Maxim Integrated
MAXREFDES143#: DeepCover Embedded Security in IoT Authenticated Sensing & Notification
Dependencies: MaximInterface mbed
The MAXREFDES143# is an Internet of Things (IoT) embedded security reference design, built to protect an industrial sensing node by means of authentication and notification to a web server. The hardware includes a peripheral module representing a protected sensor node monitoring operating temperature and remaining life of a filter (simulated through ambient light sensing) and an mbed shield representing a controller node responsible for monitoring one or more sensor nodes. The design is hierarchical with each controller node communicating data from connected sensor nodes to a web server that maintains a centralized log and dispatches notifications as necessary. The mbed shield contains a Wi-Fi module, a DS2465 coprocessor with 1-Wire® master function, an LCD, LEDs, and pushbuttons. The protected sensor node contains a DS28E15 authenticator, a DS7505 temperature sensor, and a MAX44009 light sensor. The mbed shield communicates to a web server by the onboard Wi-Fi module and to the protected sensor node with I2C and 1-Wire. The MAXREFDES143# is equipped with a standard shield connector for immediate testing using an mbed board such as the MAX32600MBED#. The simplicity of this design enables rapid integration into any star-topology IoT network requiring the heightened security with low overhead provided by the SHA-256 symmetric-key algorithm.
More information about the MAXREFDES143# is available on the Maxim Integrated website.
WebServerInterface.cpp@28:e5cdaf13d299, 2017-01-26 (annotated)
- Committer:
- IanBenzMaxim
- Date:
- Thu Jan 26 14:18:21 2017 -0600
- Revision:
- 28:e5cdaf13d299
- Parent:
- 27:81a87d29bedd
- Child:
- 29:590a7561318b
Migrated the web interface to the mbed 5 networking stack to improve system compatibility.
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| IanBenzMaxim | 1:e1c7c1c636af | 1 | /******************************************************************************* |
| IanBenzMaxim | 1:e1c7c1c636af | 2 | * Copyright (C) 2016 Maxim Integrated Products, Inc., All Rights Reserved. |
| IanBenzMaxim | 1:e1c7c1c636af | 3 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 4 | * Permission is hereby granted, free of charge, to any person obtaining a |
| IanBenzMaxim | 1:e1c7c1c636af | 5 | * copy of this software and associated documentation files (the "Software"), |
| IanBenzMaxim | 1:e1c7c1c636af | 6 | * to deal in the Software without restriction, including without limitation |
| IanBenzMaxim | 1:e1c7c1c636af | 7 | * the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| IanBenzMaxim | 1:e1c7c1c636af | 8 | * and/or sell copies of the Software, and to permit persons to whom the |
| IanBenzMaxim | 1:e1c7c1c636af | 9 | * Software is furnished to do so, subject to the following conditions: |
| IanBenzMaxim | 1:e1c7c1c636af | 10 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 11 | * The above copyright notice and this permission notice shall be included |
| IanBenzMaxim | 1:e1c7c1c636af | 12 | * in all copies or substantial portions of the Software. |
| IanBenzMaxim | 1:e1c7c1c636af | 13 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 14 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
| IanBenzMaxim | 1:e1c7c1c636af | 15 | * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| IanBenzMaxim | 1:e1c7c1c636af | 16 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
| IanBenzMaxim | 1:e1c7c1c636af | 17 | * IN NO EVENT SHALL MAXIM INTEGRATED BE LIABLE FOR ANY CLAIM, DAMAGES |
