lmoskala/SSLClient
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

restructure examples, validate stm32 (don't have hardware to test, so I can hope). Address https://github.com/OPEnSLab-OSU/SSLClient/issues/3.

Browse source
This commit is contained in:
Noah Laptop 2020-03-09 10:12:01 -07:00
parent 2f05f16946
commit 8cbf028b98
5 changed files with 215 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

130
examples/stm32/EthernetHTTPSstm32/EthernetHTTPSstm32.ino Normal file
View file

@ -0,0 +1,130 @@
/*
Web client
This sketch connects to a website (http://www.arduino.cc/asciilogo.txt)
using an Arduino Wiznet Ethernet shield or STM32 built-in Ethernet.
Tested on ST Micro Nucleo-F767ZI.
Circuit:
* Ethernet shield attached to pins 10, 11, 12, 13
created 18 Dec 2009
by David A. Mellis
modified 9 Apr 2012
by Noah Koontz, based on work by Adrian McEwen and Tom Igoe
Modified 16 Oct 2019 by gdsports625@gmail.com for STM32duino_STM32Ethernet
*/
#include <LwIP.h>
#include <STM32Ethernet.h>
#include <SSLClient.h>
#include "trust_anchors.h"
// if you don't want to use DNS (and reduce your sketch size)
// use the numeric IP instead of the name for the server:
//IPAddress server(54,85,55,79); // numeric IP for Google (no DNS)
const char server[] = "www.arduino.cc"; // name address for Arduino (using DNS)
const char server_host[] = "www.arduino.cc"; // leave this alone, change only above two
// Set the static IP address to use if the DHCP fails to assign
IPAddress ip(192, 168, 0, 177);
IPAddress myDns(8, 8, 8, 8);
// Choose the analog pin to get semi-random data from for SSL
// Pick a pin that's not connected or attached to a randomish voltage source
const int rand_pin = A5;
// Initialize the SSL client library
// We input an EthernetClient, our trust anchors, and the analog pin
EthernetClient base_client;
SSLClient client(base_client, TAs, (size_t)TAs_NUM, rand_pin);
// Variables to measure the speed
unsigned long beginMicros, endMicros;
unsigned long byteCount = 0;
bool printWebData = true; // set to false for better speed measurement
void setup() {
// Open serial communications and wait for port to open:
Serial.begin(115200);
while (!Serial) {
; // wait for serial port to connect. Needed for native USB port only
}
// start the Ethernet connection:
Serial.println("Initialize Ethernet with DHCP:");
// STM32 built-in Ethernet has a factory installed MAC address.
if (Ethernet.begin() == 0) {
Serial.println("Failed to configure Ethernet using DHCP");
while (1) delay(1);
} else {
Serial.print(" DHCP assigned IP ");
Serial.println(Ethernet.localIP());
}
// give the Ethernet shield a second to initialize:
delay(2000);
Serial.print("connecting to ");
Serial.print(server);
Serial.println("...");
// if you get a connection, report back via serial:
auto start = millis();
// specify the server and port, 443 is the standard port for HTTPS
if (client.connect(server, 443)) {
auto time = millis() - start;
Serial.print("connected to ");
Serial.println(base_client.remoteIP());
Serial.print("Took: ");
Serial.println(time);
// Make a HTTP request:
client.println("GET /asciilogo.txt HTTP/1.1");
client.println("User-Agent: SSLClientOverEthernet");
client.print("Host: ");
client.println(server_host);
client.println("Connection: close");
client.println();
} else {
// if you didn't get a connection to the server:
Serial.println("connection failed");
}
beginMicros = micros();
}
void loop() {
// if there are incoming bytes available
// from the server, read them and print them:
int len = client.available();
if (len > 0) {
byte buffer[80];
if (len > 80) len = 80;
client.read(buffer, len);
if (printWebData) {
Serial.write(buffer, len); // show in the serial monitor (slows some boards)
}
byteCount = byteCount + len;
}
// if the server's disconnected, stop the client:
if (!client.connected()) {
endMicros = micros();
Serial.println();
Serial.println("disconnecting.");
client.stop();
Serial.print("Received ");
Serial.print(byteCount);
Serial.print(" bytes in ");
float seconds = (float)(endMicros - beginMicros) / 1000000.0;
Serial.print(seconds, 4);
float rate = (float)byteCount / seconds / 1000.0;
Serial.print(", rate = ");
Serial.print(rate);
Serial.print(" kbytes/second");
Serial.println();
// do nothing forevermore:
while (true) {
delay(1);
}
}
}

