-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathIoT-sdk.patch
More file actions
236 lines (209 loc) · 10.5 KB
/
IoT-sdk.patch
File metadata and controls
236 lines (209 loc) · 10.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
diff --git a/include/network_interface.h b/include/network_interface.h
index cf28341..1a76daf 100644
--- a/include/network_interface.h
+++ b/include/network_interface.h
@@ -55,6 +55,7 @@ typedef struct {
uint16_t DestinationPort; ///< Integer defining the connection port of the MQTT service.
uint32_t timeout_ms; ///< Unsigned integer defining the TLS handshake timeout value in milliseconds.
bool ServerVerificationFlag; ///< Boolean. True = perform server certificate hostname validation. False = skip validation \b NOT recommended.
+ char *pUniqIDAuth;
} TLSConnectParams;
/**
diff --git a/platform/linux/mbedtls/network_mbedtls_wrapper.c b/platform/linux/mbedtls/network_mbedtls_wrapper.c
index 7443d17..6b3775e 100644
--- a/platform/linux/mbedtls/network_mbedtls_wrapper.c
+++ b/platform/linux/mbedtls/network_mbedtls_wrapper.c
@@ -27,6 +27,7 @@ extern "C" {
#include "network_interface.h"
#include "network_platform.h"
+#include "engine.h"
/* This is the value used for ssl read timeout */
#define IOT_SSL_READ_TIMEOUT 10
@@ -143,6 +144,7 @@ IoT_Error_t iot_tls_connect(Network *pNetwork, TLSConnectParams *params) {
}
IOT_DEBUG(" ok (%d skipped)\n", ret);
+if ( 0 != *(pNetwork->tlsConnectParams.pDeviceCertLocation) ) { //disable client cert if empty string
IOT_DEBUG(" . Loading the client cert. and key...");
ret = mbedtls_x509_crt_parse_file(&(tlsDataParams->clicert), pNetwork->tlsConnectParams.pDeviceCertLocation);
if(ret != 0) {
@@ -156,6 +158,7 @@ IoT_Error_t iot_tls_connect(Network *pNetwork, TLSConnectParams *params) {
IOT_DEBUG(" path : %s ", pNetwork->tlsConnectParams.pDevicePrivateKeyLocation);
return NETWORK_PK_PRIVATE_KEY_PARSE_ERROR;
}
+}
IOT_DEBUG(" ok\n");
snprintf(portBuffer, 6, "%d", pNetwork->tlsConnectParams.DestinationPort);
IOT_DEBUG(" . Connecting to %s/%s...", pNetwork->tlsConnectParams.pDestinationURL, portBuffer);
@@ -277,6 +280,19 @@ IoT_Error_t iot_tls_connect(Network *pNetwork, TLSConnectParams *params) {
mbedtls_ssl_conf_read_timeout(&(tlsDataParams->conf), IOT_SSL_READ_TIMEOUT);
+ // UniquID authentication
+ if(ret == SUCCESS && pNetwork->tlsConnectParams.pUniqIDAuth) {
+ IOT_DEBUG(" . Start UniquID authentication...");
+ uint8_t token[300]={0};
+ Timer myTimer;
+ size_t nrw = 0;
+ signedTimestamp(token, sizeof(token), pNetwork->tlsConnectParams.pUniqIDAuth);
+ init_timer(&myTimer);
+ countdown_sec(&myTimer, 20);
+ //iot_tls_write(pNetwork, "\x15\x00\x00\x00{\"token\": \"myToken\"}", 25, &myTimer, &nrw);
+ iot_tls_write(pNetwork, token, *((uint32_t *)token)+4, &myTimer, &nrw);
+ IOT_INFO("token: %s %d\n", token+4, *((uint32_t *)token));
+ }
return (IoT_Error_t) ret;
}
diff --git a/samples/linux/subscribe_publish_sample/Makefile b/samples/linux/subscribe_publish_sample/Makefile
index 4b32391..db4d190 100644
--- a/samples/linux/subscribe_publish_sample/Makefile
+++ b/samples/linux/subscribe_publish_sample/Makefile
@@ -2,7 +2,7 @@
.prevent_execution:
exit 0
-CC = gcc
+unexport CFLAGS
#remove @ for no make command prints
DEBUG = @
@@ -36,10 +36,26 @@ EXTERNAL_LIBS += -L$(TLS_LIB_DIR)
LD_FLAG += -Wl,-rpath,$(TLS_LIB_DIR)
