coap: refactor examples, stylistic cleanups, move certs to independent dir

examples/protocols/coap_client/README.md

@@ -37,17 +37,12 @@ Example Connection Configuration  --->
  * Set WiFi Password under Example Configuration
 Example CoAP Client Configuration  --->
  * Set CoAP Target Uri
- * Set encryption method definitions (None, PSK or PKI)
+ * If PSK, Set CoAP Preshared Key to use in connection to the server
-  * If PSK Set CoAP Preshared Key to use in connection to the server
+ * If PSK, Set CoAP PSK Client identity (username)
-  * If PSK Set CoAP PSK Client identity (username)
- Enable CoAP debugging if required
 Component config  --->
- mbedTLS  --->
+  CoAP Configuration  --->
-  [*]   Enable mbedtls certificate expiry check
+    * Set encryption method definition, PSK (default) or PKI
-       TLS Key Exchange Methods  --->
+    * Enable CoAP debugging if required
-        [*] Enable pre-shared-key ciphersuites
-        [*]   Enable PSK based ciphersuite modes
-  [*] Support DTLS protocol (all versions)
 
 ### Build and Flash
 
@@ -103,6 +98,4 @@ optional `path`, and begins with `coap://`, `coaps://` or `coap+tcp://`
 for a coap server that supports TCP
 (not all do including coap+tcp://californium.eclipse.org).
 
-* CoAP logging can be enabled by running 'make menuconfig' and enable debugging
+* CoAP logging can be enabled by running 'idf.py menuconfig -> Component config -> CoAP Configuration' and setting appropriate log level
-
-* Encryption (MbedTLS) can be enabled by running 'make menuconfig' and enable debugging

examples/protocols/coap_client/main/CMakeLists.txt

@@ -1,4 +1,4 @@
 # Embed CA, certificate & key directly into binary
 idf_component_register(SRCS "coap_client_example_main.c"
                     INCLUDE_DIRS "."
-                    EMBED_TXTFILES coap_ca.pem coap_client.crt coap_client.key)
+                    EMBED_TXTFILES certs/coap_ca.pem certs/coap_client.crt certs/coap_client.key)

examples/protocols/coap_client/main/coap_client_example_main.c

@@ -17,6 +17,7 @@
 #include <string.h>
 #include <sys/socket.h>
 #include <netdb.h>
+#include <sys/param.h>
 
 #include "freertos/FreeRTOS.h"
 #include "freertos/task.h"
@@ -49,8 +50,8 @@
    instead of coap:// and the PSK must be one that the server supports
    (potentially associated with the IDENTITY)
 */
-#define EXAMPLE_COAP_PSK_KEY CONFIG_COAP_PSK_KEY
+#define EXAMPLE_COAP_PSK_KEY CONFIG_EXAMPLE_COAP_PSK_KEY
-#define EXAMPLE_COAP_PSK_IDENTITY CONFIG_COAP_PSK_IDENTITY
+#define EXAMPLE_COAP_PSK_IDENTITY CONFIG_EXAMPLE_COAP_PSK_IDENTITY
 
 /* The examples use uri Logging Level that
    you can set via 'make menuconfig'.
@@ -65,9 +66,9 @@
    you can set via the project configuration (idf.py menuconfig)
 
    If you'd rather not, just change the below entries to strings with
-   the config you want - ie #define COAP_DEFAULT_DEMO_URI "coap://californium.eclipse.org"
+   the config you want - ie #define COAP_DEFAULT_DEMO_URI "coaps://californium.eclipse.org"
 */
-#define COAP_DEFAULT_DEMO_URI CONFIG_TARGET_DOMAIN_URI
+#define COAP_DEFAULT_DEMO_URI CONFIG_EXAMPLE_TARGET_DOMAIN_URI
 
 const static char *TAG = "CoAP_client";
 
@@ -75,6 +76,25 @@ static int resp_wait = 1;
 static coap_optlist_t *optlist = NULL;
 static int wait_ms;
 
