Sternenlabor/nuki_hub
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

apply astylerc

Browse Source
This commit is contained in:
technyon
2025-08-13 17:04:20 +02:00
parent b575f23df5
commit b6cfea25f5
35 changed files with 2613 additions and 2403 deletions
Download Patch File Download Diff File Expand all files Collapse all files

405
src/util/NetworkDeviceInstantiator.cpp
View File

@@ -11,224 +11,224 @@
NetworkDevice *NetworkDeviceInstantiator::Create(NetworkDeviceType networkDeviceType, String hostname, Preferences *preferences, IPConfiguration *ipConfiguration)
{
NetworkDevice* device = nullptr;
#if defined(CONFIG_IDF_TARGET_ESP32P4)
#if defined(CONFIG_IDF_TARGET_ESP32P4)
bool fakedevice = true;
#endif
#endif
switch (networkDeviceType)
{
case NetworkDeviceType::W5500:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Generic W5500",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_GENERIC_W5500,
ETH_PHY_IRQ_GENERIC_W5500,
ETH_PHY_RST_GENERIC_W5500,
ETH_PHY_SPI_SCK_GENERIC_W5500,
ETH_PHY_SPI_MISO_GENERIC_W5500,
ETH_PHY_SPI_MOSI_GENERIC_W5500,
ETH_PHY_W5500);
break;
case NetworkDeviceType::W5500M5:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "M5Stack Atom POE",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_M5_W5500,
ETH_PHY_IRQ_M5_W5500,
ETH_PHY_RST_M5_W5500,
ETH_PHY_SPI_SCK_M5_W5500,
ETH_PHY_SPI_MISO_M5_W5500,
ETH_PHY_SPI_MOSI_M5_W5500,
ETH_PHY_W5500);
break;
case NetworkDeviceType::W5500M5S3:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "M5Stack Atom POE S3",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_M5_W5500_S3,
ETH_PHY_IRQ_M5_W5500,
ETH_PHY_RST_M5_W5500,
ETH_PHY_SPI_SCK_M5_W5500_S3,
ETH_PHY_SPI_MISO_M5_W5500_S3,
ETH_PHY_SPI_MOSI_M5_W5500_S3,
ETH_PHY_W5500);
break;
case NetworkDeviceType::Waveshare_ESP32_S3_ETH:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Waveshare ESP32-S3-ETH / ESP32-S3-ETH-POE",
ETH_ADDR_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_CS_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_IRQ_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_RST_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_SCK_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_MISO_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_MOSI_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_W5500);
break;
case NetworkDeviceType::ETH01_Evo:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "ETH01-Evo",
ETH_PHY_ADDR_ETH01EVO,
ETH_PHY_CS_ETH01EVO,
ETH_PHY_IRQ_ETH01EVO,
ETH_PHY_RST_ETH01EVO,
ETH_PHY_SPI_SCK_ETH01EVO,
ETH_PHY_SPI_MISO_ETH01EVO,
ETH_PHY_SPI_MOSI_ETH01EVO,
ETH_PHY_TYPE_DM9051);
break;
case NetworkDeviceType::LilyGO_T_ETH_ELite:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "LilyGO T-ETH ELite",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_ELITE_W5500,
ETH_PHY_IRQ_ELITE_W5500,
ETH_PHY_RST_ELITE_W5500,
ETH_PHY_SPI_SCK_ELITE_W5500,
ETH_PHY_SPI_MISO_ELITE_W5500,
ETH_PHY_SPI_MOSI_ELITE_W5500,
ETH_PHY_W5500);
break;
case NetworkDeviceType::LilyGO_T_ETH_Lite_S3:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "LilyGO T-ETH-Lite-ESP32S3",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_ETHLITES3_W5500,
ETH_PHY_IRQ_ETHLITES3_W5500,
ETH_PHY_RST_ETHLITES3_W5500,
ETH_PHY_SPI_SCK_ETHLITES3_W5500,
ETH_PHY_SPI_MISO_ETHLITES3_W5500,
ETH_PHY_SPI_MOSI_ETHLITES3_W5500,
ETH_PHY_W5500);
break;
#if defined(CONFIG_IDF_TARGET_ESP32P4)
case NetworkDeviceType::Waveshare_ESP32_P4_NANO:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Waveshare ESP32-P4-NANO",
1,
51,
31,
52,
ETH_PHY_IP101,
ETH_CLOCK_GPIO0_IN);
break;
case NetworkDeviceType::Waveshare_ESP32_P4_Module_DEV_KIT:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Waveshare ESP32-P4-Module-DEV-KIT",
1,
51,
31,
52,
