WolfSSL
/
wolfBoot-examples
mirror of https://github.com/wolfSSL/wolfBoot-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Initial import of old dtls-ota example

pull/1/head
Daniele Lacamera 2018-12-18 13:14:56 +01:00
parent 5568dabcc6
commit 41dd57d557
31 changed files with 9670 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
.gitignore vendored
View File

@ -41,12 +41,26 @@
*.su
*.idb
*.pdb
*.gdb
# Vim swap files
.*.swp
# Contiki patch guard
.contiki_patched
# Downloaded files
*.zip
# Third party software
contiki-nrf52/nrf5x-softdevice
# ota-server configuration file
contiki-nrf52/ota-server/mac.txt
# tags etc.
cscope.out
tags
# Kernel Module Compile Results
*.mod*
*.cmd
.tmp_versions/
modules.order
Module.symvers
Mkfile.old
dkms.conf

6
.gitmodules vendored 100644
View File

@ -0,0 +1,6 @@
[submodule "wolfBoot"]
path = wolfBoot
url = https://github.com/wolfSSL/wolfBoot
[submodule "contiki-nrf52/contiki"]
path = contiki-nrf52/contiki
url = https://github.com/danielinux/contiki

16
README.md
View File

@ -1,2 +1,16 @@
# wolfBoot-examples
Examples for the wolfSSL wolfBoot Secure Boot using wolfCrypt
Examples for the wolfSSL wolfBoot Secure Boot, using wolfCrypt and wolfSSL.
This repository contains example applications using [wolfBoot](https://github.com/wolfSSL/wolfBoot) to perform remote firmware updates.
## List of examples
* DTLS/IPv6/6LoWPAN/BLE secure firmware update mechanism, with [contiki OS on Nordic nRF52 platform](contiki-nrf52)
## License
See the documentation within each component subdirectory for more information about using and distributing this software.
wolfBoot, wolfSSL (formerly known as CyaSSL) and wolfCrypt are Copyright (c) 2006-2018 wolfSSL Inc., and licensed for use under GPLv2 (see [LICENSE](LICENSE))

58
contiki-nrf52/Makefile 100644
View File

@ -0,0 +1,58 @@
NRF52_SDK_ROOT=$(PWD)/nrf5x-softdevice
CROSS_COMPILE:=arm-none-eabi-
OBJCOPY:=$(CROSS_COMPILE)objcopy
JLINK_OPTS = -Device NRF52 -if swd -speed 1000
DTLS_OTA=$(PWD)/dtls-ota
BOOT_IMG:=$(DTLS_OTA)/dtls-ota.bin
BOOT_ELF:=$(DTLS_OTA)/dtls-ota.nrf52dk
WOLFBOOT:=$(PWD)/../wolfBoot
WOLFBOOT_BIN:=$(WOLFBOOT)/wolfboot.bin
all: $(DTLS_OTA)/dtls-ota-signed.bin
.contiki_patched:
patch -p0 < contiki-nrf52-softdevice-wolfBoot.patch
touch .contiki_patched
$(BOOT_ELF): nrf5_iot_sdk_3288530.zip $(WOLFBOOT_BIN) .contiki_patched
echo "**"
make -C $(DTLS_OTA) TARGET=nrf52dk NRF52_SDK_ROOT=$(NRF52_SDK_ROOT) SMALL=1
$(WOLFBOOT_BIN):
cp target.h $(WOLFBOOT)/include
cp nrf52.ld $(WOLFBOOT)/hal
make -C $(WOLFBOOT) BOOT0_OFFSET=0x10000 VTOR=0 TARGET=nrf52 DEBUG=0 wolfboot.bin
nrf5_iot_sdk_3288530.zip:
wget https://developer.nordicsemi.com/nRF5_IoT_SDK/nRF5_IoT_SDK_v0.9.x/nrf5_iot_sdk_3288530.zip
unzip nrf5_iot_sdk_3288530.zip -d ./nrf5x-softdevice
clean:
make -C $(WOLFBOOT) clean
make -C ota-server clean
make -C $(DTLS_OTA) TARGET=nrf52dk NRF52_SDK_ROOT=$(NRF52_SDK_ROOT) clean
rm -f $(DTLS_OTA)/*.bin
rm -f tags
$(BOOT_IMG).v1.signed: $(BOOT_ELF)
$(WOLFBOOT)/tools/ed25519/ed25519_sign $(BOOT_IMG) $(WOLFBOOT)/ed25519.der 1
$(DTLS_OTA)/dtls-ota-signed.bin: $(BOOT_IMG).v1.signed
mv $^ $@
$(DTLS_OTA)/dtls-ota-force-update.bin: $(DTLS_OTA)/dtls-ota-signed.bin
$(OBJCOPY) -I binary -O binary $^ tmp.bin --pad-to=0x27FFB --gap-fill=255
cat tmp.bin force-update > $@
rm tmp.bin
flash-update: $(DTLS_OTA)/dtls-ota-force-update.bin
JLinkExe $(JLINK_OPTS) -CommanderScript flash_update.jlink
flash: $(BOOT_ELF) $(WOLFBOOT_BIN) $(DTLS_OTA)/dtls-ota-signed.bin
JLinkExe $(JLINK_OPTS) -CommanderScript flash_all.jlink
erase:
JLinkExe $(JLINK_OPTS) -CommanderScript flash_erase.jlink
gdbserver:
JLinkGDBServer -device nrf52 -if swd -port 3333

