espressif/ESP8266_RTOS_SDK
1
0
Fork 0
mirror of https://github.com/espressif/ESP8266_RTOS_SDK.git synced 2025-05-21 09:05:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(exmaples): remove wolfSSL example

Browse Source 
The wolfSSL example will be supplied independently.
This commit is contained in:
dongheng
2019-10-10 13:53:24 +08:00
parent 5f2b5eafcf
commit 1f8192d9f9
29 changed files with 1 additions and 770 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
components/esp-tls/component.mk
View File

@ -1,12 +1,3 @@
COMPONENT_SRCDIRS :=
COMPONENT_ADD_INCLUDEDIRS :=
ifdef CONFIG_SSL_USING_MBEDTLS
COMPONENT_SRCDIRS := .
COMPONENT_ADD_INCLUDEDIRS := .
endif
ifdef CONFIG_SSL_USING_WOLFSSL
COMPONENT_SRCDIRS := .
COMPONENT_ADD_INCLUDEDIRS := .
endif

11
components/esp_http_client/component.mk
View File

@ -2,17 +2,6 @@
# Component Makefile
#
COMPONENT_SRCDIRS :=
COMPONENT_ADD_INCLUDEDIRS :=
ifdef CONFIG_SSL_USING_MBEDTLS
COMPONENT_SRCDIRS := . lib
COMPONENT_ADD_INCLUDEDIRS := include
COMPONENT_PRIV_INCLUDEDIRS := lib/include
endif
ifdef CONFIG_SSL_USING_WOLFSSL
COMPONENT_SRCDIRS := . lib
COMPONENT_ADD_INCLUDEDIRS := include
COMPONENT_PRIV_INCLUDEDIRS := lib/include
endif

8
components/esp_https_ota/component.mk
View File

@ -1,12 +1,4 @@
COMPONENT_SRCDIRS :=
COMPONENT_ADD_INCLUDEDIRS :=
ifdef CONFIG_SSL_USING_MBEDTLS
COMPONENT_SRCDIRS := src
COMPONENT_ADD_INCLUDEDIRS := include
endif
ifdef CONFIG_SSL_USING_WOLFSSL
COMPONENT_SRCDIRS := src
COMPONENT_ADD_INCLUDEDIRS := include
endif

2
components/mbedtls/Makefile.projbuild
View File

@ -1,6 +1,6 @@
# Anyone compiling mbedTLS code needs the name of the
# alternative config file
CPPFLAGS += -DMBEDTLS_CONFIG_FILE='"mbedtls/esp_config.h"'
CPPFLAGS += -DMBEDTLS_CONFIG_FILE='"mbedtls/esp_config.h"' -DCONFIG_SSL_USING_MBEDTLS
# Catch usage of deprecated mbedTLS functions when building tests
ifneq ("$(filter mbedtls,$(TEST_COMPONENTS_LIST))","")

10
components/tcp_transport/component.mk
View File

@ -3,15 +3,5 @@
#
# (Uses default behaviour of compiling all source files in directory, adding 'include' to include path.)
COMPONENT_SRCDIRS :=
COMPONENT_ADD_INCLUDEDIRS :=
ifdef CONFIG_SSL_USING_MBEDTLS
COMPONENT_SRCDIRS := .
COMPONENT_ADD_INCLUDEDIRS := include
endif
ifdef CONFIG_SSL_USING_WOLFSSL
COMPONENT_SRCDIRS := .
COMPONENT_ADD_INCLUDEDIRS := include
endif

1
components/wifi_provisioning/Kconfig
View File

@ -3,7 +3,6 @@ menu "Unified Provisioning"
config ENABLE_UNIFIED_PROVISIONING
bool "Enable Unified Provisioning"
default n
select SSL_USING_MBEDTLS
select MBEDTLS_CIPHER_MODE_CTR
select MBEDTLS_ECP_C
help

