Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
A
arduino-esp32
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Analytics
Analytics
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Commits
Open sidebar
xpstem
arduino-esp32
Commits
951c3205
Unverified
Commit
951c3205
authored
Oct 11, 2021
by
Me No Dev
Committed by
GitHub
Oct 11, 2021
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'master' into i2c-slave
parents
335cedf4
7a7bd37e
Changes
7
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
147 additions
and
19 deletions
+147
-19
libraries/ESP32/examples/Camera/CameraWebServer/CameraWebServer.ino
...ESP32/examples/Camera/CameraWebServer/CameraWebServer.ino
+1
-0
libraries/ESP32/examples/Camera/CameraWebServer/camera_pins.h
...aries/ESP32/examples/Camera/CameraWebServer/camera_pins.h
+19
-0
libraries/USB/src/USBVendor.cpp
libraries/USB/src/USBVendor.cpp
+1
-1
libraries/WiFiClientSecure/examples/WiFiClientShowPeerCredentials/WiFiClientShowPeerCredentials.ino
...ientShowPeerCredentials/WiFiClientShowPeerCredentials.ino
+97
-0
libraries/WiFiClientSecure/src/WiFiClientSecure.h
libraries/WiFiClientSecure/src/WiFiClientSecure.h
+4
-3
libraries/WiFiClientSecure/src/ssl_client.cpp
libraries/WiFiClientSecure/src/ssl_client.cpp
+24
-14
libraries/WiFiClientSecure/src/ssl_client.h
libraries/WiFiClientSecure/src/ssl_client.h
+1
-1
No files found.
libraries/ESP32/examples/Camera/CameraWebServer/CameraWebServer.ino
View file @
951c3205
...
...
@@ -14,6 +14,7 @@
//#define CAMERA_MODEL_M5STACK_V2_PSRAM // M5Camera version B Has PSRAM
//#define CAMERA_MODEL_M5STACK_WIDE // Has PSRAM
//#define CAMERA_MODEL_M5STACK_ESP32CAM // No PSRAM
//#define CAMERA_MODEL_M5STACK_UNITCAM // No PSRAM
//#define CAMERA_MODEL_AI_THINKER // Has PSRAM
//#define CAMERA_MODEL_TTGO_T_JOURNAL // No PSRAM
...
...
libraries/ESP32/examples/Camera/CameraWebServer/camera_pins.h
View file @
951c3205
...
...
@@ -113,6 +113,25 @@
#define HREF_GPIO_NUM 26
#define PCLK_GPIO_NUM 21
#elif defined(CAMERA_MODEL_M5STACK_UNITCAM)
#define PWDN_GPIO_NUM -1
#define RESET_GPIO_NUM 15
#define XCLK_GPIO_NUM 27
#define SIOD_GPIO_NUM 25
#define SIOC_GPIO_NUM 23
#define Y9_GPIO_NUM 19
#define Y8_GPIO_NUM 36
#define Y7_GPIO_NUM 18
#define Y6_GPIO_NUM 39
#define Y5_GPIO_NUM 5
#define Y4_GPIO_NUM 34
#define Y3_GPIO_NUM 35
#define Y2_GPIO_NUM 32
#define VSYNC_GPIO_NUM 22
#define HREF_GPIO_NUM 26
#define PCLK_GPIO_NUM 21
#elif defined(CAMERA_MODEL_AI_THINKER)
#define PWDN_GPIO_NUM 32
#define RESET_GPIO_NUM -1
...
...
libraries/USB/src/USBVendor.cpp
View file @
951c3205
...
...
@@ -40,8 +40,8 @@ uint16_t tusb_vendor_load_descriptor(uint8_t * dst, uint8_t * itf)
}
void
tud_vendor_rx_cb
(
uint8_t
itf
){
log_v
(
"%u"
,
len
);
size_t
len
=
tud_vendor_n_available
(
itf
);
log_v
(
"%u"
,
len
);
if
(
len
){
uint8_t
buffer
[
len
];
len
=
tud_vendor_n_read
(
itf
,
buffer
,
len
);
...