121
contiki-nrf52/README.md 100644
View File

@ -0,0 +1,121 @@
# dtls-ota
Over-the-air firmware upgrade example for Nordic nRF52, using DTLSv1.2/UDP/IPv6/6LoWPAN over BLE.
This project is meant to demonstrate a firmware upgrade mechanism based on [wolfBoot secure bootloader](https://github.com/wolfssl/wolfBoot), powered by wolfSSL.
The bootloader expect the application to transfer the new firmware through a secure channel, store it in a partition on the flash memory and trigger an upgrade on the next reboot.
The application in this example uses DTLSv1.2 over Bluetooth Low-Energy (BLE) to request a new firmware image from a remote server. Once the transfer is complete, the target is rebooted into
the bootloader, which validates the new image and copies it to the active boot partition.
## Components
- Bootloader: [wolfBoot](https://github.com/wolfssl/wolfBoot) by wolfSSL
- OS: [contiki](http://contiki-os.org/)
- TLS: [wolfSSL](https://www.wolfssl.com) providing DTLS v1.2 support with ECC-based cipher
- UDP/IPv6 stack: uIP
- Application: Custom firmware upgrade contiki application with DTLS Client and wolfBoot integration
## Preparing the initial firmware
The flash memory on the nRF52 is divided as follows:
```
- 0x000000 - 0x01efff : Reserved for Nordic SoftDevice binary
- 0x01f000 - 0x02efff : Bootloader partition for wolfBoot
- 0x02f000 - 0x056fff : Active (boot) partition
- 0x057000 - 0x057fff : Unused
- 0x058000 - 0x07ffff : Upgrade partition
```
Running `make` assembles the following images:
- pre-built SoftDevice binary (downloaded from developer.nordicsemi.com)
- wolfBoot compiled to run at address 0x01f000 and linked with the nrf52 HAL
- Contiki-OS with automatic start-up of the firmware upgrade process, in a signed image that can be verified by wolfBoot during start-up
If it is the first time that `make` is executed, it will also:
- Generate a new Ed25519 keypair, used to sign and verify the firmware images
- Download a copy of Nordic SoftDevice binary from developer.nordicsemi.com
Running `make flash` will upload the three components into the respective partitions onto the target.
More information about wolfBoot upgrade mechanism can be found in the [wolfBoot](https://github.com/wolfSSL/wolfBoot) repository.
## Firmware upgrade
The directory [ota-server](ota-server) contains a small exaple DTLS v1.2 server that can be used to transfer a (signed) image to any client requesting a firmware upgrade.
To compile ota-server for the host system, simply run `make` within the directory.
In order to establish a layer-2 link with the target, the host must configure a 6loWPAN device on top of the system BLE support.
Before starting, a file mac.txt must be created inside the ota-server directory, containing the physical address of the BLE interface on the target.
To discover the address of the target, use `hcitool lescan` from the host. Among the discovered host, look for the target fingerprints:
```
00:22:99:CC:EE:88 Contiki nRF52dk
```
And create the file `mac.txt` accordingly:
```
00:22:99:CC:EE:88
```
The script `start.sh` contains all the instruction needed to create the connection and start the ota-server, listening on port 11111 for incoming DTLS sessions. It will also assign a site-local fixed IPv6 address that the DTLS client on the target uses to contact ota-server.
After the DTLS handshake, the server transmits the size of the firmware, and then the flash area content in chunks of 512B each.
When the transfer is complete, a flag is activated at the end of the flash area to notify wolfBoot of a pending upgrade.
After reboot, wolfBoot will copy the image from the secondary partition to the primary partition, to allow the new firmware to run, but only if the new firmware can be authenticated using the public Ed25519 key stored in the bootloader image. In all other cases, the upgrade is canceled and the old firmware can be started again.
## Successful upgrade: serial output from target
Below, an extract of the messages printed on the serial console of the target during and after the upgrade procedure:
```
OTA BLE Firmware upgrade, powered by Contiki + WolfSSL.
This firmware build: 1540927787
Client IPv6 address:
fd00::xx:yy:zz
fe80::xx:yy:zz
wolfSSL: Setting peer address and port
connecting to server...
Timeout!
Retrying...
Connected to OTA server.
Firmware size: 127236
Erase complete. Start flashing
RECV: 512/127236
RECV: 1024/127236
RECV: 1536/127236
RECV: 2048/127236
```
(cut prints of each datagram received)
```
RECV: 126464/127236
RECV: 126976/127236
RECV: 127236/127236
Closing connection.
Transfer complete. Triggering wolfBoot upgrade.
Rebooting...
OTA BLE Firmware upgrade, powered by Contiki + WolfSSL.
This firmware build: 1540927848
```
In case of success, the build number can be used to verify that the system has actually been upgraded by comparing the build numbers before the transfer and after the reboot.
## Copyright notice
ota-server example is Copyright (c) 2018 wolfSSL Inc., and distributed under the term of GNU GPL2.
dtls-ota embedded application and the ota-server example are Copyright (c) 2018 wolfSSL Inc., and distributed under the term of GNU GPL2, with a specific linking exception allowing to link against Nordic SoftDevice binary blob.
wolfBoot, wolfSSL (formerly known as CyaSSL) and wolfCrypt are Copyright (c) 2006-2018 wolfSSL Inc., and licensed for use under GPLv2.
Contiki OS and uIP are licensed under the terms of the 3-clause BSD license.
wolfBoot, wolfSSL (formerly known as CyaSSL) and wolfCrypt are Copyright (c) 2006-2018 wolfSSL Inc., and licensed for use under GPLv2.
See the documentation within each component subdirectory for more information about using and distributing this software.

BIN
contiki-nrf52/boot.img 100644
View File

Binary file not shown.