+#ifdef CONFIG_COAP_MBEDTLS_PKI
+/* CA cert, taken from coap_ca.pem
+   Client cert, taken from coap_client.crt
+   Client key, taken from coap_client.key
+
+   The PEM, CRT and KEY file are examples taken from the wpa2 enterprise
+   example.
+
+   To embed it in the app binary, the PEM, CRT and KEY file is named
+   in the component.mk COMPONENT_EMBED_TXTFILES variable.
+ */
+extern uint8_t ca_pem_start[] asm("_binary_coap_ca_pem_start");
+extern uint8_t ca_pem_end[]   asm("_binary_coap_ca_pem_end");
+extern uint8_t client_crt_start[] asm("_binary_coap_client_crt_start");
+extern uint8_t client_crt_end[]   asm("_binary_coap_client_crt_end");
+extern uint8_t client_key_start[] asm("_binary_coap_client_key_start");
+extern uint8_t client_key_end[]   asm("_binary_coap_client_key_end");
+#endif /* CONFIG_COAP_MBEDTLS_PKI */
+
 static void message_handler(coap_context_t *ctx, coap_session_t *session,
                             coap_pdu_t *sent, coap_pdu_t *received,
                             const coap_tid_t id)
@@ -155,37 +175,27 @@ clean_up:
     resp_wait = 0;
 }
 
-#ifdef CONFIG_MBEDTLS_COAP_PKI
+#ifdef CONFIG_COAP_MBEDTLS_PKI
-
-#ifdef __GNUC__
-#define UNUSED_PARAM __attribute__ ((unused))
-#else /* not a GCC */
-#define UNUSED_PARAM
-#endif /* GCC */
-
-#ifndef min
-#define min(a,b) ((a) < (b) ? (a) : (b))
-#endif
 
 static int
 verify_cn_callback(const char *cn,
-                   const uint8_t *asn1_public_cert UNUSED_PARAM,
+                   const uint8_t *asn1_public_cert,
-                   size_t asn1_length UNUSED_PARAM,
+                   size_t asn1_length,
-                   coap_session_t *session UNUSED_PARAM,
+                   coap_session_t *session,
                    unsigned depth,
-                   int validated UNUSED_PARAM,
+                   int validated,
-                   void *arg UNUSED_PARAM
+                   void *arg
-) {
+                  )
+{
     coap_log(LOG_INFO, "CN '%s' presented by server (%s)\n",
              cn, depth ? "CA" : "Certificate");
     return 1;
 }
-#endif /* CONFIG_MBEDTLS_COAP_PKI */
+#endif /* CONFIG_COAP_MBEDTLS_PKI */
 
 static void coap_example_client(void *p)
 {
     struct hostent *hp;
-
     coap_address_t    dst_addr;
     static coap_uri_t uri;
     const char       *server_uri = COAP_DEFAULT_DEMO_URI;
@@ -216,10 +226,9 @@ static void coap_example_client(void *p)
         }
 
         phostname = (char *)calloc(1, uri.host.length + 1);
-
         if (phostname == NULL) {
             ESP_LOGE(TAG, "calloc failed");
-            continue;
+            break;
         }
 
         memcpy(phostname, uri.host.s, uri.host.length);
@@ -230,9 +239,8 @@ static void coap_example_client(void *p)
             ESP_LOGE(TAG, "DNS lookup failed");
             vTaskDelay(1000 / portTICK_PERIOD_MS);
             free(phostname);
-            goto clean_up;
+            continue;
         }
-        {
         char tmpbuf[INET6_ADDRSTRLEN];
         coap_address_init(&dst_addr);
         switch (hp->h_addrtype) {
@@ -254,7 +262,6 @@ static void coap_example_client(void *p)
                 ESP_LOGE(TAG, "DNS lookup response failed");
                 goto clean_up;
         }
-        }
 
