From 01b0e56804c98f732ce45199a94deff9c79d04ca Mon Sep 17 00:00:00 2001 From: Mithras Date: Mon, 6 Apr 2020 16:37:01 +0200 Subject: [PATCH] 0.1.0 --- components/ca/ca.c | 29 +++++++----- components/https_server/certs/cacert.pem | 35 ++++++++------- components/https_server/certs/prvtkey.pem | 55 +++++++++++------------ components/https_server/https_server.c | 50 ++++++++++++++++++--- main/main.c | 10 +++-- 5 files changed, 112 insertions(+), 67 deletions(-) diff --git a/components/ca/ca.c b/components/ca/ca.c index 79624a4..cd0afa1 100644 --- a/components/ca/ca.c +++ b/components/ca/ca.c @@ -524,23 +524,28 @@ static int connect( int argc, char *argv[] ) fflush( stdout ); FILE* f; - f = fopen( opt.serial, "w+" ); - - //Nacitavanie serioveho cisla do premennej typu mpi zo suboru - if( ( ret = mbedtls_mpi_read_file(&serial,10,f) ) != 0 ) - {//ak subor neexistuje tak sa nacita seriove cislo zo stringu "1" - mbedtls_mpi_read_string( &serial, 10, "1"); - // mbedtls_strerror( ret, buf, 1024 ); - // mbedtls_printf( " failed\n ! mbedtls_mpi_read_string " - // "returned -0x%04x - %s\n\n", -ret, buf ); - //goto exit; + f = fopen( opt.serial, "r" ); + if(f){ + mbedtls_mpi_read_file(&serial,10,f); + }else + { + fclose(f); + fopen(opt.serial,"w"); + mbedtls_mpi_read_string( &serial, 10, "0"); + } + + fclose(f); + + /*Zvysenie serioveho cisla o +1*/ mbedtls_mpi_add_int(&serial,&serial,1); /*Zapis serioveho cisla do suboru*/ - mbedtls_mpi_write_file(NULL,&serial,10,f); - fclose( f ); + f = fopen( opt.serial, "w" ); + mbedtls_mpi_write_file(NULL,&serial,10,f); + + fclose( f ); mbedtls_printf( " ok\n" ); diff --git a/components/https_server/certs/cacert.pem b/components/https_server/certs/cacert.pem index cd2b80c..9e1817a 100644 --- a/components/https_server/certs/cacert.pem +++ b/components/https_server/certs/cacert.pem @@ -1,19 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDKzCCAhOgAwIBAgIUBxM3WJf2bP12kAfqhmhhjZWv0ukwDQYJKoZIhvcNAQEL -BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMTgx -MDE3MTEzMjU3WhcNMjgxMDE0MTEzMjU3WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ -UyBzZXJ2ZXIgZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -ALBint6nP77RCQcmKgwPtTsGK0uClxg+LwKJ3WXuye3oqnnjqJCwMEneXzGdG09T -sA0SyNPwrEgebLCH80an3gWU4pHDdqGHfJQa2jBL290e/5L5MB+6PTs2NKcojK/k -qcZkn58MWXhDW1NpAnJtjVniK2Ksvr/YIYSbyD+JiEs0MGxEx+kOl9d7hRHJaIzd -GF/vO2pl295v1qXekAlkgNMtYIVAjUy9CMpqaQBCQRL+BmPSJRkXBsYk8GPnieS4 -sUsp53DsNvCCtWDT6fd9D1v+BB6nDk/FCPKhtjYOwOAZlX4wWNSZpRNr5dfrxKsb -jAn4PCuR2akdF4G8WLUeDWECAwEAAaNTMFEwHQYDVR0OBBYEFMnmdJKOEepXrHI/ -ivM6mVqJgAX8MB8GA1UdIwQYMBaAFMnmdJKOEepXrHI/ivM6mVqJgAX8MA8GA1Ud -EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADiXIGEkSsN0SLSfCF1VNWO3 -emBurfOcDq4EGEaxRKAU0814VEmU87btIDx80+z5Dbf+GGHCPrY7odIkxGNn0DJY -W1WcF+DOcbiWoUN6DTkAML0SMnp8aGj9ffx3x+qoggT+vGdWVVA4pgwqZT7Ybntx -bkzcNFW0sqmCv4IN1t4w6L0A87ZwsNwVpre/j6uyBw7s8YoJHDLRFT6g7qgn0tcN -ZufhNISvgWCVJQy/SZjNBHSpnIdCUSJAeTY2mkM4sGxY0Widk8LnjydxZUSxC3Nl -hb6pnMh3jRq4h0+5CZielA4/a+TdrNPv/qok67ot/XJdY3qHCCd8O2b14OVq9jo= +MIIDPTCCAiWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAvMREwDwYDVQQDDAhFU1Az +Ml9DQTENMAsGA1UECgwEVFVLRTELMAkGA1UEBhMCU0swHhcNMDEwMTAxMDAwMDAw +WhcNMzAxMjMxMjM1OTU5WjAzMRUwEwYDVQQDDAwxOTIuMTY4LjEuMjIxDTALBgNV +BAoMBFRVS0UxCzAJBgNVBAYTAlNLMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAn4LXgTvdUVOCPODVhF0F2rB6vDWHk+YgxhR31fZFnOcxNw+9DIpda+3L +Sukp/QBn7xrd+cZBTTK9tfDIVDF4e2nnedk0HkHyuKcnyOKUzyFdtE04B8fwFCeb +M3SF68lynHDN2liUfUD9GkddgPMpHI2BPSBnAivCpj19JwLCWE9heg25EbPivaP8 +omDRYy5LrHL875o28iL6OBurBgpHJyMEJnqg+OUu8ee5owrecYqn9ppirACNQnP2 +gl/NCke2yPqtn25gDaEO+7aCXjTlUxqv18tdP8voc2zLAU4YYP3hUyrGYmtmNEoU +auAEVH9ZTGupYIw5AjMWR8Qv+3MfQwIDAQABo2AwXjAJBgNVHRMEAjAAMB0GA1Ud +DgQWBBSvZcVZg2TON9u0UfExOEmmXeI4JDAfBgNVHSMEGDAWgBR/9desjLRCz/xG +UDnPK88D7nZNWTARBglghkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQELBQADggEB +AD2BS1xluszT1wE9FZahLqlQIpy7viII8W6RyLcjHsj/EOK73+jcyKzhyqOX0E/g +lhHB6GOGv9B9BELrlVP4MlG47kDiXZpa3hhCUL4IuQhUejOLttLtpbvf3qzV6OLv +UhGSkpstIAqUxb85GZdjGJpLxMIFxDV6ZIj1mm+R+z2UcYTO5sBtEgsEMgraj/x8 +bShp3AuclQvva7TvvZKIxa53v5SGs41Bmbz/B7XI2I5fzoFC7k/3zLEsReeQ9qg3 +0V6UUMlSv+6xcAYwUF2joEMFE8RYSs6tVRh3yHoGlngu08tbf3vLZ/XHj2tkXTnD +Na9raei70fQGtUU3atIkhkY= -----END CERTIFICATE----- diff --git a/components/https_server/certs/prvtkey.pem b/components/https_server/certs/prvtkey.pem index 70d2907..9f03f71 100644 --- a/components/https_server/certs/prvtkey.pem +++ b/components/https_server/certs/prvtkey.pem @@ -1,28 +1,27 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCwYp7epz++0QkH -JioMD7U7BitLgpcYPi8Cid1l7snt6Kp546iQsDBJ3l8xnRtPU7ANEsjT8KxIHmyw -h/NGp94FlOKRw3ahh3yUGtowS9vdHv+S+TAfuj07NjSnKIyv5KnGZJ+fDFl4Q1tT -aQJybY1Z4itirL6/2CGEm8g/iYhLNDBsRMfpDpfXe4URyWiM3Rhf7ztqZdveb9al -3pAJZIDTLWCFQI1MvQjKamkAQkES/gZj0iUZFwbGJPBj54nkuLFLKedw7DbwgrVg -0+n3fQ9b/gQepw5PxQjyobY2DsDgGZV+MFjUmaUTa+XX68SrG4wJ+DwrkdmpHReB -vFi1Hg1hAgMBAAECggEAaTCnZkl/7qBjLexIryC/CBBJyaJ70W1kQ7NMYfniWwui -f0aRxJgOdD81rjTvkINsPp+xPRQO6oOadjzdjImYEuQTqrJTEUnntbu924eh+2D9 -Mf2CAanj0mglRnscS9mmljZ0KzoGMX6Z/EhnuS40WiJTlWlH6MlQU/FDnwC6U34y -JKy6/jGryfsx+kGU/NRvKSru6JYJWt5v7sOrymHWD62IT59h3blOiP8GMtYKeQlX -49om9Mo1VTIFASY3lrxmexbY+6FG8YO+tfIe0tTAiGrkb9Pz6tYbaj9FjEWOv4Vc -+3VMBUVdGJjgqvE8fx+/+mHo4Rg69BUPfPSrpEg7sQKBgQDlL85G04VZgrNZgOx6 -pTlCCl/NkfNb1OYa0BELqWINoWaWQHnm6lX8YjrUjwRpBF5s7mFhguFjUjp/NW6D -0EEg5BmO0ePJ3dLKSeOA7gMo7y7kAcD/YGToqAaGljkBI+IAWK5Su5yldrECTQKG -YnMKyQ1MWUfCYEwHtPvFvE5aPwKBgQDFBWXekpxHIvt/B41Cl/TftAzE7/f58JjV -MFo/JCh9TDcH6N5TMTRS1/iQrv5M6kJSSrHnq8pqDXOwfHLwxetpk9tr937VRzoL -CuG1Ar7c1AO6ujNnAEmUVC2DppL/ck5mRPWK/kgLwZSaNcZf8sydRgphsW1ogJin -7g0nGbFwXwKBgQCPoZY07Pr1TeP4g8OwWTu5F6dSvdU2CAbtZthH5q98u1n/cAj1 -noak1Srpa3foGMTUn9CHu+5kwHPIpUPNeAZZBpq91uxa5pnkDMp3UrLIRJ2uZyr8 -4PxcknEEh8DR5hsM/IbDcrCJQglM19ZtQeW3LKkY4BsIxjDf45ymH407IQKBgE/g -Ul6cPfOxQRlNLH4VMVgInSyyxWx1mODFy7DRrgCuh5kTVh+QUVBM8x9lcwAn8V9/ -nQT55wR8E603pznqY/jX0xvAqZE6YVPcw4kpZcwNwL1RhEl8GliikBlRzUL3SsW3 -q30AfqEViHPE3XpE66PPo6Hb1ymJCVr77iUuC3wtAoGBAIBrOGunv1qZMfqmwAY2 -lxlzRgxgSiaev0lTNxDzZkmU/u3dgdTwJ5DDANqPwJc6b8SGYTp9rQ0mbgVHnhIB -jcJQBQkTfq6Z0H6OoTVi7dPs3ibQJFrtkoyvYAbyk36quBmNRjVh6rc8468bhXYr -v/t+MeGJP/0Zw8v/X2CFll96 ------END PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAn4LXgTvdUVOCPODVhF0F2rB6vDWHk+YgxhR31fZFnOcxNw+9 +DIpda+3LSukp/QBn7xrd+cZBTTK9tfDIVDF4e2nnedk0HkHyuKcnyOKUzyFdtE04 +B8fwFCebM3SF68lynHDN2liUfUD9GkddgPMpHI2BPSBnAivCpj19JwLCWE9heg25 +EbPivaP8omDRYy5LrHL875o28iL6OBurBgpHJyMEJnqg+OUu8ee5owrecYqn9ppi +rACNQnP2gl/NCke2yPqtn25gDaEO+7aCXjTlUxqv18tdP8voc2zLAU4YYP3hUyrG +YmtmNEoUauAEVH9ZTGupYIw5AjMWR8Qv+3MfQwIDAQABAoIBABVbA6DiPmsNIU0m +6X8woxWDINOCM9YZw9Pb2VVp2ipmYNZB2FTNpjH1IrgInR3/HWsg2jd+va8Tttwd +J1JE/fVBRFkxusK9n+eX6CwtewXQ2PDy5lL9sjHzQYSd5PDLRiRqt9demkwQqjIy +psfvsNaJSBRtJPgLRXf97dEOE1iWMJ6iJr4LBntVmydiAmhJ6VH3Mg66LiiyH+Ut +gnJ0VODm6J+6n7OSh5NKCz7xmgLq1qCeN/OJJkaEUarDL93ePhIAaO3oUg6lDUU5 +ceaWvK5gB7ZT+UBT4W4qEsQqTvL1VcFFAXmD2EDEhdN8X/W8KiOf+5yCi6RO/iYv +kGzCnPUCgYEA01v1qFf/xI0wkBFajT6sbBmw+HtpWWFyhR7KrrtkfOQivY9Go/P+ ++jTpajzijkPuD3UMrAhc/cxQ8YWaj8In78WJ7+WXceKIgnVg96jWTq0eaM0ipgbM +e8UIE4IqM50eyucBGVwRgSX5DlbHjdKMN90huFuWLJKcXWHHO17d5QcCgYEAwTN9 +8ZuYZQT65+GtpgQzFq1CbDo4R5dwtDfqZadwvgPtdMNtcaMRf+06ftmoRy044i7a +LGcppZPKwUkhOXU/Uuwptnnc2DCO9ud2JJqngeVNWgyoNmi4zgwFWbEgkGwojYSn +XcGgTLjJfvJvPY5/M4LI8eyPYa3x4ro9yZdQwOUCgYEAyMSolFGK7fyj7aXeWx72 +j/TTiyVHjBSpwNPf+ZydtpjKez/W/TRvtuJ9+mF9X2AdiWdJMzz6gEcNeG7Nw9LN +NtBw14VCl3Z0719qTbZ+Y9vEcA6z4/u/T654nnddeQu9zUUjYSB4rDIS41EBW7Ft +aj9OoZ22B/74MygHJVlW9A8CgYEAmK8p/FQ8JrG93J2Uz1wISAabNM76BVIghryd +6MJgLjsKYTnE94ao4NHJZdB71exeRRpD382Ts0BOf1xc/nyzk8QB3y0FpHETuvsH +ejwi31wpOl5AXed7DZOgctax5pEjp1vLrSPFnHx4+XN9CEfiLQJR7idG1SpTvBv1 +kqib8CUCgYBTu9CNS5WfQC/YbKYeU1F6lYRNw79mVmQfAJyL/aUrSGJuUcZo+kZv +Rq6QfB7mJDLwniwgVALAGhiDJPagstyajUCSkrV9lDleAPOfb4ep0HQK1GA2Jrs6 +ldn8NTn7z9pToWbgMyl25vaoSMzIjVJ7uic3LN+iruXpxDpBAFqrfA== +-----END RSA PRIVATE KEY----- diff --git a/components/https_server/https_server.c