Merge branch 'http-api-modify'

include/qcloud_iot_import.h

@@ -405,6 +405,51 @@ int HAL_TLS_Write(uintptr_t handle, unsigned char *data, size_t totalLen, uint32
  */
 int HAL_TLS_Read(uintptr_t handle, unsigned char *data, size_t totalLen, uint32_t timeout_ms, size_t *read_len);
 
+/**
+ * @brief get privatekey from device private key file
+ *
+ * @param privatekey_path : private key file path
+ * @return NULL get fail, not NULL is success
+ */
+void *HAL_TLS_Get_PrivateKey_FromFile(const char *privatekey_path);
+
+/**
+ * @brief calc sign by rsa-sha256 rfc 5702
+ *
+ * @param private_key :  from device private key file get
+ * @param inbuf:         will calc sign buf
+ * @param inbuf_len:     will calc sign buf size
+ * @param outsign:       out sign result rsa2048 key---> out sign size 256
+ * @return NULL get fail, not NULL is success
+ */
+int HAL_TLS_Calc_Sign_RSASHA256(void *private_key, char *inbuf, int inbuf_len, char *outsign);
+
+/**
+ * @brief get sign result len by rsa-sha256 rfc 5702
+ *
+ * @param private_key :  from device private key file get
+ * @return sign result len
+ */
+int HAL_TLS_Get_RSASHA256_Result_Len(void *private_key);
+
+/**
+ * @brief calc hash value by sha256
+ *
+ * @param inbuf:         will calc hash buf
+ * @param inbuf_len:     will calc hash buf size
+ * @param outsign:       out hash value, sha256 out 32B
+ * @return NULL get fail, not NULL is success
+ */
+void HAL_TLS_Calc_SHA256(unsigned char *inbuf, size_t inbuf_len, unsigned char *outsign);
+
+/**
+ * @brief destory privatekey (HAL_TLS_Get_PrivateKey_FromFile return value)
+ *
+ * @param private_key: from device private key file get
+ * @return void
+ */
+void HAL_TLS_Destory_PrivateKey(void *private_key);
+
 /********** DTLS network **********/
 #ifdef COAP_COMM_ENABLED
 typedef SSLConnectParams DTLSConnectParams;

platform/tls/mbedtls/HAL_TLS_mbedtls.c

@@ -30,6 +30,8 @@ extern "C" {
 #include "mbedtls/error.h"
 #include "mbedtls/net_sockets.h"
 #include "mbedtls/ssl.h"
+#include "mbedtls/sha256.h"
+
 #include "qcloud_iot_export_error.h"
 #include "qcloud_iot_export_log.h"
 #include "utils_param_check.h"
@@ -53,6 +55,75 @@ typedef struct {
     mbedtls_pk_context       private_key;
 } TLSDataParams;
 
+/**
+ * parse private key file
+ */
+
+#ifdef AUTH_MODE_CERT
+void *HAL_TLS_Get_PrivateKey_FromFile(const char *privatekey_path)
+{
+    int ret;
+
+    mbedtls_pk_context *private_key = (mbedtls_pk_context *)HAL_Malloc(sizeof(mbedtls_pk_context));
+    if (NULL == private_key) {
+        Log_e("malloc private_key failed");
+        return NULL;
+    }
+
+    mbedtls_pk_init(private_key);
+
+    if ((ret = mbedtls_pk_parse_keyfile(private_key, privatekey_path, "")) != 0) {
+        Log_e("load client key file failed returned 0x%x", ret < 0 ? -ret : ret);
+        HAL_Free(private_key);
+
+        return NULL;
+    }
+    Log_e("parse private key");
+    return private_key;
+}
+
+void HAL_TLS_Destory_PrivateKey(void *private_key)
+{
+    mbedtls_pk_free((mbedtls_pk_context *)private_key);
+    HAL_Free(private_key);
+}
+
+int HAL_TLS_Get_RSASHA256_Result_Len(void *private_key)
+{
+    mbedtls_pk_context * privatekey = (mbedtls_pk_context *)private_key;
+    mbedtls_rsa_context *rsa_ctx    = (mbedtls_rsa_context *)(privatekey->pk_ctx);
+    return (rsa_ctx->len);
+}
+
+void HAL_TLS_Calc_SHA256(unsigned char *inbuf, size_t inbuf_len, unsigned char *outsign)
+{
+    mbedtls_sha256(inbuf, inbuf_len, outsign, 0);
+}
+
+// rfc 5702, rsa key 2048 ---> out sign 256
+int HAL_TLS_Calc_Sign_RSASHA256(void *private_key, char *inbuf, int inbuf_len, char *outsign)
+{
+    unsigned char       sha256sum[32];
+    mbedtls_pk_context *privatekey = (mbedtls_pk_context *)private_key;
+
+    if (mbedtls_rsa_check_privkey((mbedtls_rsa_context *)(privatekey->pk_ctx)) != 0) {
+        Log_e("check error");
+
+        return QCLOUD_ERR_SSL_CERT;
+    }
+
+    mbedtls_sha256((unsigned char *)inbuf, inbuf_len, sha256sum, 0);
+
+    if (mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *)(privatekey->pk_ctx), NULL, NULL, MBEDTLS_RSA_PRIVATE,
+                               MBEDTLS_MD_SHA256, 0, sha256sum, (unsigned char *)outsign) != 0) {
+        Log_e("calc error");
+        return QCLOUD_ERR_FAILURE;
+    }
+
+    return QCLOUD_RET_SUCCESS;
+}
+#endif
+
 /**
  * @brief free memory/resources allocated by mbedtls
  */