         if (uri.path.length) {
             buflen = BUFSIZE;
@@ -301,31 +308,15 @@ static void coap_example_client(void *p)
          * but the code is left in for completeness.
          */
         if (uri.scheme == COAP_URI_SCHEME_COAPS || uri.scheme == COAP_URI_SCHEME_COAPS_TCP) {
-#ifdef CONFIG_MBEDTLS_COAP_PSK
+#ifdef CONFIG_COAP_MBEDTLS_PSK
             session = coap_new_client_session_psk(ctx, NULL, &dst_addr,
                                                   uri.scheme == COAP_URI_SCHEME_COAPS ? COAP_PROTO_DTLS : COAP_PROTO_TLS,
                                                   EXAMPLE_COAP_PSK_IDENTITY,
                                                   (const uint8_t *)EXAMPLE_COAP_PSK_KEY,
                                                   sizeof(EXAMPLE_COAP_PSK_KEY) - 1);
-#endif /* CONFIG_MBEDTLS_COAP_PSK */
+#endif /* CONFIG_COAP_MBEDTLS_PSK */
 
-#ifdef CONFIG_MBEDTLS_COAP_PKI
+#ifdef CONFIG_COAP_MBEDTLS_PKI
-/* CA cert, taken from coap_ca.pem
-   Client cert, taken from coap_client.crt
-   Client key, taken from coap_client.key
-
-   The PEM, CRT and KEY file are examples taken from the wpa2 enterprise
-   example.
-
-   To embed it in the app binary, the PEM, CRT and KEY file is named
-   in the component.mk COMPONENT_EMBED_TXTFILES variable.
-*/
-extern uint8_t ca_pem_start[] asm("_binary_coap_ca_pem_start");
-extern uint8_t ca_pem_end[]   asm("_binary_coap_ca_pem_end");
-extern uint8_t client_crt_start[] asm("_binary_coap_client_crt_start");
-extern uint8_t client_crt_end[]   asm("_binary_coap_client_crt_end");
-extern uint8_t client_key_start[] asm("_binary_coap_client_key_start");
-extern uint8_t client_key_end[]   asm("_binary_coap_client_key_end");
             unsigned int ca_pem_bytes = ca_pem_end - ca_pem_start;
             unsigned int client_crt_bytes = client_crt_end - client_crt_start;
             unsigned int client_key_bytes = client_key_end - client_key_start;
@@ -360,10 +351,11 @@ extern uint8_t client_key_end[]   asm("_binary_coap_client_key_end");
                 dtls_pki.validate_sni_call_back  = NULL;
                 dtls_pki.sni_call_back_arg       = NULL;
                 memset(client_sni, 0, sizeof(client_sni));
-                if (uri.host.length)
+                if (uri.host.length) {
-                    memcpy(client_sni, uri.host.s, min(uri.host.length, sizeof(client_sni)));
+                    memcpy(client_sni, uri.host.s, MIN(uri.host.length, sizeof(client_sni)));
-                else
+                } else {
                     memcpy(client_sni, "localhost", 9);
+                }
                 dtls_pki.client_sni = client_sni;
             }
             dtls_pki.pki_key.key_type = COAP_PKI_KEY_PEM_BUF;
@@ -377,12 +369,7 @@ extern uint8_t client_key_end[]   asm("_binary_coap_client_key_end");
             session = coap_new_client_session_pki(ctx, NULL, &dst_addr,
                                                   uri.scheme == COAP_URI_SCHEME_COAPS ? COAP_PROTO_DTLS : COAP_PROTO_TLS,
                                                   &dtls_pki);
-#endif /* CONFIG_MBEDTLS_COAP_PKI */
+#endif /* CONFIG_COAP_MBEDTLS_PKI */
-
-#ifdef CONFIG_MBEDTLS_COAP_NONE
-            session = coap_new_client_session(ctx, NULL, &dst_addr,
-               uri.scheme==COAP_URI_SCHEME_COAPS ? COAP_PROTO_DTLS : COAP_PROTO_TLS);
-#endif /* CONFIG_MBEDTLS_COAP_NONE */
         } else {
             session = coap_new_client_session(ctx, NULL, &dst_addr,
                                               uri.scheme == COAP_URI_SCHEME_COAP_TCP ? COAP_PROTO_TCP :
@@ -426,8 +413,12 @@ clean_up:
             coap_delete_optlist(optlist);
             optlist = NULL;
         }
-        if (session) coap_session_release(session);
+        if (session) {
-        if (ctx) coap_free_context(ctx);
+            coap_session_release(session);
+        }
+        if (ctx) {
+            coap_free_context(ctx);
+        }
         coap_cleanup();
         /*
          * change the following line to something like sleep(2)
@@ -445,14 +436,6 @@ void app_main(void)
     tcpip_adapter_init();
     ESP_ERROR_CHECK(esp_event_loop_create_default());
 