1
components/wpa_supplicant/Kconfig
View File

@ -3,7 +3,6 @@ menu "wpa_supplicant"
config LTM_FAST
bool "Use faster div, esptmod, sqr, montgomery multiplication algorithm"
default y
depends on !SSL_USING_WOLFSSL
help
Enable the option can enable faster div, faster exptmod, faster sqr, fast
montgomery multiplication algorithm. Enable this option will cost about

42
examples/protocols/aws_iot/subscribe_publish/main/subscribe_publish_sample.c
View File

@ -46,10 +46,6 @@
#include "nvs.h"
#include "nvs_flash.h"
#ifdef CONFIG_SSL_USING_WOLFSSL
#include "lwip/apps/sntp.h"
#endif
#include "aws_iot_config.h"
#include "aws_iot_log.h"
#include "aws_iot_version.h"
@ -115,40 +111,6 @@ char HostAddress[255] = AWS_IOT_MQTT_HOST;
*/
uint32_t port = AWS_IOT_MQTT_PORT;
#ifdef CONFIG_SSL_USING_WOLFSSL
static void get_time()
{
struct timeval now;
int sntp_retry_cnt = 0;
int sntp_retry_time = 0;
sntp_setoperatingmode(0);
sntp_setservername(0, "pool.ntp.org");
sntp_init();
while (1) {
for (int32_t i = 0; (i < (SNTP_RECV_TIMEOUT / 100)) && now.tv_sec < 1525952900; i++) {
vTaskDelay(100 / portTICK_RATE_MS);
gettimeofday(&now, NULL);
}
if (now.tv_sec < 1525952900) {
sntp_retry_time = SNTP_RECV_TIMEOUT << sntp_retry_cnt;
if (SNTP_RECV_TIMEOUT << (sntp_retry_cnt + 1) < SNTP_RETRY_TIMEOUT_MAX) {
sntp_retry_cnt ++;
}
ESP_LOGE(TAG, "SNTP get time failed, retry after %d ms\n", sntp_retry_time);
vTaskDelay(sntp_retry_time / portTICK_RATE_MS);
} else {
ESP_LOGI(TAG, "SNTP get time success\n");
break;
}
}
}
#endif
static esp_err_t event_handler(void *ctx, system_event_t *event)
{
/* For accessing reason codes in case of disconnection */
@ -266,10 +228,6 @@ void aws_iot_task(void *param) {
xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
false, true, portMAX_DELAY);
#ifdef CONFIG_SSL_USING_WOLFSSL
get_time();
#endif
connectParams.keepAliveIntervalInSec = 10;
connectParams.isCleanSession = true;
connectParams.MQTTVersion = MQTT_3_1_1;

1
examples/protocols/aws_iot/subscribe_publish/sdkconfig.defaults
View File

@ -1,6 +1,5 @@
# Enable AWS IoT SDK support
CONFIG_AWS_IOT_SDK=y
CONFIG_SSL_USING_MBEDTLS=y
CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=8192
CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=1024
CONFIG_MBEDTLS_SSL_ALPN=y