7846
contiki-nrf52/boot.txt 100644
View File

File diff suppressed because it is too large Load Diff

1
contiki-nrf52/contiki 160000

@ -0,0 +1 @@
Subproject commit 2b9689edae1322dc2cb34572a5804b51f7b8a1dd

28
contiki-nrf52/contiki-nrf52-softdevice-wolfBoot.patch 100644
View File

@ -0,0 +1,28 @@
diff --git contiki/cpu/nrf52832/ld/nrf52-pca10040-sd.ld contiki-nrf52-patched/cpu/nrf52832/ld/nrf52-pca10040-sd.ld
index f30aad455..0df4bc7b5 100644
--- contiki/cpu/nrf52832/ld/nrf52-pca10040-sd.ld
+++ contiki-nrf52-patched/cpu/nrf52832/ld/nrf52-pca10040-sd.ld
@@ -5,8 +5,8 @@ GROUP(-lgcc -lc -lnosys)
MEMORY
{
- FLASH (rx) : ORIGIN = 0x1f000, LENGTH = 0x61000
+ FLASH (rx) : ORIGIN = 0x2f100, LENGTH = 0x3FE00
RAM (rwx) : ORIGIN = 0x20002800, LENGTH = 0xD800
}
-INCLUDE "nrf5x_common.ld"
\ No newline at end of file
+INCLUDE "nrf5x_common.ld"
diff --git contiki/platform/nrf52dk/contiki-main.c contiki-nrf52-patched/platform/nrf52dk/contiki-main.c
index d97e6c609..a10bbe3d7 100644
--- contiki/platform/nrf52dk/contiki-main.c
+++ contiki-nrf52dk-patched/platform/nrf52dk/contiki-main.c
@@ -110,6 +110,7 @@ static void
board_init(void)
{
#ifdef SOFTDEVICE_PRESENT
+ sd_softdevice_vector_table_base_set(0x2f100);
/* Initialize the SoftDevice handler module */
SOFTDEVICE_HANDLER_INIT(NRF_CLOCK_LFCLKSRC_XTAL_20_PPM, NULL);
#endif

339
contiki-nrf52/dtls-ota/LICENSE 100644
View File

@ -0,0 +1,339 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.

26
contiki-nrf52/dtls-ota/Makefile 100644
View File

@ -0,0 +1,26 @@
CONTIKI=../contiki
CONTIKI_WITH_IPV4 = 0
CONTIKI_WITH_IPV6 = 1
CONTIKI_WITH_RPL = 0
CONTIKI_WITH_TCP = 0
CONTIKI_WITH_WOLFSSL = 1
DEBUG=0
UIP_TCP=0
SMALL=1
CFLAGS+=-DWOLFSSL_USER_SETTINGS -I. -DUIP_CONF_ND6_SEND_NS=1 -DUIP_CONF_ND6_SEND_NA=1 \
-I../../wolfBoot/include \
-I$(CONTIKI)/apps/wolfssl/wolfssl \
-DWOLFBOOT_OVERWRITE_ONLY
CONTIKI_PROJECT=dtls-ota
all: $(CONTIKI_PROJECT)
APPS=wolfssl
PROJECT_SOURCEFILES += cert.c nrf52.c libwolfboot.c
include $(CONTIKI)/Makefile.include
vpath %c ../../wolfBoot/hal
vpath %c ../../wolfBoot/src