| IanBenzMaxim | 1:e1c7c1c636af | 18 | * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, |
| IanBenzMaxim | 1:e1c7c1c636af | 19 | * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR |
| IanBenzMaxim | 1:e1c7c1c636af | 20 | * OTHER DEALINGS IN THE SOFTWARE. |
| IanBenzMaxim | 1:e1c7c1c636af | 21 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 22 | * Except as contained in this notice, the name of Maxim Integrated |
| IanBenzMaxim | 1:e1c7c1c636af | 23 | * Products, Inc. shall not be used except as stated in the Maxim Integrated |
| IanBenzMaxim | 1:e1c7c1c636af | 24 | * Products, Inc. Branding Policy. |
| IanBenzMaxim | 1:e1c7c1c636af | 25 | * |
| IanBenzMaxim | 1:e1c7c1c636af | 26 | * The mere transfer of this software does not imply any licenses |
| IanBenzMaxim | 1:e1c7c1c636af | 27 | * of trade secrets, proprietary technology, copyrights, patents, |
| IanBenzMaxim | 1:e1c7c1c636af | 28 | * trademarks, maskwork rights, or any other form of intellectual |
| IanBenzMaxim | 1:e1c7c1c636af | 29 | * property whatsoever. Maxim Integrated Products, Inc. retains all |
| IanBenzMaxim | 1:e1c7c1c636af | 30 | * ownership rights. |
| IanBenzMaxim | 1:e1c7c1c636af | 31 | ******************************************************************************* |
| IanBenzMaxim | 1:e1c7c1c636af | 32 | */ |
| IanBenzMaxim | 1:e1c7c1c636af | 33 | |
| IanBenzMaxim | 28:e5cdaf13d299 | 34 | #include <sstream> |
| IanBenzMaxim | 1:e1c7c1c636af | 35 | #include <vector> |
| IanBenzMaxim | 1:e1c7c1c636af | 36 | #include "WebServerInterface.hpp" |
| IanBenzMaxim | 28:e5cdaf13d299 | 37 | #include "NetworkStack.h" |
| IanBenzMaxim | 28:e5cdaf13d299 | 38 | #include "TCPSocket.h" |
| IanBenzMaxim | 16:6bce01c1dd90 | 39 | #include "Slaves/Authenticators/ISha256MacCoproc.h" |
| IanBenzMaxim | 25:37ea43ff81be | 40 | #include "SensorData.hpp" |
| IanBenzMaxim | 25:37ea43ff81be | 41 | #include "HexConversions.hpp" |
| IanBenzMaxim | 6:b6bafd0a7013 | 42 | #include "Serial.h" |
| IanBenzMaxim | 6:b6bafd0a7013 | 43 | #include "wait_api.h" |
| IanBenzMaxim | 6:b6bafd0a7013 | 44 | |
| IanBenzMaxim | 8:594529956266 | 45 | using OneWire::ISha256MacCoproc; |
| IanBenzMaxim | 1:e1c7c1c636af | 46 | |
| IanBenzMaxim | 12:5f8727ba1493 | 47 | const char WebServerInterface::serverAddress[] = "www.mxim-security.us"; |
| IanBenzMaxim | 3:ac723be395d9 | 48 | const unsigned int WebServerInterface::serverPort = 80; |
| IanBenzMaxim | 1:e1c7c1c636af | 49 | const char WebServerInterface::serverPostPath[] = "/post.php"; |
| IanBenzMaxim | 1:e1c7c1c636af | 50 | const char WebServerInterface::serverChallengePath[] = "/challenge.php"; |
| IanBenzMaxim | 1:e1c7c1c636af | 51 | |
| IanBenzMaxim | 1:e1c7c1c636af | 52 | // HTTP formatting constants |
| IanBenzMaxim | 1:e1c7c1c636af | 53 | static const char keyValSeparator = '='; |
| IanBenzMaxim | 1:e1c7c1c636af | 54 | static const char fieldSeparator = '&'; |
| IanBenzMaxim | 1:e1c7c1c636af | 55 | static const std::string newline = "\r\n"; |
| IanBenzMaxim | 1:e1c7c1c636af | 56 | static const char sessionIdKey[] = "SessionId"; |
| IanBenzMaxim | 1:e1c7c1c636af | 57 | |
| IanBenzMaxim | 1:e1c7c1c636af | 58 | // Authentication MAC constants |
| IanBenzMaxim | 6:b6bafd0a7013 | 59 | static const size_t challengeLen = 32; |
| IanBenzMaxim | 6:b6bafd0a7013 | 60 | static const uint8_t defaultPaddingByte = 0x00; |
| IanBenzMaxim | 1:e1c7c1c636af | 61 | |
| IanBenzMaxim | 1:e1c7c1c636af | 62 | /// Select the Transport Secret for the web server in the Controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 63 | /// @returns True on success. |
