HTTP demo S3 download added missing macro in ROOT_CA_CERT_PATH_S3 con… (

#1884) * HTTP demo S3 download added missing macro in ROOT_CA_CERT_PATH_S3 config and allow other macros to be already defined from cmake * Fix to actually use ROOT_CA_CERT_PATH_S3 instead of ROOT_CA_CERT_PATH --------- Co-authored-by: Giuseppe Penone <[email protected]>
aws · Sep 28, 2023 · 3cd7d57 · 3cd7d57
1 parent af6b6ef
commit 3cd7d57
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 10 deletions.
diff --git a/demos/http/http_demo_s3_download/demo_config.h b/demos/http/http_demo_s3_download/demo_config.h
@@ -78,6 +78,24 @@
     #define ROOT_CA_CERT_PATH    "certificates/AmazonRootCA1.crt"
 #endif
 
+/**
+ * @brief Path of the file containing the server's root CA certificate for S3
+ * authentication.
+ *
+ * This certificate is used to identify the AWS S3 server and is publicly
+ * available. Refer to the AWS documentation available in the link below
+ * https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html#server-authentication-certs
+ *
+ * Amazon's root CA certificate is automatically downloaded to the certificates
+ * directory from @ref https://www.amazontrust.com/repository/AmazonRootCA1.pem
+ * using the CMake build system.
+ *
+ * @note This certificate should be PEM-encoded.
+ */
+#ifndef ROOT_CA_CERT_PATH_S3
+    #define ROOT_CA_CERT_PATH_S3    ROOT_CA_CERT_PATH
+#endif
+
 /**
  * @brief Path of the file containing the client certificate for TLS
  * authentication with AWS IOT credential provider.
@@ -101,7 +119,9 @@
 /**
  * @brief Define AWS IOT thing name.
  */
-#define AWS_IOT_THING_NAME                      "...insert here..."
+#ifndef AWS_IOT_THING_NAME
+    #define AWS_IOT_THING_NAME    "...insert here..."
+#endif
 
 /**
  * @brief Endpoint for the AWS IOT credential provider.
@@ -110,7 +130,9 @@
  * `aws iot describe-endpoint --endpoint-type iot:CredentialProvider` from
  * the AWS CLI.
  */
-#define AWS_IOT_CREDENTIAL_PROVIDER_ENDPOINT    "...insert here..."
+#ifndef AWS_IOT_CREDENTIAL_PROVIDER_ENDPOINT
+    #define AWS_IOT_CREDENTIAL_PROVIDER_ENDPOINT    "...insert here..."
+#endif
 
 /**
  * @brief Role alias name for accessing the credential provider.
@@ -120,27 +142,35 @@
  * Refer to the demo setup instructions in the README.md file
  * within the same directory as this file in the repository.
  */
-#define AWS_IOT_CREDENTIAL_PROVIDER_ROLE        "...insert here..."
+#ifndef AWS_IOT_CREDENTIAL_PROVIDER_ROLE
+    #define AWS_IOT_CREDENTIAL_PROVIDER_ROLE    "...insert here..."
+#endif
 
 /**
  * @brief Name of bucket in AWS S3 from where file needs to be downloaded.
  */
-#define AWS_S3_BUCKET_NAME                      "...insert here..."
+#ifndef AWS_S3_BUCKET_NAME
+    #define AWS_S3_BUCKET_NAME    "...insert here..."
+#endif
 
 /**
  * @brief AWS Region where the bucket resides.
  */
-#define AWS_S3_BUCKET_REGION                    "...insert here..."
+#ifndef AWS_S3_BUCKET_REGION
+    #define AWS_S3_BUCKET_REGION    "...insert here..."
+#endif
 
 /**
  * @brief Name of file that needs to be downloaded from AWS S3.
  */
-#define AWS_S3_OBJECT_NAME                      "...insert here..."
+#ifndef AWS_S3_OBJECT_NAME
+    #define AWS_S3_OBJECT_NAME    "...insert here..."
+#endif
 
 /**
  * @brief Transport timeout in milliseconds for transport send and receive.
  */
-#define TRANSPORT_SEND_RECV_TIMEOUT_MS          ( 5000 )
+#define TRANSPORT_SEND_RECV_TIMEOUT_MS    ( 5000 )
 
 /**
  * @brief The length in bytes of the user buffer.
@@ -150,7 +180,7 @@
  * be less than USER_BUFFER_LENGTH. We don't expect S3 to send more than 1024
  * bytes of headers.
  */
-#define USER_BUFFER_LENGTH                      ( 4096 )
+#define USER_BUFFER_LENGTH                ( 4096 )
 
 /**
  * @brief The size of the range of the file to download, with each request.
@@ -159,6 +189,6 @@
  * in the user buffer. We don't expect S3 to send more than 1024 bytes of
  * headers.
  */
-#define RANGE_REQUEST_LENGTH                    ( 2048 )
+#define RANGE_REQUEST_LENGTH              ( 2048 )
 
 #endif /* ifndef DEMO_CONFIG_H_ */
diff --git a/demos/http/http_demo_s3_download/http_demo_s3_download.c b/demos/http/http_demo_s3_download/http_demo_s3_download.c
@@ -942,7 +942,7 @@ static int32_t connectToS3Server( NetworkContext_t * pNetworkContext )
         serverHost[ serverHostLength ] = '\0';
 
         /* Initialize TLS credentials. */
-        opensslCredentials.pRootCaPath = ROOT_CA_CERT_PATH;
+        opensslCredentials.pRootCaPath = ROOT_CA_CERT_PATH_S3;
         opensslCredentials.sniHostName = serverHost;
 
         /* Initialize server information. */