(); |
| IanBenzMaxim | 25:37ea43ff81be | 323 | } |
| IanBenzMaxim | 25:37ea43ff81be | 324 | |
| IanBenzMaxim | 25:37ea43ff81be | 325 | void WebServerInterface::setSessionId(const OneWire::RomId & sessionId) |
| IanBenzMaxim | 25:37ea43ff81be | 326 | { |
| IanBenzMaxim | 25:37ea43ff81be | 327 | m_sessionIdString = byteArrayToHexString(sessionId.buffer.data(), sessionId.buffer.size()); |
| IanBenzMaxim | 25:37ea43ff81be | 328 | m_sessionId = sessionId; |
| IanBenzMaxim | 1:e1c7c1c636af | 329 | } |
Repository toolbox
| Export to desktop IDE |
| Build repository |
Repository details
| Type: | Program |
|---|---|
| Mbed OS support: | Mbed 2 deprecated |
| Created: | 13 Apr 2016 |
| Imports: | 94 |
| Forks: | 0 |
| Commits: | 36 |
| Dependents: | 0 |
| Dependencies: | 2 |
| Followers: | 65 |
MAXREFDES143#: DeepCover Embedded Security in IoT Authenticated Sensing & Notification