From 64cacec927db6472941bcbea3eb46bbea06731bf Mon Sep 17 00:00:00 2001 From: Dane Walton Date: Fri, 25 Mar 2022 12:17:14 -0700 Subject: [PATCH 1/5] add x509 certificate support --- examples/Azure_IoT_Central_ESP32/AzureIoT.cpp | 42 +++++++++++----- examples/Azure_IoT_Central_ESP32/AzureIoT.h | 12 +++++ .../Azure_IoT_Central_ESP32.ino | 22 ++++++++- .../Azure_IoT_Central_ESP32/iot_configs.h | 46 ++++++++++++++++- .../AzureIoT.cpp | 42 +++++++++++----- .../AzureIoT.h | 12 +++++ .../Azure_IoT_Central_ESP32_AzureIoTKit.ino | 22 ++++++++- .../iot_configs.h | 46 ++++++++++++++++- .../Azure_IoT_Hub_ESP32.ino | 17 ++++++- examples/Azure_IoT_Hub_ESP32/iot_configs.h | 49 +++++++++++++++++-- 10 files changed, 277 insertions(+), 33 deletions(-) diff --git a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp index 1d2d10f6..59e95cae 100644 --- a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp @@ -94,7 +94,15 @@ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config _az_PRECONDITION(is_az_span_empty(azure_iot_config->dps_id_scope)); _az_PRECONDITION(is_az_span_empty(azure_iot_config->dps_registration_id)); } - _az_PRECONDITION_VALID_SPAN(azure_iot_config->device_key, 1, false); + + // Either device key or device certificate and certificate key should be defined. + if (is_az_span_empty(azure_iot_config->device_key) && + (is_az_span_empty(azure_iot_config->device_certificate) || is_az_span_empty(azure_iot_config->device_certificate_private_key) )) + { + LogError("Please define either a device key or a device certificate and certificate private key. See iot_configs.h"); + _az_PRECONDITION(false); + } + _az_PRECONDITION_VALID_SPAN(azure_iot_config->data_buffer, 1, false); _az_PRECONDITION_NOT_NULL(azure_iot_config->data_manipulation_functions.base64_decode); _az_PRECONDITION_NOT_NULL(azure_iot_config->data_manipulation_functions.base64_encode); @@ -949,15 +957,18 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); - password_length = generate_sas_token_for_dps( - &azure_iot->dps_client, - azure_iot->config->device_key, - azure_iot->config->sas_token_lifetime_in_minutes, - data_buffer_span, - azure_iot->config->data_manipulation_functions, - password_span, - &azure_iot->sas_token_expiration_time); - EXIT_IF_TRUE(password_length == 0, RESULT_ERROR, "Failed creating mqtt password for DPS connection."); + if(!az_span_is_content_equal(AZ_SPAN_EMPTY, azure_iot->config->device_key)) + { + password_length = generate_sas_token_for_dps( + &azure_iot->dps_client, + azure_iot->config->device_key, + azure_iot->config->sas_token_lifetime_in_minutes, + data_buffer_span, + azure_iot->config->data_manipulation_functions, + password_span, + &azure_iot->sas_token_expiration_time); + EXIT_IF_TRUE(password_length == 0, RESULT_ERROR, "Failed creating mqtt password for DPS connection."); + } client_id_span = split_az_span(data_buffer_span, MQTT_CLIENT_ID_BUFFER_SIZE, &data_buffer_span); EXIT_IF_TRUE(is_az_span_empty(client_id_span), RESULT_ERROR, "Failed reserving buffer for client_id_span."); @@ -977,7 +988,16 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - mqtt_client_config->password = password_span; + + if(!az_span_is_content_equal(AZ_SPAN_EMPTY, azure_iot->config->device_key)) + { + mqtt_client_config->password = password_span; + } + else + { + // Certs don't use a password + mqtt_client_config->password = AZ_SPAN_EMPTY; + } return RESULT_OK; } diff --git a/examples/Azure_IoT_Central_ESP32/AzureIoT.h b/examples/Azure_IoT_Central_ESP32/AzureIoT.h index 84795bd9..b3282765 100644 --- a/examples/Azure_IoT_Central_ESP32/AzureIoT.h +++ b/examples/Azure_IoT_Central_ESP32/AzureIoT.h @@ -454,6 +454,18 @@ typedef struct azure_iot_config_t_struct */ az_span device_key; + /* + * @brief X509 certificate to be used for authentication. + * + */ + az_span device_certificate; + + /* + * @brief X509 certificate private key to be used for authentication. + * + */ + az_span device_certificate_private_key; + /* * @brief The "Registration ID" to authenticate with when connecting to * Azure Device Provisioning service. diff --git a/examples/Azure_IoT_Central_ESP32/Azure_IoT_Central_ESP32.ino b/examples/Azure_IoT_Central_ESP32/Azure_IoT_Central_ESP32.ino index 47faa16c..38cd73a7 100644 --- a/examples/Azure_IoT_Central_ESP32/Azure_IoT_Central_ESP32.ino +++ b/examples/Azure_IoT_Central_ESP32/Azure_IoT_Central_ESP32.ino @@ -129,7 +129,15 @@ static int mqtt_client_init_function(mqtt_client_config_t* mqtt_client_config, m mqtt_config.port = mqtt_client_config->port; mqtt_config.client_id = (const char*)az_span_ptr(mqtt_client_config->client_id); mqtt_config.username = (const char*)az_span_ptr(mqtt_client_config->username); - mqtt_config.password = (const char*)az_span_ptr(mqtt_client_config->password); + + #ifdef IOT_CONFIG_USE_X509_CERT + LogInfo("MQTT client using X509 Certificate authentication"); + mqtt_config.client_cert_pem = IOT_CONFIG_DEVICE_CERT; + mqtt_config.client_key_pem = IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY; + #else // Using SAS key + mqtt_config.password = (const char*)az_span_ptr(mqtt_client_config->password); + #endif + mqtt_config.keepalive = 30; mqtt_config.disable_clean_session = 0; mqtt_config.disable_auto_reconnect = false; @@ -331,7 +339,17 @@ void setup() azure_iot_config.use_device_provisioning = true; // Required for Azure IoT Central. azure_iot_config.iot_hub_fqdn = AZ_SPAN_EMPTY; azure_iot_config.device_id = AZ_SPAN_EMPTY; - azure_iot_config.device_key = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_KEY); + + #ifdef IOT_CONFIG_USE_X509_CERT + azure_iot_config.device_certificate = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_CERT); + azure_iot_config.device_certificate_private_key = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY); + azure_iot_config.device_key = AZ_SPAN_EMPTY; + #else + azure_iot_config.device_certificate = AZ_SPAN_EMPTY; + azure_iot_config.device_certificate_private_key = AZ_SPAN_EMPTY; + azure_iot_config.device_key = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_KEY); + #endif // IOT_CONFIG_USE_X509_CERT + azure_iot_config.dps_id_scope = AZ_SPAN_FROM_STR(DPS_ID_SCOPE); azure_iot_config.dps_registration_id = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_ID); // Use Device ID for Azure IoT Central. azure_iot_config.data_buffer = AZ_SPAN_FROM_BUFFER(az_iot_data_buffer); diff --git a/examples/Azure_IoT_Central_ESP32/iot_configs.h b/examples/Azure_IoT_Central_ESP32/iot_configs.h index 9d873758..28eb3a15 100644 --- a/examples/Azure_IoT_Central_ESP32/iot_configs.h +++ b/examples/Azure_IoT_Central_ESP32/iot_configs.h @@ -5,10 +5,54 @@ #define IOT_CONFIG_WIFI_SSID "SSID" #define IOT_CONFIG_WIFI_PASSWORD "PWD" +// Define if using device x509 certificates +// #define IOT_CONFIG_USE_X509_CERT + +#ifdef IOT_CONFIG_USE_X509_CERT + +/* + +Device certificate should be of the form: + +"-----BEGIN CERTIFICATE-----\r\n" \ +"MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ +"A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ +"MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ +....... +"YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ +"vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ +"yC+koNRC0MU=\r\n" \ +"-----END CERTIFICATE-----" + +*/ +#define IOT_CONFIG_DEVICE_CERT "Device Certificate" + +/* + +Device certificate private key should be of the form: + +"-----BEGIN EC PRIVATE KEY-----\r\n" \ +"MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ +"AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ +"yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ +"-----END EC PRIVATE KEY-----" + +Note the type of key may different in your case. Such as BEGIN PRIVATE KEY +or BEGIN RSA PRIVATE KEY. + +*/ +#define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "Device Certificate Private Key" + +#endif // IOT_CONFIG_USE_X509_CERT + // Azure IoT Central #define DPS_ID_SCOPE "ID Scope" #define IOT_CONFIG_DEVICE_ID "Device ID" -#define IOT_CONFIG_DEVICE_KEY "Device Key" +// Use device key if not using certificates +#ifndef IOT_CONFIG_USE_X509_CERT + #define IOT_CONFIG_DEVICE_KEY "Device Key" +#endif // IOT_CONFIG_USE_X509_CERT + // User-agent (url-encoded) provided by the MQTT client to Azure IoT Services. // When developing for your own Arduino-based