forked from u-blox/ubxlib
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpsk_main.c
326 lines (291 loc) · 13.8 KB
/
psk_main.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
/*
* Copyright 2019-2024 u-blox
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/** @brief This example demonstrates how to generate a pre-shared key
* and associated pre-shared key identity.
*
* The choice of module and the choice of platform on which this
* code runs is made at build time, see the README.md for
* instructions.
*
* IMPORTANT: the module in use must have been security sealed before
* this example can be used. Since this is a once-only irreversible
* procedure this example does not perform a security seal automatically.
* Please read the code in the \#if 0 section below to see how it would
* be done.
*/
// Bring in all of the ubxlib public header files
#include "ubxlib.h"
// Bring in the application settings
#include "u_cfg_app_platform_specific.h"
#ifndef U_CFG_DISABLE_TEST_AUTOMATION
// This purely for internal u-blox testing
# include "u_cfg_test_platform_specific.h"
#endif
/* ----------------------------------------------------------------
* COMPILE-TIME MACROS
* -------------------------------------------------------------- */
// For u-blox internal testing only
// Note: LEXI/SARA-R422 sometimes returns "+CME ERROR: SEC busy" to security
// operations when it has just powered-on, which is the case when we're
// running this example during regression testing, hence don't check
// the outcome for LEXI/SARA-R422.
#if defined(U_PORT_TEST_ASSERT) && (U_CFG_TEST_CELL_MODULE_TYPE != U_CELL_MODULE_TYPE_SARA_R422) && \
(U_CFG_TEST_CELL_MODULE_TYPE != U_CELL_MODULE_TYPE_LEXI_R422)
# define EXAMPLE_FINAL_STATE(x) U_PORT_TEST_ASSERT(x);
#else
# define EXAMPLE_FINAL_STATE(x)
#endif
#ifndef U_PORT_TEST_FUNCTION
# error if you are not using the unit test framework to run this code you must ensure that the platform clocks/RTOS are set up and either define U_PORT_TEST_FUNCTION yourself or replace it as necessary.
#endif
/* ----------------------------------------------------------------
* TYPES
* -------------------------------------------------------------- */
/* ----------------------------------------------------------------
* VARIABLES
* -------------------------------------------------------------- */
// ZEPHYR USERS may prefer to set the device and network
// configuration from their device tree, rather than in this C
// code: see /port/platform/zephyr/README.md for instructions on
// how to do that.
// Cellular configuration.
// Set U_CFG_TEST_CELL_MODULE_TYPE to your module type,
// chosen from the values in cell/api/u_cell_module_type.h
//
// Note that the pin numbers are those of the MCU: if you
// are using an MCU inside u-blox module the IO pin numbering
// for the module is likely different to that of the MCU: check
// the data sheet for the module to determine the mapping.
#ifdef U_CFG_TEST_CELL_MODULE_TYPE
// DEVICE i.e. module/chip configuration: in this case a cellular
// module connected via UART
static const uDeviceCfg_t gDeviceCfg = {
.deviceType = U_DEVICE_TYPE_CELL,
.deviceCfg = {
.cfgCell = {
.moduleType = U_CFG_TEST_CELL_MODULE_TYPE,
.pSimPinCode = NULL, /* SIM pin */
.pinEnablePower = U_CFG_APP_PIN_CELL_ENABLE_POWER,
.pinPwrOn = U_CFG_APP_PIN_CELL_PWR_ON,
.pinVInt = U_CFG_APP_PIN_CELL_VINT,
.pinDtrPowerSaving = U_CFG_APP_PIN_CELL_DTR
},
},
.transportType = U_DEVICE_TRANSPORT_TYPE_UART,
.transportCfg = {
.cfgUart = {
.uart = U_CFG_APP_CELL_UART,
.baudRate = U_CELL_UART_BAUD_RATE,
.pinTxd = U_CFG_APP_PIN_CELL_TXD, // Use -1 if on Zephyr or Linux or Windows
.pinRxd = U_CFG_APP_PIN_CELL_RXD, // Use -1 if on Zephyr or Linux or Windows
.pinCts = U_CFG_APP_PIN_CELL_CTS, // Use -1 if on Zephyr
.pinRts = U_CFG_APP_PIN_CELL_RTS, // Use -1 if on Zephyr
#ifdef U_CFG_APP_UART_PREFIX
.pPrefix = U_PORT_STRINGIFY_QUOTED(U_CFG_APP_UART_PREFIX) // Relevant for Linux only
#else
.pPrefix = NULL
#endif
},
},
};
// NETWORK configuration for cellular
static const uNetworkCfgCell_t gNetworkCfg = {
.type = U_NETWORK_TYPE_CELL,
.pApn = NULL, /* APN: NULL to accept default. If using a Thingstream SIM enter "tsiot" here */
.timeoutSeconds = 240 /* Connection timeout in seconds */
// There are six additional fields here which we do NOT set,
// we allow the compiler to set them to 0 and all will be fine.