...
libraries/WiFiClientSecure/examples/WiFiClientShowPeerCredentials/WiFiClientShowPeerCredentials.ino
0 → 100644
View file @
951c3205
// WiFiClientShowPeerCredentials
//
// Example of a establishing a secure connection and then
// showing the fingerprint of the certificate. This can
// be useful in an IoT setting to know for sure that you
// are connecting to the right server. Especally in
// situations where you cannot hardcode a trusted root
// certificate for long periods of time (as they tend to
// get replaced more often than the lifecycle of IoT
// hardware).
//
#include <WiFi.h>
#include <HTTPClient.h>
#include <WiFiClientSecure.h>
#ifndef WIFI_NETWORK
#define WIFI_NETWORK "MyWifiNetwork"
#endif
#ifndef WIFI_PASSWD
#define WIFI_PASSWD "MySecretWifiPassword"
#endif
#define URL "https://arduino.cc"
void
demo
()
{
WiFiClientSecure
*
client
=
new
WiFiClientSecure
;
client
->
setInsecure
();
//
HTTPClient
https
;
if
(
!
https
.
begin
(
*
client
,
URL
))
{
Serial
.
println
(
"HTTPS setup failed"
);
return
;
};
https
.
setTimeout
(
5000
);
int
httpCode
=
https
.
GET
();
if
(
httpCode
!=
200
)
{
Serial
.
print
(
"Connect failed: "
);
Serial
.
println
(
https
.
errorToString
(
httpCode
));
return
;
}
const
mbedtls_x509_crt
*
peer
=
client
->
getPeerCertificate
();
// Show general output / certificate information
//
char
buf
[
1024
];
int
l
=
mbedtls_x509_crt_info
(
buf
,
sizeof
(
buf
),
""
,
peer
);
if
(
l
<=
0
)
{
Serial
.
println
(
"Peer conversion to printable buffer failed"
);
return
;
};
Serial
.
println
();
Serial
.
println
(
buf
);
uint8_t
fingerprint_remote
[
32
];
if
(
!
client
->
getFingerprintSHA256
(
fingerprint_remote
))
{
Serial
.
println
(
"Failed to get the fingerprint"
);
return
;
}
// Fingerprint late 2021
Serial
.
println
(
"Expecting Fingerprint (SHA256): 70 CF A4 B7 5D 09 E9 2A 52 A8 B6 85 B5 0B D6 BE 83 47 83 5B 3A 4D 3C 3E 32 30 EC 1D 61 98 D7 0F"
);
Serial
.
print
(
" Received Fingerprint (SHA256): "
);
for
(
int
i
=
0
;
i
<
32
;
i
++
)
{
Serial
.
print
(
fingerprint_remote
[
i
],
HEX
);
Serial
.
print
(
" "
);
};
Serial
.
println
(
""
);
};
void
setup
()
{
Serial
.
begin
(
115200
);
Serial
.
println
(
"Started "
__FILE__
" build "
__DATE__
" "
__TIME__
);
WiFi
.
mode
(
WIFI_STA
);
WiFi
.
begin
(
WIFI_NETWORK
,
WIFI_PASSWD
);
while
(
WiFi
.
waitForConnectResult
()
!=
WL_CONNECTED
)
{
Serial
.
println
(
"Wifi fail - rebooting"
);
delay
(
5000
);
ESP
.
restart
();
}
}
void
loop
()
{
bool
already_tried
=
false
;
if
((
millis
()
<
1000
)
||
already_tried
)
return
;
already_tried
=
true
;
// Run the test just once.
demo
();
}
libraries/WiFiClientSecure/src/WiFiClientSecure.h
View file @
951c3205
...
...
