-
• #2
Postw6.js 2 Sep 2016
This code encapsulates into objects and eliminates global variable, except for the configuration variables. It uses emit() and object.on() functions to signal that the WiFi is connected. The console is redirected so that a menu system appears on the USB port.
The Hardware variable selects PICO or Espruino board hardware connected to an ESP8266.
Select Espruino Bd or Pico hardware
var Hardware=0; //Espruino board
var Hardware =1; //PICO
The IP variable contains the IP address of the server
//setup IP address of server
IP="192.168.1.5";
The SSID and key variables identify the WiFi router acces information
//setup WiFi access parameters
var SSID="router name";
var key= "router key";
Start the HTMLserverA1.js
The output:>echo(0); =undefined -> LoopbackB Select using digit and return key 1 Connect 0 Exit <- USB >1 do connect Start connection process Waiting for ESP8266 response Reset the ESP8266 Connecting to WiFi Wi-Fi Connected Select using digit and return key 1 Good Message 2 Bad Message 0 Exit IP= 192.168.1.4 null 1 Send Good Message 80 192.168.1.5 send Closed: 01234567890123456789012345678901234567890123456789012345678901234567890123456789 ss 01234567890123456789012345678901234567890123456789012345678901234567890123456789 Select using digit and return key 1 Good Message 2 Bad Message 0 Exit 2 Bad Message 70 192.168.1.5 send Closed: 1234 ss 1234 Select using digit and return key 1 Good Message 2 Bad Message 0 Exit 0 Exit <- LoopbackB =undefined =undefined >USB.setConsole(); -> USB
1 Attachment
-
• #3
are you working on sending crypted content over http ?
-
• #4
Hi @MaBe">@MaBe .
I'm not working on HTTPS.
I am currently polishing a working version of the Cryptographic Protocol (CP) that uses HTTP Post and reply as a communications link.The CP is designed for use with the low cryptographic entropy of control messages. How to protect the 1 bit that turns a thing on or off.
Protection against: Replay, alteration, spoofing and provide authentication within the bounds of symmetric cryptography. Hiding the content is a secondary objective, which can be enabled if needed.
The CP uses AES, AES-CMAC cryptographic primitives. An additional permutation is used to change the position of bytes with in the 80 byte encrypted message.Attached below is a rewrite of the server code previously posted. It encapsulates the server into an object.
1 Attachment
-
• #5
Cool - like the named protections types of CP.
-
• #6
Just got it working without it crashing on too many sockets. Just posted it as well.
At some point I would like to try TLS to further enhance the protection with asymmetric authentication. One step at a time:) -
• #7
Is CP light or heavy - like to know if there is still room for additional code when using CP
Do you have some numbers like free vars ?
-
• #8
On the client side
"free": 1827, "usage": 3273, "total": 5100, "history": 3,
"stackEndAddress": 536959420, "flash_start": 134217728, "flash_binary_end": 376280, "flash_code_start": 134234112, "flash_length": 393216 }On the server side
console.log(process.memory());
{ "free": 2323, "usage": 2777, "total": 5100, "history": 2084,
"stackEndAddress": 536959420, "flash_start": 134217728, "flash_binary_end": 376280, "flash_code_start": 134234112, "flash_length": 393216 }
=undefinedThe code can shrink as there is a lot of stuff used to debug and illustrate its operation. Code that saves messages for replay can go. Don't need to display the keys and messages.
A couple of ideas:
Set it up like a crypto modem. Send commands via serial to one PICO over USB or serial port.
The PICO sends it securely to a second PICO which sends it out the USB or serial port.
There is a lexlevel associated with UserId and password so that one lex level controls the server PICO pins and another would send commands out the serial port.
On the to do list is to break out a user defined payload object. As currently written that would give you 31 bytes to define user commands. It could take several SCADA protocols without much effort. A rewrite for some of the longer ones.
All this is basic work for the Cryptographic Protocol on a PICO project.
This project needs a way to post 80 character messages and reply with the same.
http://forum.espruino.com/conversations/291068/
It is posted as a separate project as it may have use in other projects without being entangled in the cryptography.
The Server
htmlServerA1.js 1 Sep 2016
for use with a PICO or espruino board with ESP8266
When executed if IP=192.168.1.5, use the following in the browser
//http://192.168.1.5:8080/
And use IP="192.168.1.5"; in Postw4.js
Configure the following:
//Flag to test with browser controls the HTML page that is served to a browser
//var Bflag=0; //use with kryptomessage,js
var Bflag=1; //test with browesr
//Select the hardware options
//var Hardware=0; //Espruino board
var Hardware =1; //PICO
//Set up access to wifi router
var SSID="router name";
var key= "router key";
The output of htmlServerA1.js
Use a browser and point it to http://192.168.1.5:8080/
You will get one of two html pages depending on the Bflag setting.
If you set Bflag=1 the page will contain a title, and three buttons.
The bad button posts 70 characters and returns “1234”.
The good button posts 80 characters and returns all 80 characters.
Postw4.js simply does the post.
Postw4.js 1 Sep 2016
This does a POST to the server running on another device.
Use with PICO or espruino board with ESP8266.
You will need to configure the following parameters.
setup IP address of server
IP="192.168.1.5";
//Select length of message
var clength=8; //good
//var clength=7; //bad
// Select Espruino Bd or Pico hardware
//var Hardware=0; //Espruino board
var Hardware =1; //PICO
//setup WiFi access parameters
var SSID="wifi router name";
var key= "wifi key";
Output with clength=8
2 Attachments