83
contiki-nrf52/dtls-ota/cert.c 100755
View File

@ -0,0 +1,83 @@
const unsigned char server_cert[] = {
0x30, 0x82, 0x03, 0x10, 0x30, 0x82, 0x02, 0xb5, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x09, 0x00, 0xef, 0x46, 0xc7, 0xa4, 0x9b, 0xbb, 0x60, 0xd3,
0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
0x30, 0x81, 0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f,
0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07,
0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06,
0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x45, 0x6c, 0x69, 0x70, 0x74, 0x69,
0x63, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03,
0x45, 0x43, 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73,
0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e,
0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63,
0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31,
0x32, 0x30, 0x30, 0x37, 0x33, 0x38, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30,
0x35, 0x30, 0x38, 0x32, 0x30, 0x30, 0x37, 0x33, 0x38, 0x5a, 0x30, 0x81,
0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65,
0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x0a, 0x0c, 0x07, 0x45, 0x6c, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x45, 0x43,
0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f,
0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e,
0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f,
0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
0x42, 0x00, 0x04, 0xbb, 0x33, 0xac, 0x4c, 0x27, 0x50, 0x4a, 0xc6, 0x4a,
0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f, 0x36, 0xdb, 0x72, 0x2d, 0xce, 0x94,
0xea, 0x2b, 0xfa, 0xcb, 0x20, 0x09, 0x39, 0x2c, 0x16, 0xe8, 0x61, 0x02,
0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93, 0x9a, 0x31, 0x5b, 0x97, 0x92, 0x21,
0x7f, 0xf0, 0xcf, 0x18, 0xda, 0x91, 0x11, 0x02, 0x34, 0x86, 0xe8, 0x20,
0x58, 0x33, 0x0b, 0x80, 0x34, 0x89, 0xd8, 0xa3, 0x81, 0xf7, 0x30, 0x81,
0xf4, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
0x5d, 0x5d, 0x26, 0xef, 0xac, 0x7e, 0x36, 0xf9, 0x9b, 0x76, 0x15, 0x2b,
0x4a, 0x25, 0x02, 0x23, 0xef, 0xb2, 0x89, 0x30, 0x30, 0x81, 0xc4, 0x06,
0x03, 0x55, 0x1d, 0x23, 0x04, 0x81, 0xbc, 0x30, 0x81, 0xb9, 0x80, 0x14,
0x5d, 0x5d, 0x26, 0xef, 0xac, 0x7e, 0x36, 0xf9, 0x9b, 0x76, 0x15, 0x2b,
0x4a, 0x25, 0x02, 0x23, 0xef, 0xb2, 0x89, 0x30, 0xa1, 0x81, 0x95, 0xa4,
0x81, 0x92, 0x30, 0x81, 0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67,
0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07,
0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30,
0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x45, 0x6c, 0x69, 0x70,
0x74, 0x69, 0x63, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b,
0x0c, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55,
0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66,
0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10,
0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c,
0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x09, 0x00, 0xef, 0x46, 0xc7, 0xa4, 0x9b,
0xbb, 0x60, 0xd3, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,
0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21,
0x00, 0xf1, 0xd0, 0xa6, 0x3e, 0x83, 0x33, 0x24, 0xd1, 0x7a, 0x05, 0x5f,
0x1e, 0x0e, 0xbd, 0x7d, 0x6b, 0x33, 0xe9, 0xf2, 0x86, 0xf3, 0xf3, 0x3d,
0xa9, 0xef, 0x6a, 0x87, 0x31, 0xb3, 0xb7, 0x7e, 0x50, 0x02, 0x21, 0x00,
0xf0, 0x60, 0xdd, 0xce, 0xa2, 0xdb, 0x56, 0xec, 0xd9, 0xf4, 0xe4, 0xe3,
0x25, 0xd4, 0xb0, 0xc9, 0x25, 0x7d, 0xca, 0x7a, 0x5d, 0xba, 0xc4, 0xb2,
0xf6, 0x7d, 0x04, 0xc7, 0xbd, 0x62, 0xc9, 0x20
};
unsigned int server_cert_len = 788;
const unsigned char server_key[] = {
0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x45, 0xb6, 0x69, 0x02, 0x73,
0x9c, 0x6c, 0x85, 0xa1, 0x38, 0x5b, 0x72, 0xe8, 0xe8, 0xc7, 0xac, 0xc4,
0x03, 0x8d, 0x53, 0x35, 0x04, 0xfa, 0x6c, 0x28, 0xdc, 0x34, 0x8d, 0xe1,
0xa8, 0x09, 0x8c, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xbb, 0x33, 0xac,
0x4c, 0x27, 0x50, 0x4a, 0xc6, 0x4a, 0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f,
0x36, 0xdb, 0x72, 0x2d, 0xce, 0x94, 0xea, 0x2b, 0xfa, 0xcb, 0x20, 0x09,
0x39, 0x2c, 0x16, 0xe8, 0x61, 0x02, 0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93,
0x9a, 0x31, 0x5b, 0x97, 0x92, 0x21, 0x7f, 0xf0, 0xcf, 0x18, 0xda, 0x91,
0x11, 0x02, 0x34, 0x86, 0xe8, 0x20, 0x58, 0x33, 0x0b, 0x80, 0x34, 0x89,
0xd8
};
unsigned int server_key_len = 121;

