Maxim Integrated
MAXREFDES143#: DeepCover Embedded Security in IoT Authenticated Sensing & Notification
Dependencies: MaximInterface mbed
The MAXREFDES143# is an Internet of Things (IoT) embedded security reference design, built to protect an industrial sensing node by means of authentication and notification to a web server. The hardware includes a peripheral module representing a protected sensor node monitoring operating temperature and remaining life of a filter (simulated through ambient light sensing) and an mbed shield representing a controller node responsible for monitoring one or more sensor nodes. The design is hierarchical with each controller node communicating data from connected sensor nodes to a web server that maintains a centralized log and dispatches notifications as necessary. The mbed shield contains a Wi-Fi module, a DS2465 coprocessor with 1-Wire® master function, an LCD, LEDs, and pushbuttons. The protected sensor node contains a DS28E15 authenticator, a DS7505 temperature sensor, and a MAX44009 light sensor. The mbed shield communicates to a web server by the onboard Wi-Fi module and to the protected sensor node with I2C and 1-Wire. The MAXREFDES143# is equipped with a standard shield connector for immediate testing using an mbed board such as the MAX32600MBED#. The simplicity of this design enables rapid integration into any star-topology IoT network requiring the heightened security with low overhead provided by the SHA-256 symmetric-key algorithm.
More information about the MAXREFDES143# is available on the Maxim Integrated website.
WebServerInterface.cpp@1:e1c7c1c636af, 2016-04-14 (annotated)
- Committer:
- IanBenzMaxim
- Date:
- Thu Apr 14 19:48:01 2016 +0000
- Revision:
- 1:e1c7c1c636af
- Child:
- 3:ac723be395d9
Add initial source files.
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| IanBenzMaxim | 1:e1c7c1c636af | 1 | /******************************************************************************* |
| IanBenzMaxim | 1:e1c7c1c636af | 2 | * Copyright (C) 2016 Maxim Integrated Products, Inc., All Rights Reserved. |
| IanBenzMaxim | 1:e1c7c1c636af | 3 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 4 | * Permission is hereby granted, free of charge, to any person obtaining a |
| IanBenzMaxim | 1:e1c7c1c636af | 5 | * copy of this software and associated documentation files (the "Software"), |
| IanBenzMaxim | 1:e1c7c1c636af | 6 | * to deal in the Software without restriction, including without limitation |
| IanBenzMaxim | 1:e1c7c1c636af | 7 | * the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| IanBenzMaxim | 1:e1c7c1c636af | 8 | * and/or sell copies of the Software, and to permit persons to whom the |
| IanBenzMaxim | 1:e1c7c1c636af | 9 | * Software is furnished to do so, subject to the following conditions: |
| IanBenzMaxim | 1:e1c7c1c636af | 10 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 11 | * The above copyright notice and this permission notice shall be included |
| IanBenzMaxim | 1:e1c7c1c636af | 12 | * in all copies or substantial portions of the Software. |
| IanBenzMaxim | 1:e1c7c1c636af | 13 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 14 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
| IanBenzMaxim | 1:e1c7c1c636af | 15 | * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| IanBenzMaxim | 1:e1c7c1c636af | 16 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
| IanBenzMaxim | 1:e1c7c1c636af | 17 | * IN NO EVENT SHALL MAXIM INTEGRATED BE LIABLE FOR ANY CLAIM, DAMAGES |
| IanBenzMaxim | 1:e1c7c1c636af | 18 | * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, |
| IanBenzMaxim | 1:e1c7c1c636af | 19 | * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR |
| IanBenzMaxim | 1:e1c7c1c636af | 20 | * OTHER DEALINGS IN THE SOFTWARE. |
| IanBenzMaxim | 1:e1c7c1c636af | 21 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 22 | * Except as contained in this notice, the name of Maxim Integrated |
