Implementing username/password login for ESP8266

Author: aentinger

src/ArduinoIoTCloud.cpp

@@ -15,21 +15,26 @@
    a commercial license, send an email to [email protected].
 */
 
-#include <ArduinoECCX08.h>
+#include <ArduinoIoTCloud.h>
+
+#ifdef BOARD_HAS_ECCX08
 #include "utility/ECCX08Cert.h"
-#include "CloudSerial.h"
-#include "ArduinoIoTCloud.h"
-#include <Arduino_DebugUtils.h>
+#include <ArduinoECCX08.h>
+#elif defined(BOARD_ESP)
+#include "utility/ca_cert.h"
+#endif
 
 #ifdef ARDUINO_ARCH_SAMD
   #include <RTCZero.h>
   RTCZero rtc;
 #endif
 
+#ifdef BOARD_HAS_ECCX08
 const static int keySlot                                   = 0;
 const static int compressedCertSlot                        = 10;
 const static int serialNumberAndAuthorityKeyIdentifierSlot = 11;
 const static int deviceIdSlot                              = 12;
+#endif
 
 const static int CONNECT_SUCCESS                           =  1;
 const static int CONNECT_FAILURE                           =  0;
@@ -56,7 +61,10 @@ static unsigned long getTime() {
 ArduinoIoTCloudClass::ArduinoIoTCloudClass() :
   _connection(NULL),
   _thing_id(""),
-  _bearSslClient(NULL),
+  _sslClient(NULL),
+#ifdef BOARD_ESP
+  _certificate(MQTTS_UP_ARDUINO_CC_CERTIFICATE),
+#endif
   _mqttClient(NULL),
   _lastSyncRequestTickTime(0),
   _stdinTopic(""),
@@ -68,31 +76,41 @@ ArduinoIoTCloudClass::ArduinoIoTCloudClass() :
   _otaTopic(""),
   _on_sync_event_callback(NULL),
   _on_connect_event_callback(NULL),
-  _on_disconnect_event_callback(NULL) {
-
-}
+  _on_disconnect_event_callback(NULL),
+  _device_id(""),
+  _password("") {}
 
 ArduinoIoTCloudClass::~ArduinoIoTCloudClass() {
   if (_mqttClient) {
     delete _mqttClient;
     _mqttClient = NULL;
   }
 
-  if (_bearSslClient) {
-    delete _bearSslClient;
-    _bearSslClient = NULL;
+  if (_sslClient) {
+    delete _sslClient;
+    _sslClient = NULL;
   }
 }
 
-int ArduinoIoTCloudClass::begin(ConnectionHandler& c, String brokerAddress, uint16_t brokerPort) {
-  _connection = &c;
-  Client &connectionClient = _connection->getClient();
+int ArduinoIoTCloudClass::begin(ConnectionHandler & connection,
+                                String device_id,
+                                String password, 
+                                String brokerAddress,
+                                uint16_t brokerPort) {
+  _connection = &connection;
+  _device_id = device_id;
+  _password = password;
+  return begin(_connection->getClient(), brokerAddress, brokerPort);
+}
+
+int ArduinoIoTCloudClass::begin(ConnectionHandler & connection, String brokerAddress, uint16_t brokerPort) {
+  _connection = &connection;
   _brokerAddress = brokerAddress;
   _brokerPort = brokerPort;
   #ifdef ARDUINO_ARCH_SAMD
   rtc.begin();
   #endif
-  return begin(connectionClient, _brokerAddress, _brokerPort);
+  return begin(_connection->getClient(), _brokerAddress, _brokerPort);
 }
 
 int ArduinoIoTCloudClass::begin(Client& net, String brokerAddress, uint16_t brokerPort) {
@@ -101,8 +119,9 @@ int ArduinoIoTCloudClass::begin(Client& net, String brokerAddress, uint16_t brok
   // store the broker address as class member
   _brokerAddress = brokerAddress;
   _brokerPort = brokerPort;
-  byte deviceIdBytes[72];
 