220
contiki-nrf52/dtls-ota/dtls-ota.c 100644
View File

@ -0,0 +1,220 @@
/*
* DTLS-OTA
* Firmware upgrade over DTLS/IPv6/6LoWPAN/BLE
*
* Copyright (C) 2018 wolfSSL Inc.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*
*/
/* Contiki includes */
#include "contiki-net.h"
#include "sys/cc.h"
#include "wolfssl.h"
#include "uip-debug.h"
/* wolfboot includes */
#include "wolfboot/wolfboot.h"
#include "target.h"
#include "hal.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <nrf_soc.h>
#define SERVER_PORT 11111
#define FLASH_AREA_IMAGE_0 1
#define FLASH_AREA_IMAGE_1 2
extern const unsigned char server_cert[788];
extern const unsigned long server_cert_len;
#define MSGLEN (4+ 512)
#define PAGE_SIZE (4 * 1024)
static uint8_t buf[MSGLEN];
struct ota_ack {
uint32_t error;
uint32_t offset;
};
static void print_local_addresses(void)
{
int i;
uint8_t state;
printf("Client IPv6 address:\n");
for(i = 0; i < UIP_DS6_ADDR_NB; i++) {
state = uip_ds6_if.addr_list[i].state;
if(uip_ds6_if.addr_list[i].isused && (state == ADDR_TENTATIVE || state
== ADDR_PREFERRED)) {
printf(" ");
uip_debug_ipaddr_print(&uip_ds6_if.addr_list[i].ipaddr);
printf("\n");
if(state == ADDR_TENTATIVE) {
uip_ds6_if.addr_list[i].state = ADDR_PREFERRED;
}
}
}
}
static struct uip_wolfssl_ctx *sk = NULL;
static struct etimer et;
PROCESS(dtls_client_process, "DTLS process");
AUTOSTART_PROCESSES(&dtls_client_process);
/*---------------------------------------------------------------------------*/
PROCESS_THREAD(dtls_client_process, ev, data)
{
PROCESS_BEGIN();
static int ret = 0;
uip_ipaddr_t server, ipaddr;
static struct ota_ack ack;
static uint32_t tot_len = 0;
static uint32_t offset = 0;
static uint32_t addr = 0;
uip_ip6addr(&ipaddr, UIP_DS6_DEFAULT_PREFIX, 0, 0, 0, 0, 0, 0, 0);
uip_ds6_set_addr_iid(&ipaddr, &uip_lladdr);
uip_ds6_addr_add(&ipaddr, 0, ADDR_AUTOCONF);
printf("OTA BLE Firmware upgrade, powered by Contiki + WolfSSL + wolfBoot.\n");
print_local_addresses();
sk = dtls_socket_register(wolfDTLSv1_2_client_method());
if (!sk) {
while(1)
;
}
sk->process = &dtls_client_process;
/* Load certificate file for the DTLS client */
if (wolfSSL_CTX_use_certificate_buffer(sk->ctx, server_cert,
server_cert_len, SSL_FILETYPE_ASN1 ) != SSL_SUCCESS)
while(1)
;
sk->ssl = wolfSSL_new(sk->ctx);
wolfSSL_CTX_set_verify(sk->ctx, SSL_VERIFY_NONE, 0);
wolfSSL_SetIOReadCtx(sk->ssl, sk);
wolfSSL_SetIOWriteCtx(sk->ssl, sk);
if (sk->ssl == NULL) {
while(1)
;
}
wolfSSL_dtls_set_using_nonblock(sk->ssl, 0);
#ifdef NETSTACK_CONF_WITH_IPV4
uip_ipaddr(&server, 172, 18, 0, 1);
#else
uip_ip6addr(&server, 0xfd00, 0xa, 0, 0, 0, 0, 0, 1);
#endif
dtls_set_endpoint(sk, &server, SERVER_PORT);
wolfBoot_success();
printf("connecting to server...\n");
do {
ret = wolfSSL_connect(sk->ssl);
if (ret != SSL_SUCCESS) {
etimer_set(&et, 5 * CLOCK_SECOND);
PROCESS_WAIT_EVENT_UNTIL(etimer_expired(&et) || (sk->ssl_rb_len > sk->ssl_rb_off));
if (sk->ssl_rb_len > sk->ssl_rb_off)
continue;
printf("\nTimeout!\nRetrying...\n");
free(sk->ssl);
sk->ssl = wolfSSL_new(sk->ctx);
wolfSSL_SetIOReadCtx(sk->ssl, sk);
wolfSSL_SetIOWriteCtx(sk->ssl, sk);
}
} while(ret != SSL_SUCCESS);
printf("Connected to OTA server.\n");
do {
PROCESS_WAIT_EVENT_UNTIL(sk->ssl_rb_len > sk->ssl_rb_off);
ret = wolfSSL_read(sk->ssl, &tot_len, sizeof(uint32_t));
if (ret != sizeof(uint32_t)) {
printf("wolfSSL_read returned %d\r\n", ret);
}
} while (ret <= 0);
if ((tot_len < 256) || (tot_len > WOLFBOOT_PARTITION_SIZE)) {
printf("Wrong firmware size received: %lu\r\n", tot_len);
ack.error = 1;
ack.offset = 0;
wolfSSL_write(sk->ssl, &ack, sizeof(ack));
goto cleanup;
}
printf("Firmware size: %lu\n", tot_len);
for (addr = 0; addr < WOLFBOOT_PARTITION_SIZE; addr += 4096)
sd_flash_page_erase((WOLFBOOT_PARTITION_UPDATE_ADDRESS + addr) / 4096);
printf("Erase complete. Start flashing\n");
ack.offset = offset;
wolfSSL_write(sk->ssl, &ack, sizeof(ack));
while (offset < tot_len) {
static uint32_t *server_offset;
ack.error = 0;
ack.offset = offset;
do {
etimer_set(&et, 10 * CLOCK_SECOND);
PROCESS_WAIT_EVENT_UNTIL(etimer_expired(&et) || (sk->ssl_rb_len > sk->ssl_rb_off));
if (etimer_expired(&et)) {
printf("Timeout error while receiving firmware. Update failed.\n");
goto cleanup;
}
ret = wolfSSL_read(sk->ssl, buf, MSGLEN);
if (ret <= 0) {
printf("wolfSSL_read returned %d\r\n", ret);
}
server_offset = (uint32_t *)buf;
if (*server_offset != offset) {
} else {
ack.offset = offset + ret - sizeof(uint32_t);
wolfSSL_write(sk->ssl, &ack, sizeof(ack));
hal_flash_write(WOLFBOOT_PARTITION_UPDATE_ADDRESS + offset, buf + sizeof(uint32_t), ret - sizeof(uint32_t));
offset += ret - sizeof(uint32_t);
printf("RECV: %lu/%lu\r\n", offset, tot_len);
}
} while (ret <= 0);
}
if (offset == tot_len) {
printf("Closing connection.\r\n");
printf("Transfer complete. Triggering wolfBoot upgrade.\r\n");
dtls_socket_close(sk);
wolfBoot_update_trigger();
printf("Rebooting...\n");
etimer_set(&et, 1 * CLOCK_SECOND);
PROCESS_WAIT_EVENT_UNTIL(etimer_expired(&et));
sd_nvic_SystemReset();
while(1)
; /* Wait for reboot */
}
cleanup:
printf("Closing connection.\r\n");
dtls_socket_close(sk);
sk->ssl = NULL;
sk->peer_port = 0;
PROCESS_END();
}
/*---------------------------------------------------------------------------*/

BIN
contiki-nrf52/dtls-ota/server-ecc.crt 100644
View File

Binary file not shown.

