From e08df72f26eece55c67759b79f6d5d729eedf1a6 Mon Sep 17 00:00:00 2001 From: Lurkars Date: Mon, 14 Dec 2020 09:17:16 +0100 Subject: [PATCH] update readme for ssl usage, added cwa-proxy.champonthis.de.pem --- .gitignore | 4 ++- README.md | 35 +++++++++++++++++++ components/ena-eke-proxy/certs/cert.pem | 3 -- .../certs/cwa-proxy.champonthis.de.pem | 3 ++ 4 files changed, 41 insertions(+), 4 deletions(-) delete mode 100644 components/ena-eke-proxy/certs/cert.pem create mode 100644 components/ena-eke-proxy/certs/cwa-proxy.champonthis.de.pem diff --git a/.gitignore b/.gitignore index c3e96ef..b9e1304 100644 --- a/.gitignore +++ b/.gitignore @@ -43,4 +43,6 @@ dependencies.lock sdkconfig sdkconfig.old -.local \ No newline at end of file +.local + +cert.pem \ No newline at end of file diff --git a/README.md b/README.md index 8f79dc6..1bdd0e4 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,41 @@ FetchContent_MakeAvailable(esp-ena) set(EXTRA_COMPONENT_DIRS ${esp-ena_SOURCE_DIR}/components) ``` +### Configure the project + +``` +idf.py menuconfig +``` + +**required** +* enable bluetooth (BLE) +> Component config -> Bluetooth -> [*] Bluetooth +* add partition-table for storage (currently hardcoded name "ena") +> Partition Table -> Partition table -> (x) Custom partition table CSV +* mbedTLS enable HKDF +> Component config -> mbedTLS -> [*] HKDF algorithm (RFC 5869) +* flash size > 3.9GB +> Serial flasher config -> Flash size -> (x) 4MB + +**recommended** +* BLE *Scan Duplicate* (By Device Address and Advertising Data) +> Component config -> Bluetooth -> Bluetooth controller -> Scan Duplicate Type -> (X) Scan Duplicate By Device Address And Advertising Data + +**debug options** +* Log output set to Debug +> Component config -> Log output -> Default log verbosity -> (X) Debug +* Exposure Notification API / Storage enable *Dump storage* +> Exposure Notification API -> Storage -> [X] Dump storage + +#### Configure SSL cert manually! + +For *ena-eke-proxy* connection over SSL a valid certificate for used server under *components/ena-eke-proxy/certs/cert.pem* is required. + +For my own proxy server, I have added a self signed cert for cwa-proxy.champonthis.de. For using, copy or rename *components/ena-eke-proxy/certs/cwa-proxy.champonthis.de.pem* to *components/ena-eke-proxy/certs/cert.pem*. + +> copy valid cert to *components/ena-eke-proxy/certs/cert.pem* + + ## Structure The project is divided in different components. The main.c just wrap up all components. The Exposure Notification API is in **ena** module diff --git a/components/ena-eke-proxy/certs/cert.pem b/components/ena-eke-proxy/certs/cert.pem deleted file mode 100644 index c650289..0000000 --- a/components/ena-eke-proxy/certs/cert.pem +++ /dev/null @@ -1,3 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0NlowSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMTGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EFq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWAa6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIGCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNvbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9kc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAwVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcCARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwuY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsFAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJouM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwuX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlGPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== ------END CERTIFICATE----- \ No newline at end of file diff --git a/components/ena-eke-proxy/certs/cwa-proxy.champonthis.de.pem b/components/ena-eke-proxy/certs/cwa-proxy.champonthis.de.pem new file mode 100644 index 0000000..b13b278 --- /dev/null +++ b/components/ena-eke-proxy/certs/cwa-proxy.champonthis.de.pem @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIEBTCCAu2gAwIBAgIUKHGL0rVkxhBZuJx19Syv3l2lOnowDQYJKoZIhvcNAQELBQAwgZExCzAJBgNVBAYTAkRFMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxITAfBgNVBAMMGGN3YS1wcm94eS5jaGFtcG9udGhpcy5kZTEnMCUGCSqGSIb3DQEJARYYY3dhLXByb3h5QGNoYW1wb250aGlzLmRlMB4XDTIwMTIxNDA3NTk1MFoXDTMwMTIyMjA3NTk1MFowgZExCzAJBgNVBAYTAkRFMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxITAfBgNVBAMMGGN3YS1wcm94eS5jaGFtcG9udGhpcy5kZTEnMCUGCSqGSIb3DQEJARYYY3dhLXByb3h5QGNoYW1wb250aGlzLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopV/NJl6cAScH4S77QwIIgD57qTVozlL12UprUbWYpM4kxnbNHVEwQFX6O37AGXmzXbmD0JlGpPtFfPiPLyUzE9Lvt/qSoZjA9aDBrLIkOTY9SGMk18ugw5lDEK06ovxbSEqmG4UQ/VsgRf+v8kI/u7PNgY5spqR3PX2yocypNzrisF3dWdUuQozjTFtv9eLFkbacihpT4arWRrVdO9QWY28xFcp/+mGkK8LtLhnyxhD11cNvL0aifiEO4PXHGhqBrROf5u+AIiY9zqQ8INzuPHfyvyeXmcZ/yeQ5n5+uHaNbfCaF/vELDt5N4uqmoXoyL/qpvq7iU1uvg8kIA2n/wIDAQABo1MwUTAdBgNVHQ4EFgQULg7DzESpFiVYtLhooK7b0yStIrUwHwYDVR0jBBgwFoAULg7DzESpFiVYtLhooK7b0yStIrUwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEALg9qUsXYwhohq1Kak8iyKMM0NRkcFuo05E9X+tHKxtMCxR/YCc4T2ZeRN8w3LIB5AL66jTpig5hr2prUSUWF/XVAlZSU/tYYGseIbW+gngyShECuEeDQRxulsHZl3NWgoFZGV9yaqmyvJXhbSUnqRlx3jUxq68DggjS+lOsEZe/BZrFdhEA5N7EqwpcFMr2tPwr4+SPn3i68WvAIMXqAvc6EUUTZWGcRlSnjdwf/YklWuCUgagd/KV5E7xgIzQuT9OAXoYS52ADBDexqKQasSPjfZoMs1OUgKKFRTSeapXtC+wGarfBbH9qm3SflLGVUZDSNtiL0aPPDIrA3mYip+w== +-----END CERTIFICATE----- \ No newline at end of file