espressif/ESP8266_RTOS_SDK
1
0
Fork 0
mirror of https://github.com/espressif/ESP8266_RTOS_SDK.git synced 2025-05-31 23:50:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat/wolfssl_http_client: Added wolfssl support to http-client & ota.

Browse Source 
Changes:
Client, OTA examples fixed. Bug fixes in esp-tls wolfssl support.
This commit is contained in:
Supreet Deshpande
2019-03-09 23:48:23 +05:30
parent 5aae07e8f8
commit 0c16744f2b
6 changed files with 122 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
components/esp-tls/esp_tls.c
View File

@ -30,7 +30,7 @@
static const char *TAG = "esp-tls";
#if CONFIG_SSL_USING_MBEDTLS
static mbedtls_x509_crt *global_cacert = NULL;
#else
#elif CONFIG_SSL_USING_WOLFSSL
static unsigned char *global_cacert = NULL;
static unsigned int global_cacert_pem_bytes = 0;
#endif
@ -82,8 +82,9 @@ static ssize_t tls_read(esp_tls_t *tls, char *data, size_t datalen)
ESP_LOGE(TAG, "read error :%d:", ret);
}
}
#else
size_t ret = wolfSSL_read(tls->ssl, (unsigned char *)data, datalen);
#elif CONFIG_SSL_USING_WOLFSSL
ssize_t ret = wolfSSL_read(tls->ssl, (unsigned char *)data, datalen);
if (ret < 0) {
ret = wolfSSL_get_error(tls->ssl, ret);
/* peer sent close notify */
@ -193,7 +194,7 @@ esp_err_t esp_tls_set_global_ca_store(const unsigned char *cacert_pem_buf, const
ESP_LOGE(TAG, "mbedtls_x509_crt_parse was partly successful. No. of failed certificates: %d", ret);
}
return ESP_OK;
#else
#elif CONFIG_SSL_USING_WOLFSSL
if (global_cacert != NULL) {
esp_tls_free_global_ca_store(global_cacert);
}
@ -219,7 +220,7 @@ void esp_tls_free_global_ca_store()
#if CONFIG_SSL_USING_MBEDTLS
mbedtls_x509_crt_free(global_cacert);
global_cacert = NULL;
#else
#elif CONFIG_SSL_USING_WOLFSSL
free(global_cacert);
global_cacert = NULL;
global_cacert_pem_bytes = 0;
@ -240,7 +241,7 @@ static void verify_certificate(esp_tls_t *tls)
} else {
ESP_LOGI(TAG, "Certificate verified.");
}
#else
#elif CONFIG_SSL_USING_WOLFSSL
int flags;
if ((flags = wolfSSL_get_verify_result(tls->ssl)) != WOLFSSL_SUCCESS) {
ESP_LOGE(TAG, "Failed to verify peer certificate %d!", flags);
@ -268,7 +269,7 @@ static void esp_tls_cleanup(esp_tls_t *tls)
mbedtls_ctr_drbg_free(&tls->ctr_drbg);
mbedtls_ssl_free(&tls->ssl);
mbedtls_net_free(&tls->server_fd);
#else
#elif CONFIG_SSL_USING_WOLFSSL
wolfSSL_shutdown(tls->ssl);
wolfSSL_free(tls->ssl);
close(tls->sockfd);
@ -386,7 +387,7 @@ static int create_ssl_handle(esp_tls_t *tls, const char *hostname, size_t hostle
exit:
esp_tls_cleanup(tls);
return -1;
#else
#elif CONFIG_SSL_USING_WOLFSSL
ret = wolfSSL_Init();
if (ret != WOLFSSL_SUCCESS) {
ESP_LOGE(TAG, "Init wolfSSL failed: %d", ret);
@ -483,7 +484,7 @@ static ssize_t tls_write(esp_tls_t *tls, const char *data, size_t datalen)
}
}
return ret;
#else
#elif CONFIG_SSL_USING_WOLFSSL
ssize_t ret = wolfSSL_write(tls->ssl, (unsigned char*) data, datalen);
if (ret < 0) {
if (ret != WOLFSSL_ERROR_WANT_READ && ret != WOLFSSL_ERROR_WANT_WRITE) {
@ -580,13 +581,14 @@ static int esp_tls_low_level_conn(const char *hostname, int hostlen, int port, c
or MBEDTLS_ERR_SSL_WANT_WRITE during handshake */
return 0;
}
#else
#elif CONFIG_SSL_USING_WOLFSSL
ret = wolfSSL_connect(tls->ssl);
if (ret == WOLFSSL_SUCCESS) {
tls->conn_state = ESP_TLS_DONE;
return 1;
} else {
if (ret != WOLFSSL_ERROR_WANT_READ && ret != WOLFSSL_ERROR_WANT_WRITE) {
int err = wolfSSL_get_error(tls->ssl, ret);
if (err != WOLFSSL_ERROR_WANT_READ && err != WOLFSSL_ERROR_WANT_WRITE) {
ESP_LOGE(TAG, "wolfSSL_connect returned -0x%x", -ret);
if (cfg->cacert_pem_buf != NULL || cfg->use_global_ca_store == true) {
/* This is to check whether handshake failed due to invalid certificate*/
@ -645,13 +647,13 @@ int esp_tls_conn_new_async(const char *hostname, int hostlen, int port, const es
size_t esp_tls_get_bytes_avail(esp_tls_t *tls)
{
#if CONFIG_SSL_USING_MBEDTLS
if (!tls) {
ESP_LOGE(TAG, "empty arg passed to esp_tls_get_bytes_avail()");
return ESP_FAIL;
}
#if CONFIG_SSL_USING_MBEDTLS
return mbedtls_ssl_get_bytes_avail(&tls->ssl);
#else
return 0;
#elif CONFIG_SSL_USING_WOLFSSL
return wolfSSL_pending(tls->ssl);
#endif
}

