Uniot Core
0.8.1
Loading...
Searching...
No Matches
Credentials.h
Go to the documentation of this file.
1/*
2 * This is a part of the Uniot project.
3 * Copyright (C) 2016-2020 Uniot <contact@uniot.io>
4 *
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 */
18
28
29#pragma once
30
31#include <Arduino.h>
32#include <CBORStorage.h>
33#include <Crypto.h>
34#include <Ed25519.h>
35#include <ICOSESigner.h>
36#include <RNG.h>
37
38#if defined(ESP8266)
39 #include <user_interface.h>
40#elif defined(ESP32)
41 #include <esp_wifi.h>
42 #include <esp_system.h>
43#endif
44
45namespace uniot {
61class Credentials : public CBORStorage, public ICOSESigner {
62 public:
69 Credentials() : CBORStorage("credentials.cbor"), mOnwerChanged(false) {
70 mCreatorId = UNIOT_CREATOR_ID;
71 mDeviceId = _calcDeviceId();
72 Credentials::restore();
73
74 if (mPrivateKey.size() == 0) {
75 _generatePrivateKey();
76 Credentials::store();
77 }
78 _derivePublicKey();
79 }
80
89 virtual bool store() override {
90 object().put("account", mOwnerId.c_str());
91 object().put("private_key", mPrivateKey.raw(), mPrivateKey.size());
92 return CBORStorage::store();
93 }
94
103 virtual bool restore() override {
104 if (CBORStorage::restore()) {
105 mOwnerId = object().getString("account");
106 mPrivateKey = object().getBytes("private_key");
107 return true;
108 }
109 UNIOT_LOG_ERROR("%s", "credentials not restored");
110 return false;
111 }
112
118 void setOwnerId(const String &id) {
119 if (mOwnerId != id) {
120 mOnwerChanged = true;
121 }
122 mOwnerId = id;
123 }
124
130 const String &getOwnerId() const {
131 return mOwnerId;
132 }
133
134 bool isOwnerChanged() const {
135 return mOnwerChanged;
136 }
137
138 void resetOwnerChanged() {
139 mOnwerChanged = false;
140 }
141
147 const String &getCreatorId() const {
148 return mCreatorId;
149 }
150
156 const String &getDeviceId() const {
157 return mDeviceId;
158 }
159
165 const String &getPublicKey() const {
166 return mPublicKey;
167 }
168
176 uint32_t getShortDeviceId() const {
177#if defined(ESP8266)
178 return ESP.getChipId();
179#elif defined(ESP32)
180 uint64_t mac = ESP.getEfuseMac();
181 return (uint32_t)(mac >> 32); // Use the higher 32 bits of the MAC as the Chip ID
182#endif
183 }
184
190 virtual Bytes keyId() const override {
191 return mPublicKeyRaw;
192 }
193
202 virtual Bytes sign(const Bytes &data) const override {
203 uint8_t signature[64];
204 uint8_t publicKey[32];
205 Ed25519::derivePublicKey(publicKey, mPrivateKey.raw());
206 Ed25519::sign(signature, mPrivateKey.raw(), publicKey, data.raw(), data.size());
207 return Bytes(signature, sizeof(signature));
208 }
209
215 virtual COSEAlgorithm signerAlgorithm() const override {
216 return COSEAlgorithm::EdDSA;
217 }
218
219 private:
227 String _calcDeviceId() {
228 uint8_t mac[6];
229 char macStr[13] = {0};
230#if defined(ESP8266)
231 wifi_get_macaddr(STATION_IF, mac);
232#elif defined(ESP32)
233 esp_read_mac(mac, ESP_MAC_WIFI_STA);
234#endif
235 for (uint8_t i = 0; i < 6; i++)
236 sprintf(macStr + i * 2, "%02x", mac[i]);
237
238 return String(macStr);
239 }
240
246 void _generatePrivateKey() {
247 // Initialize the random number generator with device-specific entropy
248 RNG.begin(String("uniot::entropy::" + mCreatorId + "::" + mDeviceId).c_str());
249
250 uint8_t privateKey[32];
251 Ed25519::generatePrivateKey(privateKey);
252 mPrivateKey = Bytes(privateKey, sizeof(privateKey));
253 }
254
260 void _derivePublicKey() {
261 uint8_t publicKey[32];
262 Ed25519::derivePublicKey(publicKey, mPrivateKey.raw());
263 mPublicKeyRaw = Bytes(publicKey, sizeof(publicKey));
264 mPublicKey = mPublicKeyRaw.toHexString();
265 }
266
267 String mOwnerId;
268 String mCreatorId;
269 String mDeviceId;
270 Bytes mPrivateKey;
271 Bytes mPublicKeyRaw;
272 String mPublicKey;
273
274 bool mOnwerChanged;
275};
276
277} // namespace uniot
Bytes
Definition Bytes.h:38
Bytes::raw
const uint8_t * raw() const
Gets a const pointer to the raw byte array.