samples/mqtt/mqtt_sample.c

@@ -226,7 +226,7 @@ static int _init_log_upload(MQTTInitParams *init_params)
     log_init_params.product_id  = init_params->product_id;
     log_init_params.device_name = init_params->device_name;
 #ifdef AUTH_MODE_CERT
-    log_init_params.sign_key = init_params->cert_file;
+    log_init_params.sign_key = init_params->key_file;
 #else
     log_init_params.sign_key = init_params->device_secret;
 #endif

samples/ota/ota_mqtt_sample.c

@@ -526,7 +526,7 @@ int main(int argc, char **argv)
     ota_ctx->ota_handle  = h_ota;
     ota_ctx->mqtt_client = mqtt_client;
 
-    bool ota_success;
+    bool ota_success = false;
     do {
         // mqtt should be ready first
         rc = IOT_MQTT_Yield(mqtt_client, 500);

sdk_src/internal_inc/qcloud_iot_common.h

@@ -35,8 +35,8 @@
 #define DYN_REG_SERVER_PORT_TLS 443
 
 /* URL for doing log upload */
-#define LOG_UPLOAD_SERVER_URL    "http://devicelog.iot.cloud.tencent.com/cgi-bin/report-log"
-#define LOG_UPLOAD_SERVER_DOMAIN "devicelog.iot.cloud.tencent.com"
+#define LOG_UPLOAD_SERVER_URL    "ap-guangzhou.gateway.tencentdevices.com"
+#define LOG_UPLOAD_SERVER_DOMAIN "ap-guangzhou.gateway.tencentdevices.com"
 #define LOG_UPLOAD_SERVER_PORT   80
 
 /* Max size of a host name */

sdk_src/internal_inc/qcloud_iot_http.h

@@ -0,0 +1,68 @@
+/*
+ * Tencent is pleased to support the open source community by making IoT Hub available.
+ * Copyright (C) 2018-2020 THL A29 Limited, a Tencent company. All rights reserved.
+
+ * Licensed under the MIT License (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://opensource.org/licenses/MIT
+
+ * Unless required by applicable law or agreed to in writing, software distributed under the License is
+ * distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef QCLOUD_IOT_HTTP_H_
+#define QCLOUD_IOT_HTTP_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define QCLOUD_HTTP_HEADER_FORMAT \
+    "Accept: %s*/*\r\n"           \
+    "X-TC-Algorithm: %s\r\n"      \
+    "X-TC-Timestamp: %d\r\n"      \
+    "X-TC-Nonce: %d\r\n"          \
+    "X-TC-Signature: %s\r\n"
+
+#define QCLOUD_SUPPORT_HMACSHA1 "hmacsha1"
+
+#define QCLOUD_SUPPORT_RSASHA256 "rsa-sha256"
+
+#define QCLOUD_SHA256_RESULT_LEN (32)
+#define QCLOUD_SHA1_RESULT_LEN   (20)
+
+#ifdef AUTH_MODE_CERT
+#define QCLOUD_SHAX_RESULT_LEN (QCLOUD_SHA256_RESULT_LEN)
+#else
+#define QCLOUD_SHAX_RESULT_LEN (QCLOUD_SHA1_RESULT_LEN)
+#endif
+
+typedef struct qcloud_iot_http_header_post_sign {
+    const char *host;
+    const char *uri;
+    char *      algorithm;
+    uint32_t    timestamp;
+    int         nonce;
+    char *      request_body_buf;
+    int         request_body_buf_len;
+    char *      secretkey;
+    void *      privatekey;
+} QCLOUD_IOT_HTTP_HEADER_POST_SIGN;
+
+char *qcloud_iot_http_header_create(char *request_body_buf, int request_body_buf_len, const char *host, const char *uri,
+                                    char *accept_header, char *secretkey, void *privatekey);
+
+void qcloud_iot_http_header_destory(char *http_header);
+
+void *qcloud_iot_http_create_privatekey(char *privatekey_file);
+
+void qcloud_iot_http_destory_privatekey(char *privatekey_file);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* QCLOUD_IOT_HTTP_H_ */