Skip to content

Commit

Permalink
Tools for configuring AWS credentials in MQTT Mutual Auth Demo (FreeR…
Browse files Browse the repository at this point in the history 
…TOS#370)

This adds aws_config_offline, which allows the user to download demo_config.h for the MQTT Mutual Auth Demo using a webpage.
This also adds aws_config_quick_start, which provides a means to generate demo_config.h for the Mutual Auth Demo with boto3.
  • Loading branch information
@yourslab
yourslab authored Oct 30, 2020
1 parent 4124ac0 commit 58adeb2
Show file tree
Hide file tree
Showing 14 changed files with 1,481 additions and 0 deletions.
95 changes: 95 additions & 0 deletions tools/aws_config_offline/CertificateConfigurator.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
<!DOCTYPE html>
<html lang="en">

<head>
<title>FreeRTOS.org Developer Demos Configuration Tool</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<script src="js/aws_iot_demo_config_template.js"></script>
<script src="js/generator.js"></script>
</head>

<body>
<div class="row">
<div class="col-lg-2"></div>
<div class="col-lg-8">
<div class="panel panel-primary">
<div class="panel-heading">
<h2>AWS Profile Configuration Tool</h2>
<h4>FreeRTOS.org Developer Demos</h4>
</div>
<div class="panel-body">
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<p class="text-primary" style="font-size:18px">
Enter Thing name and endpoint. Provide client certificate and private key PEM files
downloaded from the AWS IoT Console.
</p>
<div class="panel panel-default">
<div class="panel-body" style="background: #F8F8F8;">
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="thingName" style="font-size:16px">
Thing Name:
</label>
<input type="text" class="form-control" id="thingName"
placeholder="FreeRTOSThing" />
</div>
<div class="form-group">
<label for="AWSEndpoint" style="font-size:16px">
AWS IoT Thing Endpoint:
</label>
<input type="url" class="form-control" id="AWSEndpoint"
placeholder="abc123defghijk.iot.us-west-2.amazonaws.com" />
</div>
<div class="form-group">
<label for="pemInputFileCertificate" style="font-size:16px">
Certificate PEM file:
</label>
<input type="file" class="form-control-file"
id="pemInputFileCertificate" />
</div>
<br />
<div class="form-group">
<label for="pemInputFilePrivateKey" style="font-size:16px">
Private Key PEM file:
</label>
<input type="file" class="form-control-file"
id="pemInputFilePrivateKey" />
</div>
<br />
<button type="button" class="btn btn-primary" style="font-size:16px"
onclick='generateCertificateConfigurationHeader()'>
<span class="glyphicon glyphicon-download"></span>
Generate and save demo_config.h
</button>
</div>
</div>
</div>
</div>
<p class="text-primary" style="font-size:14px">
<span class="glyphicon glyphicon-warning-sign" style="font-size:16px"></span>
Save the generated header file to the
<i>FreeRTOS-Plus/Demo/coreMQTT_Windows_Simulator/MQTT_Mutual_Auth</i> folder
of the
demo project.
</p>
</div>
</div>
</div>
<div class="text-center">
Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
</div>
</div>
</div>
</div>
<div class="col-lg-2"></div>
</div>
</body>