Definition Bytes.h:235
Bytes::size
size_t size() const
Gets the size of the byte array.
Definition Bytes.h:303
uniot::CBORObject::getBytes
Bytes getBytes(int key) const
Get binary data at a specific integer key.
Definition CBORObject.h:461
uniot::CBORObject::put
CBORObject & put(int key, int value)
Put an integer value at a specific integer key.
Definition CBORObject.h:170
uniot::CBORObject::getString
String getString(int key) const
Get a string value at a specific integer key.
Definition CBORObject.h:419
uniot::CBORStorage::restore
virtual bool restore() override
Restore the CBOR object from the filesystem.
Definition CBORStorage.h:92
uniot::CBORStorage::store
virtual bool store() override
Store the CBOR object to the filesystem.
Definition CBORStorage.h:74
uniot::CBORStorage::CBORStorage
CBORStorage(const String &path)
Constructs a new CBORStorage object.
Definition CBORStorage.h:46
uniot::CBORStorage::object
CBORObject & object()
Get access to the underlying CBORObject.
Definition CBORStorage.h:60
uniot::Credentials::getCreatorId
const String & getCreatorId() const
Gets the creator ID.
Definition Credentials.h:147
uniot::Credentials::getPublicKey
const String & getPublicKey() const
Gets the device's public key as a hexadecimal string.
Definition Credentials.h:165
uniot::Credentials::getDeviceId
const String & getDeviceId() const
Gets the unique device ID.
Definition Credentials.h:156
uniot::Credentials::Credentials
Credentials()
Constructor that initializes device credentials.
Definition Credentials.h:69
uniot::Credentials::getOwnerId
const String & getOwnerId() const
Gets the current owner ID.
Definition Credentials.h:130
uniot::Credentials::getShortDeviceId
uint32_t getShortDeviceId() const
Gets a shorter unique identifier for the device.
Definition Credentials.h:176
uniot::Credentials::sign
virtual Bytes sign(const Bytes &data) const override
Implements ICOSESigner interface to sign data.
Definition Credentials.h:202
uniot::Credentials::resetOwnerChanged
void resetOwnerChanged()
Definition Credentials.h:138
uniot::Credentials::isOwnerChanged
bool isOwnerChanged() const
Definition Credentials.h:134
uniot::Credentials::store
virtual bool store() override
Stores credentials to persistent storage.
Definition Credentials.h:89
uniot::Credentials::restore
virtual bool restore() override
Restores credentials from persistent storage.
Definition Credentials.h:103
uniot::Credentials::keyId
virtual Bytes keyId() const override
Implements ICOSESigner interface to provide key ID.
Definition Credentials.h:190
uniot::Credentials::signerAlgorithm
virtual COSEAlgorithm signerAlgorithm() const override
Implements ICOSESigner interface to specify the signing algorithm.
Definition Credentials.h:215
uniot::Credentials::setOwnerId
void setOwnerId(const String &id)
Sets the owner ID of the device.
Definition Credentials.h:118
uniot::ICOSESigner
Interface for CBOR Object Signing and Encryption (COSE) signing operations.
Definition ICOSESigner.h:35
UNIOT_LOG_ERROR
#define UNIOT_LOG_ERROR(...)
Log an ERROR level message Used for critical errors that may prevent normal operation....
Definition Logger.h:226
uniot::COSEAlgorithm
COSEAlgorithm
Cryptographic algorithm identifiers for COSE.
Definition COSE.h:84
uniot
Contains all classes and functions related to the Uniot Core.