44
examples/protocols/aws_iot/thing_shadow/main/thing_shadow_sample.c
View File

@ -49,9 +49,6 @@
#include "aws_iot_mqtt_client_interface.h"
#include "aws_iot_shadow_interface.h"
#if CONFIG_SSL_USING_WOLFSSL
#include "lwip/apps/sntp.h"
#endif
/*!
* The goal of this sample application is to demonstrate the capabilities of shadow.
* This device(say Connected Window) will open the window of a room based on temperature
@ -131,43 +128,6 @@ static const char * ROOT_CA_PATH = CONFIG_EXAMPLE_ROOT_CA_PATH;
#error "Invalid method for loading certs"
#endif
#if CONFIG_SSL_USING_WOLFSSL
static void get_time()
{
struct timeval now;
int sntp_retry_cnt = 0;
int sntp_retry_time = 0;
sntp_setoperatingmode(0);
sntp_setservername(0, "pool.ntp.org");
sntp_setservername(1, "ntp1.aliyun.com");
sntp_setservername(2, "time.aisa.apple.com");
sntp_init();
while (1) {
for (int32_t i = 0; (i < (SNTP_RECV_TIMEOUT / 100)) && now.tv_sec < 1525952900; i++) {
vTaskDelay(100 / portTICK_RATE_MS);
gettimeofday(&now, NULL);
}
if (now.tv_sec < 1525952900) {
sntp_retry_time = SNTP_RECV_TIMEOUT << sntp_retry_cnt;
if (SNTP_RECV_TIMEOUT << (sntp_retry_cnt + 1) < SNTP_RETRY_TIMEOUT_MAX) {
sntp_retry_cnt ++;
}
ESP_LOGI(TAG,"SNTP get time failed, retry after %d ms\n", sntp_retry_time);
vTaskDelay(sntp_retry_time / portTICK_RATE_MS);
} else {
ESP_LOGI(TAG,"SNTP get time success\n");
break;
}
}
}
#endif
static esp_err_t event_handler(void *ctx, system_event_t *event)
{
/* For accessing reason codes in case of disconnection */
@ -297,10 +257,6 @@ void aws_iot_task(void *param) {
xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
false, true, portMAX_DELAY);
#if CONFIG_SSL_USING_WOLFSSL
/* CA date verification need system time */
get_time();
#endif
ESP_LOGI(TAG, "Shadow Init");
rc = aws_iot_shadow_init(&mqttClient, &sp);
if(SUCCESS != rc) {

1
examples/protocols/aws_iot/thing_shadow/sdkconfig.defaults
View File

@ -1,7 +1,6 @@
# Enable AWS IoT SDK support
CONFIG_AWS_IOT_SDK=y
CONFIG_NEWLIB_LIBRARY_LEVEL_NORMAL=y
CONFIG_SSL_USING_WOLFSSL=y
# Enable FATFS read only with long filename support
# for loading Cert/CA/etc from filesystem

43
examples/protocols/esp_http_client/main/esp_http_client_example.c
View File

@ -18,10 +18,6 @@
#include "esp_http_client.h"
#if CONFIG_SSL_USING_WOLFSSL
#include "lwip/apps/sntp.h"
#endif
#define MAX_HTTP_RECV_BUFFER 512
static const char *TAG = "HTTP_CLIENT";
@ -71,40 +67,6 @@ esp_err_t _http_event_handler(esp_http_client_event_t *evt)
return ESP_OK;
}
#if CONFIG_SSL_USING_WOLFSSL
static void get_time()
{
struct timeval now;
int sntp_retry_cnt = 0;
int sntp_retry_time = 0;
sntp_setoperatingmode(0);
sntp_setservername(0, "pool.ntp.org");
sntp_init();
while (1) {
for (int32_t i = 0; (i < (SNTP_RECV_TIMEOUT / 100)) && now.tv_sec < 1525952900; i++) {
vTaskDelay(100 / portTICK_RATE_MS);
gettimeofday(&now, NULL);
}
if (now.tv_sec < 1525952900) {
sntp_retry_time = SNTP_RECV_TIMEOUT << sntp_retry_cnt;
if (SNTP_RECV_TIMEOUT << (sntp_retry_cnt + 1) < SNTP_RETRY_TIMEOUT_MAX) {
sntp_retry_cnt ++;
}
ESP_LOGI(TAG,"SNTP get time failed, retry after %d ms\n", sntp_retry_time);
vTaskDelay(sntp_retry_time / portTICK_RATE_MS);
} else {
ESP_LOGI(TAG,"SNTP get time success\n");
break;
}
}
}
#endif
static void http_rest()
{
esp_http_client_config_t config = {
@ -413,11 +375,6 @@ static void https_async()
static void http_test_task(void *pvParameters)
{
#if CONFIG_SSL_USING_WOLFSSL
/* CA date verification need system time */
get_time();
#endif
app_wifi_wait_connected();
ESP_LOGI(TAG, "Connected to AP, begin http example");
http_rest();