platform, diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp index 1d2d10f6..6f3fce7a 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp @@ -94,7 +94,15 @@ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config _az_PRECONDITION(is_az_span_empty(azure_iot_config->dps_id_scope)); _az_PRECONDITION(is_az_span_empty(azure_iot_config->dps_registration_id)); } - _az_PRECONDITION_VALID_SPAN(azure_iot_config->device_key, 1, false); + + // Either device key or device certificate and certificate key should be defined. + if (is_az_span_empty(azure_iot_config->device_key) && + (is_az_span_empty(azure_iot_config->device_certificate) || is_az_span_empty(azure_iot_config->device_certificate_private_key) )) + { + LogError("Please define either a device key or a device certificate and certificate private key. See iot_configs.h"); + _az_PRECONDITION(false); + } + _az_PRECONDITION_VALID_SPAN(azure_iot_config->data_buffer, 1, false); _az_PRECONDITION_NOT_NULL(azure_iot_config->data_manipulation_functions.base64_decode); _az_PRECONDITION_NOT_NULL(azure_iot_config->data_manipulation_functions.base64_encode); @@ -949,15 +957,18 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); - password_length = generate_sas_token_for_dps( - &azure_iot->dps_client, - azure_iot->config->device_key, - azure_iot->config->sas_token_lifetime_in_minutes, - data_buffer_span, - azure_iot->config->data_manipulation_functions, - password_span, - &azure_iot->sas_token_expiration_time); - EXIT_IF_TRUE(password_length == 0, RESULT_ERROR, "Failed creating mqtt password for DPS connection."); + if(!az_span_is_content_equal(AZ_SPAN_EMPTY, azure_iot->config->device_key)) + { + password_length = generate_sas_token_for_dps( + &azure_iot->dps_client, + azure_iot->config->device_key, + azure_iot->config->sas_token_lifetime_in_minutes, + data_buffer_span, + azure_iot->config->data_manipulation_functions, + password_span, + &azure_iot->sas_token_expiration_time); + EXIT_IF_TRUE(password_length == 0, RESULT_ERROR, "Failed creating mqtt password for DPS connection."); + } client_id_span = split_az_span(data_buffer_span, MQTT_CLIENT_ID_BUFFER_SIZE, &data_buffer_span); EXIT_IF_TRUE(is_az_span_empty(client_id_span), RESULT_ERROR, "Failed reserving buffer for client_id_span."); @@ -977,7 +988,16 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - mqtt_client_config->password = password_span; + + if(!az_span_is_content_equal(AZ_SPAN_EMPTY, azure_iot->config->device_key)) + { + mqtt_client_config->password = password_span; + } + else + { + // Certs don't use a password + mqtt_client_config->password = AZ_SPAN_EMPTY; + } return RESULT_OK; } diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.h b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.h index 84795bd9..b3282765 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.h +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.h @@ -454,6 +454,18 @@ typedef struct azure_iot_config_t_struct */ az_span device_key; + /* + * @brief X509 certificate to be used for authentication. + * + */ + az_span device_certificate; + + /* + * @brief X509 certificate private key to be used for authentication. + * + */ + az_span device_certificate_private_key; + /* * @brief The "Registration ID" to authenticate with when connecting to * Azure Device Provisioning service. diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/Azure_IoT_Central_ESP32_AzureIoTKit.ino b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/Azure_IoT_Central_ESP32_AzureIoTKit.ino index ea1a7b54..f61a4dfe 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/Azure_IoT_Central_ESP32_AzureIoTKit.ino +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/Azure_IoT_Central_ESP32_AzureIoTKit.ino @@ -135,7 +135,15 @@ static int mqtt_client_init_function(mqtt_client_config_t* mqtt_client_config, m mqtt_config.port = mqtt_client_config->port; mqtt_config.client_id = (const char*)az_span_ptr(mqtt_client_config->client_id); mqtt_config.username = (const char*)az_span_ptr(mqtt_client_config->username); - mqtt_config.password = (const char*)az_span_ptr(mqtt_client_config->password); + + #ifdef IOT_CONFIG_USE_X509_CERT + LogInfo("MQTT client using X509 Certificate authentication"); + mqtt_config.client_cert_pem = IOT_CONFIG_DEVICE_CERT; + mqtt_config.client_key_pem = IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY; + #else // Using SAS key + mqtt_config.password = (const char*)az_span_ptr(mqtt_client_config->password); + #endif + mqtt_config.keepalive = 30; mqtt_config.disable_clean_session = 0; mqtt_config.disable_auto_reconnect = false; @@ -336,7 +344,17 @@ void setup() azure_iot_config.use_device_provisioning = true; // Required for Azure IoT Central. azure_iot_config.iot_hub_fqdn = AZ_SPAN_EMPTY; azure_iot_config.device_id = AZ_SPAN_EMPTY; - azure_iot_config.device_key = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_KEY); + + #ifdef IOT_CONFIG_USE_X509_CERT + azure_iot_config.device_certificate = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_CERT); + azure_iot_config.device_certificate_private_key = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY); + azure_iot_config.device_key = AZ_SPAN_EMPTY; + #else + azure_iot_config.device_certificate = AZ_SPAN_EMPTY; + azure_iot_config.device_certificate_private_key = AZ_SPAN_EMPTY; + azure_iot_config.device_key = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_KEY); + #endif // IOT_CONFIG_USE_X509_CERT + azure_iot_config.dps_id_scope = AZ_SPAN_FROM_STR(DPS_ID_SCOPE); azure_iot_config.dps_registration_id = AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_ID); // Use Device ID for Azure IoT Central. azure_iot_config.data_buffer = AZ_SPAN_FROM_BUFFER(az_iot_data_buffer); diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/iot_configs.h b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/iot_configs.h index 9d873758..30a8ab41 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/iot_configs.h +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/iot_configs.h @@ -5,10 +5,54 @@ #define IOT_CONFIG_WIFI_SSID "SSID" #define IOT_CONFIG_WIFI_PASSWORD "PWD" +// Define if using device x509 certificates +// #define IOT_CONFIG_USE_X509_CERT + +#ifdef IOT_CONFIG_USE_X509_CERT + +/* + +Device certificate should be of the form: + +"-----BEGIN CERTIFICATE-----\r\n" \ +"MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ +"A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ +"MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ +....... +"YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ +"vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ +"yC+koNRC0MU=\r\n" \ +"-----END CERTIFICATE-----" + +*/ +#define IOT_CONFIG_DEVICE_CERT "Device Certificate" + +/* + +Device certificate private key should be of the form: + +"-----BEGIN EC PRIVATE KEY-----\r\n" \ +"MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ +"AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ +"yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ +"-----END EC PRIVATE KEY-----" + +Note the type of key may different in your case. Such as BEGIN PRIVATE KEY +or BEGIN RSA PRIVATE KEY. + +*/ +#define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "Device Certificate Private Key" + +#endif // IOT_CONFIG_USE_X509_CERT + // Azure IoT Central #define DPS_ID_SCOPE "ID Scope" #define IOT_CONFIG_DEVICE_ID "Device ID" -#define IOT_CONFIG_DEVICE_KEY "Device Key" +// Use device key if not using certificates +#ifndef IOT_CONFIG_USE_X509_CERT + #define IOT_CONFIG_DEVICE_KEY "Device Key" +#endif // IOT_CONFIG_USE_X509_CERT + // User-agent (url-encoded) provided by the MQTT client to Azure IoT Services. // When developing for your own Arduino-based platform, diff --git a/examples/Azure_IoT_Hub_ESP32/Azure_IoT_Hub_ESP32.ino b/examples/Azure_IoT_Hub_ESP32/Azure_IoT_Hub_ESP32.ino index 61e11a9d..94bb93ae 100644 --- a/examples/Azure_IoT_Hub_ESP32/Azure_IoT_Hub_ESP32.ino +++ b/examples/Azure_IoT_Hub_ESP32/Azure_IoT_Hub_ESP32.ino @@ -83,12 +83,13 @@ static uint32_t telemetry_send_count = 0; static char incoming_data[INCOMING_DATA_BUFFER_SIZE]; // Auxiliary functions - +#ifndef IOT_CONFIG_USE_X509_CERT static AzIoTSasToken sasToken( &client, AZ_SPAN_FROM_STR(IOT_CONFIG_DEVICE_KEY), AZ_SPAN_FROM_BUFFER(sas_signature_buffer), AZ_SPAN_FROM_BUFFER(mqtt_password)); +#endif // IOT_CONFIG_USE_X509_CERT static void connectToWiFi() { @@ -235,11 +236,13 @@ static void initializeIoTHubClient() static int initializeMqttClient() { + #ifndef IOT_CONFIG_USE_X509_CERT if (sasToken.Generate(SAS_TOKEN_DURATION_IN_MINUTES) != 0) { Logger.Error("Failed generating SAS token"); return 1; } + #endif esp_mqtt_client_config_t mqtt_config; memset(&mqtt_config, 0, sizeof(mqtt_config)); @@ -247,7 +250,15 @@ static int initializeMqttClient() mqtt_config.port = mqtt_port; mqtt_config.client_id = mqtt_client_id; mqtt_config.username = mqtt_username; - mqtt_config.password = (const char*)az_span_ptr(sasToken.Get()); + + #ifdef IOT_CONFIG_USE_X509_CERT + Logger.Info("MQTT client using X509 Certificate authentication"); + mqtt_config.client_cert_pem = IOT_CONFIG_DEVICE_CERT; + mqtt_config.client_key_pem = IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY; + #else // Using SAS key + mqtt_config.password = (const char*)az_span_ptr(sasToken.Get()); + #endif + mqtt_config.keepalive = 30; mqtt_config.disable_clean_session = 0; mqtt_config.disable_auto_reconnect = false; @@ -355,12 +366,14 @@ void loop() { connectToWiFi(); } + #ifndef IOT_CONFIG_USE_X509_CERT else if (sasToken.IsExpired()) { Logger.Info("SAS token expired; reconnecting with a new one."); (void)esp_mqtt_client_destroy(mqtt_client); initializeMqttClient(); } + #endif else if (millis() > next_telemetry_send_time_ms) { sendTelemetry(); diff --git a/examples/Azure_IoT_Hub_ESP32/iot_configs.h b/examples/Azure_IoT_Hub_ESP32/iot_configs.h index 9a05c1cd..1bb236b4 100644 --- a/examples/Azure_IoT_Hub_ESP32/iot_configs.h +++ b/examples/Azure_IoT_Hub_ESP32/iot_configs.h @@ -2,13 +2,56 @@ // SPDX-License-Identifier: MIT // Wifi -#define IOT_CONFIG_WIFI_SSID "SSID" -#define IOT_CONFIG_WIFI_PASSWORD "PWD" +#define IOT_CONFIG_WIFI_SSID "SSID" +#define IOT_CONFIG_WIFI_PASSWORD "PWD" + +// Define if using device x509 certificates +// #define IOT_CONFIG_USE_X509_CERT + +#ifdef IOT_CONFIG_USE_X509_CERT + +/* + +Device certificate should be of the form: + +"-----BEGIN CERTIFICATE-----\r\n" \ +"MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ +"A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ +"MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ +....... +"YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ +"vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ +"yC+koNRC0MU=\r\n" \ +"-----END CERTIFICATE-----" + +*/ +#define IOT_CONFIG_DEVICE_CERT "Device Certificate" + +/* + +Device certificate private key should be of the form: + +"-----BEGIN EC PRIVATE KEY-----\r\n" \ +"MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ +"AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ +"yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ +"-----END EC PRIVATE KEY-----" + +Note the type of key may different in your case. Such as BEGIN PRIVATE KEY +or BEGIN RSA PRIVATE KEY. + +*/ +#define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "Device Certificate Private Key" + +#endif // IOT_CONFIG_USE_X509_CERT // Azure IoT #define IOT_CONFIG_IOTHUB_FQDN "[your Azure IoT host name].azure-devices.net" #define IOT_CONFIG_DEVICE_ID "Device ID" -#define IOT_CONFIG_DEVICE_KEY "Device Key" +// Use device key if not using certificates +#ifndef IOT_CONFIG_USE_X509_CERT + #define IOT_CONFIG_DEVICE_KEY "Device Key" +#endif // IOT_CONFIG_USE_X509_CERT // Publish 1 message every 2 seconds #define TELEMETRY_FREQUENCY_MILLISECS 2000 From 4f8da8a87037e01a653a05444a86500b3685ede0 Mon Sep 17 00:00:00 2001 From: Dane Walton Date: Fri, 25 Mar 2022 12:20:39 -0700 Subject: [PATCH 2/5] update empty check --- examples/Azure_IoT_Central_ESP32/AzureIoT.cpp | 4 ++-- examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp index 59e95cae..fbaabb12 100644 --- a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp @@ -957,7 +957,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); - if(!az_span_is_content_equal(AZ_SPAN_EMPTY, azure_iot->config->device_key)) + if(!is_az_span_empty( azure_iot->config->device_key)) { password_length = generate_sas_token_for_dps( &azure_iot->dps_client, @@ -989,7 +989,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - if(!az_span_is_content_equal(AZ_SPAN_EMPTY, azure_iot->config->device_key)) + if(!is_az_span_empty( azure_iot->config->device_key)) { mqtt_client_config->password = password_span; } diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp index 6f3fce7a..f6463fa8 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp @@ -957,7 +957,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); - if(!az_span_is_content_equal(AZ_SPAN_EMPTY, azure_iot->config->device_key)) + if(!is_az_span_empty( azure_iot->config->device_key)) { password_length = generate_sas_token_for_dps( &azure_iot->dps_client, @@ -989,7 +989,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - if(!az_span_is_content_equal(AZ_SPAN_EMPTY, azure_iot->config->device_key)) + if(!is_az_span_empty( azure_iot->config->device_key)) { mqtt_client_config->password = password_span; } From 4c642f2cd6dad6a301ab1e9179079692dc909bf8 Mon Sep 17 00:00:00 2001 From: Dane Walton Date: Fri, 25 Mar 2022 12:21:23 -0700 Subject: [PATCH 3/5] nit --- examples/Azure_IoT_Central_ESP32/AzureIoT.cpp | 4 ++-- examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp index fbaabb12..f806cff5 100644 --- a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp @@ -957,7 +957,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); - if(!is_az_span_empty( azure_iot->config->device_key)) + if(!is_az_span_empty(azure_iot->config->device_key)) { password_length = generate_sas_token_for_dps( &azure_iot->dps_client, @@ -989,7 +989,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - if(!is_az_span_empty( azure_iot->config->device_key)) + if(!is_az_span_empty(azure_iot->config->device_key)) { mqtt_client_config->password = password_span; } diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp index f6463fa8..d4b36314 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp @@ -957,7 +957,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); - if(!is_az_span_empty( azure_iot->config->device_key)) + if(!is_az_span_empty(azure_iot->config->device_key)) { password_length = generate_sas_token_for_dps( &azure_iot->dps_client, @@ -989,7 +989,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - if(!is_az_span_empty( azure_iot->config->device_key)) + if(!is_az_span_empty(azure_iot->config->device_key)) { mqtt_client_config->password = password_span; } From a285a5765a9486796d07dcffa3a7e04b1ec7bb75 Mon Sep 17 00:00:00 2001 From: Dane Walton Date: Tue, 29 Mar 2022 19:08:43 -0700 Subject: [PATCH 4/5] change is_span_empty --- examples/Azure_IoT_Central_ESP32/AzureIoT.cpp | 68 +++++++++---------- examples/Azure_IoT_Central_ESP32/AzureIoT.h | 9 --- .../AzureIoT.cpp | 68 +++++++++---------- .../AzureIoT.h | 9 --- .../Azure_IoT_Hub_ESP32/AzIoTSasToken.cpp | 4 +- 5 files changed, 70 insertions(+), 88 deletions(-) diff --git a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp index f806cff5..91c6d02a 100644 --- a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp @@ -73,7 +73,7 @@ static int get_mqtt_client_config_for_iot_hub(azure_iot_t* azure_iot, mqtt_clien static az_span generate_dps_register_custom_property(az_span model_id, az_span data_buffer, az_span* remainder); #define is_device_provisioned(azure_iot) \ - (!is_az_span_empty(azure_iot->config->iot_hub_fqdn) && !is_az_span_empty(azure_iot->config->device_id)) + (!az_span_is_content_equal(azure_iot->config->iot_hub_fqdn, AZ_SPAN_EMPTY) && !az_span_is_content_equal(azure_iot->config->device_id, AZ_SPAN_EMPTY)) /* --- Public API --- */ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config) @@ -82,8 +82,8 @@ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config _az_PRECONDITION_NOT_NULL(azure_iot_config); if (azure_iot_config->use_device_provisioning) { - _az_PRECONDITION(is_az_span_empty(azure_iot_config->iot_hub_fqdn)); - _az_PRECONDITION(is_az_span_empty(azure_iot_config->device_id)); + _az_PRECONDITION(az_span_is_content_equal(azure_iot_config->iot_hub_fqdn, AZ_SPAN_EMPTY)); + _az_PRECONDITION(az_span_is_content_equal(azure_iot_config->device_id, AZ_SPAN_EMPTY)); _az_PRECONDITION_VALID_SPAN(azure_iot_config->dps_id_scope, 