// The fields are:
//
// - "pKeepGoingCallback": you may set this field to a function
// of the form "bool keepGoingCallback(uDeviceHandle_t devHandle)",
// e.g.:
//
// .pKeepGoingCallback = keepGoingCallback;
//
// ...and your function will be called periodically during an
// abortable network operation such as connect/disconnect;
// if it returns true the operation will continue else it
// will be aborted, allowing you immediate control. If this
// field is set, timeoutSeconds will be ignored.
//
// - "pUsername" and "pPassword": if you are required to set a
// user name and password to go with the APN value that you
// were given by your service provider, set them here.
//
// - "authenticationMode": if you MUST give a user name and
// password and your cellular module does NOT support figuring
// out the authentication mode automatically (e.g. SARA-R4xx,
// LARA-R6 and LENA-R8 do not) then you must populate this field
// with the authentication mode that should be used, see
// #uCellNetAuthenticationMode_t in u_cell_net.h; there is no
// harm in populating this field even if the module _does_ support
// figuring out the authentication mode automatically but
// you ONLY NEED TO WORRY ABOUT IT if you were given that user
// name and password with the APN (which is thankfully not usual).
//
// - "pMccMnc": ONLY required if you wish to connect to a specific
// MCC/MNC rather than to the best available network; should point
// to the null-terminated string giving the MCC and MNC of the PLMN
// to use (for example "23410").
//
// - "pUartPpp": ONLY REQUIRED if U_CFG_PPP_ENABLE is defined AND
// you wish to run a PPP interface to the cellular module over a
// DIFFERENT serial port to that which was specified in the device
// configuration passed to uDeviceOpen(). This is useful if you
// are using the USB interface of a cellular module, which does not
// support the CMUX protocol that multiplexes PPP with AT.
};
#else
static const uDeviceCfg_t gDeviceCfg = {.deviceType = U_DEVICE_TYPE_NONE};
static const uNetworkCfgCell_t gNetworkCfg = {.type = U_NETWORK_TYPE_NONE};
#endif
/* ----------------------------------------------------------------
* STATIC FUNCTIONS
* -------------------------------------------------------------- */
// Print out binary.
static void printHex(const char *pStr, size_t length)
{
char c;
for (size_t x = 0; x < length; x++) {
c = *pStr++;
uPortLog("%02x", c);
}
}
/* ----------------------------------------------------------------
* PUBLIC FUNCTIONS: THE EXAMPLE
* -------------------------------------------------------------- */
// The entry point, main(): before this is called the system
// clocks must have been started and the RTOS must be running;
// we are in task space.
U_PORT_TEST_FUNCTION("[example]", "exampleSecPsk")
{
uDeviceHandle_t devHandle = NULL;
int32_t size = 0;
int32_t returnCode;
char psk[U_SECURITY_PSK_MAX_LENGTH_BYTES];
char pskId[U_SECURITY_PSK_ID_MAX_LENGTH_BYTES];
// Initialise the APIs we will need
uPortInit();
uDeviceInit();
// Open the device
returnCode = uDeviceOpen(&gDeviceCfg, &devHandle);
uPortLog("Opened device with return code %d.\n", returnCode);
if (returnCode == 0) {
// Bring up the network interface
uPortLog("Bringing up the network...\n");
if (uNetworkInterfaceUp(devHandle, U_NETWORK_TYPE_CELL,
&gNetworkCfg) == 0) {
// The module must have previously been security
// sealed for this example to work
if (uSecurityIsSealed(devHandle)) {
uPortLog("Device is security sealed.\n");
uPortLog("Requesting generation of a 32-byte PSK"
" and associated PSK ID...\n");
size = uSecurityPskGenerate(devHandle, 32,
psk, pskId);
uPortLog("32 bytes of PSK returned: ");
printHex(psk, 32);
uPortLog("\n");
uPortLog("%d byte(s) of PSK ID returned: ", size);
printHex(pskId, size);
uPortLog("\n");
uPortLog("This completes the example.\n");
} else {
uPortLog("This device is not security sealed, the PSK"
" generation example will not run; see comments"
" in the example source code for how to do sealing.\n");
// The code below would effect a security seal.