-#if 0
-/* See https://github.com/Ebiroll/qemu_esp32 for further information */
-#include "emul_ip.h"
-    if (is_running_qemu()) {
-        xTaskCreate(task_lwip_init, "task_lwip_init", 2*4096, NULL, 20, NULL); 
-    }
-    else
-#endif
     /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
      * Read "Establishing Wi-Fi or Ethernet Connection" section in
      * examples/protocols/README.md for more information about this function.

examples/protocols/coap_client/main/component.mk

@@ -5,6 +5,4 @@
 
 # embed files from the "certs" directory as binary data symbols
 # in the app
-COMPONENT_EMBED_TXTFILES := coap_ca.pem
+COMPONENT_EMBED_TXTFILES := certs/coap_ca.pem certs/coap_client.crt certs/coap_client.key
-COMPONENT_EMBED_TXTFILES += coap_client.crt
-COMPONENT_EMBED_TXTFILES += coap_client.key

examples/protocols/coap_server/README.md

@@ -35,18 +35,11 @@ Example Connection Configuration  --->
  * Set WiFi SSID under Example Configuration
  * Set WiFi Password under Example Configuration
 Example CoAP Client Configuration  --->
- * Set CoAP Target Uri
+ * If PSK, Set CoAP Preshared Key to use in connection to the server
- * Set encryption method definitions (None, PSK or PKI)
-  * If PSK Set CoAP Preshared Key to use in connection to the server
-  * If PSK Set CoAP PSK Client identity (username)
- Enable CoAP debugging if required
 Component config  --->
- mbedTLS  --->
+  CoAP Configuration  --->
-  [*]   Enable mbedtls certificate expiry check
+    * Set encryption method definition, PSK (default) or PKI
-       TLS Key Exchange Methods  --->
+    * Enable CoAP debugging if required
-        [*] Enable pre-shared-key ciphersuites
-        [*]   Enable PSK based ciphersuite modes
-  [*] Support DTLS protocol (all versions)
 
 ### Build and Flash
 
@@ -90,7 +83,4 @@ This can be found at https://libcoap.net/doc/reference/4.2.0/
 * Please make sure CoAP client fetchs or puts data under path: `/Espressif` or
 fetches `/.well-known/core`
 
-* CoAP logging can be enabled by running 'make menuconfig' and enable debugging
+* CoAP logging can be enabled by running 'idf.py menuconfig -> Component config -> CoAP Configuration' and setting appropriate log level
-
-* Encryption (MbedTLS) can be enabled by running 'make menuconfig' and enable debugging
-

examples/protocols/coap_server/main/CMakeLists.txt

@@ -1,3 +1,3 @@
 idf_component_register(SRCS "coap_server_example_main.c"
                     INCLUDE_DIRS "."
-                    EMBED_TXTFILES coap_ca.pem coap_server.crt coap_server.key)
+                    EMBED_TXTFILES certs/coap_ca.pem certs/coap_server.crt certs/coap_server.key)

examples/protocols/coap_server/main/coap_server_example_main.c

@@ -46,7 +46,7 @@
    instead of coap:// and the PSK must be one that the server supports
    (potentially associated with the IDENTITY)
 */
-#define EXAMPLE_COAP_PSK_KEY CONFIG_COAP_PSK_KEY
+#define EXAMPLE_COAP_PSK_KEY CONFIG_EXAMPLE_COAP_PSK_KEY
 
 /* The examples use CoAP Logging Level that
    you can set via 'make menuconfig'.
@@ -57,9 +57,30 @@
 */
 #define EXAMPLE_COAP_LOG_DEFAULT_LEVEL CONFIG_COAP_LOG_DEFAULT_LEVEL
 
+const static char *TAG = "CoAP_server";
+
 static char espressif_data[100];
 static int espressif_data_len = 0;
 