ETH_PHY_IP101,
ETH_CLOCK_GPIO0_IN);
break;
case NetworkDeviceType::ESP32_P4_Function_EV_Board:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "ESP32-P4-Function-EV-Board",
1,
51,
31,
52,
ETH_PHY_IP101,
ETH_CLOCK_GPIO0_IN);
break;
#endif
case NetworkDeviceType::CUSTOM:
case NetworkDeviceType::W5500:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Generic W5500",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_GENERIC_W5500,
ETH_PHY_IRQ_GENERIC_W5500,
ETH_PHY_RST_GENERIC_W5500,
ETH_PHY_SPI_SCK_GENERIC_W5500,
ETH_PHY_SPI_MISO_GENERIC_W5500,
ETH_PHY_SPI_MOSI_GENERIC_W5500,
ETH_PHY_W5500);
break;
case NetworkDeviceType::W5500M5:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "M5Stack Atom POE",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_M5_W5500,
ETH_PHY_IRQ_M5_W5500,
ETH_PHY_RST_M5_W5500,
ETH_PHY_SPI_SCK_M5_W5500,
ETH_PHY_SPI_MISO_M5_W5500,
ETH_PHY_SPI_MOSI_M5_W5500,
ETH_PHY_W5500);
break;
case NetworkDeviceType::W5500M5S3:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "M5Stack Atom POE S3",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_M5_W5500_S3,
ETH_PHY_IRQ_M5_W5500,
ETH_PHY_RST_M5_W5500,
ETH_PHY_SPI_SCK_M5_W5500_S3,
ETH_PHY_SPI_MISO_M5_W5500_S3,
ETH_PHY_SPI_MOSI_M5_W5500_S3,
ETH_PHY_W5500);
break;
case NetworkDeviceType::Waveshare_ESP32_S3_ETH:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Waveshare ESP32-S3-ETH / ESP32-S3-ETH-POE",
ETH_ADDR_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_CS_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_IRQ_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_RST_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_SCK_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_MISO_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_SPI_MOSI_WAVESHARE_ESP32_S3_ETH,
ETH_PHY_W5500);
break;
case NetworkDeviceType::ETH01_Evo:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "ETH01-Evo",
ETH_PHY_ADDR_ETH01EVO,
ETH_PHY_CS_ETH01EVO,
ETH_PHY_IRQ_ETH01EVO,
ETH_PHY_RST_ETH01EVO,
ETH_PHY_SPI_SCK_ETH01EVO,
ETH_PHY_SPI_MISO_ETH01EVO,
ETH_PHY_SPI_MOSI_ETH01EVO,
ETH_PHY_TYPE_DM9051);
break;
case NetworkDeviceType::LilyGO_T_ETH_ELite:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "LilyGO T-ETH ELite",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_ELITE_W5500,
ETH_PHY_IRQ_ELITE_W5500,
ETH_PHY_RST_ELITE_W5500,
ETH_PHY_SPI_SCK_ELITE_W5500,
ETH_PHY_SPI_MISO_ELITE_W5500,
ETH_PHY_SPI_MOSI_ELITE_W5500,
ETH_PHY_W5500);
break;
case NetworkDeviceType::LilyGO_T_ETH_Lite_S3:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "LilyGO T-ETH-Lite-ESP32S3",
ETH_PHY_ADDR_W5500,
ETH_PHY_CS_ETHLITES3_W5500,
ETH_PHY_IRQ_ETHLITES3_W5500,
ETH_PHY_RST_ETHLITES3_W5500,
ETH_PHY_SPI_SCK_ETHLITES3_W5500,
ETH_PHY_SPI_MISO_ETHLITES3_W5500,
ETH_PHY_SPI_MOSI_ETHLITES3_W5500,
ETH_PHY_W5500);
break;
#if defined(CONFIG_IDF_TARGET_ESP32P4)
case NetworkDeviceType::Waveshare_ESP32_P4_NANO:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Waveshare ESP32-P4-NANO",
1,
51,
31,
52,
ETH_PHY_IP101,
ETH_CLOCK_GPIO0_IN);
break;
case NetworkDeviceType::Waveshare_ESP32_P4_Module_DEV_KIT:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Waveshare ESP32-P4-Module-DEV-KIT",
1,
51,
31,
52,
ETH_PHY_IP101,
ETH_CLOCK_GPIO0_IN);
break;
case NetworkDeviceType::ESP32_P4_Function_EV_Board:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "ESP32-P4-Function-EV-Board",
1,
51,
31,
52,
ETH_PHY_IP101,
ETH_CLOCK_GPIO0_IN);
break;
#endif
case NetworkDeviceType::CUSTOM:
{
int custPHY = preferences->getInt(preference_network_custom_phy, 0);
if(custPHY >= 1 && custPHY <= 3)
{
int custPHY = preferences->getInt(preference_network_custom_phy, 0);
std::string custName;
eth_phy_type_t custEthtype;
if(custPHY >= 1 && custPHY <= 3)