1
examples/protocols/esp_http_client/sdkconfig.defaults
View File

@ -1,4 +1,3 @@
CONFIG_NEWLIB_LIBRARY_LEVEL_NORMAL=y
CONFIG_SSL_USING_MBEDTLS=y
CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=1024
CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=16384

2
examples/protocols/https_mbedtls/sdkconfig.defaults
View File

@ -1,2 +0,0 @@
CONFIG_SSL_USING_MBEDTLS=y

43
examples/protocols/https_request/main/https_request_example_main.c
View File

@ -38,10 +38,6 @@
#include "lwip/netdb.h"
#include "lwip/dns.h"
#if CONFIG_SSL_USING_WOLFSSL
#include "lwip/apps/sntp.h"
#endif
#include "esp_tls.h"
/* The examples use simple WiFi configuration that you can set via
@ -133,50 +129,11 @@ static void initialise_wifi(void)
ESP_ERROR_CHECK( esp_wifi_start() );
}
#if CONFIG_SSL_USING_WOLFSSL
static void get_time()
{
struct timeval now;
int sntp_retry_cnt = 0;
int sntp_retry_time = 0;
sntp_setoperatingmode(0);
sntp_setservername(0, "pool.ntp.org");
sntp_init();
while (1) {
for (int32_t i = 0; (i < (SNTP_RECV_TIMEOUT / 100)) && now.tv_sec < 1525952900; i++) {
vTaskDelay(100 / portTICK_RATE_MS);
gettimeofday(&now, NULL);
}
if (now.tv_sec < 1525952900) {
sntp_retry_time = SNTP_RECV_TIMEOUT << sntp_retry_cnt;
if (SNTP_RECV_TIMEOUT << (sntp_retry_cnt + 1) < SNTP_RETRY_TIMEOUT_MAX) {
sntp_retry_cnt ++;
}
printf("SNTP get time failed, retry after %d ms\n", sntp_retry_time);
vTaskDelay(sntp_retry_time / portTICK_RATE_MS);
} else {
printf("SNTP get time success\n");
break;
}
}
}
#endif
static void https_get_task(void *pvParameters)
{
char buf[512];
int ret, len;
#if CONFIG_SSL_USING_WOLFSSL
/* CA date verification need system time */
get_time();
#endif
while(1) {
/* Wait for the callback to set the CONNECTED_BIT in the
event group.

1
examples/protocols/https_request/sdkconfig.defaults
View File

@ -1,2 +1 @@
CONFIG_SSL_USING_MBEDTLS=y
CONFIG_LWIP_IPV6=y

6
examples/protocols/https_wolfssl/CMakeLists.txt
View File

@ -1,6 +0,0 @@
# The following five lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.5)
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(https_wolfssl)

9
examples/protocols/https_wolfssl/Makefile
View File

@ -1,9 +0,0 @@
#
# This is a project Makefile. It is assumed the directory this Makefile resides in is a
# project subdirectory.
#
PROJECT_NAME := https-wolfSSL
include $(IDF_PATH)/make/project.mk