80
examples/stm32/EthernetHTTPSstm32/trust_anchors.h Normal file
View file

@ -0,0 +1,80 @@
#ifndef _CERTIFICATES_H_
#define _CERTIFICATES_H_
#ifdef __cplusplus
extern "C"
{
#endif
/* This file is auto-generated by the pycert_bearssl tool. Do not change it manually.
* Certificates are BearSSL br_x509_trust_anchor format. Included certs:
*
* Index: 0
* Label: AddTrust External CA Root
* Subject: C=SE,O=AddTrust AB,OU=AddTrust External TTP Network,CN=AddTrust External CA Root
* Domain(s): www.arduino.cc
*/
#define TAs_NUM 1
static const unsigned char TA_DN0[] = {
0x30, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x53, 0x45, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a,
0x13, 0x0b, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x41,
0x42, 0x31, 0x26, 0x30, 0x24, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x1d,
0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x45, 0x78, 0x74,
0x65, 0x72, 0x6e, 0x61, 0x6c, 0x20, 0x54, 0x54, 0x50, 0x20, 0x4e, 0x65,
0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31, 0x22, 0x30, 0x20, 0x06, 0x03, 0x55,
0x04, 0x03, 0x13, 0x19, 0x41, 0x64, 0x64, 0x54, 0x72, 0x75, 0x73, 0x74,
0x20, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x20, 0x43, 0x41,
0x20, 0x52, 0x6f, 0x6f, 0x74,
};
static const unsigned char TA_RSA_N0[] = {
0xb7, 0xf7, 0x1a, 0x33, 0xe6, 0xf2, 0x00, 0x04, 0x2d, 0x39, 0xe0, 0x4e,
0x5b, 0xed, 0x1f, 0xbc, 0x6c, 0x0f, 0xcd, 0xb5, 0xfa, 0x23, 0xb6, 0xce,
0xde, 0x9b, 0x11, 0x33, 0x97, 0xa4, 0x29, 0x4c, 0x7d, 0x93, 0x9f, 0xbd,
0x4a, 0xbc, 0x93, 0xed, 0x03, 0x1a, 0xe3, 0x8f, 0xcf, 0xe5, 0x6d, 0x50,
0x5a, 0xd6, 0x97, 0x29, 0x94, 0x5a, 0x80, 0xb0, 0x49, 0x7a, 0xdb, 0x2e,
0x95, 0xfd, 0xb8, 0xca, 0xbf, 0x37, 0x38, 0x2d, 0x1e, 0x3e, 0x91, 0x41,
0xad, 0x70, 0x56, 0xc7, 0xf0, 0x4f, 0x3f, 0xe8, 0x32, 0x9e, 0x74, 0xca,
0xc8, 0x90, 0x54, 0xe9, 0xc6, 0x5f, 0x0f, 0x78, 0x9d, 0x9a, 0x40, 0x3c,
0x0e, 0xac, 0x61, 0xaa, 0x5e, 0x14, 0x8f, 0x9e, 0x87, 0xa1, 0x6a, 0x50,
0xdc, 0xd7, 0x9a, 0x4e, 0xaf, 0x05, 0xb3, 0xa6, 0x71, 0x94, 0x9c, 0x71,
0xb3, 0x50, 0x60, 0x0a, 0xc7, 0x13, 0x9d, 0x38, 0x07, 0x86, 0x02, 0xa8,
0xe9, 0xa8, 0x69, 0x26, 0x18, 0x90, 0xab, 0x4c, 0xb0, 0x4f, 0x23, 0xab,
0x3a, 0x4f, 0x84, 0xd8, 0xdf, 0xce, 0x9f, 0xe1, 0x69, 0x6f, 0xbb, 0xd7,
0x42, 0xd7, 0x6b, 0x44, 0xe4, 0xc7, 0xad, 0xee, 0x6d, 0x41, 0x5f, 0x72,
0x5a, 0x71, 0x08, 0x37, 0xb3, 0x79, 0x65, 0xa4, 0x59, 0xa0, 0x94, 0x37,
0xf7, 0x00, 0x2f, 0x0d, 0xc2, 0x92, 0x72, 0xda, 0xd0, 0x38, 0x72, 0xdb,
0x14, 0xa8, 0x45, 0xc4, 0x5d, 0x2a, 0x7d, 0xb7, 0xb4, 0xd6, 0xc4, 0xee,
0xac, 0xcd, 0x13, 0x44, 0xb7, 0xc9, 0x2b, 0xdd, 0x43, 0x00, 0x25, 0xfa,
0x61, 0xb9, 0x69, 0x6a, 0x58, 0x23, 0x11, 0xb7, 0xa7, 0x33, 0x8f, 0x56,
0x75, 0x59, 0xf5, 0xcd, 0x29, 0xd7, 0x46, 0xb7, 0x0a, 0x2b, 0x65, 0xb6,
0xd3, 0x42, 0x6f, 0x15, 0xb2, 0xb8, 0x7b, 0xfb, 0xef, 0xe9, 0x5d, 0x53,
0xd5, 0x34, 0x5a, 0x27,
};
static const unsigned char TA_RSA_E0[] = {
0x01, 0x00, 0x01,
};
static const br_x509_trust_anchor TAs[] = {
{
{ (unsigned char *)TA_DN0, sizeof TA_DN0 },
BR_X509_TA_CA,
{
BR_KEYTYPE_RSA,
{ .rsa = {
(unsigned char *)TA_RSA_N0, sizeof TA_RSA_N0,
(unsigned char *)TA_RSA_E0, sizeof TA_RSA_E0,
} }
}
},
};
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* ifndef _CERTIFICATES_H_ */