| IanBenzMaxim | 25:37ea43ff81be | 64 | static bool setHttpPostSecret(ISha256MacCoproc & MacCoproc, const OneWire::RomId & sessionId) |
| IanBenzMaxim | 1:e1c7c1c636af | 65 | { |
| IanBenzMaxim | 25:37ea43ff81be | 66 | ISha256MacCoproc::DevicePage fillData; |
| IanBenzMaxim | 25:37ea43ff81be | 67 | fillData.fill(defaultPaddingByte); |
| IanBenzMaxim | 25:37ea43ff81be | 68 | ISha256MacCoproc::SlaveSecretData secretData; |
| IanBenzMaxim | 25:37ea43ff81be | 69 | secretData.fill(defaultPaddingByte); |
| IanBenzMaxim | 25:37ea43ff81be | 70 | std::copy(sessionId.buffer.begin(), sessionId.buffer.end(), secretData.begin()); |
| IanBenzMaxim | 25:37ea43ff81be | 71 | return (MacCoproc.computeSlaveSecret(fillData, fillData, secretData) == ISha256MacCoproc::Success); |
| IanBenzMaxim | 1:e1c7c1c636af | 72 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 73 | |
| IanBenzMaxim | 1:e1c7c1c636af | 74 | /// Format an HTTP GET request as a string for transmission. |
| IanBenzMaxim | 1:e1c7c1c636af | 75 | /// @param host Web server address. |
| IanBenzMaxim | 1:e1c7c1c636af | 76 | /// @param path Web server location to retrieve. |
| IanBenzMaxim | 1:e1c7c1c636af | 77 | /// @param sessionId Session ID used to identify this controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 78 | /// @returns GET request string. |
| IanBenzMaxim | 1:e1c7c1c636af | 79 | static std::string formatHttpGet(const std::string & host, const std::string & path, const std::string & sessionId) |
| IanBenzMaxim | 1:e1c7c1c636af | 80 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 81 | std::ostringstream httpGetStream; |
| IanBenzMaxim | 1:e1c7c1c636af | 82 | httpGetStream << "GET " << path; |
| IanBenzMaxim | 1:e1c7c1c636af | 83 | if (sessionId.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 84 | httpGetStream << '?' << sessionIdKey << keyValSeparator << sessionId; |
| IanBenzMaxim | 1:e1c7c1c636af | 85 | httpGetStream << " HTTP/1.1" << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 86 | httpGetStream << "Host: " << host << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 87 | httpGetStream << newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 88 | return httpGetStream.str(); |
| IanBenzMaxim | 1:e1c7c1c636af | 89 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 90 | |
| IanBenzMaxim | 1:e1c7c1c636af | 91 | /// Computes a MAC using the Transport Secret to sign HTTP POST requests. |
| IanBenzMaxim | 1:e1c7c1c636af | 92 | /// @param macCoproc Coprocessor such as the DS2465 used to calculate the authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 93 | /// @param input Message array used for MAC calculation. |
| IanBenzMaxim | 1:e1c7c1c636af | 94 | /// @param ilen Length of array input. |
| IanBenzMaxim | 1:e1c7c1c636af | 95 | /// @param output Calculated MAC output. |
| IanBenzMaxim | 6:b6bafd0a7013 | 96 | static void calculateHttpPostMac(const ISha256MacCoproc & macCoproc, const uint8_t * input, size_t ilen, ISha256MacCoproc::Mac & output) |
| IanBenzMaxim | 1:e1c7c1c636af | 97 | { |
| IanBenzMaxim | 6:b6bafd0a7013 | 98 | ISha256MacCoproc::DeviceScratchpad block; |
| IanBenzMaxim | 6:b6bafd0a7013 | 99 | size_t index = 0; |
| IanBenzMaxim | 6:b6bafd0a7013 | 100 | ISha256MacCoproc::AuthMacData padding; |
| IanBenzMaxim | 25:37ea43ff81be | 101 | padding.fill(defaultPaddingByte); |
| IanBenzMaxim | 25:37ea43ff81be | 102 | output.fill(defaultPaddingByte); // Set initial hash value |
| IanBenzMaxim | 1:e1c7c1c636af | 103 | while (index < ilen) |
| IanBenzMaxim | 1:e1c7c1c636af | 104 | { |
