The previous "using_mbedtls_pkcs11.c" implementation requires using the device key and device certificate stored under the labels "pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS" and "pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS".
This commit updates the NetworkCredentials to include fields for pClientCertLabel and pPrivateKeyLabel, so other labels can be used with PKCS11. This matches the behavior seen in the CSDK.
This commit also updates the "pkcs11_mqtt_mutual_auth_demo" to set the newly-added NetworkCredentials fields.
Move the contents of FreeRTOS/FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls/
to its parent folder i.e. FreeRTOS/FreeRTOS-Plus/Source/Application-Protocols/network_transport/.
This removes one unnecessary folder in the hierarchy.
* [Cellular] Add cellulr lib submodule and demo app
* [Cellular] Fix memory violation in transport layer and add using LoggingPrintf
* Update FreeRTOS Cellular Interface
* Change the mbedtls usage in FreeRTOS-Plus
* [Cellular] Fix missing spell
* [Cellular] Add manifest.yml
* Fix missing spell
* Update manifest.yml
* [Cellular] Add integration test
* Modify the demo log level to LOG_INFO
* Update cellular interface
* The modification of the folder structure for cellular library
* Rename the naming of demo
* Adjust the location of using_mbedtls and socket_wrapper
* Adjust project setting for relocating using_mbedtls and socket_wrapper
* Turn off PSM mode
* Add start marker for CI validation.
* The modification for mbedtls platform send/recv function for cellular
* Change the project file due to the changes of mbedtls platform send/recv function for cellular
* Fix missing newline and remove unused file
* Add missing configuration.
* Make cellular and freertos tcp plus use the same transport implementation
* Add comment for the macro MBEDTLS_SSL_SEND and MBEDTLS_SSL_RECV
* Make changes from the github comment.
* Update submodule pointers
This is needed to address doxygen failures (Which are already fixed in
the submoduled repos).
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
* Updated submodule libraries to latest release
* Updated pointer for FreeRTOS-Plus-TCP
* Updated README about SNTP
* Updated link for coreSNTP on freertos.org
* Updated corePKCS11 to 'update-pkcs11submodule' branch for testing
* Update corePKCS11 version in manifest.yml
* Updated corePKCS11 pointer to v3.1.0
Co-authored-by: Oscar Michael Abrina <abrinao@amazon.com>
Co-authored-by: Archit Aggarwal <architag@amazon.com>
* Replace library links with the application-protocols one
The ReadMe.txt refers to library link on FreeRTOS.org which will not be available until after the library is released in github. Instead, use top level page https://www.freertos.org/application-protocols.html which lists all the libraries in this directory which is also easy for user to navigate and could avoid this issue when releasing new library.
* Update FreeRTOS-Plus/Source/Application-Protocols/readme.txt
Co-authored-by: Archit Aggarwal <architag@amazon.com>
* Update FreeRTOS-Plus/Source/Application-Protocols/readme.txt
Co-authored-by: Paul Bartell <pbartell@amazon.com>
Co-authored-by: Archit Aggarwal <architag@amazon.com>
Co-authored-by: Paul Bartell <pbartell@amazon.com>
Since `mbedtls_error.c` is already part of the mbedTLS submodule, the duplicate files are removed from this repository.
Co-authored-by: Cobus van Eeden <35851496+cobusve@users.noreply.github.com>
Update the coreSNTP submodule to the latest commit. Also, make updates to the coreSNTP demo for the new changes in the SNTP library which include the following:
1. Update to the type for packet size from size_t to uint16_t for parameters in the transport and authentication interfaces.
2. Change in the call to Sntp_SendTimeRequest API to pass the new blockTimeMs parameter added to the API.
3. Update to the clock-offfset type from int32_t to int64_t for representing information in milliseconds. To accommodate this update in the SntpSetTime_t interface, the mathematical model for representing system clock has been updated to store slew rate as milliseconds/second (instead of second/second). This change improves the accuracy of the WinSim demo time correction (because the milliseconds of time difference between server and client time is corrected over the entire polling interval which makes a significant difference!).