32
examples/EthernetHTTPStivac/EthernetHTTPStivac.ino → examples/tivac/EthernetHTTPStivac/EthernetHTTPStivac.ino
View file

@ -2,24 +2,19 @@
Web client Web client
This sketch connects to a website (http://www.arduino.cc/asciilogo.txt) This sketch connects to a website (http://www.arduino.cc/asciilogo.txt)
using an Arduino Wiznet Ethernet shield. using an Arduino Wiznet Ethernet shield and TLS. This
Circuit: Circuit:
* Ethernet shield attached to pins 10, 11, 12, 13 * Ethernet shield attached to pins 10, 11, 12, 13
created 18 Dec 2009 created 18 Dec 2009
by David A. Mellis by David A. Mellis
modified 9 Apr 2012 modified 9 March 2020
by Noah Koontz, based on work by Adrian McEwen and Tom Igoe by Noah Koontz, based on work by Adrian McEwen and Tom Igoe
*/ */
// NOTE: This example REQUIRES the EthernetLarge library.
// You can get it here: https://github.com/OPEnSLab-OSU/EthernetLarge
#include <SPI.h> #include <SPI.h>
//#include <EthernetLarge.h> #include <Ethernet.h>
#include "Ethernet.h"
#include <SSLClient.h> #include <SSLClient.h>
#include "trust_anchors.h" #include "trust_anchors.h"
@ -56,14 +51,6 @@ unsigned long byteCount = 0;
bool printWebData = true; // set to false for better speed measurement bool printWebData = true; // set to false for better speed measurement
void setup() { void setup() {
// You can use Ethernet.init(pin) to configure the CS pin
//Ethernet.init(10); // Most Arduino shields
//Ethernet.init(5); // MKR ETH shield
//Ethernet.init(0); // Teensy 2.0
//Ethernet.init(20); // Teensy++ 2.0
//Ethernet.init(15); // ESP8266 with Adafruit Featherwing Ethernet
//Ethernet.init(33); // ESP32 with Adafruit Featherwing Ethernet
// Open serial communications and wait for port to open: // Open serial communications and wait for port to open:
Serial.begin(115200); Serial.begin(115200);
while (!Serial) { while (!Serial) {
@ -75,18 +62,6 @@ void setup() {
//if (Ethernet.begin(mac) == 0) { //if (Ethernet.begin(mac) == 0) {
if (Ethernet.begin(0) == 0) { if (Ethernet.begin(0) == 0) {
Serial.println(F("Failed to configure Ethernet using DHCP")); Serial.println(F("Failed to configure Ethernet using DHCP"));
// Check for Ethernet hardware present
/* if (Ethernet.hardwareStatus() == EthernetNoHardware) {
Serial.println("Ethernet shield was not found. Sorry, can't run without hardware. :(");
while (true) {
delay(1); // do nothing, no point running without Ethernet hardware
}
}*/
/* if (Ethernet.linkStatus() == LinkOFF) {
Serial.println("Ethernet cable is not connected.");
}*/
// try to configure using IP address instead of DHCP:
//Ethernet.begin(mac, ip, myDns);
Ethernet.begin(0, ip, myDns, gw, mask); Ethernet.begin(0, ip, myDns, gw, mask);
} else { } else {
Serial.print(F(" DHCP assigned IP ")); Serial.print(F(" DHCP assigned IP "));
@ -125,7 +100,6 @@ void loop() {
// from the server, read them and print them: // from the server, read them and print them:
int len = client.available(); int len = client.available();
while (len > 0) { while (len > 0) {
//if (len > 0) {
byte buffer[BUFFLEN]; byte buffer[BUFFLEN];
if (len > BUFFLEN) len = BUFFLEN; if (len > BUFFLEN) len = BUFFLEN;
client.read(buffer, len); client.read(buffer, len);

0
examples/EthernetHTTPStivac/trust_anchors.h → examples/tivac/EthernetHTTPStivac/trust_anchors.h
View file

4
library.properties
View file

@ -2,9 +2,9 @@ name=SSLClient
version=1.5.0 version=1.5.0
author=Noah Koontz <koontzn@oregonstate.edu> author=Noah Koontz <koontzn@oregonstate.edu>
maintainer=OPEnS Lab maintainer=OPEnS Lab
sentence=Arduino library to add SSL functionality to any Client class sentence=Arduino library to add TLS functionality to any Client class
paragraph=including the Arduino EthernetClient and WiFiClient classes (though it is better to prefer WiFClient.connectSSL if implemented). In other words, SSLClient implements encrypted communication through SSL on devices that do not otherwise support it. paragraph=including the Arduino EthernetClient and WiFiClient classes (though it is better to prefer WiFClient.connectSSL if implemented). In other words, SSLClient implements encrypted communication through SSL on devices that do not otherwise support it.
category=Communication category=Communication
url=https://github.com/OPEnSLab-OSU/SSLClient url=https://github.com/OPEnSLab-OSU/SSLClient
architectures=samd,tivac architectures=samd,tivac,stm32
includes=SSLClient.h includes=SSLClient.h