+#ifdef CONFIG_COAP_MBEDTLS_PKI
+/* CA cert, taken from coap_ca.pem
+   Server cert, taken from coap_server.crt
+   Server key, taken from coap_server.key
+
+   The PEM, CRT and KEY file are examples taken from the wpa2 enterprise
+   example.
+
+   To embed it in the app binary, the PEM, CRT and KEY file is named
+   in the component.mk COMPONENT_EMBED_TXTFILES variable.
+ */
+extern uint8_t ca_pem_start[] asm("_binary_coap_ca_pem_start");
+extern uint8_t ca_pem_end[]   asm("_binary_coap_ca_pem_end");
+extern uint8_t server_crt_start[] asm("_binary_coap_server_crt_start");
+extern uint8_t server_crt_end[]   asm("_binary_coap_server_crt_end");
+extern uint8_t server_key_start[] asm("_binary_coap_server_key_start");
+extern uint8_t server_key_end[]   asm("_binary_coap_server_key_end");
+#endif /* CONFIG_COAP_MBEDTLS_PKI */
+
 #define INITIAL_DATA "Hello World!"
 
 /*
@@ -93,8 +114,7 @@ hnd_espressif_put(coap_context_t *ctx,
 
     if (strcmp (espressif_data, INITIAL_DATA) == 0) {
         response->code = COAP_RESPONSE_CODE(201);
-    }
+    } else {
-    else {
         response->code = COAP_RESPONSE_CODE(204);
     }
 
@@ -125,32 +145,23 @@ hnd_espressif_delete(coap_context_t *ctx,
     response->code = COAP_RESPONSE_CODE(202);
 }
 
-#ifdef CONFIG_MBEDTLS_COAP_PKI
+#ifdef CONFIG_COAP_MBEDTLS_PKI
-
-#ifdef __GNUC__
-#define UNUSED_PARAM __attribute__ ((unused))
-#else /* not a GCC */
-#define UNUSED_PARAM
-#endif /* GCC */
-
-#ifndef min
-#define min(a,b) ((a) < (b) ? (a) : (b))
-#endif
 
 static int
 verify_cn_callback(const char *cn,
-                   const uint8_t *asn1_public_cert UNUSED_PARAM,
+                   const uint8_t *asn1_public_cert,
-                   size_t asn1_length UNUSED_PARAM,
+                   size_t asn1_length,
-                   coap_session_t *session UNUSED_PARAM,
+                   coap_session_t *session,
                    unsigned depth,
-                   int validated UNUSED_PARAM,
+                   int validated,
-                   void *arg UNUSED_PARAM
+                   void *arg
-) {
+                  )
+{
     coap_log(LOG_INFO, "CN '%s' presented by server (%s)\n",
              cn, depth ? "CA" : "Certificate");
     return 1;
 }
-#endif /* CONFIG_MBEDTLS_COAP_PKI */
+#endif /* CONFIG_COAP_MBEDTLS_PKI */
 
 static void coap_example_server(void *p)
 {
@@ -174,32 +185,17 @@ static void coap_example_server(void *p)
 
         ctx = coap_new_context(NULL);
         if (!ctx) {
+            ESP_LOGE(TAG, "coap_new_context() failed");
             continue;
         }
-#ifdef CONFIG_MBEDTLS_COAP_PSK
+#ifdef CONFIG_COAP_MBEDTLS_PSK
         /* Need PSK setup before we set up endpoints */
         coap_context_set_psk(ctx, "CoAP",
                              (const uint8_t *)EXAMPLE_COAP_PSK_KEY,
                              sizeof(EXAMPLE_COAP_PSK_KEY) - 1);
-#endif /* CONFIG_MBEDTLS_COAP_PSK */
+#endif /* CONFIG_COAP_MBEDTLS_PSK */
 