| IanBenzMaxim | 1:e1c7c1c636af | 23 | * Products, Inc. shall not be used except as stated in the Maxim Integrated |
| IanBenzMaxim | 1:e1c7c1c636af | 24 | * Products, Inc. Branding Policy. |
| IanBenzMaxim | 1:e1c7c1c636af | 25 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 26 | * The mere transfer of this software does not imply any licenses |
| IanBenzMaxim | 1:e1c7c1c636af | 27 | * of trade secrets, proprietary technology, copyrights, patents, |
| IanBenzMaxim | 1:e1c7c1c636af | 28 | * trademarks, maskwork rights, or any other form of intellectual |
| IanBenzMaxim | 1:e1c7c1c636af | 29 | * property whatsoever. Maxim Integrated Products, Inc. retains all |
| IanBenzMaxim | 1:e1c7c1c636af | 30 | * ownership rights. |
| IanBenzMaxim | 1:e1c7c1c636af | 31 | ******************************************************************************* |
| IanBenzMaxim | 1:e1c7c1c636af | 32 | */ |
| IanBenzMaxim | 1:e1c7c1c636af | 33 | |
| IanBenzMaxim | 1:e1c7c1c636af | 34 | #include <vector> |
| IanBenzMaxim | 1:e1c7c1c636af | 35 | |
| IanBenzMaxim | 1:e1c7c1c636af | 36 | #include "WebServerInterface.hpp" |
| IanBenzMaxim | 1:e1c7c1c636af | 37 | #include "ESP8266.hpp" |
| IanBenzMaxim | 1:e1c7c1c636af | 38 | #include "OneWire_Masters/ISha256MacCoprocessor.hpp" |
| IanBenzMaxim | 1:e1c7c1c636af | 39 | #include "common.hpp" |
| IanBenzMaxim | 1:e1c7c1c636af | 40 | #include "mbed.h" |
| IanBenzMaxim | 1:e1c7c1c636af | 41 | |
| IanBenzMaxim | 1:e1c7c1c636af | 42 | const char WebServerInterface::wifiSsid[] = "WifiSsid"; |
| IanBenzMaxim | 1:e1c7c1c636af | 43 | const char WebServerInterface::wifiPassword[] = "WifiPassword"; |
| IanBenzMaxim | 1:e1c7c1c636af | 44 | const char WebServerInterface::serverAddress[] = "website.com"; |
| IanBenzMaxim | 1:e1c7c1c636af | 45 | const char WebServerInterface::serverPostPath[] = "/post.php"; |
| IanBenzMaxim | 1:e1c7c1c636af | 46 | const char WebServerInterface::serverChallengePath[] = "/challenge.php"; |
| IanBenzMaxim | 1:e1c7c1c636af | 47 | |
| IanBenzMaxim | 1:e1c7c1c636af | 48 | // HTTP formatting constants |
| IanBenzMaxim | 1:e1c7c1c636af | 49 | static const char keyValSeparator = '='; |
| IanBenzMaxim | 1:e1c7c1c636af | 50 | static const char fieldSeparator = '&'; |
| IanBenzMaxim | 1:e1c7c1c636af | 51 | static const std::string newline = "\r\n"; |
| IanBenzMaxim | 1:e1c7c1c636af | 52 | static const char sessionIdKey[] = "SessionId"; |
| IanBenzMaxim | 1:e1c7c1c636af | 53 | |
| IanBenzMaxim | 1:e1c7c1c636af | 54 | // Authentication MAC constants |
| IanBenzMaxim | 1:e1c7c1c636af | 55 | static const std::size_t challengeLen = 32; |
| IanBenzMaxim | 1:e1c7c1c636af | 56 | static const std::uint8_t defaultPaddingByte = 0x00; |
| IanBenzMaxim | 1:e1c7c1c636af | 57 | |
| IanBenzMaxim | 1:e1c7c1c636af | 58 | /// Select the Transport Secret for the web server in the Controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 59 | /// @returns True on success. |
| IanBenzMaxim | 1:e1c7c1c636af | 60 | static bool setHttpPostSecret(ISha256MacCoprocessor & MacCoproc) |
| IanBenzMaxim | 1:e1c7c1c636af | 61 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 62 | ISha256MacCoprocessor::DevicePage fillData; |
| IanBenzMaxim | 1:e1c7c1c636af | 63 | std::memset(fillData, defaultPaddingByte, fillData.length); |
| IanBenzMaxim | 1:e1c7c1c636af | 64 | return (MacCoproc.computeSlaveSecret(fillData, fillData, reinterpret_cast<ISha256MacCoprocessor::SlaveSecretData &>(fillData)) == ISha256MacCoprocessor::Success); |
| IanBenzMaxim | 1:e1c7c1c636af | 65 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 66 | |
| IanBenzMaxim | 1:e1c7c1c636af | 67 | WebServerInterface::WebServerInterface(ESP8266 & esp8266, mbed::Serial * pc) |
| IanBenzMaxim | 1:e1c7c1c636af | 68 | : esp8266(esp8266), pc(pc) |
| IanBenzMaxim | 1:e1c7c1c636af | 69 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 70 | |
| IanBenzMaxim | 1:e1c7c1c636af | 71 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 72 | |
| IanBenzMaxim | 1:e1c7c1c636af | 73 | bool WebServerInterface::initialize() |