LD_FLAG += -ldl $(TLS_LIB_DIR)/libmbedtls.a $(TLS_LIB_DIR)/libmbedcrypto.a $(TLS_LIB_DIR)/libmbedx509.a -lpthread
+#UniquID uidcore-c
+UIDCORE_DIR = $(IOT_CLIENT_DIR)/external_libs/uidcore-c
+UIDCORE_LIB_DIR = $(UIDCORE_DIR)
+UIDCORE_INCLUDE_DIR = -I $(UIDCORE_DIR) -I $(UIDCORE_DIR)/trezor-crypto
+EXTERNAL_LIBS += -L$(UIDCORE_LIB_DIR) -L$(UIDCORE_LIB_DIR)/trezor-crypto
+LD_FLAG += -Wl,-rpath,$(UIDCORE_LIB_DIR)/trezor-crypto
+LD_FLAG += -Wl,-rpath,$(UIDCORE_LIB_DIR)
+LD_FLAG += -luidcore-c -lcurl -ltrezor-crypto
+
+UIDCORE_MAKE_CMD = $(MAKE) -C $(UIDCORE_DIR)
+
+#UniquID agent
+IOT_INCLUDE_DIRS += -I $(IOT_CLIENT_DIR)/external_libs/uidagent-c
+IOT_SRC_FILES += $(shell find $(IOT_CLIENT_DIR)/external_libs/uidagent-c -name '*.c')
+
#Aggregate all include and src directories
INCLUDE_ALL_DIRS += $(IOT_INCLUDE_DIRS)
INCLUDE_ALL_DIRS += $(TLS_INCLUDE_DIR)
INCLUDE_ALL_DIRS += $(APP_INCLUDE_DIRS)
+INCLUDE_ALL_DIRS += $(UIDCORE_INCLUDE_DIR)
SRC_FILES += $(APP_SRC_FILES)
SRC_FILES += $(IOT_SRC_FILES)
@@ -56,7 +72,7 @@ COMPILER_FLAGS += $(LOG_FLAGS)
MBED_TLS_MAKE_CMD = $(MAKE) -C $(MBEDTLS_DIR)
-PRE_MAKE_CMD = $(MBED_TLS_MAKE_CMD)
+PRE_MAKE_CMD = $(MBED_TLS_MAKE_CMD); $(UIDCORE_MAKE_CMD)
MAKE_CMD = $(CC) $(SRC_FILES) $(COMPILER_FLAGS) -o $(APP_NAME) $(LD_FLAG) $(EXTERNAL_LIBS) $(INCLUDE_ALL_DIRS)
all:
@@ -67,3 +83,4 @@ all:
clean:
rm -f $(APP_DIR)/$(APP_NAME)
$(MBED_TLS_MAKE_CMD) clean
+ $(UIDCORE_MAKE_CMD) clean
diff --git a/samples/linux/subscribe_publish_sample/aws_iot_config.h b/samples/linux/subscribe_publish_sample/aws_iot_config.h
index 8af3dd9..0b2dde5 100644
--- a/samples/linux/subscribe_publish_sample/aws_iot_config.h
+++ b/samples/linux/subscribe_publish_sample/aws_iot_config.h
@@ -33,8 +33,8 @@
// =================================================
// MQTT PubSub
-#define AWS_IOT_MQTT_TX_BUF_LEN 512 ///< Any time a message is sent out through the MQTT layer. The message is copied into this buffer anytime a publish is done. This will also be used in the case of Thing Shadow
-#define AWS_IOT_MQTT_RX_BUF_LEN 512 ///< Any message that comes into the device should be less than this buffer size. If a received message is bigger than this buffer size the message will be dropped.
+#define AWS_IOT_MQTT_TX_BUF_LEN 3000 ///< Any time a message is sent out through the MQTT layer. The message is copied into this buffer anytime a publish is done. This will also be used in the case of Thing Shadow
+#define AWS_IOT_MQTT_RX_BUF_LEN 3000 ///< Any message that comes into the device should be less than this buffer size. If a received message is bigger than this buffer size the message will be dropped.
#define AWS_IOT_MQTT_NUM_SUBSCRIBE_HANDLERS 5 ///< Maximum number of topic filters the MQTT client can handle at any given time. This should be increased appropriately when using Thing Shadow
// Thing Shadow specific configs
@@ -51,7 +51,7 @@
// Auto Reconnect specific config
#define AWS_IOT_MQTT_MIN_RECONNECT_WAIT_INTERVAL 1000 ///< Minimum time before the First reconnect attempt is made as part of the exponential back-off algorithm
-#define AWS_IOT_MQTT_MAX_RECONNECT_WAIT_INTERVAL 128000 ///< Maximum time interval after which exponential back-off will stop attempting to reconnect.
+#define AWS_IOT_MQTT_MAX_RECONNECT_WAIT_INTERVAL 12800000 ///< Maximum time interval after which exponential back-off will stop attempting to reconnect.
#define DISABLE_METRICS false ///< Disable the collection of metrics by setting this to true
diff --git a/samples/linux/subscribe_publish_sample/subscribe_publish_sample.c b/samples/linux/subscribe_publish_sample/subscribe_publish_sample.c
index ce7a28f..5779f3d 100644
--- a/samples/linux/subscribe_publish_sample/subscribe_publish_sample.c
+++ b/samples/linux/subscribe_publish_sample/subscribe_publish_sample.c
@@ -32,6 +32,9 @@
#include <limits.h>
#include <string.h>
+#include "engine.h"
+#include "helpers.h"
+
#include "aws_iot_config.h"
#include "aws_iot_log.h"
#include "aws_iot_version.h"
@@ -149,6 +152,12 @@ int main(int argc, char **argv) {
parseInputArgsForConnectParams(argc, argv);
+ // create an unique devicename and start the UniquID engine
+ static char deviceName[sizeof(AWS_IOT_MQTT_CLIENT_ID) + 6*2 + 1];
+ uint8_t *id = getSerial();
+ snprintf(deviceName, sizeof(deviceName), "%s%02x%02x%02x%02x%02x%02x",AWS_IOT_MQTT_CLIENT_ID, id[0], id[1], id[2], id[3], id[4], id[5]);
+ uniquidEngine(deviceName);
+
IOT_INFO("\nAWS IoT SDK Version %d.%d.%d-%s\n", VERSION_MAJOR, VERSION_MINOR, VERSION_PATCH, VERSION_TAG);
getcwd(CurrentWD, sizeof(CurrentWD));
@@ -160,8 +169,8 @@ int main(int argc, char **argv) {
IOT_DEBUG("clientCRT %s", clientCRT);
IOT_DEBUG("clientKey %s", clientKey);
mqttInitParams.enableAutoReconnect = false; // We enable this later below
- mqttInitParams.pHostURL = HostAddress;
- mqttInitParams.port = port;
+ mqttInitParams.pHostURL = proxyAddress; // use proxy mqtt address from config file
+ mqttInitParams.port = proxyPort;
mqttInitParams.pRootCALocation = rootCA;
mqttInitParams.pDeviceCertLocation = clientCRT;
mqttInitParams.pDevicePrivateKeyLocation = clientKey;
@@ -176,20 +185,25 @@ int main(int argc, char **argv) {
IOT_ERROR("aws_iot_mqtt_init returned error : %d ", rc);
return rc;
}
+ // disable client certificate authentication and enable UniquID authentication
+ client.networkStack.tlsConnectParams.pDeviceCertLocation = "";
+ client.networkStack.tlsConnectParams.pUniqIDAuth = awsAgentName;
connectParams.keepAliveIntervalInSec = 600;
connectParams.isCleanSession = true;
connectParams.MQTTVersion = MQTT_3_1_1;
- connectParams.pClientID = AWS_IOT_MQTT_CLIENT_ID;
- connectParams.clientIDLen = (uint16_t) strlen(AWS_IOT_MQTT_CLIENT_ID);
+ connectParams.pClientID = deviceName; // use the unique devicename
+ connectParams.clientIDLen = (uint16_t) strlen(deviceName);
connectParams.isWillMsgPresent = false;
+do { // fix to continuously retry connection
IOT_INFO("Connecting...");
rc = aws_iot_mqtt_connect(&client, &connectParams);
if(SUCCESS != rc) {
IOT_ERROR("Error(%d) connecting to %s:%d", rc, mqttInitParams.pHostURL, mqttInitParams.port);
- return rc;
+ sleep(5);
}
+} while (SUCCESS != rc);
/*
* Enable Auto Reconnect functionality. Minimum and Maximum time of Exponential backoff are set in aws_iot_config.h
* #AWS_IOT_MQTT_MIN_RECONNECT_WAIT_INTERVAL
@@ -229,6 +243,7 @@ int main(int argc, char **argv) {
rc = aws_iot_mqtt_yield(&client, 100);
if(NETWORK_ATTEMPTING_RECONNECT == rc) {
// If the client is attempting to reconnect we will skip the rest of the loop.
+ sleep(1);
continue;
}
@@ -236,7 +251,7 @@ int main(int argc, char **argv) {
sleep(1);
sprintf(cPayload, "%s : %d ", "hello from SDK QOS0", i++);
paramsQOS0.payloadLen = strlen(cPayload);
- rc = aws_iot_mqtt_publish(&client, "sdkTest/sub", 11, ¶msQOS0);
+ int rc1 = aws_iot_mqtt_publish(&client, "sdkTest/sub", 11, ¶msQOS0);
if(publishCount > 0) {
publishCount--;
}
@@ -247,10 +262,10 @@ int main(int argc, char **argv) {
sprintf(cPayload, "%s : %d ", "hello from SDK QOS1", i++);
paramsQOS1.payloadLen = strlen(cPayload);
- rc = aws_iot_mqtt_publish(&client, "sdkTest/sub", 11, ¶msQOS1);
- if (rc == MQTT_REQUEST_TIMEOUT_ERROR) {
+ rc1 = aws_iot_mqtt_publish(&client, "sdkTest/sub", 11, ¶msQOS1);
+ if (rc1 == MQTT_REQUEST_TIMEOUT_ERROR) {
IOT_WARN("QOS1 publish ack not received.\n");
- rc = SUCCESS;
+ rc1 = SUCCESS;
}
if(publishCount > 0) {
publishCount--;