switch(custPHY)
{
std::string custName;
eth_phy_type_t custEthtype;
switch(custPHY)
{
case 1:
custName = "Custom (W5500)";
custEthtype = ETH_PHY_W5500;
break;
case 2:
custName = "Custom (DN9051)";
custEthtype = ETH_PHY_DM9051;
break;
case 3:
custName = "Custom (KSZ8851SNL)";
custEthtype = ETH_PHY_KSZ8851;
break;
default:
custName = "Custom (W5500)";
custEthtype = ETH_PHY_W5500;
break;
}
device = new EthernetDevice(hostname, preferences, ipConfiguration, custName,
preferences->getInt(preference_network_custom_addr, -1),
preferences->getInt(preference_network_custom_cs, -1),
preferences->getInt(preference_network_custom_irq, -1),
preferences->getInt(preference_network_custom_rst, -1),
preferences->getInt(preference_network_custom_sck, -1),
preferences->getInt(preference_network_custom_miso, -1),
preferences->getInt(preference_network_custom_mosi, -1),
custEthtype);
case 1:
custName = "Custom (W5500)";
custEthtype = ETH_PHY_W5500;
break;
case 2:
custName = "Custom (DN9051)";
custEthtype = ETH_PHY_DM9051;
break;
case 3:
custName = "Custom (KSZ8851SNL)";
custEthtype = ETH_PHY_KSZ8851;
break;
default:
custName = "Custom (W5500)";
custEthtype = ETH_PHY_W5500;
break;
}
device = new EthernetDevice(hostname, preferences, ipConfiguration, custName,
preferences->getInt(preference_network_custom_addr, -1),
preferences->getInt(preference_network_custom_cs, -1),
preferences->getInt(preference_network_custom_irq, -1),
preferences->getInt(preference_network_custom_rst, -1),
preferences->getInt(preference_network_custom_sck, -1),
preferences->getInt(preference_network_custom_miso, -1),
preferences->getInt(preference_network_custom_mosi, -1),
custEthtype);
}
#if defined(CONFIG_IDF_TARGET_ESP32) || defined(CONFIG_IDF_TARGET_ESP32P4)
else if(custPHY >= 4 && custPHY <= 9)
{
int custCLKpref = preferences->getInt(preference_network_custom_clk, 0);
else if(custPHY >= 4 && custPHY <= 9)
{
int custCLKpref = preferences->getInt(preference_network_custom_clk, 0);
std::string custName = NetworkUtil::GetCustomEthernetDeviceName(custPHY);
eth_phy_type_t custEthtype = NetworkUtil::GetCustomEthernetType(custPHY);
eth_clock_mode_t custCLK = NetworkUtil::GetCustomClock(custCLKpref);
std::string custName = NetworkUtil::GetCustomEthernetDeviceName(custPHY);
eth_phy_type_t custEthtype = NetworkUtil::GetCustomEthernetType(custPHY);
eth_clock_mode_t custCLK = NetworkUtil::GetCustomClock(custCLKpref);
device = new EthernetDevice(hostname, preferences, ipConfiguration, custName,
preferences->getInt(preference_network_custom_addr, -1),
preferences->getInt(preference_network_custom_pwr, -1),
preferences->getInt(preference_network_custom_mdc, -1),
preferences->getInt(preference_network_custom_mdio, -1),
custEthtype,
custCLK);
}
device = new EthernetDevice(hostname, preferences, ipConfiguration, custName,
preferences->getInt(preference_network_custom_addr, -1),
preferences->getInt(preference_network_custom_pwr, -1),
preferences->getInt(preference_network_custom_mdc, -1),
preferences->getInt(preference_network_custom_mdio, -1),
custEthtype,
custCLK);
}
#endif
#ifndef CONFIG_IDF_TARGET_ESP32H2
else
{
device = new WifiDevice(hostname, preferences, ipConfiguration);
#if defined(CONFIG_IDF_TARGET_ESP32P4)
fakedevice = false;
#endif
}
else
{
device = new WifiDevice(hostname, preferences, ipConfiguration);
#if defined(CONFIG_IDF_TARGET_ESP32P4)
fakedevice = false;
#endif
}
break;
#endif
}
break;
#if defined(CONFIG_IDF_TARGET_ESP32)
case NetworkDeviceType::M5STACK_PoESP32_Unit:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "M5STACK PoESP32 Unit",
ETH_PHY_ADDR_M5_POESP32,
ETH_PHY_POWER_M5_POESP32,
ETH_PHY_MDC_M5_POESP32,
ETH_PHY_MDIO_M5_POESP32,
ETH_CLK_MODE_M5_TYPE,
ETH_CLK_MODE_M5_POESP32);
break;