| IanBenzMaxim | 1:e1c7c1c636af | 74 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 75 | esp8266.setPowered(true); |
| IanBenzMaxim | 1:e1c7c1c636af | 76 | esp8266.reset(); |
| IanBenzMaxim | 1:e1c7c1c636af | 77 | bool result = (esp8266.performSelfTest() == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 78 | if (!result) |
| IanBenzMaxim | 1:e1c7c1c636af | 79 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 80 | return false; |
| IanBenzMaxim | 1:e1c7c1c636af | 81 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 82 | result = (esp8266.setCurrentWifiMode(ESP8266::softAP_station_mode) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 83 | if (!result) |
| IanBenzMaxim | 1:e1c7c1c636af | 84 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 85 | return false; |
| IanBenzMaxim | 1:e1c7c1c636af | 86 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 87 | result = (esp8266.setMaxRFTXPower(10) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 88 | if (!result) |
| IanBenzMaxim | 1:e1c7c1c636af | 89 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 90 | return false; |
| IanBenzMaxim | 1:e1c7c1c636af | 91 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 92 | result = (esp8266.joinCurrentAccessPoint(wifiSsid, wifiPassword) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 93 | if (!result) |
| IanBenzMaxim | 1:e1c7c1c636af | 94 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 95 | return false; |
| IanBenzMaxim | 1:e1c7c1c636af | 96 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 97 | return true; |
| IanBenzMaxim | 1:e1c7c1c636af | 98 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 99 | |
| IanBenzMaxim | 1:e1c7c1c636af | 100 | /// Format an HTTP GET request as a string for transmission. |
| IanBenzMaxim | 1:e1c7c1c636af | 101 | /// @param host Web server address. |
| IanBenzMaxim | 1:e1c7c1c636af | 102 | /// @param path Web server location to retrieve. |
| IanBenzMaxim | 1:e1c7c1c636af | 103 | /// @param sessionId Session ID used to identify this controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 104 | /// @returns GET request string. |
| IanBenzMaxim | 1:e1c7c1c636af | 105 | static std::string formatHttpGet(const std::string & host, const std::string & path, const std::string & sessionId) |
| IanBenzMaxim | 1:e1c7c1c636af | 106 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 107 | std::ostringstream httpGetStream; |
| IanBenzMaxim | 1:e1c7c1c636af | 108 | httpGetStream << "GET " << path; |
| IanBenzMaxim | 1:e1c7c1c636af | 109 | if (sessionId.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 110 | httpGetStream << '?' << sessionIdKey << keyValSeparator << sessionId; |
| IanBenzMaxim | 1:e1c7c1c636af | 111 | httpGetStream << " HTTP/1.1" << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 112 | httpGetStream << "Host: " << host << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 113 | httpGetStream << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 114 | return httpGetStream.str(); |
| IanBenzMaxim | 1:e1c7c1c636af | 115 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 116 | |
| IanBenzMaxim | 1:e1c7c1c636af | 117 | /// Computes a MAC using the Transport Secret to sign HTTP POST requests. |
| IanBenzMaxim | 1:e1c7c1c636af | 118 | /// @param macCoproc Coprocessor such as the DS2465 used to calculate the authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 119 | /// @param input Message array used for MAC calculation. |
| IanBenzMaxim | 1:e1c7c1c636af | 120 | /// @param ilen Length of array input. |
| IanBenzMaxim | 1:e1c7c1c636af | 121 | /// @param output Calculated MAC output. |
| IanBenzMaxim | 1:e1c7c1c636af | 122 | static void calculateHttpPostMac(const ISha256MacCoprocessor & macCoproc, const std::uint8_t * input, std::size_t ilen, ISha256MacCoprocessor::Mac & output) |
| IanBenzMaxim | 1:e1c7c1c636af | 123 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 124 | ISha256MacCoprocessor::DeviceScratchpad block; |
