Reconstruct as Arduino Library.

Author: ciniml

Diff for: .vscode/c_cpp_properties.json

@@ -0,0 +1,18 @@
+{
+    "configurations": [
+        {
+            "name": "Linux",
+            "includePath": [
+                "${workspaceFolder}/**",
+                "${env:HOME}/.arduino15/packages/esp32/hardware/esp32/1.0.4/**"
+            ],
+            "forcedInclude": ["Arduino.h"],
+            "defines": [],
+            "compilerPath": "/usr/bin/clang",
+            "cStandard": "c11",
+            "cppStandard": "c++14",
+            "intelliSenseMode": "linux-gcc-x64"
+        }
+    ],
+    "version": 4
+}

Diff for: .vscode/tasks.json

@@ -0,0 +1,19 @@
+{
+    // See https://go.microsoft.com/fwlink/?LinkId=733558
+    // for the documentation about the tasks.json format
+    "version": "2.0.0",
+    "tasks": [
+        {
+            "label": "build",
+            "type": "shell",
+            "options": {
+                "cwd": "${workspaceFolder}/examples/ping"
+            },
+            "command": "bash ./build.sh",
+            "group": {
+                "kind": "build",
+                "isDefault": true
+            }
+        }
+    ]
+}

Diff for: CMakeLists.txt

@@ -0,0 +1,84 @@
+#include <WiFi.h>
+#include <WireGuard.hpp>
+#include <HTTPClient.h>
+
+char ssid[] = "ds9";
+char password[] = "hogeFugapiyo";
+
+// WireGuard configuration --- UPDATE this configuration from JSON
+char private_key[] = "(Private Key) ";  // [Interface] PrivateKey
+IPAddress local_ip(1,2,3,4);            // [Interface] Address
+char public_key[] = "(Public Key)";     // [Peer] PublicKey
+char endpoint_address[] = "link.arc.soracom.io";    // [Peer] Endpoint
+int endpoint_port = 11010;              // [Peer] Endpoint
+
+static constexpr const uint32_t UPDATE_INTERVAL_MS = 5000;
+
+static WireGuard wg;
+static HTTPClient httpClient;
+
+void setup()
+{
+    Serial.begin(115200);
+    Serial.println("Connecting to the AP...");
+    WiFi.begin(ssid, password);
+    while( !WiFi.isConnected() ) {
+        delay(1000);
+    }
+    Serial.println("Adjusting system time...");
+    configTime(9 * 60 * 60, 0, "ntp.jst.mfeed.ad.jp", "ntp.nict.jp", "time.google.com");
+
+    Serial.println("Connected. Initializing WireGuard...");
+    wg.begin(
+        local_ip,
+        private_key,
+        endpoint_address,
+        public_key,
+        endpoint_port);
+}
+
+void loop()
+{
+    WiFiClient client;
+
+    if( !client.connect("uni.soracom.io", 80) ) {
+        Serial.println("Failed to connect...");
+        delay(5000);
+        return;
+    }
+    
+    uint64_t uptime_msec = millis();
+    Serial.printf("Sending uptime %lu [ms]\r\n", uptime_msec);
+    String json;
+    json += "{\"uptime_msec\":";
+    json.concat(static_cast<unsigned long>(uptime_msec));
+    json += "}";
+    Serial.printf("payload: %s\r\n", json.c_str());
+    
+    client.write("POST / HTTP/1.1\r\n");
+    client.write("Host: harvest.soracom.io\r\n");
+    client.write("Connection: Keep-Alive\r\n");
+    client.write("Keep-Alive: timeout=5, max=2\r\n");
+    client.write("Content-Type: application/json\r\n");
+    client.write("Content-Length: ");
+    client.write(String(json.length(), 10).c_str());
+    client.write("\r\n\r\n");
+    client.write(json.c_str());
+
+    while(client.connected()) {
+        auto line = client.readStringUntil('\n');
+        Serial.write(line.c_str());
+        Serial.write("\n");
+        if( line == "\r" ) break;
+    }
+    if(client.connected()) {
+        uint8_t buffer[256];
+        size_t bytesToRead = 0;
+        while((bytesToRead = client.available()) > 0) {
+            bytesToRead = bytesToRead > sizeof(buffer) ? sizeof(buffer) : bytesToRead;
+            auto bytesRead = client.readBytes(buffer, bytesToRead); 
+            Serial.write(buffer, bytesRead);
+        }
+    }
+    delay(UPDATE_INTERVAL_MS);
+}