| IanBenzMaxim | 25:37ea43ff81be | 105 | if ((index + block.size()) <= ilen) // Full block |
| IanBenzMaxim | 1:e1c7c1c636af | 106 | { |
| IanBenzMaxim | 25:37ea43ff81be | 107 | std::memcpy(block.data(), &input[index], block.size()); |
| IanBenzMaxim | 25:37ea43ff81be | 108 | index += block.size(); |
| IanBenzMaxim | 1:e1c7c1c636af | 109 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 110 | else // Partial block with padding |
| IanBenzMaxim | 1:e1c7c1c636af | 111 | { |
| IanBenzMaxim | 25:37ea43ff81be | 112 | std::memcpy(block.data(), &input[index], ilen - index); |
| IanBenzMaxim | 25:37ea43ff81be | 113 | std::memset(&block[ilen - index], defaultPaddingByte, block.size() - (ilen - index)); |
| IanBenzMaxim | 1:e1c7c1c636af | 114 | index = ilen; |
| IanBenzMaxim | 1:e1c7c1c636af | 115 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 116 | // Write data to coprocessor and hash block |
| IanBenzMaxim | 1:e1c7c1c636af | 117 | macCoproc.computeAuthMac(output, block, padding, output); |
| IanBenzMaxim | 1:e1c7c1c636af | 118 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 119 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 120 | |
| IanBenzMaxim | 1:e1c7c1c636af | 121 | /// Format an HTTP POST request as a string for transmission. |
| IanBenzMaxim | 1:e1c7c1c636af | 122 | /// @param host Web server address. |
| IanBenzMaxim | 1:e1c7c1c636af | 123 | /// @param path Web server location to receive POST. |
| IanBenzMaxim | 1:e1c7c1c636af | 124 | /// @param sessionId Session ID used to identify this Controller. |
| IanBenzMaxim | 1:e1c7c1c636af | 125 | /// @param macCoproc Coprocessor such as the DS2465 used to calculate the authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 126 | /// @param event Event message type. |
| IanBenzMaxim | 1:e1c7c1c636af | 127 | /// @param initialPostBody Message body as determined by the event message type. |
| IanBenzMaxim | 1:e1c7c1c636af | 128 | /// @param challenge Challenge previously received from web server for use in authentication MAC. |
| IanBenzMaxim | 1:e1c7c1c636af | 129 | /// @returns POST request string. |
| IanBenzMaxim | 1:e1c7c1c636af | 130 | static std::string formatHttpPost(const std::string & host, const std::string & path, const std::string & sessionId, |
| IanBenzMaxim | 6:b6bafd0a7013 | 131 | const ISha256MacCoproc & macCoproc, PostEvent event, const std::string & initialPostBody, |
| IanBenzMaxim | 6:b6bafd0a7013 | 132 | const uint8_t (&challenge)[challengeLen]) |
| IanBenzMaxim | 1:e1c7c1c636af | 133 | { |
| IanBenzMaxim | 6:b6bafd0a7013 | 134 | const size_t headerReserve = 115, bodyReserve = 200; |
| IanBenzMaxim | 1:e1c7c1c636af | 135 | |
| IanBenzMaxim | 1:e1c7c1c636af | 136 | std::string httpPost; |
| IanBenzMaxim | 1:e1c7c1c636af | 137 | httpPost.reserve(initialPostBody.length() + headerReserve + bodyReserve); |
| IanBenzMaxim | 1:e1c7c1c636af | 138 | |
| IanBenzMaxim | 1:e1c7c1c636af | 139 | // Add session ID to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 140 | if (sessionId.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 141 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 142 | httpPost += sessionIdKey; |
| IanBenzMaxim | 1:e1c7c1c636af | 143 | httpPost += keyValSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 144 | httpPost += sessionId; |
| IanBenzMaxim | 1:e1c7c1c636af | 145 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 146 | |
| IanBenzMaxim | 1:e1c7c1c636af | 147 | // Add event to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 148 | std::string eventString; |
| IanBenzMaxim | 1:e1c7c1c636af | 149 | switch (event) |