6
components/esp_http_client/component.mk
View File

@ -9,4 +9,10 @@ ifdef CONFIG_SSL_USING_MBEDTLS
COMPONENT_SRCDIRS := . lib
COMPONENT_ADD_INCLUDEDIRS := include
COMPONENT_PRIV_INCLUDEDIRS := lib/include
endif
ifdef CONFIG_SSL_USING_WOLFSSL
COMPONENT_SRCDIRS := . lib
COMPONENT_ADD_INCLUDEDIRS := include
COMPONENT_PRIV_INCLUDEDIRS := lib/include
endif

14
components/esp_http_client/lib/http_auth.c
View File

@ -20,8 +20,8 @@
#include "tcpip_adapter.h"
#include "lwip/sockets.h"
#include "rom/md5_hash.h"
#include "mbedtls/base64.h"
#include "esp_base64.h"
#include "esp_system.h"
#include "esp_log.h"
@ -134,17 +134,19 @@ _digest_exit:
char *http_auth_basic(const char *username, const char *password)
{
int out;
char *user_info = NULL;
char *digest = NULL;
size_t n = 0;
size_t n = 0, size = 0;
asprintf(&user_info, "%s:%s", username, password);
HTTP_MEM_CHECK(TAG, user_info, return NULL);
mbedtls_base64_encode(NULL, 0, &n, (const unsigned char *)user_info, strlen(user_info));
digest = calloc(1, 6 + n + 1);
size = strlen(user_info);
n = (size / 3) * 4 + 1; // String to Base64 length calculation
if (size % 3 != 0)
n += 4;
digest = calloc(1, 6 + n);
HTTP_MEM_CHECK(TAG, digest, goto _basic_exit);
strcpy(digest, "Basic ");
mbedtls_base64_encode((unsigned char *)digest + 6, n, (size_t *)&out, (const unsigned char *)user_info, strlen(user_info));
n = esp_base64_encode((const unsigned char *)user_info, strlen(user_info), (unsigned char *)digest + 6, n);
_basic_exit:
free(user_info);
return digest;

5
components/esp_https_ota/component.mk
View File

@ -4,4 +4,9 @@ COMPONENT_ADD_INCLUDEDIRS :=
ifdef CONFIG_SSL_USING_MBEDTLS
COMPONENT_SRCDIRS := src
COMPONENT_ADD_INCLUDEDIRS := include
endif
ifdef CONFIG_SSL_USING_WOLFSSL
COMPONENT_SRCDIRS := src
COMPONENT_ADD_INCLUDEDIRS := include
endif