+#ifdef BOARD_HAS_ECCX08
+  byte deviceIdBytes[72];
   if (!ECCX08.begin()) {
     Debug.print(DBG_ERROR, "Cryptography processor failure. Make sure you have a compatible board.");
     return 0;
@@ -112,7 +131,7 @@ int ArduinoIoTCloudClass::begin(Client& net, String brokerAddress, uint16_t brok
     Debug.print(DBG_ERROR, "Cryptography processor read failure.");
     return 0;
   }
-  _device_id = (char*)deviceIdBytes;
+  _device_id = (char *)deviceIdBytes;
 
   if (!ECCX08Cert.beginReconstruction(keySlot, compressedCertSlot, serialNumberAndAuthorityKeyIdentifierSlot)) {
     Debug.print(DBG_ERROR, "Cryptography certificate reconstruction failure.");
@@ -129,26 +148,44 @@ int ArduinoIoTCloudClass::begin(Client& net, String brokerAddress, uint16_t brok
     Debug.print(DBG_ERROR, "Cryptography certificate reconstruction failure.");
     return 0;
   }
+#endif /* BOARD_HAS_ECCX08 */
 
-  if (_bearSslClient) {
-    delete _bearSslClient;
+  if (_sslClient) {
+    delete _sslClient;
+    _sslClient = NULL;
   }
+
+#ifdef BOARD_HAS_ECCX08
   if (_connection != NULL) {
-    _bearSslClient = new BearSSLClient(_connection->getClient());
+    _sslClient = new BearSSLClient(_connection->getClient());
   } else {
-    _bearSslClient = new BearSSLClient(*_net);
+    _sslClient = new BearSSLClient(*_net);
   }
+#elif defined(BOARD_ESP)
+  _sslClient = new WiFiClientSecure();
+  Debug.print(DBG_VERBOSE, "new WiFiClientSecure()");
+#endif
+
+#ifdef BOARD_HAS_ECCX08
+  _sslClient->setEccSlot(keySlot, ECCX08Cert.bytes(), ECCX08Cert.length());
+#elif defined(BOARD_ESP)
+  _sslClient->setTrustAnchors(&_certificate);
+#endif
+
+  _mqttClient = new MqttClient(*_sslClient);
 
-  _bearSslClient->setEccSlot(keySlot, ECCX08Cert.bytes(), ECCX08Cert.length());
-  _mqttClient = new MqttClient(*_bearSslClient);
+#ifdef BOARD_ESP
+  _mqttClient->setUsernamePassword(_device_id, _password);
+#endif
 
   // Bind ArduinoBearSSL callback using static "non-method" function
   if (_connection != NULL) {
     getTimeConnection = _connection;
+#ifdef BOARD_HAS_ECCX08
     ArduinoBearSSL.onGetTime(getTime);
+#endif
   }
 
-
   // TODO: Find a better way to allow callback into object method
   // Begin function for the MQTTClient
   mqttClientBegin();
@@ -157,8 +194,10 @@ int ArduinoIoTCloudClass::begin(Client& net, String brokerAddress, uint16_t brok
   return 1;
 }
 
-void ArduinoIoTCloudClass::onGetTime(unsigned long(*callback)(void)) {
+void ArduinoIoTCloudClass::onGetTime(unsigned long (*callback)(void)) {
+#ifdef BOARD_HAS_ECCX08
   ArduinoBearSSL.onGetTime(callback);
+#endif /* BOARD_HAS_ECCX08 */
 }
 
 // private class method used to initialize mqttClient class member. (called in the begin class method)
@@ -184,8 +223,7 @@ void ArduinoIoTCloudClass::mqttClientBegin() {
 }
 
 int ArduinoIoTCloudClass::connect() {
-  // Username: device id
-  // Password: empty
+  
   if (!_mqttClient->connect(_brokerAddress.c_str(), _brokerPort)) {
     return CONNECT_FAILURE;
   }
@@ -419,7 +457,7 @@ void ArduinoIoTCloudClass::connectionCheck() {
 void ArduinoIoTCloudClass::setIoTConnectionState(ArduinoIoTConnectionStatus newState) {
   iotStatus = newState;
   switch (iotStatus) {
-    case ArduinoIoTConnectionStatus::IDLE:                                                                                  break;
+    case ArduinoIoTConnectionStatus::IDLE:                                                                         break;
     case ArduinoIoTConnectionStatus::ERROR:        Debug.print(DBG_ERROR, "Arduino, we have a problem.");          break;
     case ArduinoIoTConnectionStatus::CONNECTING:   Debug.print(DBG_ERROR, "Connecting to Arduino IoT Cloud...");   break;
     case ArduinoIoTConnectionStatus::RECONNECTING: Debug.print(DBG_ERROR, "Reconnecting to Arduino IoT Cloud..."); break;