37
examples/protocols/https_wolfssl/README.md
View File

@ -1,37 +0,0 @@
WOLFSSL INTRODUCTION
### WHAT ABOUT WOLFSSL
The WOLFSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments as well because of its royalty-free pricing and excellent cross platform support. wolfSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20, Curve25519, NTRU, and Blake2b. User benchmarking and feedback reports dramatically better performance when using wolfSSL over OpenSSL.
### BEFORE YOU GET STARTED
- Requirements
- RTOS SDK
- Optional
- Basic knowledge of server/client communication
- Basic knowledge of SSL/TLS
The more you know, the easier it will be to get going. There are a number of links in the Helpful Links section to read up on SSL/TLS.
### QUICK START
- Example
- This project demonstrates a https client which connects to "www.howsmyssl.com" by default, you can connect to other https servers by modify WEB_SERVER and WEB_PORT.
- Compile
- Clone ESP8266_RTOS_SDK, e.g., to ~/ESP8266_RTOS_SDK.
- $ git clone https://github.com/espressif/ESP8266_RTOS_SDK.git
- Add IDF_PATH:
- $export IDF_PATH=~/ESP8266_RTOS_SDK
- run `make menuconfig`
- Modify SSID and PASSWORD under menu "Example Configuration".
- run `make`
- Download:
- run `make flash monitor`
### HELPFUL LINKS
In general, these are links which will be useful for using both wolfSSL, as well as networked and secure applications in general. Furthermore, there is a more comprehensive tutorial that can be found in Chapter 11 of the official wolfSSL manual. The examples in the wolfSSL package and Chapter 11 do appropriate error checking, which is worth taking a look at. For a more comprehensive API, check out chapter 17 of the official manual.
- WOLFSSL Manual (https://www.wolfssl.com/docs/wolfssl-manual/)
- WOLFSSL GitHub
(https://github.com/wolfssl/wolfssl)

10
examples/protocols/https_wolfssl/main/CMakeLists.txt
View File

@ -1,10 +0,0 @@
set(COMPONENT_SRCS "https_wolfssl_example_main.c")
set(COMPONENT_ADD_INCLUDEDIRS ".")
# Embed the server root certificate into the final binary
#
# (If this was a component, we would set COMPONENT_EMBED_TXTFILES here.)
set(COMPONENT_EMBED_TXTFILES server_root_cert.pem)
register_component()

23
examples/protocols/https_wolfssl/main/Kconfig.projbuild
View File

@ -1,23 +0,0 @@
menu "Example Configuration"
config WIFI_SSID
string "WiFi SSID"
default "myssid"
help
SSID (network name) for the example to connect to.
config WIFI_PASSWORD
string "WiFi Password"
default "mypassword"
help
WiFi password (WPA or WPA2) for the example to use.
Can be left blank if the network has no security set.
config CERT_AUTH
bool "enable certificate verification"
default y
help
Enable certificate verification.
endmenu

5
examples/protocols/https_wolfssl/main/component.mk
View File

@ -1,5 +0,0 @@
#
# "main" pseudo-component makefile.
#
# (Uses default behaviour of compiling all source files in directory, adding 'include' to include path.)
COMPONENT_EMBED_TXTFILES := server_root_cert.pem

