• All this is basic work for the Cryptographic Protocol on a PICO project.
    This project needs a way to post 80 character messages and reply with the same.
    http://forum.espruino.com/conversations/291068/

    It is posted as a separate project as it may have use in other projects without being entangled in the cryptography.

    The Server
    htmlServerA1.js 1 Sep 2016
    for use with a PICO or espruino board with ESP8266
    When executed if IP=192.168.1.5, use the following in the browser
    //http://192.168.1.5:8080/
    And use IP="192.168.1.5"; in Postw4.js
    Configure the following:
    //Flag to test with browser controls the HTML page that is served to a browser
    //var Bflag=0; //use with kryptomessage,js
    var Bflag=1; //test with browesr
    //Select the hardware options
    //var Hardware=0; //Espruino board
    var Hardware =1; //PICO
    //Set up access to wifi router
    var SSID="router name";
    var key= "router key";
    The output of htmlServerA1.js

    echo(0);
    Start
    Start connection process
    Try again
    =undefined
    Reset the ESP8266
    Connecting to WiFi
    Wi-Fi Connected
    IP=  192.168.1.5
    Null
    

    Use a browser and point it to http://192.168.1.5:8080/
    You will get one of two html pages depending on the Bflag setting.
    If you set Bflag=1 the page will contain a title, and three buttons.
    The bad button posts 70 characters and returns “1234”.
    The good button posts 80 characters and returns all 80 characters.
    Postw4.js simply does the post.
    Postw4.js 1 Sep 2016
    This does a POST to the server running on another device.
    Use with PICO or espruino board with ESP8266.
    You will need to configure the following parameters.
    setup IP address of server
    IP="192.168.1.5";
    //Select length of message
    var clength=8; //good
    //var clength=7; //bad
    // Select Espruino Bd or Pico hardware
    //var Hardware=0; //Espruino board
    var Hardware =1; //PICO
    //setup WiFi access parameters
    var SSID="wifi router name";
    var key= "wifi key";

    Output with clength=8

    >echo(0);
    Start
    Start connection process
    Waiting for ESP8266 response
    =undefined
    Reset the ESP8266
    Connecting to WiFi
    Wi-Fi Connected
    80
    IP=  192.168.1.4
    null
    send
    Closed: 01234567890123456789012345678901234567890123456789012345678901234567890123456789
    

    2 Attachments

  • Postw6.js 2 Sep 2016
    This code encapsulates into objects and eliminates global variable, except for the configuration variables. It uses emit() and object.on() functions to signal that the WiFi is connected. The console is redirected so that a menu system appears on the USB port.
    The Hardware variable selects PICO or Espruino board hardware connected to an ESP8266.
    Select Espruino Bd or Pico hardware
    var Hardware=0; //Espruino board
    var Hardware =1; //PICO
    The IP variable contains the IP address of the server
    //setup IP address of server
    IP="192.168.1.5";
    The SSID and key variables identify the WiFi router acces information
    //setup WiFi access parameters
    var SSID="router name";
    var key= "router key";
    Start the HTMLserverA1.js
    The output:

    >echo(0);
    =undefined
    -> LoopbackB
     
    Select using digit and return key
    1 Connect
    0 Exit
    <- USB
    >1
    do connect
    Start connection process
    Waiting for ESP8266 response
    Reset the ESP8266
    Connecting to WiFi
    Wi-Fi Connected
     
    Select using digit and return key
    1 Good Message
    2 Bad Message
    0 Exit
    IP= 192.168.1.4
    null
    1
    Send Good Message
    80
    192.168.1.5
    send
    Closed: 01234567890123456789012345678901234567890123456789012345678901234567890123456789
    ss 01234567890123456789012345678901234567890123456789012345678901234567890123456789
     
    Select using digit and return key
    1 Good Message
    2 Bad Message
    0 Exit
    2
    Bad Message
    70
    192.168.1.5
    send
    Closed: 1234
    ss 1234
     
    Select using digit and return key
    1 Good Message
    2 Bad Message
    0 Exit
    0
    Exit
    <- LoopbackB
    =undefined
    =undefined
    >USB.setConsole();
    -> USB
    

    1 Attachment

  • Hi @ClearMemory041063,

    are you working on sending crypted content over http ?

  • Hi @MaBe">@MaBe .
    I'm not working on HTTPS.
    I am currently polishing a working version of the Cryptographic Protocol (CP) that uses HTTP Post and reply as a communications link.

    The CP is designed for use with the low cryptographic entropy of control messages. How to protect the 1 bit that turns a thing on or off.
    Protection against: Replay, alteration, spoofing and provide authentication within the bounds of symmetric cryptography. Hiding the content is a secondary objective, which can be enabled if needed.
    The CP uses AES, AES-CMAC cryptographic primitives. An additional permutation is used to change the position of bytes with in the 80 byte encrypted message.

    Attached below is a rewrite of the server code previously posted. It encapsulates the server into an object.


    1 Attachment

  • Cool - like the named protections types of CP.

  • Just got it working without it crashing on too many sockets. Just posted it as well.
    At some point I would like to try TLS to further enhance the protection with asymmetric authentication. One step at a time:)

  • Is CP light or heavy - like to know if there is still room for additional code when using CP

    Do you have some numbers like free vars ?

  • On the client side

    "free": 1827, "usage": 3273, "total": 5100, "history": 3,
    "stackEndAddress": 536959420, "flash_start": 134217728, "flash_binary_end": 376280, "flash_code_start": 134234112, "flash_length": 393216 }

    On the server side

    console.log(process.memory());
    { "free": 2323, "usage": 2777, "total": 5100, "history": 2084,
    "stackEndAddress": 536959420, "flash_start": 134217728, "flash_binary_end": 376280, "flash_code_start": 134234112, "flash_length": 393216 }
    =undefined

    The code can shrink as there is a lot of stuff used to debug and illustrate its operation. Code that saves messages for replay can go. Don't need to display the keys and messages.
    A couple of ideas:
    Set it up like a crypto modem. Send commands via serial to one PICO over USB or serial port.
    The PICO sends it securely to a second PICO which sends it out the USB or serial port.
    There is a lexlevel associated with UserId and password so that one lex level controls the server PICO pins and another would send commands out the serial port.
    On the to do list is to break out a user defined payload object. As currently written that would give you 31 bytes to define user commands. It could take several SCADA protocols without much effort. A rewrite for some of the longer ones.

  • Post a reply
    • Bold
    • Italics
    • Link
    • Image
    • List
    • Quote
    • code
    • Preview
About

HTTP server and Client for use with Cryptographic Protocol for a PICO project

Posted by Avatar for ClearMemory041063 @ClearMemory041063

Actions