| IanBenzMaxim | 1:e1c7c1c636af | 125 | std::size_t index = 0; |
| IanBenzMaxim | 1:e1c7c1c636af | 126 | ISha256MacCoprocessor::AuthMacData padding; |
| IanBenzMaxim | 1:e1c7c1c636af | 127 | std::memset(padding, defaultPaddingByte, padding.length); |
| IanBenzMaxim | 1:e1c7c1c636af | 128 | std::memset(output, defaultPaddingByte, output.length); // Set initial hash value |
| IanBenzMaxim | 1:e1c7c1c636af | 129 | while (index < ilen) |
| IanBenzMaxim | 1:e1c7c1c636af | 130 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 131 | if ((index + block.length) <= ilen) // Full block |
| IanBenzMaxim | 1:e1c7c1c636af | 132 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 133 | std::memcpy(block, &input[index], block.length); |
| IanBenzMaxim | 1:e1c7c1c636af | 134 | index += block.length; |
| IanBenzMaxim | 1:e1c7c1c636af | 135 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 136 | else // Partial block with padding |
| IanBenzMaxim | 1:e1c7c1c636af | 137 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 138 | std::memcpy(block, &input[index], ilen - index); |
| IanBenzMaxim | 1:e1c7c1c636af | 139 | std::memset(&block[ilen - index], defaultPaddingByte, block.length - (ilen - index)); |
| IanBenzMaxim | 1:e1c7c1c636af | 140 | index = ilen; |
| IanBenzMaxim | 1:e1c7c1c636af | 141 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 142 | // Write data to coprocessor and hash block |
| IanBenzMaxim | 1:e1c7c1c636af | 143 | macCoproc.computeAuthMac(output, block, padding, output); |
| IanBenzMaxim | 1:e1c7c1c636af | 144 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 145 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 146 | |
| IanBenzMaxim | 1:e1c7c1c636af | 147 | /// Format an HTTP POST request as a string for transmission. |
| IanBenzMaxim | 1:e1c7c1c636af | 148 | /// @param host Web server address. |
| IanBenzMaxim | 1:e1c7c1c636af | 149 | /// @param path Web server location to receive POST. |
| IanBenzMaxim | 1:e1c7c1c636af | 150 | /// @param sessionId Session ID used to identify this Controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 151 | /// @param macCoproc Coprocessor such as the DS2465 used to calculate the authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 152 | /// @param event Event message type. |
| IanBenzMaxim | 1:e1c7c1c636af | 153 | /// @param initialPostBody Message body as determined by the event message type. |
| IanBenzMaxim | 1:e1c7c1c636af | 154 | /// @param challenge Challenge previously received from web server for use in authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 155 | /// @returns POST request string. |
| IanBenzMaxim | 1:e1c7c1c636af | 156 | static std::string formatHttpPost(const std::string & host, const std::string & path, const std::string & sessionId, |
| IanBenzMaxim | 1:e1c7c1c636af | 157 | const ISha256MacCoprocessor & macCoproc, PostEvent event, const std::string & initialPostBody, |
| IanBenzMaxim | 1:e1c7c1c636af | 158 | const std::uint8_t (&challenge)[challengeLen]) |
| IanBenzMaxim | 1:e1c7c1c636af | 159 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 160 | const std::size_t headerReserve = 115, bodyReserve = 200; |
| IanBenzMaxim | 1:e1c7c1c636af | 161 | |
| IanBenzMaxim | 1:e1c7c1c636af | 162 | std::string httpPost; |
| IanBenzMaxim | 1:e1c7c1c636af | 163 | httpPost.reserve(initialPostBody.length() + headerReserve + bodyReserve); |
| IanBenzMaxim | 1:e1c7c1c636af | 164 | |
| IanBenzMaxim | 1:e1c7c1c636af | 165 | // Add session ID to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 166 | if (sessionId.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 167 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 168 | httpPost += sessionIdKey; |
| IanBenzMaxim | 1:e1c7c1c636af | 169 | httpPost += keyValSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 170 | httpPost += sessionId; |
| IanBenzMaxim | 1:e1c7c1c636af | 171 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 172 | |