300
examples/protocols/https_wolfssl/main/https_wolfssl_example_main.c
View File

@ -1,300 +0,0 @@
/* wolfSSL example
This example code is in the Public Domain (or CC0 licensed, at your option.)
Unless required by applicable law or agreed to in writing, this
software is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied.
*/
#include <stdio.h>
#include "esp_wifi.h"
#include "esp_event_loop.h"
#include "esp_log.h"
#include "nvs_flash.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/event_groups.h"
#include <sys/socket.h>
#include <netdb.h>
#include "lwip/apps/sntp.h"
#include "wolfssl/ssl.h"
/* The examples use simple WiFi configuration that you can set via
'make menuconfig'.
If you'd rather not, just change the below entries to strings with
the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
*/
#define EXAMPLE_WIFI_SSID CONFIG_WIFI_SSID
#define EXAMPLE_WIFI_PASS CONFIG_WIFI_PASSWORD
/* FreeRTOS event group to signal when we are connected & ready to make a request */
static EventGroupHandle_t wifi_event_group;
/* The event group allows multiple bits for each event,
but we only care about one event - are we connected
to the AP with an IP? */
const int CONNECTED_BIT = BIT0;
#if CONFIG_CERT_AUTH
extern const uint8_t server_root_cert_pem_start[] asm("_binary_server_root_cert_pem_start");
extern const uint8_t server_root_cert_pem_end[] asm("_binary_server_root_cert_pem_end");
#endif
/* Constants that aren't configurable in menuconfig */
#define WEB_SERVER "www.howsmyssl.com"
#define WEB_PORT 443
#define WEB_URL "https://www.howsmyssl.com/a/check"
#define REQUEST "GET " WEB_URL " HTTP/1.0\r\n" \
"Host: "WEB_SERVER"\r\n" \
"User-Agent: esp-idf/1.0 espressif\r\n" \
"\r\n"
#define WOLFSSL_DEMO_THREAD_NAME "wolfssl_client"
#define WOLFSSL_DEMO_THREAD_STACK_WORDS 8192
#define WOLFSSL_DEMO_THREAD_PRORIOTY 6
#define WOLFSSL_DEMO_SNTP_SERVERS "pool.ntp.org"
static const char *TAG = "example";
const char send_data[] = REQUEST;
const int32_t send_bytes = sizeof(send_data);
char recv_data[1024] = {0};
static esp_err_t event_handler(void *ctx, system_event_t *event)
{
/* For accessing reason codes in case of disconnection */
system_event_info_t *info = &event->event_info;
switch(event->event_id) {
case SYSTEM_EVENT_STA_START:
esp_wifi_connect();
break;
case SYSTEM_EVENT_STA_GOT_IP:
xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
break;
case SYSTEM_EVENT_STA_DISCONNECTED:
ESP_LOGE(TAG, "Disconnect reason : %d", info->disconnected.reason);
if (info->disconnected.reason == WIFI_REASON_BASIC_RATE_NOT_SUPPORT) {
/*Switch to 802.11 bgn mode */
esp_wifi_set_protocol(ESP_IF_WIFI_STA, WIFI_PROTOCAL_11B | WIFI_PROTOCAL_11G | WIFI_PROTOCAL_11N);
}
esp_wifi_connect();
xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
break;
default:
break;
}
return ESP_OK;
}
static void initialise_wifi(void)
{
tcpip_adapter_init();
wifi_event_group = xEventGroupCreate();
ESP_ERROR_CHECK( esp_event_loop_init(event_handler, NULL) );
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
wifi_config_t wifi_config = {
.sta = {
.ssid = EXAMPLE_WIFI_SSID,
.password = EXAMPLE_WIFI_PASS,
},
};
ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid);
ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
ESP_ERROR_CHECK( esp_wifi_start() );
}
static void get_time()
{
struct timeval now;
int sntp_retry_cnt = 0;
int sntp_retry_time = 0;
sntp_setoperatingmode(0);
sntp_setservername(0, WOLFSSL_DEMO_SNTP_SERVERS);
sntp_init();
while (1) {
for (int32_t i = 0; (i < (SNTP_RECV_TIMEOUT / 100)) && now.tv_sec < 1525952900; i++) {