Diff for: examples/uptime_post/uptime_post.ino

@@ -0,0 +1,10 @@
+name=WireGuard-ESP32
+version=0.1.0
+author=Kenta Ida
+maintainer=Kenta Ida <[email protected]>
+sentence=WireGuard implementation for Arduino ESP32
+paragraph=WireGuard implementation for Arduino ESP32
+category=Communication
+url=https://github.com/ciniml/Arduino-WireGuard-ESP32
+includes=WireGuard.hpp
+architectures=esp32

Diff for: library.properties

@@ -0,0 +1,94 @@
+#include "WireGuard.hpp"
+
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+#include "esp_system.h"
+#include "esp_log.h"
+
+#include "lwip/err.h"
+#include "lwip/sys.h"
+#include "lwip/ip.h"
+#include "lwip/netdb.h"
+
+extern "C" {
+#include "wireguardif.h"
+#include "wireguard-platform.h"
+}
+
+// Wireguard instance
+static struct netif wg_netif_struct = {0};
+static struct netif *wg_netif = NULL;
+static uint8_t wireguard_peer_index = WIREGUARDIF_INVALID_INDEX;
+
+#define TAG "WireGuard"
+
+void WireGuard::begin(const IPAddress& localIP, const char* privateKey, const char* remotePeerAddress, const char* remotePeerPublicKey, uint16_t remotePeerPort) {
+	struct wireguardif_init_data wg;
+	struct wireguardif_peer peer;
+	ip_addr_t ipaddr = IPADDR4_INIT(static_cast<uint32_t>(localIP));
+	ip_addr_t netmask = IPADDR4_INIT_BYTES(255, 255, 255, 255);
+	ip_addr_t gateway = IPADDR4_INIT_BYTES(0, 0, 0, 0);
+
+	assert(privateKey != NULL);
+	assert(remotePeerAddress != NULL);
+	assert(remotePeerPublicKey != NULL);
+	assert(remotePeerPort != 0);
+
+	// Setup the WireGuard device structure
+	wg.private_key = privateKey;
+    wg.listen_port = remotePeerPort;
+	
+	wg.bind_netif = NULL;
+
+	// Register the new WireGuard network interface with lwIP
+	wg_netif = netif_add(&wg_netif_struct, ip_2_ip4(&ipaddr), ip_2_ip4(&netmask), ip_2_ip4(&gateway), &wg, &wireguardif_init, &ip_input);
+
+	// Mark the interface as administratively up, link up flag is set automatically when peer connects
+	netif_set_up(wg_netif);
+
+	// Initialise the first WireGuard peer structure
+	wireguardif_peer_init(&peer);
+	peer.public_key = remotePeerPublicKey;
+	peer.preshared_key = NULL;
+	// Allow all IPs through tunnel
+    {
+        ip_addr_t allowed_ip = IPADDR4_INIT_BYTES(0, 0, 0, 0);
+        peer.allowed_ip = allowed_ip;
+        ip_addr_t allowed_mask = IPADDR4_INIT_BYTES(0, 0, 0, 0);
+        peer.allowed_mask = allowed_mask;
+    }
+	// If we know the endpoint's address can add here
+    {
+        ip_addr_t endpoint_ip = IPADDR4_INIT_BYTES(0, 0, 0, 0);
+        struct addrinfo *res = NULL;
+        struct addrinfo hint;
+        memset(&hint, 0, sizeof(hint));
+        memset(&endpoint_ip, 0, sizeof(endpoint_ip));
+        ESP_ERROR_CHECK(lwip_getaddrinfo(remotePeerAddress, NULL, &hint, &res) == 0 ? ESP_OK : ESP_FAIL);
+        struct in_addr addr4 = ((struct sockaddr_in *) (res->ai_addr))->sin_addr;
+        inet_addr_to_ip4addr(ip_2_ip4(&endpoint_ip), &addr4);
+        lwip_freeaddrinfo(res);
+
+        peer.endpoint_ip = endpoint_ip;
+        ESP_LOGI(TAG, "%s is %3d.%3d.%3d.%3d"
+			, remotePeerAddress
+            , (endpoint_ip.u_addr.ip4.addr >>  0) & 0xff
+            , (endpoint_ip.u_addr.ip4.addr >>  8) & 0xff
+            , (endpoint_ip.u_addr.ip4.addr >> 16) & 0xff
+            , (endpoint_ip.u_addr.ip4.addr >> 24) & 0xff
+            );
+    }
+	peer.endport_port = remotePeerPort;
+
+    // Initialize the platform
+    wireguard_platform_init();
+	// Register the new WireGuard peer with the netwok interface
+	wireguardif_add_peer(wg_netif, &peer, &wireguard_peer_index);
+	if ((wireguard_peer_index != WIREGUARDIF_INVALID_INDEX) && !ip_addr_isany(&peer.endpoint_ip)) {
+		// Start outbound connection to peer
+        ESP_LOGI(TAG, "connecting wireguard...");
+		wireguardif_connect(wg_netif, wireguard_peer_index);
+        netif_set_default(wg_netif);
+	}
+}