| IanBenzMaxim | 1:e1c7c1c636af | 150 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 151 | case SensorDataEvent: |
| IanBenzMaxim | 1:e1c7c1c636af | 152 | eventString = "SensorData"; |
| IanBenzMaxim | 1:e1c7c1c636af | 153 | break; |
| IanBenzMaxim | 1:e1c7c1c636af | 154 | |
| IanBenzMaxim | 1:e1c7c1c636af | 155 | case InvalidSensorEvent: |
| IanBenzMaxim | 1:e1c7c1c636af | 156 | eventString = "InvalidSensor"; |
| IanBenzMaxim | 1:e1c7c1c636af | 157 | break; |
| IanBenzMaxim | 1:e1c7c1c636af | 158 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 159 | if (eventString.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 160 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 161 | if (httpPost.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 162 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 163 | httpPost += "Event"; |
| IanBenzMaxim | 1:e1c7c1c636af | 164 | httpPost += keyValSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 165 | httpPost += eventString; |
| IanBenzMaxim | 1:e1c7c1c636af | 166 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 167 | |
| IanBenzMaxim | 1:e1c7c1c636af | 168 | // Add initial post body |
| IanBenzMaxim | 1:e1c7c1c636af | 169 | if (initialPostBody.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 170 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 171 | if (httpPost.length() > 0) |
| IanBenzMaxim | 1:e1c7c1c636af | 172 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 173 | httpPost += initialPostBody; |
| IanBenzMaxim | 1:e1c7c1c636af | 174 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 175 | |
| IanBenzMaxim | 1:e1c7c1c636af | 176 | // Combine initial post body with initial secret and hash |
| IanBenzMaxim | 6:b6bafd0a7013 | 177 | std::vector<uint8_t> hashInput; |
| IanBenzMaxim | 1:e1c7c1c636af | 178 | hashInput.reserve(challengeLen + httpPost.length()); |
| IanBenzMaxim | 25:37ea43ff81be | 179 | hashInput.assign(challenge, challenge + challengeLen); |
| IanBenzMaxim | 1:e1c7c1c636af | 180 | hashInput.insert(hashInput.end(), httpPost.begin(), httpPost.end()); |
| IanBenzMaxim | 6:b6bafd0a7013 | 181 | ISha256MacCoproc::Mac mac; |
| IanBenzMaxim | 1:e1c7c1c636af | 182 | calculateHttpPostMac(macCoproc, &hashInput[0], hashInput.size(), mac); |
| IanBenzMaxim | 1:e1c7c1c636af | 183 | |
| IanBenzMaxim | 1:e1c7c1c636af | 184 | char contentLen[5]; |
| IanBenzMaxim | 25:37ea43ff81be | 185 | snprintf(contentLen, sizeof(contentLen) / sizeof(contentLen[0]), "%u", (hashInput.size() - challengeLen) + (mac.size() * charsPerByte) + 5 /* &MAC= */); |
| IanBenzMaxim | 1:e1c7c1c636af | 186 | |
| IanBenzMaxim | 1:e1c7c1c636af | 187 | // Construct full post request |
| IanBenzMaxim | 1:e1c7c1c636af | 188 | httpPost = ""; |
| IanBenzMaxim | 1:e1c7c1c636af | 189 | httpPost += "POST "; |
| IanBenzMaxim | 1:e1c7c1c636af | 190 | httpPost += path; |
| IanBenzMaxim | 1:e1c7c1c636af | 191 | httpPost += " HTTP/1.1"; |
| IanBenzMaxim | 1:e1c7c1c636af | 192 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 193 | httpPost += "Host: "; |
| IanBenzMaxim | 1:e1c7c1c636af | 194 | httpPost += host; |
| IanBenzMaxim | 1:e1c7c1c636af | 195 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 196 | httpPost += "Accept: */*"; |
| IanBenzMaxim | 1:e1c7c1c636af | 197 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 198 | httpPost += "Content-Length: "; |
| IanBenzMaxim | 1:e1c7c1c636af | 199 | httpPost += contentLen; |
| IanBenzMaxim | 1:e1c7c1c636af | 200 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 201 | httpPost += "Content-Type: application/x-www-form-urlencoded"; |