vTaskDelay(100 / portTICK_RATE_MS);
gettimeofday(&now, NULL);
}
if (now.tv_sec < 1525952900) {
sntp_retry_time = SNTP_RECV_TIMEOUT << sntp_retry_cnt;
if (SNTP_RECV_TIMEOUT << (sntp_retry_cnt + 1) < SNTP_RETRY_TIMEOUT_MAX) {
sntp_retry_cnt ++;
}
printf("SNTP get time failed, retry after %d ms\n", sntp_retry_time);
vTaskDelay(sntp_retry_time / portTICK_RATE_MS);
} else {
printf("SNTP get time success\n");
break;
}
}
}
static void wolfssl_client(void* pv)
{
int32_t ret = 0;
const portTickType xDelay = 500 / portTICK_RATE_MS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
int32_t socket = -1;
struct sockaddr_in sock_addr;
struct hostent* entry = NULL;
/* CA date verification need system time */
get_time();
while (1) {
printf("Setting hostname for TLS session...\n");
/*get addr info for hostname*/
do {
entry = gethostbyname(WEB_SERVER);
vTaskDelay(xDelay);
} while (entry == NULL);
printf("Init wolfSSL...\n");
ret = wolfSSL_Init();
if (ret != WOLFSSL_SUCCESS) {
printf("Init wolfSSL failed:%d...\n", ret);
goto failed1;
}
printf("Set wolfSSL ctx ...\n");
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
if (!ctx) {
printf("Set wolfSSL ctx failed...\n");
goto failed1;
}
printf("Creat socket ...\n");
socket = socket(AF_INET, SOCK_STREAM, 0);
if (socket < 0) {
printf("Creat socket failed...\n");
goto failed2;
}
#if CONFIG_CERT_AUTH
printf("Loading the CA root certificate...\n");
ret = wolfSSL_CTX_load_verify_buffer(ctx, server_root_cert_pem_start, server_root_cert_pem_end - server_root_cert_pem_start, WOLFSSL_FILETYPE_PEM);
if (WOLFSSL_SUCCESS != ret) {
printf("Loading the CA root certificate failed...\n");
goto failed3;
}
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
#else
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
#endif
memset(&sock_addr, 0, sizeof(sock_addr));
sock_addr.sin_family = AF_INET;
sock_addr.sin_port = htons(WEB_PORT);
sock_addr.sin_addr.s_addr = ((struct in_addr*)(entry->h_addr))->s_addr;
printf("Connecting to %s:%d...\n", WEB_SERVER, WEB_PORT);
ret = connect(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
if (ret) {
printf("Connecting to %s:%d failed: %d\n", WEB_SERVER, WEB_PORT, ret);
goto failed3;
}
printf("Create wolfSSL...\n");
ssl = wolfSSL_new(ctx);
if (!ssl) {
printf("Create wolfSSL failed...\n");
goto failed3;
}
wolfSSL_set_fd(ssl, socket);
printf("Performing the SSL/TLS handshake...\n");
ret = wolfSSL_connect(ssl);
if (WOLFSSL_SUCCESS != ret) {
printf("Performing the SSL/TLS handshake failed:%d\n", ret);
goto failed4;
}
printf("Writing HTTPS request...\n");
ret = wolfSSL_write(ssl, send_data, send_bytes);
if (ret <= 0) {
printf("Writing HTTPS request failed:%d\n", ret);
goto failed5;
}
printf("Reading HTTPS response...\n");
do {
ret = wolfSSL_read(ssl, recv_data, sizeof(recv_data));
if (ret <= 0) {
printf("\nConnection closed\n");
break;
}
/* Print response directly to stdout as it is read */
for (int i = 0; i < ret; i++) {
printf("%c", recv_data[i]);
}
} while (1);
failed5:
wolfSSL_shutdown(ssl);
failed4:
wolfSSL_free(ssl);
failed3:
close(socket);
failed2:
wolfSSL_CTX_free(ctx);
failed1:
wolfSSL_Cleanup();
for (int countdown = 10; countdown >= 0; countdown--) {
printf("%d...\n", countdown);
vTaskDelay(1000 / portTICK_RATE_MS);
}
printf("Starting again!\n");
}
}
void app_main(void)
{
ESP_ERROR_CHECK( nvs_flash_init() );
initialise_wifi();
xTaskCreate(wolfssl_client,
WOLFSSL_DEMO_THREAD_NAME,
WOLFSSL_DEMO_THREAD_STACK_WORDS,
NULL,
WOLFSSL_DEMO_THREAD_PRORIOTY,
NULL);
}