1, false); _az_PRECONDITION_VALID_SPAN(azure_iot_config->dps_registration_id, 1, false); } @@ -91,13 +91,13 @@ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config { _az_PRECONDITION_VALID_SPAN(azure_iot_config->iot_hub_fqdn, 1, false); _az_PRECONDITION_VALID_SPAN(azure_iot_config->device_id, 1, false); - _az_PRECONDITION(is_az_span_empty(azure_iot_config->dps_id_scope)); - _az_PRECONDITION(is_az_span_empty(azure_iot_config->dps_registration_id)); + _az_PRECONDITION(az_span_is_content_equal(azure_iot_config->dps_id_scope, AZ_SPAN_EMPTY)); + _az_PRECONDITION(az_span_is_content_equal(azure_iot_config->dps_registration_id, AZ_SPAN_EMPTY)); } // Either device key or device certificate and certificate key should be defined. - if (is_az_span_empty(azure_iot_config->device_key) && - (is_az_span_empty(azure_iot_config->device_certificate) || is_az_span_empty(azure_iot_config->device_certificate_private_key) )) + if (az_span_is_content_equal(azure_iot_config->device_key, AZ_SPAN_EMPTY) && + (az_span_is_content_equal(azure_iot_config->device_certificate, AZ_SPAN_EMPTY) || az_span_is_content_equal(azure_iot_config->device_certificate_private_key, AZ_SPAN_EMPTY) )) { LogError("Please define either a device key or a device certificate and certificate private key. See iot_configs.h"); _az_PRECONDITION(false); @@ -326,7 +326,7 @@ void azure_iot_do_work(azure_iot_t* azure_iot) mqtt_message.topic = split_az_span(data_buffer, length + 1, &data_buffer); - if (is_az_span_empty(mqtt_message.topic) || is_az_span_empty(data_buffer)) + if (az_span_is_content_equal(mqtt_message.topic, AZ_SPAN_EMPTY) || az_span_is_content_equal(data_buffer, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed reserving memory for DPS register payload."); @@ -336,7 +336,7 @@ void azure_iot_do_work(azure_iot_t* azure_iot) dps_register_custom_property = generate_dps_register_custom_property( azure_iot->config->model_id, data_buffer, &mqtt_message.payload); - if (is_az_span_empty(dps_register_custom_property)) + if (az_span_is_content_equal(dps_register_custom_property, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed generating DPS register custom property payload."); @@ -812,11 +812,11 @@ int azure_iot_mqtt_client_message_received(azure_iot_t* azure_iot, mqtt_message_ { result = RESULT_OK; - if (is_az_span_empty(azure_iot->dps_operation_id)) + if (az_span_is_content_equal(azure_iot->dps_operation_id, AZ_SPAN_EMPTY)) { azure_iot->dps_operation_id = slice_and_copy_az_span(azure_iot->data_buffer, register_response.operation_id, &azure_iot->data_buffer); - if (is_az_span_empty(azure_iot->dps_operation_id)) + if (az_span_is_content_equal(azure_iot->dps_operation_id, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed reserving memory for DPS operation id."); @@ -837,7 +837,7 @@ int azure_iot_mqtt_client_message_received(azure_iot_t* azure_iot, mqtt_message_ azure_iot->config->iot_hub_fqdn = slice_and_copy_az_span(data_buffer, register_response.registration_state.assigned_hub_hostname, &data_buffer); - if (is_az_span_empty(azure_iot->config->iot_hub_fqdn)) + if (az_span_is_content_equal(azure_iot->config->iot_hub_fqdn, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed saving IoT Hub fqdn from provisioning."); @@ -847,7 +847,7 @@ int azure_iot_mqtt_client_message_received(azure_iot_t* azure_iot, mqtt_message_ { azure_iot->config->device_id = slice_and_copy_az_span(data_buffer, register_response.registration_state.device_id, &data_buffer); - if (is_az_span_empty(azure_iot->config->device_id)) + if (az_span_is_content_equal(azure_iot->config->device_id, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed saving device id from provisioning."); @@ -955,9 +955,9 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co data_buffer_span = azure_iot->data_buffer; password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); + EXIT_IF_TRUE(az_span_is_content_equal(password_span, AZ_SPAN_EMPTY), RESULT_ERROR, "Failed reserving buffer for password_span."); - if(!is_az_span_empty(azure_iot->config->device_key)) + if(!az_span_is_content_equal(azure_iot->config->device_key, AZ_SPAN_EMPTY)) { password_length = generate_sas_token_for_dps( &azure_iot->dps_client, @@ -971,7 +971,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co } client_id_span = split_az_span(data_buffer_span, MQTT_CLIENT_ID_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(client_id_span), RESULT_ERROR, "Failed reserving buffer for client_id_span."); + EXIT_IF_TRUE(az_span_is_content_equal(client_id_span, AZ_SPAN_EMPTY), RESULT_ERROR, "Failed reserving buffer for client_id_span."); azrc = az_iot_provisioning_client_get_client_id( &azure_iot->dps_client, (char*)az_span_ptr(client_id_span), az_span_size(client_id_span), &client_id_length); @@ -989,7 +989,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - if(!is_az_span_empty(azure_iot->config->device_key)) + if(!az_span_is_content_equal(azure_iot->config->device_key, AZ_SPAN_EMPTY)) { mqtt_client_config->password = password_span; } @@ -1035,7 +1035,7 @@ static int get_mqtt_client_config_for_iot_hub(azure_iot_t* azure_iot, mqtt_clien data_buffer_span = azure_iot->data_buffer; password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); + EXIT_IF_TRUE(az_span_is_content_equal(password_span, AZ_SPAN_EMPTY), RESULT_ERROR, "Failed reserving buffer for password_span."); password_length = generate_sas_token_for_iot_hub( &azure_iot->iot_hub_client, @@ -1048,7 +1048,7 @@ static int get_mqtt_client_config_for_iot_hub(azure_iot_t* azure_iot, mqtt_clien EXIT_IF_TRUE(password_length == 0, RESULT_ERROR, "Failed creating mqtt password for IoT Hub connection."); client_id_span = split_az_span(data_buffer_span, MQTT_CLIENT_ID_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(client_id_span), RESULT_ERROR, "Failed reserving buffer for client_id_span."); + EXIT_IF_TRUE(az_span_is_content_equal(client_id_span, AZ_SPAN_EMPTY), RESULT_ERROR, "Failed reserving buffer for client_id_span."); azrc = az_iot_hub_client_get_client_id( &azure_iot->iot_hub_client, (char*)az_span_ptr(client_id_span), az_span_size(client_id_span), &client_id_length); @@ -1113,7 +1113,7 @@ static int generate_sas_token_for_dps( // Step 2.a. plain_sas_signature = split_az_span(data_buffer_span, PLAIN_SAS_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(plain_sas_signature), 0, "Failed reserving buffer for plain sas token."); + EXIT_IF_TRUE(az_span_is_content_equal(plain_sas_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for plain sas token."); rc = az_iot_provisioning_client_sas_get_signature( provisioning_client, *expiration_time, plain_sas_signature, &plain_sas_signature); @@ -1121,10 +1121,10 @@ static int generate_sas_token_for_dps( // Step 2.b. sas_signature = split_az_span(data_buffer_span, SAS_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(sas_signature), 0, "Failed reserving buffer for sas_signature."); + EXIT_IF_TRUE(az_span_is_content_equal(sas_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for sas_signature."); decoded_sas_key = split_az_span(data_buffer_span, DECODED_SAS_KEY_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(decoded_sas_key), 0, "Failed reserving buffer for decoded_sas_key."); + EXIT_IF_TRUE(az_span_is_content_equal(decoded_sas_key, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for decoded_sas_key."); result = data_manipulation_functions.base64_decode( az_span_ptr(device_key), az_span_size(device_key), az_span_ptr(decoded_sas_key), az_span_size(decoded_sas_key), &decoded_sas_key_length); @@ -1132,7 +1132,7 @@ static int generate_sas_token_for_dps( // Step 2.c. sas_hmac256_signed_signature = split_az_span(data_buffer_span, SAS_HMAC256_ENCRYPTED_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(sas_hmac256_signed_signature), 0, "Failed reserving buffer for sas_hmac256_signed_signature."); + EXIT_IF_TRUE(az_span_is_content_equal(sas_hmac256_signed_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for sas_hmac256_signed_signature."); result = data_manipulation_functions.hmac_sha256_encrypt( az_span_ptr(decoded_sas_key), decoded_sas_key_length, @@ -1204,7 +1204,7 @@ static int generate_sas_token_for_iot_hub( // Step 2.a. plain_sas_signature = split_az_span(data_buffer_span, PLAIN_SAS_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(plain_sas_signature), 