case NetworkDeviceType::Olimex_LAN8720:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Olimex (LAN8720)", ETH_PHY_ADDR_LAN8720, 12, ETH_PHY_MDC_LAN8720, ETH_PHY_MDIO_LAN8720, ETH_PHY_TYPE_LAN8720, ETH_CLOCK_GPIO17_OUT);
break;
case NetworkDeviceType::WT32_LAN8720:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "WT32-ETH01", 1, 16);
break;
case NetworkDeviceType::GL_S10:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "GL-S10", 1, 5, ETH_PHY_MDC_LAN8720, ETH_PHY_MDIO_LAN8720, ETH_PHY_IP101, ETH_CLOCK_GPIO0_IN);
break;
case NetworkDeviceType::LilyGO_T_ETH_POE:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "LilyGO T-ETH-POE", 0, -1, ETH_PHY_MDC_LAN8720, ETH_PHY_MDIO_LAN8720, ETH_PHY_TYPE_LAN8720, ETH_CLOCK_GPIO17_OUT);
break;
case NetworkDeviceType::M5STACK_PoESP32_Unit:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "M5STACK PoESP32 Unit",
ETH_PHY_ADDR_M5_POESP32,
ETH_PHY_POWER_M5_POESP32,
ETH_PHY_MDC_M5_POESP32,
ETH_PHY_MDIO_M5_POESP32,
ETH_CLK_MODE_M5_TYPE,
ETH_CLK_MODE_M5_POESP32);
break;
case NetworkDeviceType::Olimex_LAN8720:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Olimex (LAN8720)", ETH_PHY_ADDR_LAN8720, 12, ETH_PHY_MDC_LAN8720, ETH_PHY_MDIO_LAN8720, ETH_PHY_TYPE_LAN8720, ETH_CLOCK_GPIO17_OUT);
break;
case NetworkDeviceType::WT32_LAN8720:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "WT32-ETH01", 1, 16);
break;
case NetworkDeviceType::GL_S10:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "GL-S10", 1, 5, ETH_PHY_MDC_LAN8720, ETH_PHY_MDIO_LAN8720, ETH_PHY_IP101, ETH_CLOCK_GPIO0_IN);
break;
case NetworkDeviceType::LilyGO_T_ETH_POE:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "LilyGO T-ETH-POE", 0, -1, ETH_PHY_MDC_LAN8720, ETH_PHY_MDIO_LAN8720, ETH_PHY_TYPE_LAN8720, ETH_CLOCK_GPIO17_OUT);
break;
#endif
#ifndef CONFIG_IDF_TARGET_ESP32H2
case NetworkDeviceType::WiFi:
device = new WifiDevice(hostname, preferences, ipConfiguration);
#if defined(CONFIG_IDF_TARGET_ESP32P4)
fakedevice = false;
#endif
break;
default:
device = new WifiDevice(hostname, preferences, ipConfiguration);
#if defined(CONFIG_IDF_TARGET_ESP32P4)
fakedevice = false;
#endif
break;
case NetworkDeviceType::WiFi:
device = new WifiDevice(hostname, preferences, ipConfiguration);
#if defined(CONFIG_IDF_TARGET_ESP32P4)
fakedevice = false;
#endif
break;
default:
device = new WifiDevice(hostname, preferences, ipConfiguration);
#if defined(CONFIG_IDF_TARGET_ESP32P4)
fakedevice = false;
#endif
break;
#else
default:
default:
device = new EthernetDevice(hostname, preferences, ipConfiguration, "Custom (W5500)",
preferences->getInt(preference_network_custom_addr, -1),
preferences->getInt(preference_network_custom_cs, -1),
@@ -242,8 +242,9 @@ NetworkDevice *NetworkDeviceInstantiator::Create(NetworkDeviceType networkDevice
#endif
}
#if defined(CONFIG_IDF_TARGET_ESP32P4)
if (fakedevice) {
#if defined(CONFIG_IDF_TARGET_ESP32P4)
if (fakedevice)
{
Log->println("Create dummy WiFi device for Hosted on P4");
NetworkDevice* device2 = nullptr;
device2 = new WifiDevice("fakep4forhosted", preferences, ipConfiguration);
@@ -251,7 +252,7 @@ NetworkDevice *NetworkDeviceInstantiator::Create(NetworkDeviceType networkDevice
delete device2;
device2 = NULL;
}
#endif
#endif
return device;
}

2
src/util/NetworkUtil.cpp
View File

@@ -43,7 +43,7 @@ NetworkDeviceType NetworkUtil::GetDeviceTypeFromPreference(int hardwareDetect, i
case 16:
return NetworkDeviceType::Waveshare_ESP32_P4_Module_DEV_KIT;
case 17:
return NetworkDeviceType::ESP32_P4_Function_EV_Board;
return NetworkDeviceType::ESP32_P4_Function_EV_Board;
default:
Log->println("Unknown hardware selected, falling back to Wi-Fi.");
return NetworkDeviceType::WiFi;

524
src/util/SSLCert.cpp
View File

@@ -25,100 +25,113 @@ SOFTWARE.