Diff for: src/WireGuard.cpp

@@ -0,0 +1,8 @@
+#pragma once
+#include <IPAddress.h>
+
+class WireGuard
+{
+public:
+    void begin(const IPAddress& localIP, const char* privateKey, const char* remotePeerAddress, const char* remotePeerPublicKey, uint16_t remotePeerPort);
+};

Diff for: src/WireGuard.hpp

@@ -35,14 +35,17 @@ uint32_t wireguard_sys_now() {
 	return sys_now();
 }
 
-// CHANGE THIS TO GET THE ACTUAL UNIX TIMESTMP IN MILLIS - HANDSHAKES WILL FAIL IF THIS DOESN'T INCREASE EACH TIME CALLED
 void wireguard_tai64n_now(uint8_t *output) {
 	// See https://cr.yp.to/libtai/tai64.html
 	// 64 bit seconds from 1970 = 8 bytes
 	// 32 bit nano seconds from current second
+	
+	struct timeval tv;
+	gettimeofday(&tv, NULL);
+	uint64_t millis = (tv.tv_sec * 1000LL + (tv.tv_usec / 1000LL));
 
-	uint64_t millis = sys_now();
-
+	// uint64_t millis = sys_now();
+	
 	// Split into seconds offset + nanos
 	uint64_t seconds = 0x400000000000000aULL + (millis / 1000);
 	uint32_t nanos = (millis % 1000) * 1000;

Diff for: example/wireguard-platform.c renamed to src/wireguard-platform.c

@@ -65,5 +65,4 @@ void wireguard_tai64n_now(uint8_t *output);
 // Is the system under load - i.e. should we generate cookie reply message in response to initiation messages
 bool wireguard_is_under_load();
 
-
 #endif /* _WIREGUARD_PLATFORM_H_ */

Diff for: src/wireguard-platform.h

@@ -282,5 +282,4 @@ bool wireguard_decrypt_packet(uint8_t *dst, const uint8_t *src, size_t src_len,
 bool wireguard_base64_decode(const char *str, uint8_t *out, size_t *outlen);
 bool wireguard_base64_encode(const uint8_t *in, size_t inlen, char *out, size_t *outlen);
 
-
 #endif /* _WIREGUARD_H_ */

Diff for: src/wireguard.h

@@ -45,7 +45,7 @@
 #include "wireguard.h"
 #include "crypto.h"
 #include "esp_log.h"
-#include "esp_netif.h"
+#include "tcpip_adapter.h"
 
 #define WIREGUARDIF_TIMER_MSECS 400
 
@@ -898,11 +898,8 @@ err_t wireguardif_init(struct netif *netif) {
 	uint8_t private_key[WIREGUARD_PRIVATE_KEY_LEN];
 	size_t private_key_len = sizeof(private_key);
 
-	char lwip_netif_name[8] = {0,};
-	esp_netif_get_netif_impl_name( esp_netif_get_handle_from_ifkey("WIFI_STA_DEF"), lwip_netif_name);
-	ESP_LOGI(TAG, "WIFI NETIF: %s", lwip_netif_name);
-
-	struct netif* underlying_netif = netif_find(lwip_netif_name);
+	struct netif* underlying_netif;
+	tcpip_adapter_get_netif(TCPIP_ADAPTER_IF_STA, &underlying_netif);
 	ESP_LOGI(TAG, "underlying_netif = %p", underlying_netif);
 
 	LWIP_ASSERT("netif != NULL", (netif != NULL));
@@ -931,7 +928,7 @@ err_t wireguardif_init(struct netif *netif) {
 					if (device) {
 						device->netif = netif;
 						device->underlying_netif = underlying_netif;
-						udp_bind_netif(udp, underlying_netif);
+						//udp_bind_netif(udp, underlying_netif);
 
 						device->udp_pcb = udp;
 						// Per-wireguard netif/device setup