This PR also adds demo config macros for setting the block time values passed to the Sntp_SendTimeRequest and Sntp_ReceiveTimeResponse APIs.
Add the FreeRTOS/coreSNTP library as a submodule (along with manifest.yaml file update) and add a demo project to showcase use of the coreSNTP library for having a SNTP client daemon in the system for periodically synchronizing system time with the internet to maintain Coordinated Univeral Time (UTC) in a device. This demo maintains UTC time of system in RAM, thereby, representing systems without a Real-Time Clock (RTC) module in the device.
Note: This demo shows use of coreSNTP library for SNTP communication with NTP/SNTP time servers in non-authenticated mode (i.e. without any security mechanism payload beyond the standard 48 bytes of NTP packet exchange between client-server).
* Clean up demo config for wolfSSL mutual auth.
* Add comment about picking the correct ROOT CA.
* uncrustify using_wolfSSL.c and some other code style changes.
* Apply suggestions from code review
Co-authored-by: Archit Aggarwal <architag@amazon.com>
FreeRTOS_send adds the packet to be sent to the IP task's queue for
later processing. The packet is sent later by the IP task. When
FreeRTOS is used in collaborative mode (i.e. configUSE_PREEMPTION is 0),
the Plaintext_FreeRTOS_send function returns without actually sending
the packet as the IP task never gets a chance to run.
The fact that Plaintext_FreeRTOS_send returns without actually sending
the packet causes an issue in the MQTT_Connect which expects the CONNECT
packet to be actually sent and waits for CONNACK.
This commit adds a taskYIELD call after calling FreeRTOS_send to ensure
that the IP task gets a chance to run and send the packet before the
Plaintext_FreeRTOS_send function returns.
Add URL file links to the MQTT agent documentation page.
Add comment blocks into each demo that also point toward the MQTT agent documentation to ensure users are aware the agent method exists.
From the FreeRTOS documentation, pdFREERTOS_ERRNO_ENOSPC means that timeout occurred before any data could be sent or received.
- In the plaintext transport-interface implementation, we would directly return `-pdFREERTOS_ERRNO_ENOSPC`. However, an error like this can occur when the TCP buffer is full, so this ought to be retriable. Libraries that consume the transport interface interpret a return value of 0 to mean that send/recv can be invoked again to get the data. As such, we should appropriately set the return value as 0 when the status is `-pdFREERTOS_ERRNO_ENOSPC`.
- In the mbedTLS port, we would directly return whatever `FreeRTOS_send` or `FreeRTOS_recv` returns. However, sometimes, the return value can be an error. In such cases, we ought to map an error from FreeRTOS+TCP to an equivalent error in mbedTLS. In the case of `-pdFREERTOS_ERRNO_ENOSPC`, we map that to `MBEDTLS_ERR_SSL_TIMEOUT`. When the mbedTLS transport-interface send/recv wrapper sees that value, it appropriately returns 0, so that the library can retry the send/recv. I've verified that when the mbedTLS port returns an error, that same error is returned by `mbedtls_ssl_write` & `mbedtls_ssl_read`.
- The TCP socket may have a receive block time. If bytesToRecv is greater than 1 then a frame is likely already part way through reception and blocking to wait for the desired number of bytes to be available is the
most efficient thing to do. If bytesToRecv is 1 then this may be a speculative call to read to find the start of a new frame, in which case blocking is not desirable as it could block an entire protocol agent task for the duration of the read block time and therefore negatively impact performance. So if bytesToRecv is 1 then don't call recv unless it is known that bytes are already available.
Co-authored-by: abhidixi11 <44424462+abhidixi11@users.noreply.github.com>
Co-authored-by: RichardBarry <3073890+RichardBarry@users.noreply.github.com>
Small change that simply specifies why the NetworkContext must be defined by each compilation unit along with details on how to include it to your project.
Co-authored-by: Cobus van Eeden <35851496+cobusve@users.noreply.github.com>
The MQTT library has been updated with the MQTT_RECV_POLLING_TIMEOUT_MS and MQTT_SEND_RETRY_TIMEOUT_MS configurations which should be set to zero when using a dummy timer function to avoid possibility of infinite loop when retrying failed transport send/receive calls. As the MQTT Keep Alive demo uses a dummy timer function, this PR updates the demo configuration to set these timeouts to zero.