4
contiki-nrf52/dtls-ota/softdevice.jlink 100644
View File

@ -0,0 +1,4 @@
loadfile /home/dan/src/wolfBoot/ota-examples/nrf52-6lowpan-contiki-dtls/nrf5x-softdevice/components/softdevice/s1xx_iot/s1xx-iot-prototype3_nrf52_softdevice.hex
r
g
q

4
contiki-nrf52/dtls-ota/symbols.c 100644
View File

@ -0,0 +1,4 @@
#include "symbols.h"
const int symbols_nelts = 0;
const struct symbols symbols[] = {{0,0}};

3
contiki-nrf52/dtls-ota/symbols.h 100644
View File

@ -0,0 +1,3 @@
#include "loader/symbols.h"
extern const struct symbols symbols[1];

70
contiki-nrf52/dtls-ota/user_settings.h 100644
View File

@ -0,0 +1,70 @@
#include <stdint.h>
#if defined CONTIKI_TARGET_NATIVE || defined CONTIKI_TARGET_MINIMAL_NET
#define WOLFSSL_GENERAL_ALIGNMENT 8
#elif defined CONTIKI_TARGET_SKY
# error "16-bit platforms not supported!"
#else
#define NO_64BIT
#define WOLFSSL_GENERAL_ALIGNMENT 4
#endif
//#define DEBUG_WOLFSSL
//#define WOLFSSL_LOG_PRINTF
#define WOLFSSL_CONTIKI
#define WOLFSSL_UIP
#define USER_TICKS
#define WOLFSSL_USER_CURRTIME
#define NO_WOLFSSL_MEMORY
//#define RSA_LOW_MEM
#define NO_OLD_RNGNAME
#define SMALL_SESSION_CACHE
//#define WOLFSSL_SMALL_STACK
#define WOLFSSL_DTLS
#define TFM_ARM
#define SINGLE_THREADED
#define NO_SIG_WRAPPER
//#define HAVE_FFDHE_2048
//#define HAVE_CHACHA
//#define HAVE_POLY1305
#define HAVE_ECC
//#define HAVE_CURVE25519
//#define CURVED25519_SMALL
#define HAVE_ONE_TIME_AUTH
#define WOLFSSL_DH_CONST
#define WORD64_AVAILABLE
//#define HAVE_ED25519
//#define HAVE_SHA512
//#define WOLFSSL_SHA512
#define USE_SLOW_SHA
#define USE_SLOW_SHA2
//#define USE_SLOW_SHA512
#define NO_RSA
#define NO_DES3
#define NO_DH
#define NO_DSA
#define NO_MD4
#define NO_RABBIT
#define NO_RC4
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
//#define WC_RSA_BLINDING
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_FILESYSTEM
#define NO_MAIN_DRIVER
#define NO_MD4
#define NO_RABBIT
#define NO_HC128
#include <stdlib.h>
#include "contiki-net.h"
#include "sys/cc.h"
#include "wolfssl.h"

6
contiki-nrf52/flash_all.jlink 100644
View File

@ -0,0 +1,6 @@
loadfile nrf5x-softdevice/components/softdevice/s1xx_iot/s1xx-iot-prototype3_nrf52_softdevice.hex
loadbin wolfBoot/wolfboot.bin 0x1f000
loadbin dtls-ota/dtls-ota-signed.bin 0x2f000
r
g
q

4
contiki-nrf52/flash_erase.jlink 100644
View File

@ -0,0 +1,4 @@
erase
r
q

4
contiki-nrf52/flash_update.jlink 100644
View File

@ -0,0 +1,4 @@
loadbin dtls-ota/dtls-ota-force-update.bin 0x58000
r
g
q

1
contiki-nrf52/force-update 100644
View File

@ -0,0 +1 @@
pBOOT

51
contiki-nrf52/nrf52.ld 100644
View File

@ -0,0 +1,51 @@
MEMORY
{
FLASH (rx) : ORIGIN = 0x0001f000, LENGTH = 0x0010000
RAM (rwx) : ORIGIN = 0x20002800, LENGTH = 0xD800
}
SECTIONS
{
.text :
{
_start_text = .;
KEEP(*(.isr_vector))
*(.text*)
*(.rodata*)
*(.init*)
*(.fini*)
. = ALIGN(4);
_end_text = .;
} > FLASH
.edidx :
{
. = ALIGN(4);
*(.ARM.exidx*)
} > FLASH
_stored_data = .;
.data : AT (_stored_data)
{
_start_data = .;
KEEP(*(.data*))
. = ALIGN(4);
_end_data = .;
} > RAM
.bss (NOLOAD) :
{
_start_bss = .;
__bss_start__ = .;
*(.bss*)
*(COMMON)
. = ALIGN(4);
_end_bss = .;
__bss_end__ = .;
_end = .;
} > RAM
. = ALIGN(4);
}
END_STACK = ORIGIN(RAM) + LENGTH(RAM);

339
contiki-nrf52/ota-server/LICENSE 100644
View File

@ -0,0 +1,339 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.

11
contiki-nrf52/ota-server/Makefile 100644
View File

@ -0,0 +1,11 @@
CC=gcc
CFLAGS=-Wall -DWOLFSSL_DTLS -DWOLFSSL_DEBUG -DTFM_TIMING_RESISTANT
EXE=ota-server
LIBS=-lwolfssl -lpthread
$(EXE): $(EXE).o
$(CC) -o $@ $^ $(CFLAGS) $(LIBS)
clean:
rm -f *.o $(EXE)

9
contiki-nrf52/ota-server/ecc-key.pem 100644
View File

@ -0,0 +1,9 @@
ASN1 OID: prime256v1
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIEW2aQJznGyFoThbcujox6zEA41TNQT6bCjcNI3hqAmMoAoGCCqGSM49
AwEHoUQDQgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKT
mjFbl5Ihf/DPGNqREQI0huggWDMLgDSJ2A==
-----END EC PRIVATE KEY-----