0, "Failed reserving buffer for plain sas token."); + EXIT_IF_TRUE(az_span_is_content_equal(plain_sas_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for plain sas token."); rc = az_iot_hub_client_sas_get_signature( iot_hub_client, *expiration_time, plain_sas_signature, &plain_sas_signature); @@ -1212,10 +1212,10 @@ static int generate_sas_token_for_iot_hub( // Step 2.b. sas_signature = split_az_span(data_buffer_span, SAS_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(sas_signature), 0, "Failed reserving buffer for sas_signature."); + EXIT_IF_TRUE(az_span_is_content_equal(sas_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for sas_signature."); decoded_sas_key = split_az_span(data_buffer_span, DECODED_SAS_KEY_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(decoded_sas_key), 0, "Failed reserving buffer for decoded_sas_key."); + EXIT_IF_TRUE(az_span_is_content_equal(decoded_sas_key, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for decoded_sas_key."); result = data_manipulation_functions.base64_decode( az_span_ptr(device_key), az_span_size(device_key), az_span_ptr(decoded_sas_key), az_span_size(decoded_sas_key), &decoded_sas_key_length); @@ -1223,7 +1223,7 @@ static int generate_sas_token_for_iot_hub( // Step 2.c. sas_hmac256_signed_signature = split_az_span(data_buffer_span, SAS_HMAC256_ENCRYPTED_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(sas_hmac256_signed_signature), 0, "Failed reserving buffer for sas_hmac256_signed_signature."); + EXIT_IF_TRUE(az_span_is_content_equal(sas_hmac256_signed_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for sas_hmac256_signed_signature."); result = data_manipulation_functions.hmac_sha256_encrypt( az_span_ptr(decoded_sas_key), decoded_sas_key_length, @@ -1271,16 +1271,16 @@ static az_span generate_dps_register_custom_property(az_span model_id, az_span d size_t length = lengthof(DPS_REGISTER_CUSTOM_PAYLOAD_BEGIN) + az_span_size(model_id) + lengthof(DPS_REGISTER_CUSTOM_PAYLOAD_END); custom_property = split_az_span(data_buffer, length, remainder); - EXIT_IF_TRUE(is_az_span_empty(custom_property), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (not enough space)."); + EXIT_IF_TRUE(az_span_is_content_equal(custom_property, AZ_SPAN_EMPTY), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (not enough space)."); data_buffer = az_span_copy(data_buffer, AZ_SPAN_FROM_STR(DPS_REGISTER_CUSTOM_PAYLOAD_BEGIN)); - EXIT_IF_TRUE(is_az_span_empty(data_buffer), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (prefix)."); + EXIT_IF_TRUE(az_span_is_content_equal(data_buffer, AZ_SPAN_EMPTY), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (prefix)."); data_buffer = az_span_copy(data_buffer, model_id); - EXIT_IF_TRUE(is_az_span_empty(data_buffer), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (model id)."); + EXIT_IF_TRUE(az_span_is_content_equal(data_buffer, AZ_SPAN_EMPTY), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (model id)."); data_buffer = az_span_copy(data_buffer, AZ_SPAN_FROM_STR(DPS_REGISTER_CUSTOM_PAYLOAD_END)); - EXIT_IF_TRUE(is_az_span_empty(data_buffer), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (suffix)."); + EXIT_IF_TRUE(az_span_is_content_equal(data_buffer, AZ_SPAN_EMPTY), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (suffix)."); return custom_property; } @@ -1290,7 +1290,7 @@ az_span split_az_span(az_span span, int32_t size, az_span* remainder) { az_span result = az_span_slice(span, 0, size); - if (remainder != NULL && !is_az_span_empty(result)) + if (remainder != NULL && !az_span_is_content_equal(result, AZ_SPAN_EMPTY)) { *remainder = az_span_slice(span, size, az_span_size(span)); } @@ -1302,12 +1302,12 @@ az_span slice_and_copy_az_span(az_span destination, az_span source, az_span* rem { az_span result = split_az_span(destination, az_span_size(source), remainder); - if (is_az_span_empty(*remainder)) + if (az_span_is_content_equal(*remainder, AZ_SPAN_EMPTY)) { result = AZ_SPAN_EMPTY; } - if (!is_az_span_empty(result)) + if (!az_span_is_content_equal(result, AZ_SPAN_EMPTY)) { (void)az_span_copy(result, source); } diff --git a/examples/Azure_IoT_Central_ESP32/AzureIoT.h b/examples/Azure_IoT_Central_ESP32/AzureIoT.h index b3282765..5a99b3d4 100644 --- a/examples/Azure_IoT_Central_ESP32/AzureIoT.h +++ b/examples/Azure_IoT_Central_ESP32/AzureIoT.h @@ -788,15 +788,6 @@ int azure_iot_mqtt_client_message_received(azure_iot_t* azure_iot, mqtt_message_ * These functions are used internally by the Azure IoT client code and its extensions. */ -/** - * @brief Checks whether `span` is equal to AZ_SPAN_EMPTY. - * - * @param[in] span A span to be verified. - * - * @return boolean True if `span`'s pointer and size are equal to AZ_SPAN_EMPTY, or false otherwise. - */ -#define is_az_span_empty(span) az_span_is_content_equal(span, AZ_SPAN_EMPTY) - /** * @brief Slices `span` at position `size`, returns the first slice and assigns the second slice to `remainder`. * diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp index d4b36314..7f0f5539 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp @@ -73,7 +73,7 @@ static int get_mqtt_client_config_for_iot_hub(azure_iot_t* azure_iot, mqtt_clien static az_span generate_dps_register_custom_property(az_span model_id, az_span data_buffer, az_span* remainder); #define is_device_provisioned(azure_iot) \ - (!is_az_span_empty(azure_iot->config->iot_hub_fqdn) && !is_az_span_empty(azure_iot->config->device_id)) + (!az_span_is_content_equal(azure_iot->config->iot_hub_fqdn, AZ_SPAN_EMPTY) && !az_span_is_content_equal(azure_iot->config->device_id, AZ_SPAN_EMPTY)) /* --- Public API --- */ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config) @@ -82,8 +82,8 @@ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config _az_PRECONDITION_NOT_NULL(azure_iot_config); if (azure_iot_config->use_device_provisioning) { - _az_PRECONDITION(is_az_span_empty(azure_iot_config->iot_hub_fqdn)); - _az_PRECONDITION(is_az_span_empty(azure_iot_config->device_id)); + _az_PRECONDITION(az_span_is_content_equal(azure_iot_config->iot_hub_fqdn, AZ_SPAN_EMPTY)); + _az_PRECONDITION(az_span_is_content_equal(azure_iot_config->device_id, AZ_SPAN_EMPTY)); _az_PRECONDITION_VALID_SPAN(azure_iot_config->dps_id_scope, 1, false); _az_PRECONDITION_VALID_SPAN(azure_iot_config->dps_registration_id, 1, false); } @@ -91,13 +91,13 @@ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config { _az_PRECONDITION_VALID_SPAN(azure_iot_config->iot_hub_fqdn, 1, false); _az_PRECONDITION_VALID_SPAN(azure_iot_config->device_id, 1, false); - _az_PRECONDITION(is_az_span_empty(azure_iot_config->dps_id_scope)); - _az_PRECONDITION(is_az_span_empty(azure_iot_config->dps_registration_id)); + _az_PRECONDITION(az_span_is_content_equal(azure_iot_config->dps_id_scope, AZ_SPAN_EMPTY)); + _az_PRECONDITION(az_span_is_content_equal(azure_iot_config->dps_registration_id, AZ_SPAN_EMPTY)); } // Either device key or device certificate and certificate key should be defined. - if (is_az_span_empty(azure_iot_config->device_key) && - (is_az_span_empty(azure_iot_config->device_certificate) || is_az_span_empty(azure_iot_config->device_certificate_private_key) )) + if (az_span_is_content_equal(azure_iot_config->device_key, AZ_SPAN_EMPTY) && + (az_span_is_content_equal(azure_iot_config->device_certificate, AZ_SPAN_EMPTY) || az_span_is_content_equal(azure_iot_config->device_certificate_private_key, AZ_SPAN_EMPTY) )) { LogError("Please define either a device key or a device certificate and certificate private key. See iot_configs.h"); _az_PRECONDITION(false); @@ -326,7 +326,7 @@ void azure_iot_do_work(azure_iot_t* azure_iot) mqtt_message.topic = split_az_span(data_buffer, length + 1, &data_buffer); - if (is_az_span_empty(mqtt_message.topic) || is_az_span_empty(data_buffer)) + if (az_span_is_content_equal(mqtt_message.topic, AZ_SPAN_EMPTY) || az_span_is_content_equal(data_buffer, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed reserving memory for DPS register payload."); @@ -336,7 +336,7 @@ void azure_iot_do_work(azure_iot_t* azure_iot) dps_register_custom_property = generate_dps_register_custom_property( azure_iot->config->model_id, data_buffer, &mqtt_message.payload); - if (is_az_span_empty(dps_register_custom_property)) + if (az_span_is_content_equal(dps_register_custom_property, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed generating DPS register custom property payload."); @@ -812,11 +812,11 @@ int azure_iot_mqtt_client_message_received(azure_iot_t* azure_iot, mqtt_message_ { result = RESULT_OK; - if (is_az_span_empty(azure_iot->dps_operation_id)) + if (az_span_is_content_equal(azure_iot->dps_operation_id, AZ_SPAN_EMPTY)) { azure_iot->dps_operation_id = slice_and_copy_az_span(azure_iot->data_buffer, register_response.operation_id, &azure_iot->data_buffer); - if (is_az_span_empty(azure_iot->dps_operation_id)) + if (az_span_is_content_equal(azure_iot->dps_operation_id, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed reserving memory for DPS operation id."); @@ -837,7 +837,7 @@ int azure_iot_mqtt_client_message_received(azure_iot_t* azure_iot, mqtt_message_ azure_iot->config->iot_hub_fqdn = slice_and_copy_az_span(data_buffer, register_response.registration_state.assigned_hub_hostname, &data_buffer); - if (is_az_span_empty(azure_iot->config->iot_hub_fqdn)) + if (az_span_is_content_equal(azure_iot->config->iot_hub_fqdn, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed saving IoT Hub fqdn from provisioning."); @@ -847,7 +847,7 @@ int azure_iot_mqtt_client_message_received(azure_iot_t* azure_iot, mqtt_message_ { azure_iot->config->device_id = slice_and_copy_az_span(data_buffer, register_response.registration_state.device_id, &data_buffer); - if (is_az_span_empty(azure_iot->config->device_id)) + if (az_span_is_content_equal(azure_iot->config->device_id, AZ_SPAN_EMPTY)) { azure_iot->state = azure_iot_state_error; LogError("Failed saving device id from provisioning."); @@ -955,9 +955,9 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co data_buffer_span = azure_iot->data_buffer; password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); + EXIT_IF_TRUE(az_span_is_content_equal(password_span, AZ_SPAN_EMPTY), RESULT_ERROR, "Failed reserving buffer for password_span."); - if(!is_az_span_empty(azure_iot->config->device_key)) + if(!az_span_is_content_equal(azure_iot->config->device_key, AZ_SPAN_EMPTY)) { password_length = generate_sas_token_for_dps( &azure_iot->dps_client, @@ -971,7 +971,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co } client_id_span = split_az_span(data_buffer_span, MQTT_CLIENT_ID_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(client_id_span), RESULT_ERROR, "Failed reserving buffer for client_id_span."); + EXIT_IF_TRUE(az_span_is_content_equal(client_id_span, AZ_SPAN_EMPTY), RESULT_ERROR, "Failed reserving buffer for client_id_span."); azrc = az_iot_provisioning_client_get_client_id( &azure_iot->dps_client, (char*)az_span_ptr(client_id_span), az_span_size(client_id_span), &client_id_length); @@ -989,7 +989,7 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - if(!is_az_span_empty(azure_iot->config->device_key)) + if(!az_span_is_content_equal(azure_iot->config->device_key, AZ_SPAN_EMPTY)) { mqtt_client_config->password = password_span; } @@ -1035,7 +1035,7 @@ static int get_mqtt_client_config_for_iot_hub(azure_iot_t* azure_iot, mqtt_clien data_buffer_span = azure_iot->data_buffer; password_span = split_az_span(data_buffer_span, MQTT_PASSWORD_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(password_span), RESULT_ERROR, "Failed reserving buffer for password_span."); + EXIT_IF_TRUE(az_span_is_content_equal(password_span, AZ_SPAN_EMPTY), RESULT_ERROR, "Failed reserving buffer for password_span."); password_length = generate_sas_token_for_iot_hub( &azure_iot->iot_hub_client, @@ -1048,7 +1048,7 @@ static int get_mqtt_client_config_for_iot_hub(azure_iot_t* azure_iot, mqtt_clien EXIT_IF_TRUE(password_length == 0, RESULT_ERROR, "Failed creating mqtt password for IoT Hub connection."); client_id_span = split_az_span(data_buffer_span, MQTT_CLIENT_ID_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(client_id_span), RESULT_ERROR, "Failed reserving buffer for client_id_span."); + EXIT_IF_TRUE(az_span_is_content_equal(client_id_span, AZ_SPAN_EMPTY), RESULT_ERROR, "Failed reserving buffer for client_id_span."); azrc = az_iot_hub_client_get_client_id( &azure_iot->iot_hub_client, (char*)az_span_ptr(client_id_span), az_span_size(client_id_span), &client_id_length); @@ -1113,7 +1113,7 @@ static int generate_sas_token_for_dps( // Step 2.a. plain_sas_signature = split_az_span(data_buffer_span, PLAIN_SAS_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(plain_sas_signature), 0, "Failed reserving buffer for plain sas token."); + EXIT_IF_TRUE(az_span_is_content_equal(plain_sas_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for plain sas token."); rc = az_iot_provisioning_client_sas_get_signature( provisioning_client, *expiration_time, plain_sas_signature, &plain_sas_signature); @@ -1121,10 +1121,10 @@ static int generate_sas_token_for_dps( // Step 2.b. sas_signature = split_az_span(data_buffer_span, SAS_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(sas_signature), 0, "Failed reserving buffer for sas_signature."); + EXIT_IF_TRUE(az_span_is_content_equal(sas_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for sas_signature."); decoded_sas_key = split_az_span(data_buffer_span, DECODED_SAS_KEY_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(decoded_sas_key), 0, "Failed reserving buffer for decoded_sas_key."); + EXIT_IF_TRUE(az_span_is_content_equal(decoded_sas_key, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for decoded_sas_key."); result = data_manipulation_functions.base64_decode( az_span_ptr(device_key), az_span_size(device_key), az_span_ptr(decoded_sas_key), az_span_size(decoded_sas_key), &decoded_sas_key_length); @@ -1132,7 +1132,7 @@ static int generate_sas_token_for_dps( // Step 2.c. sas_hmac256_signed_signature = split_az_span(data_buffer_span, SAS_HMAC256_ENCRYPTED_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(sas_hmac256_signed_signature), 0, "Failed reserving buffer for sas_hmac256_signed_signature."); + EXIT_IF_TRUE(az_span_is_content_equal(sas_hmac256_signed_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for sas_hmac256_signed_signature."); result = data_manipulation_functions.hmac_sha256_encrypt( az_span_ptr(decoded_sas_key), decoded_sas_key_length, @@ -1204,7 +1204,7 @@ static int generate_sas_token_for_iot_hub( // Step 2.a. plain_sas_signature = split_az_span(data_buffer_span, PLAIN_SAS_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(plain_sas_signature), 0, "Failed reserving buffer for plain sas token."); + EXIT_IF_TRUE(az_span_is_content_equal(plain_sas_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for plain sas token."); rc = az_iot_hub_client_sas_get_signature( iot_hub_client, *expiration_time, plain_sas_signature, &plain_sas_signature); @@ -1212,10 +1212,10 @@ static int generate_sas_token_for_iot_hub( // Step 2.b. sas_signature = split_az_span(data_buffer_span, SAS_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(sas_signature), 0, "Failed reserving buffer for sas_signature."); + EXIT_IF_TRUE(az_span_is_content_equal(sas_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for sas_signature."); decoded_sas_key = split_az_span(data_buffer_span, DECODED_SAS_KEY_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(decoded_sas_key), 0, "Failed reserving buffer for decoded_sas_key."); + EXIT_IF_TRUE(az_span_is_content_equal(decoded_sas_key, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for decoded_sas_key."); result = data_manipulation_functions.base64_decode( az_span_ptr(device_key), az_span_size(device_key), az_span_ptr(decoded_sas_key), az_span_size(decoded_sas_key), &decoded_sas_key_length); @@ -1223,7 +1223,7 @@ static int generate_sas_token_for_iot_hub( // Step 2.c. sas_hmac256_signed_signature = split_az_span(data_buffer_span, SAS_HMAC256_ENCRYPTED_SIGNATURE_BUFFER_SIZE, &data_buffer_span); - EXIT_IF_TRUE(is_az_span_empty(sas_hmac256_signed_signature), 0, "Failed reserving buffer for sas_hmac256_signed_signature."); + EXIT_IF_TRUE(az_span_is_content_equal(sas_hmac256_signed_signature, AZ_SPAN_EMPTY), 0, "Failed reserving buffer for sas_hmac256_signed_signature."); result = data_manipulation_functions.hmac_sha256_encrypt( az_span_ptr(decoded_sas_key), decoded_sas_key_length, @@ -1271,16 +1271,16 @@ static