#include "SSLCert.hpp"
SSLCert::SSLCert(uint16_t certLength, uint16_t pkLength, String keyPEM, String certPEM):
_certLength(certLength),
_pkLength(pkLength),
_keyPEM(keyPEM),
_certPEM(certPEM) {
_certLength(certLength),
_pkLength(pkLength),
_keyPEM(keyPEM),
_certPEM(certPEM)
{
}
SSLCert::~SSLCert() {
// TODO Auto-generated destructor stub
SSLCert::~SSLCert()
{
// TODO Auto-generated destructor stub
}
uint16_t SSLCert::getCertLength() {
return _certLength;
uint16_t SSLCert::getCertLength()
{
return _certLength;
}
uint16_t SSLCert::getPKLength() {
return _pkLength;
uint16_t SSLCert::getPKLength()
{
return _pkLength;
}
String SSLCert::getKeyPEM() {
return _keyPEM;
String SSLCert::getKeyPEM()
{
return _keyPEM;
}
String SSLCert::getCertPEM() {
return _certPEM;
String SSLCert::getCertPEM()
{
return _certPEM;
}
void SSLCert::setPK(String keyPEM) {
_keyPEM = keyPEM;
_pkLength = keyPEM.length();
void SSLCert::setPK(String keyPEM)
{
_keyPEM = keyPEM;
_pkLength = keyPEM.length();
}
void SSLCert::setCert(String certPEM) {
_certPEM = certPEM;
_certLength = certPEM.length();
void SSLCert::setCert(String certPEM)
{
_certPEM = certPEM;
_certLength = certPEM.length();
}
void SSLCert::clear() {
_certLength = 0;
_pkLength = 0;
void SSLCert::clear()
{
_certLength = 0;
_pkLength = 0;
_keyPEM = "";
_certPEM = "";
_keyPEM = "";
_certPEM = "";
}
/**
* Returns the CN value from a DN, or "" if it cannot be found
*/
static std::string get_cn(std::string dn) {
size_t cnStart = dn.find("CN=");
if (cnStart == std::string::npos) {
return "";
}
cnStart += 3;
size_t cnStop = dn.find(",", cnStart);
if (cnStop == std::string::npos) {
cnStop = dn.length();
}
return dn.substr(cnStart, cnStop - cnStart);
static std::string get_cn(std::string dn)
{
size_t cnStart = dn.find("CN=");
if (cnStart == std::string::npos)
{
return "";
}
cnStart += 3;
size_t cnStop = dn.find(",", cnStart);
if (cnStop == std::string::npos)
{
cnStop = dn.length();
}
return dn.substr(cnStart, cnStop - cnStart);
}
/**
* Sets the DN as subjectAltName extension in the certificate
*/
static int add_subject_alt_name(mbedtls_x509write_cert *crt, std::string &cn) {
size_t bufsize = cn.length() + 8; // some additional space for tags and length fields
uint8_t buf[bufsize];
uint8_t *p = &buf[bufsize - 1];
uint8_t *start = buf;
int length = 0;
int ret; // used by MBEDTLS macro
static int add_subject_alt_name(mbedtls_x509write_cert *crt, std::string &cn)
{
size_t bufsize = cn.length() + 8; // some additional space for tags and length fields
uint8_t buf[bufsize];
uint8_t *p = &buf[bufsize - 1];
uint8_t *start = buf;
int length = 0;
int ret; // used by MBEDTLS macro
// The ASN structure that we will construct as parameter for write_crt_set_extension is as follows:
// | 0x30 = Sequence | length | 0x82 = dNSName, context-specific | length | cn0 | cn1 | cn2 | cn3 | .. | cnn |
// ↑ : ↑ `-------------v------------------´:
// | : `-------------------´ :
// | `----------v------------------------------------------------------------------´
// `---------------´
// Let's encrypt has useful infos: https://letsencrypt.org/docs/a-warm-welcome-to-asn1-and-der/#choice-and-any-encoding
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_raw_buffer(&p, start, (uint8_t*)cn.c_str(), cn.length()));
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_len(&p, start, length));
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_tag(&p, start, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0x02)); // 0x02 = dNSName
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_len(&p, start, length));
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_tag(&p, start, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ));
return mbedtls_x509write_crt_set_extension( crt,
MBEDTLS_OID_SUBJECT_ALT_NAME, MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_ALT_NAME),
0, // not critical
p, length);
// The ASN structure that we will construct as parameter for write_crt_set_extension is as follows:
// | 0x30 = Sequence | length | 0x82 = dNSName, context-specific | length | cn0 | cn1 | cn2 | cn3 | .. | cnn |
// ↑ : ↑ `-------------v------------------´:
// | : `-------------------´ :
// | `----------v------------------------------------------------------------------´
// `---------------´
// Let's encrypt has useful infos: https://letsencrypt.org/docs/a-warm-welcome-to-asn1-and-der/#choice-and-any-encoding
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_raw_buffer(&p, start, (uint8_t*)cn.c_str(), cn.length()));