299
contiki-nrf52/ota-server/ota-server.c 100644
View File

@ -0,0 +1,299 @@
/* ota-server.c
*
* based on dtls-server.c from wolfssl-examples repository.
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*
*=============================================================================
*
* OTA Upgrade mechanism implemented using DTLS 1.2
*
*/
#include <stdio.h> /* standard in/out procedures */
#include <stdlib.h> /* defines system calls */
#include <string.h> /* necessary for memset */
#include <netdb.h>
#include <sys/socket.h> /* used for all socket calls */
#include <netinet/in.h> /* used for sockaddr_in6 */
#include <arpa/inet.h>
#include <wolfssl/ssl.h>
#include <errno.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/stat.h>
#define SERV_PORT 11111 /* define our server port number */
#define MSGLEN 512 + 4
int wolfSSL_6LoWPAN_Send(WOLFSSL* ssl, char *buf, int sz, void *ctx);
static int cleanup; /* To handle shutdown */
struct sockaddr_in6 servAddr; /* our server's address */
struct sockaddr_in6 cliaddr; /* the client's address */
struct ota_ack {
uint32_t error;
uint32_t offset;
};
int main(int argc, char** argv)
{
/* cont short for "continue?", Loc short for "location" */
int cont = 0;
char caCertLoc[] = "./server-ecc.pem";
char servCertLoc[] = "./server-ecc.pem";
char servKeyLoc[] = "./ecc-key.pem";
WOLFSSL_CTX* ctx;
/* Variables for awaiting datagram */
int on = 1;
int res = 1;
int sent = 0;
int connfd = 0;
int listenfd = 0; /* Initialize our socket */
WOLFSSL* ssl = NULL;
socklen_t cliLen;
char buff[MSGLEN];
uint32_t len, tot_len;
int ffd; /* Firmware file descriptor */
struct stat st;
struct ota_ack ack;
if (argc != 2) {
printf("Usage: %s firmware_filename\n", argv[0]);
exit(1);
}
ffd = open(argv[1], O_RDONLY);
if (ffd < 0) {
perror("opening file");
exit(2);
}
res = fstat(ffd, &st);
if (res != 0) {
perror("fstat file");
exit(2);
}
tot_len = st.st_size;
/* "./config --enable-debug" and uncomment next line for debugging */
wolfSSL_Debugging_ON();
/* Initialize wolfSSL */
wolfSSL_Init();
/* Set ctx to DTLS 1.2 */
if ((ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method())) == NULL) {
printf("wolfSSL_CTX_new error.\n");
return 1;
}
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
wolfSSL_CTX_SetIOSend(ctx, wolfSSL_6LoWPAN_Send);
/* Load CA certificates */
if (wolfSSL_CTX_load_verify_locations(ctx,caCertLoc,0) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", caCertLoc);
return 1;
}
/* Load server certificates */
if (wolfSSL_CTX_use_certificate_file(ctx, servCertLoc, SSL_FILETYPE_PEM) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servCertLoc);
return 1;
}
/* Load server Keys */
if (wolfSSL_CTX_use_PrivateKey_file(ctx, servKeyLoc,
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servKeyLoc);
return 1;
}
/* Await Datagram */
while (cleanup != 1) {
/* Create a UDP/IP socket */
if ((listenfd = socket(AF_INET6, SOCK_DGRAM, 0)) < 0 ) {
printf("Cannot create socket.\n");
cleanup = 1;
}
printf("Socket allocated\n");
/* clear servAddr each loop */
memset((char *)&servAddr, 0, sizeof(servAddr));
/* host-to-network-long conversion (htonl) */
/* host-to-network-short conversion (htons) */
servAddr.sin6_family = AF_INET6;
servAddr.sin6_port = htons(SERV_PORT);
/* Eliminate socket already in use error */
res = setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
if (res < 0) {
perror("Setsockopt SO_REUSEADDR failed");
cleanup = 1;
cont = 1;
}
/*Bind Socket*/
if (bind(listenfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) < 0) {
printf("Bind failed.\n");
cleanup = 1;
cont = 1;
}
printf("Awaiting client connection on port %d\n", SERV_PORT);
cliLen = sizeof(cliaddr);
connfd = (int)recvfrom(listenfd, (char *)&buff, sizeof(buff), MSG_PEEK,
(struct sockaddr*)&cliaddr, &cliLen);
if (connfd < 0) {
printf("No clients in queue, enter idle state\n");
continue;
}
else if (connfd > 0) {
if (connect(listenfd, (const struct sockaddr *)&cliaddr,
sizeof(cliaddr)) != 0) {
printf("Udp connect failed.\n");
cleanup = 1;
cont = 1;
}
} else {
printf("Recvfrom failed.\n");
cleanup = 1;
cont = 1;
}
printf("Client connected!\n");
/* Create the WOLFSSL Object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("wolfSSL_new error.\n");
cleanup = 1;
cont = 1;
}
wolfSSL_dtls_set_timeout_init(ssl, 12);
/* set the session ssl to client connection port */
wolfSSL_set_fd(ssl, listenfd);
wolfSSL_SetIOWriteCtx(ssl, &listenfd);
if (wolfSSL_accept(ssl) != SSL_SUCCESS) {
int e = wolfSSL_get_error(ssl, 0);
printf("error = %d, %s\n", e, wolfSSL_ERR_reason_error_string(e));
printf("SSL_accept failed.\n");
continue;
}
len = 0;
lseek(ffd, 0, SEEK_SET);
res = wolfSSL_write(ssl, &tot_len, sizeof(uint32_t));
printf("Sent image file size (%d)\n", tot_len);
while (len < tot_len) {
res = wolfSSL_read(ssl, &ack, sizeof(ack));
if (res < 0) {
int readErr = wolfSSL_get_error(ssl, 0);
if(readErr != SSL_ERROR_WANT_READ) {
printf("SSL_read failed. (ssl error %d)\n", readErr);
cleanup = 1;
break;
}
}
if (ack.error != 0) {
printf("Device sent error = %d\n", ack.error);
cleanup = 1;
break;
}
if (ack.offset != len) {
printf("buf rewind %u\n", ack.offset);
lseek(ffd, ack.offset, SEEK_SET);
len = ack.offset;
}
res = read(ffd, buff + sizeof(uint32_t), MSGLEN - sizeof(uint32_t));
memcpy(buff, &len, sizeof(len));
if (res < 0) {
printf("EOF\r\n");
cleanup = 1;
break;
}
sent = wolfSSL_write(ssl, buff, res + sizeof(uint32_t));
if (sent > 0)
len += MSGLEN - sizeof(uint32_t);
printf("Sent bytes: %d/%d \r", len, tot_len);
fflush(stdout);
}
printf("\n\n");
wolfSSL_set_fd(ssl, 0);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
printf("Client left cont to idle state\n");
cont = 0;
}
/* With the "continue" keywords, it is possible for the loop to exit *
* without changing the value of cont */
if (cleanup == 1) {
cont = 1;
}
if (cont == 1) {
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
close(ffd);
}
return 0;
}
/* Custom send callback for wolfSSL.
*
* This introduces a 10ms delay after the packet is sent, so that
* there are no collision generated by Linux 6LoWPAN driver.
*
* return : nb bytes sent, or error
*/
int wolfSSL_6LoWPAN_Send(WOLFSSL* ssl, char *buf, int sz, void *ctx)
{
int sd = *(int*)ctx;
int sent;
sent = send(sd, buf, sz, 0);
if (sent < 0) {
if (errno == EWOULDBLOCK || errno == EAGAIN) {
return WOLFSSL_CBIO_ERR_WANT_WRITE;
}
else if (errno == ECONNRESET) {
return WOLFSSL_CBIO_ERR_CONN_RST;
}
else if (errno == EINTR) {
return WOLFSSL_CBIO_ERR_ISR;
}
else if (errno == EPIPE) {
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
}
else {
return WOLFSSL_CBIO_ERR_GENERAL;
}
}
usleep(10000);
return sent;
}