az_span generate_dps_register_custom_property(az_span model_id, az_span d size_t length = lengthof(DPS_REGISTER_CUSTOM_PAYLOAD_BEGIN) + az_span_size(model_id) + lengthof(DPS_REGISTER_CUSTOM_PAYLOAD_END); custom_property = split_az_span(data_buffer, length, remainder); - EXIT_IF_TRUE(is_az_span_empty(custom_property), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (not enough space)."); + EXIT_IF_TRUE(az_span_is_content_equal(custom_property, AZ_SPAN_EMPTY), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (not enough space)."); data_buffer = az_span_copy(data_buffer, AZ_SPAN_FROM_STR(DPS_REGISTER_CUSTOM_PAYLOAD_BEGIN)); - EXIT_IF_TRUE(is_az_span_empty(data_buffer), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (prefix)."); + EXIT_IF_TRUE(az_span_is_content_equal(data_buffer, AZ_SPAN_EMPTY), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (prefix)."); data_buffer = az_span_copy(data_buffer, model_id); - EXIT_IF_TRUE(is_az_span_empty(data_buffer), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (model id)."); + EXIT_IF_TRUE(az_span_is_content_equal(data_buffer, AZ_SPAN_EMPTY), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (model id)."); data_buffer = az_span_copy(data_buffer, AZ_SPAN_FROM_STR(DPS_REGISTER_CUSTOM_PAYLOAD_END)); - EXIT_IF_TRUE(is_az_span_empty(data_buffer), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (suffix)."); + EXIT_IF_TRUE(az_span_is_content_equal(data_buffer, AZ_SPAN_EMPTY), AZ_SPAN_EMPTY, "Failed generating DPS register custom property (suffix)."); return custom_property; } @@ -1290,7 +1290,7 @@ az_span split_az_span(az_span span, int32_t size, az_span* remainder) { az_span result = az_span_slice(span, 0, size); - if (remainder != NULL && !is_az_span_empty(result)) + if (remainder != NULL && !az_span_is_content_equal(result, AZ_SPAN_EMPTY)) { *remainder = az_span_slice(span, size, az_span_size(span)); } @@ -1302,12 +1302,12 @@ az_span slice_and_copy_az_span(az_span destination, az_span source, az_span* rem { az_span result = split_az_span(destination, az_span_size(source), remainder); - if (is_az_span_empty(*remainder)) + if (az_span_is_content_equal(*remainder, AZ_SPAN_EMPTY)) { result = AZ_SPAN_EMPTY; } - if (!is_az_span_empty(result)) + if (!az_span_is_content_equal(result, AZ_SPAN_EMPTY)) { (void)az_span_copy(result, source); } diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.h b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.h index b3282765..5a99b3d4 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.h +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.h @@ -788,15 +788,6 @@ int azure_iot_mqtt_client_message_received(azure_iot_t* azure_iot, mqtt_message_ * These functions are used internally by the Azure IoT client code and its extensions. */ -/** - * @brief Checks whether `span` is equal to AZ_SPAN_EMPTY. - * - * @param[in] span A span to be verified. - * - * @return boolean True if `span`'s pointer and size are equal to AZ_SPAN_EMPTY, or false otherwise. - */ -#define is_az_span_empty(span) az_span_is_content_equal(span, AZ_SPAN_EMPTY) - /** * @brief Slices `span` at position `size`, returns the first slice and assigns the second slice to `remainder`. * diff --git a/examples/Azure_IoT_Hub_ESP32/AzIoTSasToken.cpp b/examples/Azure_IoT_Hub_ESP32/AzIoTSasToken.cpp index 3cdc2f73..4fd578ed 100644 --- a/examples/Azure_IoT_Hub_ESP32/AzIoTSasToken.cpp +++ b/examples/Azure_IoT_Hub_ESP32/AzIoTSasToken.cpp @@ -12,7 +12,7 @@ #define INDEFINITE_TIME ((time_t)-1) -#define is_az_span_empty(x) (az_span_size(x) == az_span_size(AZ_SPAN_EMPTY) && az_span_ptr(x) == az_span_ptr(AZ_SPAN_EMPTY)) +#define az_span_is_content_equal(x, AZ_SPAN_EMPTY) (az_span_size(x) == az_span_size(AZ_SPAN_EMPTY) && az_span_ptr(x) == az_span_ptr(AZ_SPAN_EMPTY)) static uint32_t getSasTokenExpiration(const char* sasToken) { @@ -242,7 +242,7 @@ int AzIoTSasToken::Generate(unsigned int expiryTimeInMinutes) expiryTimeInMinutes, this->sasTokenBuffer); - if (is_az_span_empty(this->sasToken)) + if (az_span_is_content_equal(this->sasToken, AZ_SPAN_EMPTY)) { Logger.Error("Failed generating SAS token"); return 1; From ce033bb49dd77603adb8fc9f75775707874b66d6 Mon Sep 17 00:00:00 2001 From: Dane Walton Date: Tue, 29 Mar 2022 19:27:08 -0700 Subject: [PATCH 5/5] pr comments --- examples/Azure_IoT_Central_ESP32/AzureIoT.cpp | 18 +++--- .../Azure_IoT_Central_ESP32/iot_configs.h | 60 ++++++++++--------- .../AzureIoT.cpp | 18 +++--- .../iot_configs.h | 60 ++++++++++--------- examples/Azure_IoT_Hub_ESP32/iot_configs.h | 60 ++++++++++--------- 5 files changed, 113 insertions(+), 103 deletions(-) diff --git a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp index 91c6d02a..37b9f07e 100644 --- a/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32/AzureIoT.cpp @@ -100,7 +100,7 @@ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config (az_span_is_content_equal(azure_iot_config->device_certificate, AZ_SPAN_EMPTY) || az_span_is_content_equal(azure_iot_config->device_certificate_private_key, AZ_SPAN_EMPTY) )) { LogError("Please define either a device key or a device certificate and certificate private key. See iot_configs.h"); - _az_PRECONDITION(false); + return; } _az_PRECONDITION_VALID_SPAN(azure_iot_config->data_buffer, 1, false); @@ -968,6 +968,12 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co password_span, &azure_iot->sas_token_expiration_time); EXIT_IF_TRUE(password_length == 0, RESULT_ERROR, "Failed creating mqtt password for DPS connection."); + + mqtt_client_config->password = password_span; + } + else + { + mqtt_client_config->password = AZ_SPAN_EMPTY; } client_id_span = split_az_span(data_buffer_span, MQTT_CLIENT_ID_BUFFER_SIZE, &data_buffer_span); @@ -989,16 +995,6 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - if(!az_span_is_content_equal(azure_iot->config->device_key, AZ_SPAN_EMPTY)) - { - mqtt_client_config->password = password_span; - } - else - { - // Certs don't use a password - mqtt_client_config->password = AZ_SPAN_EMPTY; - } - return RESULT_OK; } diff --git a/examples/Azure_IoT_Central_ESP32/iot_configs.h b/examples/Azure_IoT_Central_ESP32/iot_configs.h index 28eb3a15..85ab6dc5 100644 --- a/examples/Azure_IoT_Central_ESP32/iot_configs.h +++ b/examples/Azure_IoT_Central_ESP32/iot_configs.h @@ -5,41 +5,47 @@ #define IOT_CONFIG_WIFI_SSID "SSID" #define IOT_CONFIG_WIFI_PASSWORD "PWD" -// Define if using device x509 certificates +// Enable macro IOT_CONFIG_USE_X509_CERT to use an x509 certificate to authenticate the IoT device. +// The two main modes of authentication are through SAS tokens (automatically generated by the sample using the provided device symmetric key) or through x509 certificates. +// Please choose the appropriate option according to your device authentication mode. + // #define IOT_CONFIG_USE_X509_CERT #ifdef IOT_CONFIG_USE_X509_CERT /* - -Device certificate should be of the form: - -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ -"A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ -"MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ -....... -"YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ -"vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ -"yC+koNRC0MU=\r\n" \ -"-----END CERTIFICATE-----" - -*/ + * Please set the define IOT_CONFIG_DEVICE_CERT below with + * the content of your device x509 certificate. + * + * Example: + * #define IOT_CONFIG_DEVICE_CERT "-----BEGIN CERTIFICATE-----\r\n" \ + * "MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ + * "A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ + * "MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ + * ....... + * "YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ + * "vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ + * "yC+koNRC0MU=\r\n" \ + * "-----END CERTIFICATE-----" + * + */ #define IOT_CONFIG_DEVICE_CERT "Device Certificate" /* - -Device certificate private key should be of the form: - -"-----BEGIN EC PRIVATE KEY-----\r\n" \ -"MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ -"AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ -"yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ -"-----END EC PRIVATE KEY-----" - -Note the type of key may different in your case. Such as BEGIN PRIVATE KEY -or BEGIN RSA PRIVATE KEY. - + * Please