By removing the definition of the NetworkContext struct in the header file, we allow the application to define it. This allows an application writer to use multiple transports in the same compilation unit. That way, multiple .c files do not have to be created for each transport.
Adding common utilities that will be used by 4 coreHTTP demos:
- Adding coreHTTP submodule pointer to FreeRTOS-Plus/Source/Application-Protocols/coreHTTP
- Adding folder FreeRTOS-Plus/Demo/coreHTTP_Windows_Simulator/Http_Demo_Helpers with functions common to demos.
* Update logging_stack.h file to avoid use of __FUNCTION__ macro
* Revert to use __FUNCTION__ instead of __FILE__
* Fix comment about metadata format
* Fix incorrect mapping of SdkLog function
* Fix typo causing LOG_METADATA_ARGS to be undefined
* Fix another bug with SdkLog macro definition
* Fix formatting
* Move mapping of SdkLog to vLoggingPrintf from logging_stack to config files
* Remove dependency of LIBRARY_LOG_NAME on LIBRARY_METADATA_* macros
* Minor improvements
Co-authored-by: Gary Wicker <14828980+gkwicker@users.noreply.github.com>
Co-authored-by: RichardBarry <3073890+RichardBarry@users.noreply.github.com>
* Update to the WolfSSL FIPS ready demo: Add a debug break point into the configASSERT() implementation along with a comment telling users how to update the integrity check hash if they hit the breakpoint.
* Updates in the root directory: Remove "New - Stream and Message Buffers.url" as the feature is no longer new, and edit the readme.md file as the repo now contains 'core' libraries in addition to 'FreeRTOS+' libraries.
* FreeRTOS-Plus/Source/Utilities: Add readme files and links to documentation.
* Application-Protocols: Add readme and URL links.
* Remove Index.html from the end of a URL in the readme.txt file.
* Demo-IP-Protocols: Add readme.txt files and code comments saying the protocols are not intended for production use.
* coreMQTT: Remove links to deprecated documentation, add readme and correct links to documentation.
* General: Correct URLs in source files and .url files.
* Update readme.txt
This updates the platform and logging directory and moves it to the following places:
FreeRTOS\FreeRTOS-Plus\Source\Utilities
FreeRTOS\FreeRTOS-Plus\Source\Application-Protocols\network_transport\freertos_plus_tcp
Project files are updated to follow suite. All updated demos are tested to work as expected.
This updates FreeRTOS-Plus/Source/Application-Protocols/platform folder based on feedback to include separate folders for tls and plaintext. In addition, the device-shadow-for-aws-iot-embedded-c submodule is renamed to device-shadow.
- Remove unused headers in the plaintext FreeRTOS sockets wrapper
- Update MFLN even though the preceding optional configuration returned an mbedTLS error
- Remove an unused `NULL` check in a private method that is already checked by the public connect method
- Add a `NULL` check to the public disconnect method
Co-authored-by: Joseph Julicher <jjulicher@mac.com>
This removes a warning involving const qualifiers. The NetworkContext_t * cannot be declared as const in TransportRecv and TransportSend because mbedtls_ssl_write and mbedtls_ssl_read require non-const pointers. Therefore, the const qualifier is removed from transport_interface.h.
This updates submodules for coreMQTT, coreJSON, and AWS Device Shadow. Some of which contain library fixes.
* Update coreMQTT to latest commit
* Update submodules for coreJSON and AWS Device Shadow to latest commit
In addition to fixing MISRA warnings, code is updated to have complexity <= 8. Also, this adds changes from PR #313, which allows the support of simultaneous connections in the mbedTLS transport wrapper.
Co-authored-by: Muneeb Ahmed <54290492+muneebahmed10@users.noreply.github.com>
- Fix the config file header include gaurd
- Fixes comments only in the main prvMQTTDemoTask( void * pvParameters )
- Deletes unused headers.
- Check the return value of MQTT_Disconnect().
Co-authored-by: Oscar Michael Abrina <abrinao@amazon.com>