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_len(&p, start, length));
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_tag(&p, start, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0x02)); // 0x02 = dNSName
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_len(&p, start, length));
MBEDTLS_ASN1_CHK_ADD(length,
mbedtls_asn1_write_tag(&p, start, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ));
return mbedtls_x509write_crt_set_extension( crt,
MBEDTLS_OID_SUBJECT_ALT_NAME, MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_ALT_NAME),
0, // not critical
p, length);
}
/**
@@ -128,78 +141,84 @@ static int add_subject_alt_name(mbedtls_x509write_cert *crt, std::string &cn) {
*
* Based on programs/pkey/gen_key.c
*/
static int gen_key(SSLCert &certCtx, SSLKeySize keySize) {
static int gen_key(SSLCert &certCtx, SSLKeySize keySize)
{
// Initialize the entropy source
mbedtls_entropy_context entropy;
mbedtls_entropy_init( &entropy );
// Initialize the entropy source
mbedtls_entropy_context entropy;
mbedtls_entropy_init( &entropy );
// Initialize the RNG
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ctr_drbg_init( &ctr_drbg );
int rngRes = mbedtls_ctr_drbg_seed(
&ctr_drbg, mbedtls_entropy_func, &entropy,
NULL, 0
);
if (rngRes != 0) {
mbedtls_entropy_free( &entropy );
return HTTPS_SERVER_ERROR_KEYGEN_RNG;
}
// Initialize the RNG
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ctr_drbg_init( &ctr_drbg );
int rngRes = mbedtls_ctr_drbg_seed(
&ctr_drbg, mbedtls_entropy_func, &entropy,
NULL, 0
);
if (rngRes != 0)
{
mbedtls_entropy_free( &entropy );
return HTTPS_SERVER_ERROR_KEYGEN_RNG;
}
// Initialize the private key
mbedtls_pk_context key;
mbedtls_pk_init( &key );
int resPkSetup = mbedtls_pk_setup( &key, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) );
if ( resPkSetup != 0) {
// Initialize the private key
mbedtls_pk_context key;
mbedtls_pk_init( &key );
int resPkSetup = mbedtls_pk_setup( &key, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) );
if ( resPkSetup != 0)
{
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
return HTTPS_SERVER_ERROR_KEYGEN_SETUP_PK;
}
// Actual key generation
int resPkGen = mbedtls_rsa_gen_key(
mbedtls_pk_rsa( key ),
mbedtls_ctr_drbg_random,
&ctr_drbg,
keySize,
65537
);
if ( resPkGen != 0)
{
mbedtls_pk_free( &key );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
return HTTPS_SERVER_ERROR_KEYGEN_GEN_PK;
}
// Free the entropy source and the RNG as they are no longer needed
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
return HTTPS_SERVER_ERROR_KEYGEN_SETUP_PK;
}
// Actual key generation
int resPkGen = mbedtls_rsa_gen_key(
mbedtls_pk_rsa( key ),
mbedtls_ctr_drbg_random,
&ctr_drbg,
keySize,
65537
);
if ( resPkGen != 0) {
// Allocate the space on the heap, as stack size is quite limited
unsigned char * output_buf = new unsigned char[4096];
if (output_buf == NULL)
{
mbedtls_pk_free( &key );
return HTTPS_SERVER_ERROR_KEY_OUT_OF_MEM;
}
memset(output_buf, 0, 4096);
// Write the key to the temporary buffer and determine its length
int resPkWrite = mbedtls_pk_write_key_pem( &key, output_buf, 4096 );
if (resPkWrite < 0)
{
delete[] output_buf;
mbedtls_pk_free( &key );
return HTTPS_SERVER_ERROR_KEY_WRITE_PK;
}
// Clean up the temporary buffer and clear the key context
mbedtls_pk_free( &key );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
return HTTPS_SERVER_ERROR_KEYGEN_GEN_PK;
}
// Free the entropy source and the RNG as they are no longer needed
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
// Set the private key in the context
certCtx.setPK((char*)output_buf);
// Allocate the space on the heap, as stack size is quite limited
unsigned char * output_buf = new unsigned char[4096];
if (output_buf == NULL) {
mbedtls_pk_free( &key );
return HTTPS_SERVER_ERROR_KEY_OUT_OF_MEM;
}
memset(output_buf, 0, 4096);
// Write the key to the temporary buffer and determine its length
int resPkWrite = mbedtls_pk_write_key_pem( &key, output_buf, 4096 );
if (resPkWrite < 0) {
delete[] output_buf;
mbedtls_pk_free( &key );
return HTTPS_SERVER_ERROR_KEY_WRITE_PK;
}
// Clean up the temporary buffer and clear the key context
mbedtls_pk_free( &key );
// Set the private key in the context
certCtx.setPK((char*)output_buf);
delete[] output_buf;
return 0;
return 0;
}
static int parse_serial_decimal_format(unsigned char *obuf, size_t obufmax,
@@ -214,21 +233,25 @@ static int parse_serial_decimal_format(unsigned char *obuf, size_t obufmax,
errno = 0;
dec = strtoull(ibuf, &end_ptr, 10);
if ((errno != 0) || (end_ptr == ibuf)) {