</html>
260 changes: 260 additions & 0 deletions tools/aws_config_offline/js/aws_iot_demo_config_template.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,260 @@
var awsIotProfileTemplate =
`/*
* FreeRTOS Kernel V10.3.0
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
* this software and associated documentation files (the "Software"), to deal in
* the Software without restriction, including without limitation the rights to
* use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
* the Software, and to permit persons to whom the Software is furnished to do so,
* subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* http://www.FreeRTOS.org
* http://aws.amazon.com/freertos
*
*/
#ifndef DEMO_CONFIG_H
#define DEMO_CONFIG_H
/* FreeRTOS config include. */
#include "FreeRTOSConfig.h"
/**************************************************/
/******* DO NOT CHANGE the following order ********/
/**************************************************/
/* Include logging header files and define logging macros in the following order:
* 1. Include the header file "logging_levels.h".
* 2. Define the LIBRARY_LOG_NAME and LIBRARY_LOG_LEVEL macros depending on
* the logging configuration for DEMO.
* 3. Include the header file "logging_stack.h", if logging is enabled for DEMO.
*/
#include "logging_levels.h"
/* Logging configuration for the Demo. */
#ifndef LIBRARY_LOG_NAME
#define LIBRARY_LOG_NAME "MQTTDemo"
#endif
#ifndef LIBRARY_LOG_LEVEL
#define LIBRARY_LOG_LEVEL LOG_INFO
#endif
#include "logging_stack.h"
/************ End of logging configuration ****************/
/**
* @brief The MQTT client identifier used in this example. Each client identifier
* must be unique; so edit as required to ensure that no two clients connecting to
* the same broker use the same client identifier.
*
* #define democonfigCLIENT_IDENTIFIER "insert here."
*/
#define democonfigCLIENT_IDENTIFIER <IOTThingName>
/**
* @brief Endpoint of the MQTT broker to connect to.
*
* This demo application can be run with any MQTT broker, that supports mutual
* authentication.
*
* For AWS IoT MQTT broker, this is the Thing's REST API Endpoint.
*
* @note Your AWS IoT Core endpoint can be found in the AWS IoT console under
* Settings/Custom Endpoint, or using the describe-endpoint REST API (with
* AWS CLI command line tool).
*
* @note If you would like to setup an MQTT broker for running this demo,
* please see \`mqtt_broker_setup.txt\`.
*
* #define democonfigMQTT_BROKER_ENDPOINT "...insert here..."
*/
#define democonfigMQTT_BROKER_ENDPOINT <IOTEndpoint>
/**
* @brief The port to use for the demo.
*
* In general, port 8883 is for secured MQTT connections.
*
* @note Port 443 requires use of the ALPN TLS extension with the ALPN protocol
* name. Using ALPN with this demo would require additional changes, including
* setting the \`pAlpnProtos\` member of the \`NetworkCredentials_t\` struct before
* forming the TLS connection. When using port 8883, ALPN is not required.
*
* #define democonfigMQTT_BROKER_PORT ( insert here. )
*/
#define democonfigMQTT_BROKER_PORT ( 8883 )
/**
* @brief Server's root CA certificate.
*
* For AWS IoT MQTT broker, this certificate is used to identify the AWS IoT
* server and is publicly available. Refer to the AWS documentation available
* in the link below.
* https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html#server-authentication-certs
*
* @note This certificate should be PEM-encoded.
*
* Must include the PEM header and footer:
* "-----BEGIN CERTIFICATE-----\n"\
* "...base64 data...\n"\
* "-----END CERTIFICATE-----\n"
*
* #define democonfigROOT_CA_PEM "...insert here..."
*/
#define democonfigROOT_CA_PEM \\
"-----BEGIN CERTIFICATE-----\\n" \\
"MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF\\n" \\
"ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\\n" \\
"b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL\\n" \\
"MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\\n" \\
"b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\\n" \\
"ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\\n" \\
"9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\\n" \\
"IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\\n" \\
"VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\\n" \\
"93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\\n" \\
"jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\\n" \\
"AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA\\n" \\