-#ifdef CONFIG_MBEDTLS_COAP_PKI
+#ifdef CONFIG_COAP_MBEDTLS_PKI
-/* CA cert, taken from coap_ca.pem
-   Server cert, taken from coap_server.crt
-   Server key, taken from coap_server.key
-
-   The PEM, CRT and KEY file are examples taken from the wpa2 enterprise
-   example.
-
-   To embed it in the app binary, the PEM, CRT and KEY file is named
-   in the component.mk COMPONENT_EMBED_TXTFILES variable.
-*/
-extern uint8_t ca_pem_start[] asm("_binary_coap_ca_pem_start");
-extern uint8_t ca_pem_end[]   asm("_binary_coap_ca_pem_end");
-extern uint8_t server_crt_start[] asm("_binary_coap_server_crt_start");
-extern uint8_t server_crt_end[]   asm("_binary_coap_server_crt_end");
-extern uint8_t server_key_start[] asm("_binary_coap_server_key_start");
-extern uint8_t server_key_end[]   asm("_binary_coap_server_key_end");
         unsigned int ca_pem_bytes = ca_pem_end - ca_pem_start;
         unsigned int server_crt_bytes = server_crt_end - server_crt_start;
         unsigned int server_key_bytes = server_key_end - server_key_start;
@@ -242,27 +238,31 @@ extern uint8_t server_key_end[]   asm("_binary_coap_server_key_end");
         dtls_pki.pki_key.key.pem_buf.ca_cert_len = ca_pem_bytes;
 
         coap_context_set_pki(ctx, &dtls_pki);
-#endif /* CONFIG_MBEDTLS_COAP_PKI */
+#endif /* CONFIG_COAP_MBEDTLS_PKI */
 
         ep = coap_new_endpoint(ctx, &serv_addr, COAP_PROTO_UDP);
         if (!ep) {
+            ESP_LOGE(TAG, "udp: coap_new_endpoint() failed");
             goto clean_up;
         }
         ep = coap_new_endpoint(ctx, &serv_addr, COAP_PROTO_TCP);
         if (!ep) {
+            ESP_LOGE(TAG, "tcp: coap_new_endpoint() failed");
             goto clean_up;
         }
-#if defined(CONFIG_MBEDTLS_COAP_PSK) || defined(CONFIG_MBEDTLS_COAP_PKI)
+#if defined(CONFIG_COAP_MBEDTLS_PSK) || defined(CONFIG_COAP_MBEDTLS_PKI)
         if (coap_dtls_is_supported()) {
             serv_addr.addr.sin.sin_port = htons(COAPS_DEFAULT_PORT);
             ep = coap_new_endpoint(ctx, &serv_addr, COAP_PROTO_DTLS);
             if (!ep) {
+                ESP_LOGE(TAG, "dtls: coap_new_endpoint() failed");
                 goto clean_up;
             }
         }
-#endif /* CONFIG_MBEDTLS_COAP_PSK CONFIG_MBEDTLS_COAP_PKI */
+#endif /* CONFIG_COAP_MBEDTLS_PSK CONFIG_COAP_MBEDTLS_PKI */
         resource = coap_resource_init(coap_make_str_const("Espressif"), 0);
         if (!resource) {
+            ESP_LOGE(TAG, "coap_resource_init() failed");
             goto clean_up;
         }
         coap_register_handler(resource, COAP_REQUEST_GET, hnd_espressif_get);
@@ -301,14 +301,6 @@ void app_main(void)
     tcpip_adapter_init();
     ESP_ERROR_CHECK(esp_event_loop_create_default());
 
-#if 0
-/* See https://github.com/Ebiroll/qemu_esp32 for further information */
-#include "emul_ip.h"
-    if (is_running_qemu()) {
-        xTaskCreate(task_lwip_init, "task_lwip_init", 2*4096, NULL, 20, NULL); 
-    }
-    else
-#endif
     /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
      * Read "Establishing Wi-Fi or Ethernet Connection" section in
      * examples/protocols/README.md for more information about this function.

examples/protocols/coap_server/main/component.mk

@@ -5,6 +5,4 @@
 
 # embed files from the "certs" directory as binary data symbols
 # in the app
-COMPONENT_EMBED_TXTFILES := coap_ca.pem
+COMPONENT_EMBED_TXTFILES := certs/coap_ca.pem certs/coap_server.crt certs/coap_server.key
-COMPONENT_EMBED_TXTFILES += coap_server.crt
-COMPONENT_EMBED_TXTFILES += coap_server.key