Add support for TLS.

Cert is self-signed and auto-generated on first boot. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2026-05-28 17:11:23 +02:00 · 2026-04-19 03:16:54 +02:00
parent f8cbb145f4
commit febae0e664
8 changed files with 1034 additions and 259 deletions
--- a/src/usb/lwip/rest_server.h
+++ b/src/usb/lwip/rest_server.h
@@ -22,49 +22,53 @@
 #ifdef ENABLE_EMULATION
 typedef int err_t;
 #define ERR_OK 0
+#define ERR_VAL -6
+#define ERR_ABRT -13
 #else
 #include "lwip/err.h"
 #endif
 #include <stddef.h>
 #include <stdint.h>
 #include "cJSON.h"
+#include <stdbool.h>
+#include "mbedtls/ssl.h"
+#include "rest.h"

+#define REST_PORT 80
+#define REST_MAX_CONNS 4
+#define REST_MAX_REQUEST_SIZE 1024
+#define REST_MAX_METHOD_SIZE 8
+#define REST_MAX_CONTENT_TYPE_SIZE 64
 #define REST_MAX_PATH_SIZE 192

+#define EF_TLS_KEY       0xD500
+#define EF_TLS_CERT      0xD501
+
 typedef enum {
-    REST_HTTP_GET = 0,
-    REST_HTTP_POST,
-    REST_HTTP_PUT,
-    REST_HTTP_DELETE
-} rest_http_method_t;
+    REST_CONN_PLAIN = 0x1,
+    REST_CONN_TLS = 0x2,
+    REST_CONN_ALL = REST_CONN_PLAIN | REST_CONN_TLS
+} rest_conn_type_t;

 typedef struct {
-    rest_http_method_t method;
-    char path[REST_MAX_PATH_SIZE];
-    const char *body;
-    size_t body_len;
-    const char *content_type;
-} rest_request_t;
+    bool in_use;
+#ifdef ENABLE_EMULATION
+    int sock;
+#else
+    struct tcp_pcb *pcb;
+#endif
+    char request[REST_MAX_REQUEST_SIZE + 1];
+    size_t request_len;
+    rest_conn_type_t conn_type;
+    mbedtls_ssl_context ssl;
+    unsigned char rx_cipher[REST_MAX_REQUEST_SIZE];
+    size_t rx_cipher_len;
+    bool handshake_done;
+    bool request_complete;
+    bool request_dispatched;
+} rest_conn_t;

-typedef struct {
-    uint16_t status_code;
-    const char *content_type;
-    char *body; // heap !
-    size_t body_len;
-    cJSON *json;
-} rest_response_t;
-
-typedef int (*rest_route_handler_t)(const rest_request_t *request, rest_response_t *response);
-
-typedef struct {
-    rest_http_method_t method;
-    const char *path;
-    rest_route_handler_t handler;
-} rest_route_t;
-
-const rest_route_t *rest_get_routes(size_t *count);
-
-err_t rest_server_init(void);
+err_t rest_server_init(rest_conn_type_t conn_type);
 int lwip_itf_init(void);

 extern int rest_server_error(rest_response_t *response, int status_code, const char *message);