set the define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY below with + * the content of your device x509 private key. + * + * Example: + * + * #define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "-----BEGIN EC PRIVATE KEY-----\r\n" \ + * "MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ + * "AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ + * "yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ + * "-----END EC PRIVATE KEY-----" + * + * Note the type of key may different in your case. Such as BEGIN PRIVATE KEY + * or BEGIN RSA PRIVATE KEY. + * */ #define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "Device Certificate Private Key" diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp index 7f0f5539..a8934ced 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/AzureIoT.cpp @@ -100,7 +100,7 @@ void azure_iot_init(azure_iot_t* azure_iot, azure_iot_config_t* azure_iot_config (az_span_is_content_equal(azure_iot_config->device_certificate, AZ_SPAN_EMPTY) || az_span_is_content_equal(azure_iot_config->device_certificate_private_key, AZ_SPAN_EMPTY) )) { LogError("Please define either a device key or a device certificate and certificate private key. See iot_configs.h"); - _az_PRECONDITION(false); + return; } _az_PRECONDITION_VALID_SPAN(azure_iot_config->data_buffer, 1, false); @@ -968,6 +968,12 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co password_span, &azure_iot->sas_token_expiration_time); EXIT_IF_TRUE(password_length == 0, RESULT_ERROR, "Failed creating mqtt password for DPS connection."); + + mqtt_client_config->password = password_span; + } + else + { + mqtt_client_config->password = AZ_SPAN_EMPTY; } client_id_span = split_az_span(data_buffer_span, MQTT_CLIENT_ID_BUFFER_SIZE, &data_buffer_span); @@ -989,16 +995,6 @@ static int get_mqtt_client_config_for_dps(azure_iot_t* azure_iot, mqtt_client_co mqtt_client_config->client_id = client_id_span; mqtt_client_config->username = username_span; - if(!az_span_is_content_equal(azure_iot->config->device_key, AZ_SPAN_EMPTY)) - { - mqtt_client_config->password = password_span; - } - else - { - // Certs don't use a password - mqtt_client_config->password = AZ_SPAN_EMPTY; - } - return RESULT_OK; } diff --git a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/iot_configs.h b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/iot_configs.h index 30a8ab41..159c627e 100644 --- a/examples/Azure_IoT_Central_ESP32_AzureIoTKit/iot_configs.h +++ b/examples/Azure_IoT_Central_ESP32_AzureIoTKit/iot_configs.h @@ -5,41 +5,47 @@ #define IOT_CONFIG_WIFI_SSID "SSID" #define IOT_CONFIG_WIFI_PASSWORD "PWD" -// Define if using device x509 certificates +// Enable macro IOT_CONFIG_USE_X509_CERT to use an x509 certificate to authenticate the IoT device. +// The two main modes of authentication are through SAS tokens (automatically generated by the sample using the provided device symmetric key) or through x509 certificates. +// Please choose the appropriate option according to your device authentication mode. + // #define IOT_CONFIG_USE_X509_CERT #ifdef IOT_CONFIG_USE_X509_CERT /* - -Device certificate should be of the form: - -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ -"A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ -"MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ -....... -"YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ -"vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ -"yC+koNRC0MU=\r\n" \ -"-----END CERTIFICATE-----" - -*/ + * Please set the define IOT_CONFIG_DEVICE_CERT below with + * the content of your device x509 certificate. + * + * Example: + * #define IOT_CONFIG_DEVICE_CERT "-----BEGIN CERTIFICATE-----\r\n" \ + * "MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ + * "A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ + * "MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ + * ....... + * "YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ + * "vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ + * "yC+koNRC0MU=\r\n" \ + * "-----END CERTIFICATE-----" + * + */ #define IOT_CONFIG_DEVICE_CERT "Device Certificate" /* - -Device certificate private key should be of the form: - -"-----BEGIN EC PRIVATE KEY-----\r\n" \ -"MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ -"AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ -"yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ -"-----END EC PRIVATE KEY-----" - -Note the type of key may different in your case. Such as BEGIN PRIVATE KEY -or BEGIN RSA PRIVATE KEY. - + * Please set the define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY below with + * the content of your device x509 private key. + * + * Example: + * + * #define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "-----BEGIN EC PRIVATE KEY-----\r\n" \ + * "MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ + * "AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ + * "yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ + * "-----END EC PRIVATE KEY-----" + * + * Note the type of key may different in your case. Such as BEGIN PRIVATE KEY + * or BEGIN RSA PRIVATE KEY. + * */ #define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "Device Certificate Private Key" diff --git a/examples/Azure_IoT_Hub_ESP32/iot_configs.h b/examples/Azure_IoT_Hub_ESP32/iot_configs.h index 1bb236b4..663eeee8 100644 --- a/examples/Azure_IoT_Hub_ESP32/iot_configs.h +++ b/examples/Azure_IoT_Hub_ESP32/iot_configs.h @@ -5,41 +5,47 @@ #define IOT_CONFIG_WIFI_SSID "SSID" #define IOT_CONFIG_WIFI_PASSWORD "PWD" -// Define if using device x509 certificates +// Enable macro IOT_CONFIG_USE_X509_CERT to use an x509 certificate to authenticate the IoT device. +// The two main modes of authentication are through SAS tokens (automatically generated by the sample using the provided device symmetric key) or through x509 certificates. +// Please choose the appropriate option according to your device authentication mode. + // #define IOT_CONFIG_USE_X509_CERT #ifdef IOT_CONFIG_USE_X509_CERT /* - -Device certificate should be of the form: - -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ -"A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ -"MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ -....... -"YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ -"vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ -"yC+koNRC0MU=\r\n" \ -"-----END CERTIFICATE-----" - -*/ + * Please set the define IOT_CONFIG_DEVICE_CERT below with + * the content of your device x509 certificate. + * + * Example: + * #define IOT_CONFIG_DEVICE_CERT "-----BEGIN CERTIFICATE-----\r\n" \ + * "MIIBJDCBywIUfeHrebBVa2eZAbouBgACp9R3BncwCgYIKoZIzj0EAwIwETEPMA0G\r\n" \ + * "A1UEAwwGRFBTIENBMB4XDTIyMDMyMjazMTAzN1oXDTIzMDMyMjIzMTAzN1owGTEX\r\n" \ + * "MBUGA1UEAwwOY29udG9zby1kZXZpY2UwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\r\n" \ + * ....... + * "YmGzdaHTb6P1W+p+jmc+jJn1MAoGCXqGSM49BAMCA0gAMEUCIEnbEMsAdGFroMwl\r\n" \ + * "vTfQahwsxN3xink9z1gtirrjQlqDAiEAyU+6TUJcG6d9JF+uJqsLFpsbbF3IzGAw\r\n" \ + * "yC+koNRC0MU=\r\n" \ + * "-----END CERTIFICATE-----" + * + */ #define IOT_CONFIG_DEVICE_CERT "Device Certificate" /* - -Device certificate private key should be of the form: - -"-----BEGIN EC PRIVATE KEY-----\r\n" \ -"MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ -"AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ -"yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ -"-----END EC PRIVATE KEY-----" - -Note the type of key may different in your case. Such as BEGIN PRIVATE KEY -or BEGIN RSA PRIVATE KEY. - + * Please set the define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY below with + * the content of your device x509 private key. + * + * Example: + * + * #define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "-----BEGIN EC PRIVATE KEY-----\r\n" \ + * "MHcCAQEEIKGXkMMiO9D7jYpUjUGTBn7gGzeKPeNzCP83wbfQfLd9obAoGCCqGSM49\r\n" \ + * "AwEHoUQDQgAEU6nQoYbjgJvBwaeD6MyAYmOSDg0QhEdyyV337qrlIbDEKvFsn1El\r\n" \ + * "yRabc4dNp2Jhs3Xh02+j9Vvqfo5nPoyZ9Q==\r\n" \ + * "-----END EC PRIVATE KEY-----" + * + * Note the type of key may different in your case. Such as BEGIN PRIVATE KEY + * or BEGIN RSA PRIVATE KEY. + * */ #define IOT_CONFIG_DEVICE_CERT_PRIVATE_KEY "Device Certificate Private Key"