#if 0
// Since sealing is a once-only irreversible process this code
// is #if 0'ed out. Should you want to perform security
// sealing you may compile this code in, maybe move it up to
// always occur before the end-to-end encryption code runs
// (if the device is detected to not be already sealed) but if
// you do so make VERY SURE that the compilation flag discussed
// below is set correctly each time.
// There are two inputs to the sealing process: a device profile
// UID (see the README.md in the directory above for how this
// is obtained from u-blox) and a serial number of your choosing.
// To run sealing with this example code, set the value of
// U_CFG_SECURITY_DEVICE_PROFILE_UID to the device profile UID
// *without* quotation marks, i.e. something like:
//
// U_CFG_SECURITY_DEVICE_PROFILE_UID=AgbCtixjwqLjwV3VWpfPyz
# ifdef U_CFG_SECURITY_DEVICE_PROFILE_UID
int32_t x;
char serialNumber[U_SECURITY_SERIAL_NUMBER_MAX_LENGTH_BYTES];
uPortLog("Waiting for bootstrap status...\n");
// Before security sealing can be performed the device must
// have contacted u-blox security services and "bootstrapped"
// itself (a once-only process): check that this has happened
for (x = 10; (x > 0) && !uSecurityIsBootstrapped(devHandle); x--) {
uPortTaskBlock(5000);
}
if (uSecurityIsBootstrapped(devHandle)) {
uPortLog("Device is bootstrapped.\n");
// In this example we obtain the serial number of the
// device and use that in the sealing process. You
// may chose your own serial number instead if you wish.
x = uSecurityGetSerialNumber(devHandle, serialNumber);
if ((x > 0) && x < (int32_t) sizeof(serialNumber)) {
uPortLog("Performing security seal with device profile UID"
" string \"%s\" and serial number \"%s\"...\n",
U_PORT_STRINGIFY_QUOTED(U_CFG_SECURITY_DEVICE_PROFILE_UID),
serialNumber);
if (uSecuritySealSet(devHandle,
U_PORT_STRINGIFY_QUOTED(U_CFG_SECURITY_DEVICE_PROFILE_UID),
serialNumber, NULL) == 0) {
uPortLog("Device is security sealed with device profile UID string \"%s\""
" and serial number \"%s\".\n",
U_PORT_STRINGIFY_QUOTED(U_CFG_SECURITY_DEVICE_PROFILE_UID),
serialNumber);
} else {
uPortLog("Unable to security seal device!\n");
}
} else {
uPortLog("Unable to obtain a serial number from the device!\n");
}
} else {
uPortLog("This device has not bootstrapped itself!\n");
}
# else
# error U_CFG_SECURITY_DEVICE_PROFILE_UID must be set to your device profile UID (without quotation marks) to use this code.
# endif
#endif
}
// When finished with the network layer
uPortLog("Taking down network...\n");
uNetworkInterfaceDown(devHandle, U_NETWORK_TYPE_CELL);
} else {
uPortLog("Unable to bring up the network!\n");
}
// For u-blox internal testing only
EXAMPLE_FINAL_STATE(((size > 0) && (size < sizeof(pskId))) || !uSecurityIsSupported(devHandle));
// Close the device
// Note: we don't power the device down here in order
// to speed up testing; you may prefer to power it off
// by setting the second parameter to true.
uDeviceClose(devHandle, false);
} else {
uPortLog("Unable to bring up the device!\n");
}
// Tidy up
uDeviceDeinit();
uPortDeinit();
uPortLog("Done.\n");
}
// End of file