forked from esp8266/Arduino
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSSLCertificateVerification.ino
155 lines (143 loc) · 7.07 KB
/
SSLCertificateVerification.ino
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
/**
* SSLCertificateVerification.ino
*
* Created on: 04.28.2017
*
*/
#include <ESP8266WiFi.h>
#include <ESP8266HTTPClient.h>
#include <time.h>
//WiFi
const char wifissid[] = "WiFi";
const char wifipsk[] = "Password";
// This is a binary dump of the root CA.
// You can also choose to load the cert via a file stream.
// Here are steps one can use to dump the CA:
// 1) openssl s_client -connect google.com:443
// The output has a "Certificate chain" section. Your root CA is the bottom line.
// In the case of google.com, this line is
// "i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority"
// This means we need to validate with the Equifax Secure CA
// 2) Open Keychain Access. In the Search bar type "Equifax" and press Enter.
// 3) Right-click the cert and click Export and save it as a .cer.
// 4) In the terminal, type xxd -i <path_to_cer_file>
unsigned char Equifax_cer[] = {
0x30, 0x82, 0x03, 0x20, 0x30, 0x82, 0x02, 0x89, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x04, 0x35, 0xde, 0xf4, 0xcf, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x4e,
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x07,
0x45, 0x71, 0x75, 0x69, 0x66, 0x61, 0x78, 0x31, 0x2d, 0x30, 0x2b, 0x06,
0x03, 0x55, 0x04, 0x0b, 0x13, 0x24, 0x45, 0x71, 0x75, 0x69, 0x66, 0x61,
0x78, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x43, 0x65, 0x72,
0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74,
0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x30, 0x1e, 0x17, 0x0d, 0x39, 0x38,
0x30, 0x38, 0x32, 0x32, 0x31, 0x36, 0x34, 0x31, 0x35, 0x31, 0x5a, 0x17,
0x0d, 0x31, 0x38, 0x30, 0x38, 0x32, 0x32, 0x31, 0x36, 0x34, 0x31, 0x35,
0x31, 0x5a, 0x30, 0x4e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x0a, 0x13, 0x07, 0x45, 0x71, 0x75, 0x69, 0x66, 0x61, 0x78, 0x31,
0x2d, 0x30, 0x2b, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x24, 0x45, 0x71,
0x75, 0x69, 0x66, 0x61, 0x78, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65,
0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x30, 0x81,
0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02,
0x81, 0x81, 0x00, 0xc1, 0x5d, 0xb1, 0x58, 0x67, 0x08, 0x62, 0xee, 0xa0,
0x9a, 0x2d, 0x1f, 0x08, 0x6d, 0x91, 0x14, 0x68, 0x98, 0x0a, 0x1e, 0xfe,
0xda, 0x04, 0x6f, 0x13, 0x84, 0x62, 0x21, 0xc3, 0xd1, 0x7c, 0xce, 0x9f,
0x05, 0xe0, 0xb8, 0x01, 0xf0, 0x4e, 0x34, 0xec, 0xe2, 0x8a, 0x95, 0x04,
0x64, 0xac, 0xf1, 0x6b, 0x53, 0x5f, 0x05, 0xb3, 0xcb, 0x67, 0x80, 0xbf,
0x42, 0x02, 0x8e, 0xfe, 0xdd, 0x01, 0x09, 0xec, 0xe1, 0x00, 0x14, 0x4f,
0xfc, 0xfb, 0xf0, 0x0c, 0xdd, 0x43, 0xba, 0x5b, 0x2b, 0xe1, 0x1f, 0x80,
0x70, 0x99, 0x15, 0x57, 0x93, 0x16, 0xf1, 0x0f, 0x97, 0x6a, 0xb7, 0xc2,
0x68, 0x23, 0x1c, 0xcc, 0x4d, 0x59, 0x30, 0xac, 0x51, 0x1e, 0x3b, 0xaf,
0x2b, 0xd6, 0xee, 0x63, 0x45, 0x7b, 0xc5, 0xd9, 0x5f, 0x50, 0xd2, 0xe3,
0x50, 0x0f, 0x3a, 0x88, 0xe7, 0xbf, 0x14, 0xfd, 0xe0, 0xc7, 0xb9, 0x02,
0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01, 0x09, 0x30, 0x82, 0x01, 0x05,
0x30, 0x70, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x69, 0x30, 0x67, 0x30,