@@ -73,7 +73,8 @@ public:
bool
loadPrivateKey
(
Stream
&
stream
,
size_t
size
);
bool
verify
(
const
char
*
fingerprint
,
const
char
*
domain_name
);
void
setHandshakeTimeout
(
unsigned
long
handshake_timeout
);
const
mbedtls_x509_crt
*
getPeerCertificate
()
{
return
mbedtls_ssl_get_peer_cert
(
&
sslclient
->
ssl_ctx
);
};
bool
getFingerprintSHA256
(
uint8_t
sha256_result
[
32
])
{
return
get_peer_fingerprint
(
sslclient
,
sha256_result
);
};
int
setTimeout
(
uint32_t
seconds
){
return
0
;
}
operator
bool
()
...
...
libraries/WiFiClientSecure/src/ssl_client.cpp
View file @
951c3205
...
...
@@ -418,22 +418,10 @@ bool verify_ssl_fingerprint(sslclient_context *ssl_client, const char* fp, const
fingerprint_local
[
i
]
=
low
|
(
high
<<
4
);
}
// Get certificate provided by the peer
const
mbedtls_x509_crt
*
crt
=
mbedtls_ssl_get_peer_cert
(
&
ssl_client
->
ssl_ctx
);
if
(
!
crt
)
{
log_d
(
"could not fetch peer certificate"
);
return
false
;
}
// Calculate certificate's SHA256 fingerprint
uint8_t
fingerprint_remote
[
32
];
mbedtls_sha256_context
sha256_ctx
;
mbedtls_sha256_init
(
&
sha256_ctx
);
mbedtls_sha256_starts
(
&
sha256_ctx
,
false
);
mbedtls_sha256_update
(
&
sha256_ctx
,
crt
->
raw
.
p
,
crt
->
raw
.
len
);
mbedtls_sha256_finish
(
&
sha256_ctx
,
fingerprint_remote
);
if
(
!
get_peer_fingerprint
(
ssl_client
,
fingerprint_remote
))
return
false
;
// Check if fingerprints match
if
(
memcmp
(
fingerprint_local
,
fingerprint_remote
,
32
))
...
...
@@ -449,6 +437,28 @@ bool verify_ssl_fingerprint(sslclient_context *ssl_client, const char* fp, const
return
true
;
}
bool
get_peer_fingerprint
(
sslclient_context
*
ssl_client
,
uint8_t
sha256
[
32
])
{
if
(
!
ssl_client
)
{
log_d
(
"Invalid ssl_client pointer"
);
return
false
;
};
const
mbedtls_x509_crt
*
crt
=
mbedtls_ssl_get_peer_cert
(
&
ssl_client
->
ssl_ctx
);
if
(
!
crt
)
{
log_d
(
"Failed to get peer cert."
);
return
false
;
};
mbedtls_sha256_context
sha256_ctx
;
mbedtls_sha256_init
(
&
sha256_ctx
);
mbedtls_sha256_starts
(
&
sha256_ctx
,
false
);
mbedtls_sha256_update
(
&
sha256_ctx
,
crt
->
raw
.
p
,
crt
->
raw
.
len
);
mbedtls_sha256_finish
(
&
sha256_ctx
,
sha256
);
return
true
;
}
// Checks if peer certificate has specified domain in CN or SANs
bool
verify_ssl_dn
(
sslclient_context
*
ssl_client
,
const
char
*
domain_name
)
{
...
...
libraries/WiFiClientSecure/src/ssl_client.h
View file @
951c3205
...
...
@@ -36,5 +36,5 @@ int send_ssl_data(sslclient_context *ssl_client, const uint8_t *data, size_t len
int
get_ssl_receive
(
sslclient_context
*
ssl_client
,
uint8_t
*
data
,
int
length
);
bool
verify_ssl_fingerprint
(
sslclient_context
*
ssl_client
,
const
char
*
fp
,
const
char
*
domain_name
);
bool
verify_ssl_dn
(
sslclient_context
*
ssl_client
,
const
char
*
domain_name
);
bool
get_peer_fingerprint
(
sslclient_context
*
ssl_client
,
uint8_t
sha256
[
32
]);
#endif
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment