diff --git a/src/HAP.cpp b/src/HAP.cpp index 468c855..afce14d 100644 --- a/src/HAP.cpp +++ b/src/HAP.cpp @@ -11,41 +11,30 @@ void HAPClient::init(){ size_t len; // not used but required to read blobs from NVS - Serial.print("\n"); - - nvs_handle srpHandle; + nvs_open("HAP",NVS_READWRITE,&hapNVS); // open HAP data namespace in NVS + nvs_open("SRP",NVS_READWRITE,&srpNVS); // open SRP data namespace in NVS + nvs_open("WIFI",NVS_READWRITE,&wifiNVS); // open WIFI data namespace in NVS struct { // temporary structure to hold SRP verification code and salt stored in NVS uint8_t salt[16]; uint8_t verifyCode[384]; } verifyData; - nvs_open("SRP",NVS_READWRITE,&srpHandle); // open SRP data namespace in NVS - - if(!nvs_get_blob(srpHandle,"VERIFYDATA",NULL,&len)){ // if found verification code data in NVS - nvs_get_blob(srpHandle,"VERIFYDATA",&verifyData,&len); // retrieve data + if(!nvs_get_blob(srpNVS,"VERIFYDATA",NULL,&len)){ // if found verification code data in NVS + nvs_get_blob(srpNVS,"VERIFYDATA",&verifyData,&len); // retrieve data srp.loadVerifyCode(verifyData.verifyCode,verifyData.salt); // load verification code and salt into SRP structure -// Serial.print("Found SRP Verification Data\n\n"); -// hexPrintRow(verifyData.salt,16); Serial.print("\n"); -// hexPrintRow(verifyData.verifyCode,384); Serial.print("\n"); } else { + char c[128]; sprintf(c,"Generating SRP verification data for default Setup Code: %.3s-%.2s-%.3s\n\n",homeSpan.defaultSetupCode,homeSpan.defaultSetupCode+3,homeSpan.defaultSetupCode+5); Serial.print(c); srp.createVerifyCode(homeSpan.defaultSetupCode,verifyData.verifyCode,verifyData.salt); // create verification code from default Setup Code and random salt - nvs_set_blob(srpHandle,"VERIFYDATA",&verifyData,sizeof(verifyData)); // update data - nvs_commit(srpHandle); // commit to NVS - -// hexPrintRow(verifyData.salt,16); Serial.print("\n"); -// hexPrintRow(verifyData.verifyCode,384); Serial.print("\n"); + nvs_set_blob(srpNVS,"VERIFYDATA",&verifyData,sizeof(verifyData)); // update data + nvs_commit(srpNVS); // commit to NVS } - - nvs_close(srpHandle); - - nvs_open("HAP",NVS_READWRITE,&nvsHandle); // open HAP data namespace in NVS - if(!nvs_get_blob(nvsHandle,"ACCESSORY",NULL,&len)){ // if found long-term Accessory data in NVS - nvs_get_blob(nvsHandle,"ACCESSORY",&accessory,&len); // retrieve data + if(!nvs_get_blob(hapNVS,"ACCESSORY",NULL,&len)){ // if found long-term Accessory data in NVS + nvs_get_blob(hapNVS,"ACCESSORY",&accessory,&len); // retrieve data } else { Serial.print("Generating new random Accessory ID and Long-Term Ed25519 Signature Keys...\n"); uint8_t buf[6]; @@ -58,19 +47,19 @@ void HAPClient::init(){ memcpy(accessory.ID,cBuf,17); // copy into Accessory ID for permanent storage crypto_sign_keypair(accessory.LTPK,accessory.LTSK); // generate new random set of keys using libsodium public-key signature - nvs_set_blob(nvsHandle,"ACCESSORY",&accessory,sizeof(accessory)); // update data - nvs_commit(nvsHandle); // commit to NVS + nvs_set_blob(hapNVS,"ACCESSORY",&accessory,sizeof(accessory)); // update data + nvs_commit(hapNVS); // commit to NVS } - if(!nvs_get_blob(nvsHandle,"CONTROLLERS",NULL,&len)){ // if found long-term Controller Pairings data from NVS - nvs_get_blob(nvsHandle,"CONTROLLERS",controllers,&len); // retrieve data + if(!nvs_get_blob(hapNVS,"CONTROLLERS",NULL,&len)){ // if found long-term Controller Pairings data from NVS + nvs_get_blob(hapNVS,"CONTROLLERS",controllers,&len); // retrieve data } else { Serial.print("Initializing storage for Paired Controllers data...\n\n"); HAPClient::removeControllers(); // clear all Controller data - nvs_set_blob(nvsHandle,"CONTROLLERS",controllers,sizeof(controllers)); // update data - nvs_commit(nvsHandle); // commit to NVS + nvs_set_blob(hapNVS,"CONTROLLERS",controllers,sizeof(controllers)); // update data + nvs_commit(hapNVS); // commit to NVS } Serial.print("Accessory ID: "); @@ -92,12 +81,12 @@ void HAPClient::init(){ tlv8.create(kTLVType_Identifier,64,"IDENTIFIER"); tlv8.create(kTLVType_Permissions,1,"PERMISSION"); - if(!nvs_get_blob(nvsHandle,"HAPHASH",NULL,&len)){ // if found HAP HASH structure - nvs_get_blob(nvsHandle,"HAPHASH",&homeSpan.hapConfig,&len); // retrieve data + if(!nvs_get_blob(hapNVS,"HAPHASH",NULL,&len)){ // if found HAP HASH structure + nvs_get_blob(hapNVS,"HAPHASH",&homeSpan.hapConfig,&len); // retrieve data } else { Serial.print("Resetting Accessory Configuration number...\n"); - nvs_set_blob(nvsHandle,"HAPHASH",&homeSpan.hapConfig,sizeof(homeSpan.hapConfig)); // update data - nvs_commit(nvsHandle); // commit to NVS + nvs_set_blob(hapNVS,"HAPHASH",&homeSpan.hapConfig,sizeof(homeSpan.hapConfig)); // update data + nvs_commit(hapNVS); // commit to NVS } Serial.print("\n"); @@ -116,8 +105,8 @@ void HAPClient::init(){ Serial.print("Accessory configuration has changed. Updating configuration number to "); Serial.print(homeSpan.hapConfig.configNumber); Serial.print("\n\n"); - nvs_set_blob(nvsHandle,"HAPHASH",&homeSpan.hapConfig,sizeof(homeSpan.hapConfig)); // update data - nvs_commit(nvsHandle); // commit to NVS + nvs_set_blob(hapNVS,"HAPHASH",&homeSpan.hapConfig,sizeof(homeSpan.hapConfig)); // update data + nvs_commit(hapNVS); // commit to NVS } else { Serial.print("Accessory configuration number: "); Serial.print(homeSpan.hapConfig.configNumber); @@ -557,8 +546,8 @@ int HAPClient::postPairSetupURL(){ addController(iosDevicePairingID,iosDeviceLTPK,true); // save Pairing ID and LTPK for this Controller with admin privileges - nvs_set_blob(nvsHandle,"CONTROLLERS",controllers,sizeof(controllers)); // update data - nvs_commit(nvsHandle); // commit to NVS + nvs_set_blob(hapNVS,"CONTROLLERS",controllers,sizeof(controllers)); // update data + nvs_commit(hapNVS); // commit to NVS // Now perform the above steps in reverse to securely transmit the AccessoryLTPK to the Controller (HAP Section 5.6.6.2) @@ -966,8 +955,8 @@ int HAPClient::postPairingsURL(){ break; } - nvs_set_blob(nvsHandle,"CONTROLLERS",controllers,sizeof(controllers)); // update Controller data - nvs_commit(nvsHandle); // commit to NVS + nvs_set_blob(hapNVS,"CONTROLLERS",controllers,sizeof(controllers)); // update Controller data + nvs_commit(hapNVS); // commit to NVS tlvRespond(); @@ -1587,7 +1576,9 @@ void Nonce::inc(){ // instantiate all static HAP Client structures and data TLV HAPClient::tlv8; -nvs_handle HAPClient::nvsHandle; +nvs_handle HAPClient::hapNVS; +nvs_handle HAPClient::wifiNVS; +nvs_handle HAPClient::srpNVS; uint8_t HAPClient::httpBuf[MAX_HTTP+1]; HKDF HAPClient::hkdf; pairState HAPClient::pairStatus; diff --git a/src/HAP.h b/src/HAP.h index ed4e755..64287d5 100644 --- a/src/HAP.h +++ b/src/HAP.h @@ -50,7 +50,9 @@ struct HAPClient { static const int MAX_CONTROLLERS=16; // maximum number of paired controllers (HAP requires at least 16) static TLV tlv8; // TLV8 structure (HAP Section 14.1) with space for 10 TLV records of type kTLVType (HAP Table 5-6) - static nvs_handle nvsHandle; // handle for non-volatile-storage of HAP data + static nvs_handle hapNVS; // handle for non-volatile-storage of HAP data + static nvs_handle wifiNVS; // handle for non-volatile-storage of WiFi data + static nvs_handle srpNVS; // handle for non-volatile-storage of SRP data static uint8_t httpBuf[MAX_HTTP+1]; // buffer to store HTTP messages (+1 to leave room for storing an extra 'overflow' character) static HKDF hkdf; // generates (and stores) HKDF-SHA-512 32-byte keys derived from an inputKey of arbitrary length, a salt string, and an info string static pairState pairStatus; // tracks pair-setup status diff --git a/src/HomeSpan.cpp b/src/HomeSpan.cpp index 29e2c07..b34dcef 100644 --- a/src/HomeSpan.cpp +++ b/src/HomeSpan.cpp @@ -216,13 +216,10 @@ void Span::initWifi(){ char hostName[nChars+1]; sprintf(hostName,"%s-%.2s%.2s%.2s%.2s%.2s%.2s",hostNameBase,id,id+3,id+6,id+9,id+12,id+15); - nvs_handle wifiHandle; size_t len; // not used but required to read blobs from NVS - - nvs_open("WIFI",NVS_READWRITE,&wifiHandle); // open WIFI data namespace in NVS - if(!nvs_get_blob(wifiHandle,"WIFIDATA",NULL,&len)){ // if found WiFi data in NVS - nvs_get_blob(wifiHandle,"WIFIDATA",&network.wifiData,&len); // retrieve data + if(!nvs_get_blob(HAPClient::wifiNVS,"WIFIDATA",NULL,&len)){ // if found WiFi data in NVS + nvs_get_blob(HAPClient::wifiNVS,"WIFIDATA",&network.wifiData,&len); // retrieve data } else { // configure network and setup code @@ -276,8 +273,8 @@ void Span::initWifi(){ Serial.print(network.wifiData.ssid); Serial.print("...\n"); - nvs_set_blob(wifiHandle,"WIFIDATA",&network.wifiData,sizeof(network.wifiData)); // update data - nvs_commit(wifiHandle); // commit to NVS + nvs_set_blob(HAPClient::wifiNVS,"WIFIDATA",&network.wifiData,sizeof(network.wifiData)); // update data + nvs_commit(HAPClient::wifiNVS); // commit to NVS if(strlen(network.setupCode)){ Serial.print("Saving new Setup Code: "); @@ -312,10 +309,8 @@ void Span::initWifi(){ if(Serial.available()){ readSerial(buf,1); if(buf[0]=='W'){ - nvs_handle wifiHandle; - nvs_open("WIFI",NVS_READWRITE,&wifiHandle); // open WIFI data namespace in NVS - nvs_erase_all(wifiHandle); - nvs_commit(wifiHandle); + nvs_erase_all(HAPClient::wifiNVS); + nvs_commit(HAPClient::wifiNVS); Serial.print("\n** WIFI Network Data DELETED **\n** Restarting...\n\n"); delay(2000); ESP.restart(); @@ -434,10 +429,8 @@ void Span::processSerialCommand(char *c){ break; case 'W': { - nvs_handle wifiHandle; - nvs_open("WIFI",NVS_READWRITE,&wifiHandle); // open WIFI data namespace in NVS - nvs_erase_all(wifiHandle); - nvs_commit(wifiHandle); + nvs_erase_all(HAPClient::wifiNVS); + nvs_commit(HAPClient::wifiNVS); Serial.print("\n** WIFI Network Data DELETED **\n** Restarting...\n\n"); delay(2000); ESP.restart(); @@ -445,8 +438,8 @@ void Span::processSerialCommand(char *c){ break; case 'H': { - nvs_erase_all(HAPClient::nvsHandle); - nvs_commit(HAPClient::nvsHandle); + nvs_erase_all(HAPClient::hapNVS); + nvs_commit(HAPClient::hapNVS); Serial.print("\n** HomeKit Pairing Data DELETED **\n** Restarting...\n\n"); delay(1000); ESP.restart();