0x65, 0xa0, 0x63, 0xa0, 0x61, 0xa4, 0x5f, 0x30, 0x5d, 0x31, 0x0b, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x07, 0x45, 0x71, 0x75,
0x69, 0x66, 0x61, 0x78, 0x31, 0x2d, 0x30, 0x2b, 0x06, 0x03, 0x55, 0x04,
0x0b, 0x13, 0x24, 0x45, 0x71, 0x75, 0x69, 0x66, 0x61, 0x78, 0x20, 0x53,
0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72,
0x69, 0x74, 0x79, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x04, 0x03,
0x13, 0x04, 0x43, 0x52, 0x4c, 0x31, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x1d,
0x10, 0x04, 0x13, 0x30, 0x11, 0x81, 0x0f, 0x32, 0x30, 0x31, 0x38, 0x30,
0x38, 0x32, 0x32, 0x31, 0x36, 0x34, 0x31, 0x35, 0x31, 0x5a, 0x30, 0x0b,
0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30,
0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
0x48, 0xe6, 0x68, 0xf9, 0x2b, 0xd2, 0xb2, 0x95, 0xd7, 0x47, 0xd8, 0x23,
0x20, 0x10, 0x4f, 0x33, 0x98, 0x90, 0x9f, 0xd4, 0x30, 0x1d, 0x06, 0x03,
0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x48, 0xe6, 0x68, 0xf9, 0x2b,
0xd2, 0xb2, 0x95, 0xd7, 0x47, 0xd8, 0x23, 0x20, 0x10, 0x4f, 0x33, 0x98,
0x90, 0x9f, 0xd4, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,
0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf6, 0x7d, 0x07, 0x41, 0x00, 0x04, 0x0d, 0x30, 0x0b, 0x1b, 0x05,
0x56, 0x33, 0x2e, 0x30, 0x63, 0x03, 0x02, 0x06, 0xc0, 0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00,
0x03, 0x81, 0x81, 0x00, 0x58, 0xce, 0x29, 0xea, 0xfc, 0xf7, 0xde, 0xb5,
0xce, 0x02, 0xb9, 0x17, 0xb5, 0x85, 0xd1, 0xb9, 0xe3, 0xe0, 0x95, 0xcc,
0x25, 0x31, 0x0d, 0x00, 0xa6, 0x92, 0x6e, 0x7f, 0xb6, 0x92, 0x63, 0x9e,
0x50, 0x95, 0xd1, 0x9a, 0x6f, 0xe4, 0x11, 0xde, 0x63, 0x85, 0x6e, 0x98,
0xee, 0xa8, 0xff, 0x5a, 0xc8, 0xd3, 0x55, 0xb2, 0x66, 0x71, 0x57, 0xde,
0xc0, 0x21, 0xeb, 0x3d, 0x2a, 0xa7, 0x23, 0x49, 0x01, 0x04, 0x86, 0x42,
0x7b, 0xfc, 0xee, 0x7f, 0xa2, 0x16, 0x52, 0xb5, 0x67, 0x67, 0xd3, 0x40,
0xdb, 0x3b, 0x26, 0x58, 0xb2, 0x28, 0x77, 0x3d, 0xae, 0x14, 0x77, 0x61,
0xd6, 0xfa, 0x2a, 0x66, 0x27, 0xa0, 0x0d, 0xfa, 0xa7, 0x73, 0x5c, 0xea,
0x70, 0xf1, 0x94, 0x21, 0x65, 0x44, 0x5f, 0xfa, 0xfc, 0xef, 0x29, 0x68,
0xa9, 0xa2, 0x87, 0x79, 0xef, 0x79, 0xef, 0x4f, 0xac, 0x07, 0x77, 0x38
};
unsigned int Equifax_cer_len = 804;
void intializeClock() {
configTime(0, 0, "pool.ntp.org", "time.nist.gov");
Serial.println("\nWaiting for time");
while (!time(nullptr)) {
Serial.print(".");
delay(1000);
}
Serial.println("");
time_t now = time(nullptr);
Serial.print("Clock initialized to (UTC): ");
Serial.println(ctime(&now));
}
void runTest() {
intializeClock(); // We must initialize sntp in order to verify certs
HTTPClient http;
http.begin("https://www.google.com", 443);
http.setRootCA(Equifax_cer, Equifax_cer_len);
int result = http.GET();
if (result < 0) {
Serial.printf("Failed to connect. Error code %d\n", result);
}
else {
http.writeToStream(&Serial);
}
http.end();
Serial.println();
}
void connectWiFi() {
Serial.println("Connecting to: " + String(wifissid));
WiFi.mode(WIFI_STA);
WiFi.begin(wifissid,wifipsk);
while (WiFi.waitForConnectResult() != WL_CONNECTED) {
Serial.println("Connection Failed! Rebooting...");
delay(5000);
ESP.restart();
}
Serial.println("WiFi Connected");
Serial.print("IP address: ");
Serial.println(WiFi.localIP());
}
void setup() {
// put your setup code here, to run once:
Serial.begin(115200);
Serial.println("Booting");
connectWiFi();
runTest();
Serial.println("Complete");
}
void loop() {
}