| IanBenzMaxim | 1:e1c7c1c636af | 202 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 203 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 204 | // Add post body |
| IanBenzMaxim | 1:e1c7c1c636af | 205 | httpPost.append(reinterpret_cast<char *>(&hashInput[challengeLen]), hashInput.size() - challengeLen); |
| IanBenzMaxim | 1:e1c7c1c636af | 206 | // Convert hash to hex string and add to post body |
| IanBenzMaxim | 1:e1c7c1c636af | 207 | httpPost += fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 208 | httpPost += "MAC"; |
| IanBenzMaxim | 1:e1c7c1c636af | 209 | httpPost += keyValSeparator; |
| IanBenzMaxim | 25:37ea43ff81be | 210 | byteArrayToHexString(mac.data(), mac.size(), httpPost); |
| IanBenzMaxim | 1:e1c7c1c636af | 211 | httpPost += newline; |
| IanBenzMaxim | 1:e1c7c1c636af | 212 | |
| IanBenzMaxim | 1:e1c7c1c636af | 213 | return httpPost; |
| IanBenzMaxim | 1:e1c7c1c636af | 214 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 215 | |
| IanBenzMaxim | 6:b6bafd0a7013 | 216 | bool WebServerInterface::authPostHttpEvent(ISha256MacCoproc & macCoproc, PostEvent event, const std::string & postData, bool setSecret) |
| IanBenzMaxim | 1:e1c7c1c636af | 217 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 218 | bool result; |
| IanBenzMaxim | 1:e1c7c1c636af | 219 | |
| IanBenzMaxim | 1:e1c7c1c636af | 220 | if (setSecret) |
| IanBenzMaxim | 1:e1c7c1c636af | 221 | { |
| IanBenzMaxim | 25:37ea43ff81be | 222 | result = setHttpPostSecret(macCoproc, m_sessionId); |
| IanBenzMaxim | 1:e1c7c1c636af | 223 | if (!result) |
| IanBenzMaxim | 1:e1c7c1c636af | 224 | return result; |
| IanBenzMaxim | 1:e1c7c1c636af | 225 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 226 | |
| IanBenzMaxim | 1:e1c7c1c636af | 227 | // Open connection |
| IanBenzMaxim | 28:e5cdaf13d299 | 228 | TCPSocket socket(&networkStack); |
| IanBenzMaxim | 28:e5cdaf13d299 | 229 | result = (socket.connect(serverAddress, 80) == 0); |
| IanBenzMaxim | 1:e1c7c1c636af | 230 | if (result) |
| IanBenzMaxim | 1:e1c7c1c636af | 231 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 232 | // Request challenge |
| IanBenzMaxim | 28:e5cdaf13d299 | 233 | std::string httpData = formatHttpGet(serverAddress, serverChallengePath, m_sessionIdString); |
| IanBenzMaxim | 28:e5cdaf13d299 | 234 | result = (socket.send(httpData.data(), httpData.size()) == httpData.size()); |
| IanBenzMaxim | 1:e1c7c1c636af | 235 | if (result) |
| IanBenzMaxim | 1:e1c7c1c636af | 236 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 237 | // Receive server response |
| IanBenzMaxim | 28:e5cdaf13d299 | 238 | int recvResult = socket.recv(recvBuf, sizeof(recvBuf) / sizeof(recvBuf[0])); |
| IanBenzMaxim | 28:e5cdaf13d299 | 239 | result = recvResult > 0; |
| IanBenzMaxim | 28:e5cdaf13d299 | 240 | |
| IanBenzMaxim | 28:e5cdaf13d299 | 241 | if (result) |
| IanBenzMaxim | 28:e5cdaf13d299 | 242 | { |
| IanBenzMaxim | 28:e5cdaf13d299 | 243 | // Parse challenge from response |
| IanBenzMaxim | 28:e5cdaf13d299 | 244 | const std::string challengeSearch(newline + newline); |
| IanBenzMaxim | 28:e5cdaf13d299 | 245 | httpData.assign(recvBuf, recvResult); |
| IanBenzMaxim | 28:e5cdaf13d299 | 246 | size_t challengePos = httpData.find(challengeSearch); |
| IanBenzMaxim | 28:e5cdaf13d299 | 247 | if ((challengePos != std::string::npos) && ((challengePos + challengeSearch.length() + (challengeLen * charsPerByte)) <= httpData.length())) |
| IanBenzMaxim | 1:e1c7c1c636af | 248 | { |
| IanBenzMaxim | 28:e5cdaf13d299 | 249 | uint8_t challenge[challengeLen]; |
| IanBenzMaxim | 28:e5cdaf13d299 | 250 | challengePos += challengeSearch.length(); |