b/components/https_server/https_server.c index 99176f6..af66c4a 100644 --- a/components/https_server/https_server.c +++ b/components/https_server/https_server.c @@ -194,15 +194,51 @@ static httpd_handle_t start_webserver(void) httpd_ssl_config_t conf = HTTPD_SSL_CONFIG_DEFAULT(); conf.httpd.stack_size = 12000; //pridanie certifikatu do konfiguracie - extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start"); - extern const unsigned char cacert_pem_end[] asm("_binary_cacert_pem_end"); - conf.cacert_pem = cacert_pem_start; - conf.cacert_len = cacert_pem_end - cacert_pem_start; + unsigned char *cacert_pem_start = calloc(1200,sizeof(unsigned char));//[1025]; + //memset(cacert_pem_start,'\0',1025); + //char line_buffer[66]; + FILE* fd = fopen("/spiffs/server.crt", "r"); + fseek(fd, 0, SEEK_END); + long int size = ftell(fd); + fseek(fd, 0, SEEK_SET); + + int bytes_read = fread(cacert_pem_start, sizeof(unsigned char), size, fd); + /* + if(fd!=NULL){ + while(fgets(line_buffer, sizeof(line_buffer)-1, fd)){ + strcat(cacert_pem_start,line_buffer); + } + } + */ + fclose(fd); + + conf.cacert_pem = (const unsigned char*)cacert_pem_start; + printf("%s", conf.cacert_pem); + + conf.cacert_len = size+1; + + //pridanie sukromneho kluca do konfiguracie - extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start"); - extern const unsigned char prvtkey_pem_end[] asm("_binary_prvtkey_pem_end"); + unsigned char *prvtkey_pem_start =calloc(1800,sizeof(unsigned char)); + + //memset(prvtkey_pem_start,'\0',2050); + // memset(line_buffer,'\0',66); + fd = fopen("/spiffs/server_key.key", "rb"); + /* + if(fd!=NULL){ + while(fgets(line_buffer, sizeof(line_buffer)-1, fd)){ + strcat((char*)prvtkey_pem_start,line_buffer); + + } + } + */ + fseek(fd, 0, SEEK_END); + size = ftell(fd); + fseek(fd, 0, SEEK_SET); + bytes_read = fread(prvtkey_pem_start, sizeof(unsigned char), size, fd); + fclose(fd); conf.prvtkey_pem = prvtkey_pem_start; - conf.prvtkey_len = prvtkey_pem_end - prvtkey_pem_start; + conf.prvtkey_len = size+1; //vytvorenie HTTP + SSL servera esp_err_t ret = httpd_ssl_start(&server, &conf); if (ESP_OK != ret) { diff --git a/main/main.c b/main/main.c index 6b6a1a3..bf9d39e 100644 --- a/main/main.c +++ b/main/main.c @@ -177,9 +177,13 @@ void app_main(void) - read_file("/spiffs/keyfile.key"); - read_file("/spiffs/ca.crt"); - read_file("/spiffs/user.crt"); + //read_file("/spiffs/keyfile.key"); + read_file("/spiffs/ca.crt"); + read_file("/spiffs/server.crt"); + read_file("/spiffs/server_key.key"); + read_file("/spiffs/serial.txt"); + + /* Prompt to be printed before each line. * This can be customized, made dynamic, etc. */