if ((errno != 0) || (end_ptr == ibuf))
{
return -1;
}
*len = 0;
while (remaining_bytes > 0) {
if (obufmax < (*len + 1)) {
while (remaining_bytes > 0)
{
if (obufmax < (*len + 1))
{
return -1;
}
val = (dec >> ((remaining_bytes - 1) * 8)) & 0xFF;
/* Skip leading zeros */
if ((val != 0) || (*len != 0)) {
if ((val != 0) || (*len != 0))
{
*p = val;
(*len)++;
p++;
@@ -248,150 +271,165 @@ static int parse_serial_decimal_format(unsigned char *obuf, size_t obufmax,
* Based on programs/x509/cert_write.c
*/
static int cert_write(SSLCert &certCtx, std::string dn, std::string validityFrom, std::string validityTo) {
int funcRes = 0;
int stepRes = 0;
static int cert_write(SSLCert &certCtx, std::string dn, std::string validityFrom, std::string validityTo)
{
int funcRes = 0;
int stepRes = 0;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_pk_context key;
mbedtls_x509write_cert crt;
unsigned char * primary_buffer;
unsigned char *certOffset;
unsigned char * output_buffer;
size_t certLength;
const char *serial = "peer";
size_t serial_len;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_pk_context key;
mbedtls_x509write_cert crt;
unsigned char * primary_buffer;
unsigned char *certOffset;
unsigned char * output_buffer;
size_t certLength;
const char *serial = "peer";
size_t serial_len;
// Make a C-friendly version of the distinguished name
char dn_cstr[dn.length()+1];
strcpy(dn_cstr, dn.c_str());
// Make a C-friendly version of the distinguished name
char dn_cstr[dn.length()+1];
strcpy(dn_cstr, dn.c_str());
std::string cn = get_cn(dn);
if (cn == "") {
return HTTPS_SERVER_ERROR_CERTGEN_CN;
}
std::string cn = get_cn(dn);
if (cn == "")
{
return HTTPS_SERVER_ERROR_CERTGEN_CN;
}
// Initialize the entropy source
mbedtls_entropy_init( &entropy );
// Initialize the entropy source
mbedtls_entropy_init( &entropy );
// Initialize the RNG
mbedtls_ctr_drbg_init( &ctr_drbg );
stepRes = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0 );
if (stepRes != 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_RNG;
goto error_after_entropy;
}
// Initialize the RNG
mbedtls_ctr_drbg_init( &ctr_drbg );
stepRes = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0 );
if (stepRes != 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_RNG;
goto error_after_entropy;
}
mbedtls_pk_init( &key );
mbedtls_pk_init( &key );
stepRes = mbedtls_pk_parse_key( &key, (const unsigned char *)certCtx.getKeyPEM().c_str(), certCtx.getPKLength() + 1, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg);
if (stepRes != 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_READKEY;
goto error_after_key;
}
stepRes = mbedtls_pk_parse_key( &key, (const unsigned char *)certCtx.getKeyPEM().c_str(), certCtx.getPKLength() + 1, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg);
if (stepRes != 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_READKEY;
goto error_after_key;
}
// Start configuring the certificate
mbedtls_x509write_crt_init( &crt );
// Set version and hash algorithm
mbedtls_x509write_crt_set_version( &crt, MBEDTLS_X509_CRT_VERSION_3 );
mbedtls_x509write_crt_set_md_alg( &crt, MBEDTLS_MD_SHA256 );
// Start configuring the certificate
mbedtls_x509write_crt_init( &crt );
// Set version and hash algorithm
mbedtls_x509write_crt_set_version( &crt, MBEDTLS_X509_CRT_VERSION_3 );
mbedtls_x509write_crt_set_md_alg( &crt, MBEDTLS_MD_SHA256 );
// Set the keys (same key as we self-sign)
mbedtls_x509write_crt_set_subject_key( &crt, &key );
mbedtls_x509write_crt_set_issuer_key( &crt, &key );
// Set the keys (same key as we self-sign)
mbedtls_x509write_crt_set_subject_key( &crt, &key );
mbedtls_x509write_crt_set_issuer_key( &crt, &key );
// Set issuer and subject (same, as we self-sign)
stepRes = mbedtls_x509write_crt_set_subject_name( &crt, dn_cstr );
if (stepRes != 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_NAME;
goto error_after_cert;
}
stepRes = mbedtls_x509write_crt_set_issuer_name( &crt, dn_cstr );
if (stepRes != 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_NAME;
goto error_after_cert;
}
// Set issuer and subject (same, as we self-sign)
stepRes = mbedtls_x509write_crt_set_subject_name( &crt, dn_cstr );
if (stepRes != 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_NAME;
goto error_after_cert;
}
stepRes = mbedtls_x509write_crt_set_issuer_name( &crt, dn_cstr );
if (stepRes != 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_NAME;
goto error_after_cert;
}
// Set the validity of the certificate. At the moment, it's fixed from 2019 to end of 2029.