| IanBenzMaxim | 1:e1c7c1c636af | 173 | // Add event to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 174 | std::string eventString; |
| IanBenzMaxim | 1:e1c7c1c636af | 175 | switch (event) |
| IanBenzMaxim | 1:e1c7c1c636af | 176 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 177 | case SensorDataEvent: |
| IanBenzMaxim | 1:e1c7c1c636af | 178 | eventString = "SensorData"; |
| IanBenzMaxim | 1:e1c7c1c636af | 179 | break; |
| IanBenzMaxim | 1:e1c7c1c636af | 180 | |
| IanBenzMaxim | 1:e1c7c1c636af | 181 | case InvalidSensorEvent: |
| IanBenzMaxim | 1:e1c7c1c636af | 182 | eventString = "InvalidSensor"; |
| IanBenzMaxim | 1:e1c7c1c636af | 183 | break; |
| IanBenzMaxim | 1:e1c7c1c636af | 184 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 185 | if (eventString.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 186 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 187 | if (httpPost.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 188 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 189 | httpPost += "Event"; |
| IanBenzMaxim | 1:e1c7c1c636af | 190 | httpPost += keyValSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 191 | httpPost += eventString; |
| IanBenzMaxim | 1:e1c7c1c636af | 192 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 193 | |
| IanBenzMaxim | 1:e1c7c1c636af | 194 | // Add initial post body |
| IanBenzMaxim | 1:e1c7c1c636af | 195 | if (initialPostBody.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 196 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 197 | if (httpPost.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 198 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 199 | httpPost += initialPostBody; |
| IanBenzMaxim | 1:e1c7c1c636af | 200 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 201 | |
| IanBenzMaxim | 1:e1c7c1c636af | 202 | // Combine initial post body with initial secret and hash |
| IanBenzMaxim | 1:e1c7c1c636af | 203 | std::vector<std::uint8_t> hashInput; |
| IanBenzMaxim | 1:e1c7c1c636af | 204 | hashInput.reserve(challengeLen + httpPost.length()); |
| IanBenzMaxim | 1:e1c7c1c636af | 205 | hashInput.insert(hashInput.end(), challenge, challenge + challengeLen); |
| IanBenzMaxim | 1:e1c7c1c636af | 206 | hashInput.insert(hashInput.end(), httpPost.begin(), httpPost.end()); |
| IanBenzMaxim | 1:e1c7c1c636af | 207 | ISha256MacCoprocessor::Mac mac; |
| IanBenzMaxim | 1:e1c7c1c636af | 208 | calculateHttpPostMac(macCoproc, &hashInput[0], hashInput.size(), mac); |
| IanBenzMaxim | 1:e1c7c1c636af | 209 | |
| IanBenzMaxim | 1:e1c7c1c636af | 210 | char contentLen[5]; |
| IanBenzMaxim | 1:e1c7c1c636af | 211 | std::snprintf(contentLen, sizeof(contentLen) / sizeof(char), "%u", (hashInput.size() - challengeLen) + (mac.length * charsPerByte) + 5 /* &MAC= */); |
| IanBenzMaxim | 1:e1c7c1c636af | 212 | |
| IanBenzMaxim | 1:e1c7c1c636af | 213 | // Construct full post request |
| IanBenzMaxim | 1:e1c7c1c636af | 214 | httpPost = ""; |
| IanBenzMaxim | 1:e1c7c1c636af | 215 | httpPost += "POST "; |
| IanBenzMaxim | 1:e1c7c1c636af | 216 | httpPost += path; |
| IanBenzMaxim | 1:e1c7c1c636af | 217 | httpPost += " HTTP/1.1"; |
| IanBenzMaxim | 1:e1c7c1c636af | 218 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 219 | httpPost += "Host: "; |
| IanBenzMaxim | 1:e1c7c1c636af | 220 | httpPost += host; |
| IanBenzMaxim | 1:e1c7c1c636af | 221 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 222 | httpPost += "Accept: */*"; |
| IanBenzMaxim | 1:e1c7c1c636af | 223 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 224 | httpPost += "Content-Length: "; |
| IanBenzMaxim | 1:e1c7c1c636af | 225 | httpPost += contentLen; |
| IanBenzMaxim | 1:e1c7c1c636af | 226 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 227 | httpPost += "Content-Type: application/x-www-form-urlencoded"; |
| IanBenzMaxim | 1:e1c7c1c636af | 228 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 229 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 230 | // Add post body |
