Published December 28, 2015

Proof of Concept – NodeMCU, Arduino and Azure Event Hub

Using ESP8266 to show how to use HTTPS via Azure Event Hub

IntermediateProtip9,581

Proof of Concept – NodeMCU, Arduino and Azure Event Hub

Things used in this project

Hardware components

Espressif ESP8266 ESP-01

Software apps and online services

Microsoft Azure

NodeMCU firmware

Story

Internet of Things becomes important industry. Unfortunately, there are big security problems special in home deployed devices like smart locks, baby web cams and more. I recommend you to read book Abusing the Internet of Things. If is end device connected directly to internet you must use encrypted communication like HTTPS. This is simplest think you can do. If you use microcontrollers with limited resources special RAM you can’t use HTTPS.

Azure Event Hub

Azure Event Hub is simple service for IoT telemetry. It can receive telemetry from millions of devices. This is secure end point for your data. Every request must be signed by Shared Access Signature and HTTPS is forced. You will need following information for signature:1. Service Bus namespace (Event Hub is part of Service Bus)

Security Key name

ESP8266

ESP8266 is SoC combining microcontroller and WiFi with enough resources to use HTTPS. There are many frameworks you can use. I used support for Arduino IDE for PoC because of popularity of Arduino and easy to use.

Libraries

You will need HMAC-SHA256 and base64 libraries to sign your request. Libraries available for Arduino depends on AVR libraries. I changed those libraries to work with NodeMCU.

Conclusion

You can find working PoC in attachment. ESP8266 SoC is very cheap way if you need internet connectivity in your project. It is very easy to program it thanks to Arduino IDE support.

Code

Sample code

#include <ESP8266WiFi.h>
#include <WiFiClientSecure.h>
#include <String.h>
#include "sha256.h"
#include "Base64.h"

// START: Azure Evet Hub settings
const char* KEY = "***";
const char* KEY_NAME = "***";
const char* HOST = "***.servicebus.windows.net";
const char* END_POINT = "/***/publishers/***/messages";
// END: Azure Evet Hub settings

// START: WiFi settings
const char* SSID = "***";
const char* PASSWORD = "***";
// END: WiFi settings

void setup() {
  Serial.begin(115200);
  Serial.println();
  Serial.println();

  // START: Naive URL Encode
  String url = "https://" + (String)HOST + (String)END_POINT;
  url.replace(":", "%3A");
  url.replace("/", "%2F");
  Serial.println(url);
  // END: Naive URL Encode

  // START: Create SAS
  // https://azure.microsoft.com/en-us/documentation/articles/service-bus-sas-overview/
  // Where to get secods since the epoch: local service, SNTP, RTC
  int expire = 1511104241;
  String stringToSign = url + "\n" + expire;

  // START: Create signature
  Sha256.initHmac((const uint8_t*)KEY, 44);
  Sha256.print(stringToSign);
  char* sign = (char*) Sha256.resultHmac();
  int signLen = 32;
  // END: Create signature

  // START: Get base64 of signature
  int encodedSignLen = base64_enc_len(signLen);
  char encodedSign[encodedSignLen];
  base64_encode(encodedSign, sign, signLen); 
  String encodedSas = (String) encodedSign;
  // Naive URL encode
  encodedSas.replace("=", "%3D");
  Serial.println(encodedSas);
  // END: Get base64 of signature

  // SharedAccessSignature
  String fullSas = "sr=" + url + "&sig="+ encodedSas + "&se=" + expire +"&skn=" + KEY_NAME;
  // END: create SAS

  // START: Wifi connection
  Serial.print("connecting to ");
  Serial.println(SSID);
  
  WiFi.begin(SSID, PASSWORD);
  while (WiFi.status() != WL_CONNECTED) {
    delay(1000);
    Serial.print(".");
  }
  
  Serial.println("");
  Serial.println("WiFi connected");
  Serial.println("IP address: ");
  Serial.println(WiFi.localIP());
  // END: Wifi connection

  // Use WiFiClientSecure class to create TLS connection
  WiFiClientSecure client;
  if (!client.connect(HOST, 443)) {
    Serial.println("connection failed");
    return;
  }

  // https://msdn.microsoft.com/en-us/library/azure/dn790664.aspx
  String data = "{message: 'Hello'}";
  String request = String("POST ") + END_POINT + " HTTP/1.1\r\n" +
               "Host: " + HOST + "\r\n" +
               "Authorization: SharedAccessSignature " + fullSas + "\r\n" +                
               "Content-Type: application/atom+xml;type=entry;charset=utf-8\r\n" + 
               "Content-Length: " + data.length() + "\r\n\r\n" +
               data;
  
  Serial.println(request);
  client.print(request);

  String response = "";
  while (client.connected()) {
    response += client.readStringUntil('\n');
  }

  Serial.println();
  Serial.print("Response code: ");
  Serial.println(response.substring(9, 12));
}

void loop() {
}

Credits

Štěpán Bechynský

8 projects • 30 followers

Internet of Things, Arduino, Microsoft, ex-Microsoft MVP

Proof of Concept – NodeMCU, Arduino and Azure Event Hub

Things used in this project

Hardware components

Software apps and online services

Story

Azure Event Hub

ESP8266

Libraries

Conclusion

Schematics

Proof of Concepts – NodeMCU, Arduino and Azure Event Hub

Code

Sample code

Credits

Štěpán Bechynský

Comments

Embed the widget on your own site

Proof of Concept – NodeMCU, Arduino and Azure Event Hub

Proof of Concept – NodeMCU, Arduino and Azure Event Hub

Things used in this project

Hardware components

Software apps and online services

Story

Azure Event Hub

ESP8266

Libraries

Conclusion

Schematics

Proof of Concepts – NodeMCU, Arduino and Azure Event Hub

Code

Sample code

Credits

Štěpán Bechynský

Comments

Related channels and tags