stepRes = mbedtls_x509write_crt_set_validity( &crt, validityFrom.c_str(), validityTo.c_str());
if (stepRes != 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_VALIDITY;
goto error_after_cert;
}
// Set the validity of the certificate. At the moment, it's fixed from 2019 to end of 2029.
stepRes = mbedtls_x509write_crt_set_validity( &crt, validityFrom.c_str(), validityTo.c_str());
if (stepRes != 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_VALIDITY;
goto error_after_cert;
}
// Make this a CA certificate
stepRes = mbedtls_x509write_crt_set_basic_constraints( &crt, 1, 0 );
if (stepRes != 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_VALIDITY;
goto error_after_cert;
}
// Make this a CA certificate
stepRes = mbedtls_x509write_crt_set_basic_constraints( &crt, 1, 0 );
if (stepRes != 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_VALIDITY;
goto error_after_cert;
}
stepRes = add_subject_alt_name( &crt, cn );
if (stepRes != 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_NAME;
goto error_after_cert;
}
stepRes = add_subject_alt_name( &crt, cn );
if (stepRes != 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_NAME;
goto error_after_cert;
}
// Initialize the serial number
stepRes = mbedtls_x509write_crt_set_serial_raw( &crt, (unsigned char *)serial, strlen(serial) );
if (stepRes != 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_SERIAL;
goto error_after_cert_serial;
}
// Initialize the serial number
stepRes = mbedtls_x509write_crt_set_serial_raw( &crt, (unsigned char *)serial, strlen(serial) );
if (stepRes != 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_SERIAL;
goto error_after_cert_serial;
}
// Create buffer to write the certificate
primary_buffer = new unsigned char[4096];
if (primary_buffer == NULL) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_OUT_OF_MEM;
goto error_after_cert_serial;
}
// Create buffer to write the certificate
primary_buffer = new unsigned char[4096];
if (primary_buffer == NULL)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_OUT_OF_MEM;
goto error_after_cert_serial;
}
// Write the actual certificate
stepRes = mbedtls_x509write_crt_pem(&crt, primary_buffer, 4096, mbedtls_ctr_drbg_random, &ctr_drbg );
if (stepRes < 0) {
funcRes = HTTPS_SERVER_ERROR_CERTGEN_WRITE;
goto error_after_primary_buffer;
}
// Write the actual certificate
stepRes = mbedtls_x509write_crt_pem(&crt, primary_buffer, 4096, mbedtls_ctr_drbg_random, &ctr_drbg );
if (stepRes < 0)
{
funcRes = HTTPS_SERVER_ERROR_CERTGEN_WRITE;
goto error_after_primary_buffer;
}
// Configure the cert in the context
certCtx.setCert((char*)primary_buffer);
// Configure the cert in the context
certCtx.setCert((char*)primary_buffer);
// Run through the cleanup process
// Run through the cleanup process
error_after_primary_buffer:
delete[] primary_buffer;
delete[] primary_buffer;
error_after_cert_serial:
error_after_cert:
mbedtls_x509write_crt_free( &crt );
mbedtls_x509write_crt_free( &crt );
error_after_key:
mbedtls_pk_free(&key);
mbedtls_pk_free(&key);
error_after_entropy:
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
return funcRes;
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
return funcRes;
}
int createSelfSignedCert(SSLCert &certCtx, SSLKeySize keySize, std::string dn, std::string validFrom, std::string validUntil) {
int createSelfSignedCert(SSLCert &certCtx, SSLKeySize keySize, std::string dn, std::string validFrom, std::string validUntil)
{
// Add the private key
int keyRes = gen_key(certCtx, keySize);
if (keyRes != 0) {
// Key-generation failed, return the failure code
return keyRes;
}
// Add the private key
int keyRes = gen_key(certCtx, keySize);
if (keyRes != 0)
{
// Key-generation failed, return the failure code
return keyRes;
}
// Add the self-signed certificate
int certRes = cert_write(certCtx, dn, validFrom, validUntil);
if (certRes != 0) {
// Cert writing failed, reset the pk and return failure code
certCtx.setPK("");
return certRes;
}
// Add the self-signed certificate
int certRes = cert_write(certCtx, dn, validFrom, validUntil);
if (certRes != 0)
{
// Cert writing failed, reset the pk and return failure code
certCtx.setPK("");
return certRes;
}
// If all went well, return 0
return 0;
// If all went well, return 0
return 0;
}