| IanBenzMaxim | 1:e1c7c1c636af | 231 | httpPost.append(reinterpret_cast<char *>(&hashInput[challengeLen]), hashInput.size() - challengeLen); |
| IanBenzMaxim | 1:e1c7c1c636af | 232 | // Convert hash to hex string and add to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 233 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 234 | httpPost += "MAC"; |
| IanBenzMaxim | 1:e1c7c1c636af | 235 | httpPost += keyValSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 236 | byteArrayToHexString(mac, mac.length, httpPost); |
| IanBenzMaxim | 1:e1c7c1c636af | 237 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 238 | |
| IanBenzMaxim | 1:e1c7c1c636af | 239 | return httpPost; |
| IanBenzMaxim | 1:e1c7c1c636af | 240 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 241 | |
| IanBenzMaxim | 1:e1c7c1c636af | 242 | bool WebServerInterface::authPostHttpEvent(ISha256MacCoprocessor & macCoproc, PostEvent event, const std::string & postData, bool setSecret) |
| IanBenzMaxim | 1:e1c7c1c636af | 243 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 244 | const std::string challengeSearch(newline + newline); |
| IanBenzMaxim | 1:e1c7c1c636af | 245 | bool result; |
| IanBenzMaxim | 1:e1c7c1c636af | 246 | std::uint8_t challenge[challengeLen]; |
| IanBenzMaxim | 1:e1c7c1c636af | 247 | std::string response; |
| IanBenzMaxim | 1:e1c7c1c636af | 248 | |
| IanBenzMaxim | 1:e1c7c1c636af | 249 | std::memset(challenge, defaultPaddingByte, challengeLen); |
| IanBenzMaxim | 1:e1c7c1c636af | 250 | response.reserve(300); |
| IanBenzMaxim | 1:e1c7c1c636af | 251 | |
| IanBenzMaxim | 1:e1c7c1c636af | 252 | if (setSecret) |
| IanBenzMaxim | 1:e1c7c1c636af | 253 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 254 | result = setHttpPostSecret(macCoproc); |
| IanBenzMaxim | 1:e1c7c1c636af | 255 | if (!result) |
| IanBenzMaxim | 1:e1c7c1c636af | 256 | return result; |
| IanBenzMaxim | 1:e1c7c1c636af | 257 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 258 | |
| IanBenzMaxim | 1:e1c7c1c636af | 259 | // Open connection |
| IanBenzMaxim | 1:e1c7c1c636af | 260 | esp8266.clearRecvData(); // Clear received data buffer |
| IanBenzMaxim | 1:e1c7c1c636af | 261 | result = (esp8266.openConnection(ESP8266::TCP, serverAddress, 80) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 262 | if (result) |
| IanBenzMaxim | 1:e1c7c1c636af | 263 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 264 | // Request challenge |
| IanBenzMaxim | 1:e1c7c1c636af | 265 | result = (esp8266.sendData(formatHttpGet(serverAddress, serverChallengePath, sessionId)) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 266 | if (result) |
| IanBenzMaxim | 1:e1c7c1c636af | 267 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 268 | // Receive server response |
| IanBenzMaxim | 1:e1c7c1c636af | 269 | for (int i = 0; i < 10; i++) |
| IanBenzMaxim | 1:e1c7c1c636af | 270 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 271 | while (esp8266.recvIpDataReadable()) |
| IanBenzMaxim | 1:e1c7c1c636af | 272 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 273 | char read = esp8266.getcRecvIpData(); |
| IanBenzMaxim | 1:e1c7c1c636af | 274 | if (pc != NULL) |
| IanBenzMaxim | 1:e1c7c1c636af | 275 | pc->putc(read); |
| IanBenzMaxim | 1:e1c7c1c636af | 276 | if (response.length() < response.capacity()) |
| IanBenzMaxim | 1:e1c7c1c636af | 277 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 278 | response += read; |
| IanBenzMaxim | 1:e1c7c1c636af | 279 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 280 | else |
| IanBenzMaxim | 1:e1c7c1c636af | 281 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 282 | wait_ms(ESP8266::sendDataRecoveryTimeMs); // Wait for ESP8266 specified recovery time |
| IanBenzMaxim | 1:e1c7c1c636af | 283 | goto close_get_connection; |
| IanBenzMaxim | 1:e1c7c1c636af | 284 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 285 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 286 | wait_ms(100); |