src/ArduinoIoTCloud.h

@@ -18,9 +18,16 @@
 #ifndef ARDUINO_IOT_CLOUD_H
 #define ARDUINO_IOT_CLOUD_H
 
-#include <ArduinoMqttClient.h>
-#include <ArduinoIoTCloudBearSSL.h>
+#include <ArduinoIoTCloud_Defines.h>
+
+#ifdef BOARD_HAS_ECCX08
+  #include <ArduinoIoTCloudBearSSL.h>
+#elif defined(BOARD_ESP)
+  #include <WiFiClientSecure.h>
+#endif
+
 #include <ArduinoCloudThing.h>
+#include <ArduinoMqttClient.h>
 #include <Arduino_DebugUtils.h>
 #include <Arduino_ConnectionHandler.h>
 #include "types/CloudWrapperBool.h"
@@ -46,8 +53,6 @@ typedef struct {
   int timeout;
 } mqttConnectionOptions;
 
-//extern ConnectionHandler *ArduinoIoTPreferredConnection;
-
 enum class ArduinoIoTConnectionStatus {
   IDLE,
   CONNECTING,
@@ -76,8 +81,9 @@ class ArduinoIoTCloudClass {
     ArduinoIoTCloudClass();
     ~ArduinoIoTCloudClass();
 
-    int begin(ConnectionHandler& connection, String brokerAddress = DEFAULT_BROKER_ADDRESS, uint16_t brokerPort = DEFAULT_BROKER_PORT);
-    int begin(Client& net, String brokerAddress = DEFAULT_BROKER_ADDRESS, uint16_t brokerPort = DEFAULT_BROKER_PORT);
+    int begin(ConnectionHandler &connection, String device_id, String password, String brokerAddress = DEFAULT_BROKER_ADDRESS, uint16_t brokerPort = DEFAULT_BROKER_PORT);
+    int begin(ConnectionHandler &connection, String brokerAddress = DEFAULT_BROKER_ADDRESS, uint16_t brokerPort = DEFAULT_BROKER_PORT);
+    int begin(Client &net, String brokerAddress = DEFAULT_BROKER_ADDRESS, uint16_t brokerPort = DEFAULT_BROKER_PORT);
     // Class constant declaration
     static const int MQTT_TRANSMIT_BUFFER_SIZE = 256;
     static const int TIMEOUT_FOR_LASTVALUES_SYNC = 10000;
@@ -190,6 +196,7 @@ class ArduinoIoTCloudClass {
       return iotStatus;
     }
     void setIoTConnectionState(ArduinoIoTConnectionStatus newState);
+
   private:
     ArduinoIoTConnectionStatus iotStatus = ArduinoIoTConnectionStatus::IDLE;
     ConnectionHandler * _connection;
@@ -199,14 +206,19 @@ class ArduinoIoTCloudClass {
 
     void sendPropertiesToCloud();
 
-
-    String _device_id,
-           _thing_id,
-           _brokerAddress;
+    String _device_id, _password, _thing_id, _brokerAddress;
     uint16_t _brokerPort;
+
     ArduinoCloudThing Thing;
-    BearSSLClient* _bearSslClient;
-    MqttClient* _mqttClient;
+
+#ifdef BOARD_HAS_ECCX08
+    BearSSLClient *_sslClient;
+#elif defined(BOARD_ESP)
+    WiFiClientSecure *_sslClient;
+    X509List _certificate;
+#endif
+
+    MqttClient *_mqttClient;
     int _lastSyncRequestTickTime;
 