62
contiki-nrf52/ota-server/server-ecc.pem 100755
View File

@ -0,0 +1,62 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4096 (0x1000)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Oct 20 18:19:06 2017 GMT
Not After : Oct 18 18:19:06 2027 GMT
Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de:
9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c:
16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92:
21:7f:f0:cf:18:da:91:11:02:34:86:e8:20:58:33:
0b:80:34:89:d8
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
X509v3 Subject Key Identifier:
5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
X509v3 Authority Key Identifier:
keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:97:B4:BD:16:78:F8:47:F2
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:be:b8:58:f0:e4:15:01:1f:df:70:54:73:4a:
6c:40:1f:77:a8:b4:eb:52:1e:bf:f5:0d:b1:33:ca:6a:c4:76:
b9:02:21:00:97:08:de:2c:28:c1:45:71:b6:2c:54:87:98:63:
76:a8:21:34:90:a8:f7:9e:3f:fc:02:b0:e7:d3:09:31:27:e4
-----BEGIN CERTIFICATE-----
MIIDUDCCAvWgAwIBAgICEAAwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE3MTAy
MDE4MTkwNloXDTI3MTAxODE4MTkwNlowgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGlj
MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eS
IX/wzxjakRECNIboIFgzC4A0idijggE1MIIBMTAJBgNVHRMEAjAAMBEGCWCGSAGG
+EIBAQQEAwIGQDAdBgNVHQ4EFgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgcwGA1Ud
IwSBxDCBwYAUVo6aw/BC3hi5RVVu+ZPP6sPzpSGhgZ2kgZowgZcxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3
LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA
l7S9Fnj4R/IwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoG
CCqGSM49BAMCA0kAMEYCIQC+uFjw5BUBH99wVHNKbEAfd6i061Iev/UNsTPKasR2
uQIhAJcI3iwowUVxtixUh5hjdqghNJCo954//AKw59MJMSfk
-----END CERTIFICATE-----

25
contiki-nrf52/ota-server/start.sh 100755
View File

@ -0,0 +1,25 @@
#!/bin/bash
if (! test -f mac.txt); then
echo "please create a file mac.txt with your device's BLE address"
exit 1
fi
sudo modprobe bluetooth_6lowpan || true
echo "0" | sudo tee /sys/kernel/debug/bluetooth/6lowpan_enable
sleep .5
echo "1" | sudo tee /sys/kernel/debug/bluetooth/6lowpan_enable
echo "1" | sudo tee /proc/sys/net/ipv6/conf/all/forwarding
MAC=`cat mac.txt`
make
echo "connect $MAC 1" | sudo tee /sys/kernel/debug/bluetooth/6lowpan_control
while ( ! sudo ifconfig bt0 ); do
sleep 1
done
sudo ifconfig bt0 add fd00:a::1/64
sleep 1
sudo service radvd restart
sudo tcpdump -i bt0 -n -w contiki.pcap &
./ota-server ../dtls-ota/dtls-ota-signed.bin
sudo killall tcpdump

12
contiki-nrf52/target.h 100644
View File

@ -0,0 +1,12 @@
#ifndef H_TARGETS_TARGET_
#define H_TARGETS_TARGET_
#define WOLFBOOT_SECTOR_SIZE 4096
#define WOLFBOOT_PARTITION_SIZE 0x28000
#define WOLFBOOT_PARTITION_BOOT_ADDRESS 0x2f000
#define WOLFBOOT_PARTITION_SWAP_ADDRESS 0x57000
#define WOLFBOOT_PARTITION_UPDATE_ADDRESS 0x58000
#endif

1
wolfBoot 160000

@ -0,0 +1 @@
Subproject commit a23627cfc2211035ec596ed6c1b19221653dc915