| IanBenzMaxim | 1:e1c7c1c636af | 287 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 288 | // Close connection |
| IanBenzMaxim | 1:e1c7c1c636af | 289 | close_get_connection: |
| IanBenzMaxim | 1:e1c7c1c636af | 290 | esp8266.closeConnection(); |
| IanBenzMaxim | 1:e1c7c1c636af | 291 | |
| IanBenzMaxim | 1:e1c7c1c636af | 292 | // Parse challenge from response |
| IanBenzMaxim | 1:e1c7c1c636af | 293 | std::size_t challengePos = response.find(challengeSearch); |
| IanBenzMaxim | 1:e1c7c1c636af | 294 | if ((challengePos != std::string::npos) && ((challengePos + challengeSearch.length() + (challengeLen * charsPerByte)) <= response.length())) |
| IanBenzMaxim | 1:e1c7c1c636af | 295 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 296 | challengePos += challengeSearch.length(); |
| IanBenzMaxim | 1:e1c7c1c636af | 297 | for (std::size_t i = 0; i < challengeLen; i++) |
| IanBenzMaxim | 1:e1c7c1c636af | 298 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 299 | std::sscanf(response.substr(challengePos + (i * charsPerByte), charsPerByte).c_str(), "%2hhx", &challenge[i]); |
| IanBenzMaxim | 1:e1c7c1c636af | 300 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 301 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 302 | |
| IanBenzMaxim | 1:e1c7c1c636af | 303 | // Post sensor data |
| IanBenzMaxim | 1:e1c7c1c636af | 304 | result = (esp8266.openConnection(ESP8266::TCP, serverAddress, 80) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 305 | if (result) |
| IanBenzMaxim | 1:e1c7c1c636af | 306 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 307 | result = (esp8266.sendData(formatHttpPost(serverAddress, serverPostPath, sessionId, macCoproc, event, postData, challenge)) == ESP8266::AT_OK); |
| IanBenzMaxim | 1:e1c7c1c636af | 308 | wait_ms(ESP8266::sendDataRecoveryTimeMs); // Wait for ESP8266 specified recovery time |
| IanBenzMaxim | 1:e1c7c1c636af | 309 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 310 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 311 | |
| IanBenzMaxim | 1:e1c7c1c636af | 312 | // Close connection |
| IanBenzMaxim | 1:e1c7c1c636af | 313 | esp8266.closeConnection(); |
| IanBenzMaxim | 1:e1c7c1c636af | 314 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 315 | |
| IanBenzMaxim | 1:e1c7c1c636af | 316 | return result; |
| IanBenzMaxim | 1:e1c7c1c636af | 317 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 318 | |
| IanBenzMaxim | 1:e1c7c1c636af | 319 | std::string WebServerInterface::formatSensorDataPostBody(const SensorData & sensorData) |
| IanBenzMaxim | 1:e1c7c1c636af | 320 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 321 | // Create initial post body string from input data |
| IanBenzMaxim | 1:e1c7c1c636af | 322 | std::ostringstream postBodyStream; |
| IanBenzMaxim | 1:e1c7c1c636af | 323 | postBodyStream << "Temp" << keyValSeparator << static_cast<int>(sensorData.temp); |
| IanBenzMaxim | 1:e1c7c1c636af | 324 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 325 | postBodyStream << "FilterLife" << keyValSeparator << static_cast<unsigned>(sensorData.filterLife); |
| IanBenzMaxim | 1:e1c7c1c636af | 326 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 327 | postBodyStream << "TempAlarm" << keyValSeparator << (sensorData.tempAlarm() ? "true" : "false"); |
| IanBenzMaxim | 1:e1c7c1c636af | 328 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 329 | postBodyStream << "FilterLifeAlarm" << keyValSeparator << (sensorData.filterLifeAlarm() ? "true" : "false"); |
| IanBenzMaxim | 1:e1c7c1c636af | 330 | return postBodyStream.str(); |
| IanBenzMaxim | 1:e1c7c1c636af | 331 | } |
Repository toolbox
| Export to desktop IDE |
| Build repository |
Repository details
| Type: | Program |
|---|---|
| Mbed OS support: | Mbed 2 deprecated |
| Created: | 13 Apr 2016 |
| Imports: | 94 |
| Forks: | 0 |
| Commits: | 36 |
| Dependents: | 0 |
| Dependencies: | 2 |
| Followers: | 65 |
MAXREFDES143#: DeepCover Embedded Security in IoT Authenticated Sensing & Notification