 

src/ArduinoIoTCloud_Defines.h

@@ -0,0 +1,30 @@
+/*
+   This file is part of ArduinoIoTCloud.
+
+   Copyright 2019 ARDUINO SA (http://www.arduino.cc/)
+
+   This software is released under the GNU General Public License version 3,
+   which covers the main part of arduino-cli.
+   The terms of this license can be found at:
+   https://www.gnu.org/licenses/gpl-3.0.en.html
+
+   You can be released from the requirements of the above licenses by purchasing
+   a commercial license. Buying such a license is mandatory if you want to modify or
+   otherwise use the software for commercial activities involving the Arduino
+   software without disclosing the source code of your own applications. To purchase
+   a commercial license, send an email to [email protected].
+*/
+
+#ifndef ARDUINO_IOT_CLOUD_DEFINES_H_
+#define ARDUINO_IOT_CLOUD_DEFINES_H_
+
+#if defined(ARDUINO_SAMD_MKRGSM1400) || defined(ARDUINO_SAMD_MKRWIFI1010) ||   \
+  defined(ARDUINO_SAMD_MKR1000) || defined(ARDUINO_SAMD_NANO_33_IOT)
+  #define BOARD_HAS_ECCX08
+#endif
+
+#if defined(ARDUINO_ESP8266_ESP12) || defined(ARDUINO_ARCH_ESP32) || defined(ESP8266)
+  #define BOARD_ESP
+#endif
+
+#endif /* ARDUINO_IOT_CLOUD_DEFINES_H_ */

src/CloudSerial.h

@@ -19,7 +19,11 @@
 #define CLOUD_SERIAL_H
 
 #include <Arduino.h>
+#if defined(ARDUINO_ESP8266_ESP12) || defined(ARDUINO_ARCH_ESP32) || defined(ESP8266)
+#include "utility/RingBuffer.h"
+#else
 #include <RingBuffer.h>
+#endif
 
 #define CLOUD_SERIAL_TX_BUFFER_SIZE 64
 #define CLOUD_SERIAL_RX_BUFFER_SIZE 512

src/utility/ECCX08Cert.cpp

@@ -15,6 +15,10 @@
    a commercial license, send an email to [email protected].
 */
 
+#include <ArduinoIoTCloud_Defines.h>
+
+#ifdef BOARD_HAS_ECCX08
+
 #include <ArduinoIoTCloudBearSSL.h>
 #include <bearssl/bearssl_hash.h>
 #include <ArduinoECCX08.h>
@@ -920,3 +924,5 @@ int ECCX08CertClass::appendEcdsaWithSHA256(byte out[]) {
 }
 
 ECCX08CertClass ECCX08Cert;
+
+#endif /* BOARD_HAS_ECCX08 */

src/utility/ECCX08Cert.h

@@ -18,6 +18,10 @@
 #ifndef _ECCX08_CERT_H_
 #define _ECCC08_CERT_H_
 
+#include <ArduinoIoTCloud_Defines.h>
+
+#ifdef BOARD_HAS_ECCX08
+
 #include <Arduino.h>
 
 class ECCX08CertClass {
@@ -132,4 +136,6 @@ class ECCX08CertClass {
 
 extern ECCX08CertClass ECCX08Cert;
 
-#endif
+#endif /* BOARD_HAS_ECCX08 */
+
+#endif /* _ECCX08_CERT_H_ */

src/utility/ECCX08TLSConfig.h

@@ -18,6 +18,10 @@
 #ifndef _ECCX08_TLS_CONFIG_H_
 #define _ECCX08_TLS_CONFIG_H_
 
+#include <ArduinoIoTCloud_Defines.h>
+
+#ifdef BOARD_HAS_ECCX08
+
 const byte DEFAULT_ECCX08_TLS_CONFIG[128] = {
   // Read only - start
   // SN[0:3]
@@ -102,4 +106,6 @@ const byte DEFAULT_ECCX08_TLS_CONFIG[128] = {
   0x1C, 0x00
 };
 
-#endif
+#endif /* BOARD_HAS_ECCX08 */
+
+#endif /* _ECCX08_TLS_CONFIG_H_ */