| IanBenzMaxim | 28:e5cdaf13d299 | 251 | for (size_t i = 0; i < challengeLen; i++) |
| IanBenzMaxim | 1:e1c7c1c636af | 252 | { |
| IanBenzMaxim | 28:e5cdaf13d299 | 253 | std::sscanf(httpData.substr(challengePos + (i * charsPerByte), charsPerByte).c_str(), "%2hhx", &challenge[i]); |
| IanBenzMaxim | 1:e1c7c1c636af | 254 | } |
| IanBenzMaxim | 28:e5cdaf13d299 | 255 | |
| IanBenzMaxim | 28:e5cdaf13d299 | 256 | // Post sensor data |
| IanBenzMaxim | 28:e5cdaf13d299 | 257 | httpData = formatHttpPost(serverAddress, serverPostPath, m_sessionIdString, macCoproc, event, postData, challenge); |
| IanBenzMaxim | 28:e5cdaf13d299 | 258 | result = (socket.send(httpData.data(), httpData.size()) == httpData.size()); |
| IanBenzMaxim | 28:e5cdaf13d299 | 259 | if (result) |
| IanBenzMaxim | 1:e1c7c1c636af | 260 | { |
| IanBenzMaxim | 28:e5cdaf13d299 | 261 | result = (socket.recv(recvBuf, sizeof(recvBuf) / sizeof(recvBuf[0])) >= 0); |
| IanBenzMaxim | 1:e1c7c1c636af | 262 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 263 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 264 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 265 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 266 | |
| IanBenzMaxim | 1:e1c7c1c636af | 267 | // Close connection |
| IanBenzMaxim | 28:e5cdaf13d299 | 268 | socket.close(); |
| IanBenzMaxim | 1:e1c7c1c636af | 269 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 270 | |
| IanBenzMaxim | 1:e1c7c1c636af | 271 | return result; |
| IanBenzMaxim | 1:e1c7c1c636af | 272 | } |
| IanBenzMaxim | 1:e1c7c1c636af | 273 | |
| IanBenzMaxim | 1:e1c7c1c636af | 274 | std::string WebServerInterface::formatSensorDataPostBody(const SensorData & sensorData) |
| IanBenzMaxim | 1:e1c7c1c636af | 275 | { |
| IanBenzMaxim | 1:e1c7c1c636af | 276 | // Create initial post body string from input data |
| IanBenzMaxim | 1:e1c7c1c636af | 277 | std::ostringstream postBodyStream; |
| IanBenzMaxim | 1:e1c7c1c636af | 278 | postBodyStream << "Temp" << keyValSeparator << static_cast<int>(sensorData.temp); |
| IanBenzMaxim | 1:e1c7c1c636af | 279 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 280 | postBodyStream << "FilterLife" << keyValSeparator << static_cast<unsigned>(sensorData.filterLife); |
| IanBenzMaxim | 1:e1c7c1c636af | 281 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 282 | postBodyStream << "TempAlarm" << keyValSeparator << (sensorData.tempAlarm() ? "true" : "false"); |
| IanBenzMaxim | 1:e1c7c1c636af | 283 | postBodyStream << fieldSeparator; |
| IanBenzMaxim | 1:e1c7c1c636af | 284 | postBodyStream << "FilterLifeAlarm" << keyValSeparator << (sensorData.filterLifeAlarm() ? "true" : "false"); |
| IanBenzMaxim | 1:e1c7c1c636af | 285 | return postBodyStream.str(); |
| IanBenzMaxim | 25:37ea43ff81be | 286 | } |
| IanBenzMaxim | 25:37ea43ff81be | 287 | |
| IanBenzMaxim | 25:37ea43ff81be | 288 | void WebServerInterface::setSessionId(const OneWire::RomId & sessionId) |
| IanBenzMaxim | 25:37ea43ff81be | 289 | { |
| IanBenzMaxim | 25:37ea43ff81be | 290 | m_sessionIdString = byteArrayToHexString(sessionId.buffer.data(), sessionId.buffer.size()); |
| IanBenzMaxim | 25:37ea43ff81be | 291 | m_sessionId = sessionId; |
| IanBenzMaxim | 1:e1c7c1c636af | 292 | } |
Repository toolbox
| Export to desktop IDE |
| Build repository |
Repository details
| Type: | Program |
|---|---|
| Mbed OS support: | Mbed 2 deprecated |
| Created: | 13 Apr 2016 |
| Imports: | 94 |
| Forks: | 0 |
| Commits: | 36 |
| Dependents: | 0 |
| Dependencies: | 2 |
| Followers: | 65 |
MAXREFDES143#: DeepCover Embedded Security in IoT Authenticated Sensing & Notification