"A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI\\n" \\
"U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs\\n" \\
"N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv\\n" \\
"o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU\\n" \\
"5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy\\n" \\
"rqXRfboQnoZsG4q5WTP468SQvvG5\\n" \\
"-----END CERTIFICATE-----\\n"
/**
* @brief Client certificate.
*
* For AWS IoT MQTT broker, refer to the AWS documentation below for details
* regarding client authentication.
* https://docs.aws.amazon.com/iot/latest/developerguide/client-authentication.html
*
* @note This certificate should be PEM-encoded.
*
* Must include the PEM header and footer:
* "-----BEGIN CERTIFICATE-----\n"\
* "...base64 data...\n"\
* "-----END CERTIFICATE-----\n"
*
* #define democonfigCLIENT_CERTIFICATE_PEM "...insert here..."
*/
#define democonfigCLIENT_CERTIFICATE_PEM \\
<ClientCertificatePEM>
/**
* @brief PEM-encoded client private key.
*
* Must include the PEM header and footer:
* "-----BEGIN RSA PRIVATE KEY-----\\n"\\
* "...base64 data...\\n"\\
* "-----END RSA PRIVATE KEY-----\\n"
*
* #define democonfigCLIENT_PRIVATE_KEY_PEM "...insert here..."
*/
#define democonfigCLIENT_PRIVATE_KEY_PEM \\
<ClientPrivateKeyPEM>
/**
* @brief An option to disable Server Name Indication.
*
* @note When using a local Mosquitto server setup, SNI needs to be disabled
* for an MQTT broker that only has an IP address but no hostname. However,
* SNI should be enabled whenever possible.
*/
#define democonfigDISABLE_SNI ( pdFALSE )
/**
* @brief Configuration that indicates if the demo connection is made to the AWS IoT Core MQTT broker.
*
* If username/password based authentication is used, the demo will use appropriate TLS ALPN and
* SNI configurations as required for the Custom Authentication feature of AWS IoT.
* For more information, refer to the following documentation:
* https://docs.aws.amazon.com/iot/latest/developerguide/custom-auth.html#custom-auth-mqtt
*
* #define democonfigUSE_AWS_IOT_CORE_BROKER ( 1 )
*/
#define democonfigUSE_AWS_IOT_CORE_BROKER ( 1 )
/**
* @brief The username value for authenticating client to the MQTT broker when
* username/password based client authentication is used.
*
* For AWS IoT MQTT broker, refer to the AWS IoT documentation below for
* details regarding client authentication with a username and password.
* https://docs.aws.amazon.com/iot/latest/developerguide/custom-authentication.html
* An authorizer setup needs to be done, as mentioned in the above link, to use
* username/password based client authentication.
*
* #define democonfigCLIENT_USERNAME "...insert here..."
*/
/**
* @brief The password value for authenticating client to the MQTT broker when
* username/password based client authentication is used.
*
* For AWS IoT MQTT broker, refer to the AWS IoT documentation below for
* details regarding client authentication with a username and password.
* https://docs.aws.amazon.com/iot/latest/developerguide/custom-authentication.html
* An authorizer setup needs to be done, as mentioned in the above link, to use
* username/password based client authentication.
*
* #define democonfigCLIENT_PASSWORD "...insert here..."
*/
/**
* @brief The name of the operating system that the application is running on.
* The current value is given as an example. Please update for your specific
* operating system.
*/
#define democonfigOS_NAME "FreeRTOS"
/**
* @brief The version of the operating system that the application is running
* on. The current value is given as an example. Please update for your specific
* operating system version.
*/
#define democonfigOS_VERSION tskKERNEL_VERSION_NUMBER
/**
* @brief The name of the hardware platform the application is running on. The
* current value is given as an example. Please update for your specific
* hardware platform.
*/
#define democonfigHARDWARE_PLATFORM_NAME "WinSim"
/**
* @brief The name of the MQTT library used and its version, following an "@"
* symbol.
*/
#define democonfigMQTT_LIB "[email protected]"
/**
* @brief Set the stack size of the main demo task.
*
* In the Windows port, this stack only holds a structure. The actual
* stack is created by an operating system thread.
*/
#define democonfigDEMO_STACKSIZE configMINIMAL_STACK_SIZE
/**
* @brief Size of the network buffer for MQTT packets.
*/
#define democonfigNETWORK_BUFFER_SIZE ( 1024U )
#endif /* DEMO_CONFIG_H */
`;
Loading

0 comments on commit 58adeb2

Please sign in to comment.