TCPServer with CORS and HOTP on PIC18
This is my third week in AESTE, I guess my project is still progressing smoothly~ I started the week with writing a very simple TCP server socket for testing purposes and then proceed on adding more features into the code. TCP server socket programming is really straight forward just:
- OPEN socket,
- Then LISTEN for incoming messages,
- ACCEPT the connection from client,
- And lastly SEND and RECEIVE data.
Microchip Technology provided a really good TCPServer example code (from TCPIP source code), so most of my learning comes from understanding how the code works. After setting up a workable TCP server socket i proceed with adding CORS protocol to my project.CORS protocol is something additional or one can think of it as increasing the security of Web Communication. CORS protocol allow advance requests like (PUT, DELETE and OPTION) than the normal GET and POST from AJAX request. Setting up CORS protocol is actually very straight forward, because CORS protocol is very similar to AJAX request, in other words all the request send by CLIENT to SERVER(me in this case), I just need to know how to filter the request send by CLIENT and proceed to do the appropriate respond.
To get things started, I use Linux CURL command for my CLIENT and PIC18 as my SERVER.
In terminal type the following command: $curl -X OPTION HTTP://IPadress/
For multiple CLIENT request it is better to create a .sh file
curl -i -X OPTION HTTP://IPaddress/ curl -i -X DELETE HTTP://IPaddress/ (other curl commands)
In terminal type the following command: $sh my.sh (will auto run every command line by line from .sh file)
during the LISTEN phase, prompt for the string OPTION, if found then can proceed to do something.
For multiple request from CLIENT just encapsulate OPEN, LISTEN, ACCEPT, SEND&RECEIVE in a Do-While loop for the TCP Server socket.
It was pretty confusing to me at first but because I am not doing any Rocket Science stuff and most of the things can be found from the net(my Boss told/warn me before), which is really true because from the TCPIP project source code, there is a C source name HTTP2.c and HTTP2.h by studying these source code enabling CORS protocol is really straight forward.
After successfully applying CORS protocol i proceed with HOTP implementation. HOTP is an HMAC-based One Time Password algorithm. In terms of application, when a user prompt for a download there will be a verification/authentication required in the form of PINS or Random words, HOTP is similar to that but it works behind the scene. There is a documentation name RFC4226 that explain what is HOTP and how to implement. Luckily Microchip Technology already provided a source code name HASHES.c and HASHES.h these source file is really important to implement HOTP.
Nearing the end of the week, I only manage to do a very simple SHA1 calculation, to have a better understanding of SHA1 follow this document RFC3174. I have not fully grasp or understand these crypto stuff but I find it really fun and interesting, looking forward to next week with hope i can have a better progress. By the way this is already my 2nd week continuing this project, ‘in theory’ my Boss would have already finish the whole project, hmm…. I still have a long way to go~