27
examples/protocols/https_wolfssl/main/server_root_cert.pem
View File

@ -1,27 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----

5
examples/protocols/https_wolfssl/sdkconfig.defaults
View File

@ -1,5 +0,0 @@
#
# Override some defaults so wolfSSL is enabled
# by default in this example
#
CONFIG_SSL_USING_WOLFSSL=y

42
examples/protocols/openssl_client/main/openssl_client_example_main.c
View File

@ -23,10 +23,6 @@
#include <sys/socket.h>
#include <netdb.h>
#if CONFIG_SSL_USING_WOLFSSL
#include "lwip/apps/sntp.h"
#endif
#include "openssl/ssl.h"
/* The examples use simple WiFi configuration that you can set via
@ -124,40 +120,6 @@ static void initialise_wifi(void)
ESP_ERROR_CHECK( esp_wifi_start() );
}
#if CONFIG_SSL_USING_WOLFSSL
static void get_time()
{
struct timeval now;
int sntp_retry_cnt = 0;
int sntp_retry_time = 0;
sntp_setoperatingmode(0);
sntp_setservername(0, "pool.ntp.org");
sntp_init();
while (1) {
for (int32_t i = 0; (i < (SNTP_RECV_TIMEOUT / 100)) && now.tv_sec < 1525952900; i++) {
vTaskDelay(100 / portTICK_RATE_MS);
gettimeofday(&now, NULL);
}
if (now.tv_sec < 1525952900) {
sntp_retry_time = SNTP_RECV_TIMEOUT << sntp_retry_cnt;
if (SNTP_RECV_TIMEOUT << (sntp_retry_cnt + 1) < SNTP_RETRY_TIMEOUT_MAX) {
sntp_retry_cnt ++;
}
printf("SNTP get time failed, retry after %d ms\n", sntp_retry_time);
vTaskDelay(sntp_retry_time / portTICK_RATE_MS);
} else {
printf("SNTP get time success\n");
break;
}
}
}
#endif
static void openssl_client_task(void* p)
{
int ret;
@ -175,10 +137,6 @@ static void openssl_client_task(void* p)
xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
false, true, portMAX_DELAY);
ESP_LOGI(TAG, "Connected to AP");
#if CONFIG_SSL_USING_WOLFSSL
/* CA date verification need system time */
get_time();
#endif
/*get addr info for hostname*/
do {

43
examples/protocols/openssl_server/main/openssl_server_example_main.c
View File

@ -23,10 +23,6 @@
#include <sys/socket.h>
#if CONFIG_SSL_USING_WOLFSSL
#include "lwip/apps/sntp.h"
#endif
#include "openssl/ssl.h"
/* The examples use simple WiFi configuration that you can set via
@ -124,40 +120,6 @@ static void initialise_wifi(void)
ESP_ERROR_CHECK( esp_wifi_start() );
}
#if CONFIG_SSL_USING_WOLFSSL
static void get_time()
{
struct timeval now;
int sntp_retry_cnt = 0;
int sntp_retry_time = 0;
sntp_setoperatingmode(0);
sntp_setservername(0, "pool.ntp.org");
sntp_init();
while (1) {
for (int32_t i = 0; (i < (SNTP_RECV_TIMEOUT / 100)) && now.tv_sec < 1525952900; i++) {
vTaskDelay(100 / portTICK_RATE_MS);
gettimeofday(&now, NULL);
}
if (now.tv_sec < 1525952900) {
sntp_retry_time = SNTP_RECV_TIMEOUT << sntp_retry_cnt;
if (SNTP_RECV_TIMEOUT << (sntp_retry_cnt + 1) < SNTP_RETRY_TIMEOUT_MAX) {
sntp_retry_cnt ++;
}
printf("SNTP get time failed, retry after %d ms\n", sntp_retry_time);
vTaskDelay(sntp_retry_time / portTICK_RATE_MS);
} else {
printf("SNTP get time success\n");
break;
}
}
}
#endif
static void openssl_server_task(void* p)
{
int ret;
@ -179,11 +141,6 @@ static void openssl_server_task(void* p)
false, true, portMAX_DELAY);
ESP_LOGI(TAG, "Connected to AP");
#if CONFIG_SSL_USING_WOLFSSL
/* CA date verification need system time */
get_time();
#endif
printf("create SSL context ......");
ctx = SSL_CTX_new(TLSv1_2_server_method());

43
examples/system/ota/simple_ota_example/main/simple_ota_example.c
View File

@ -21,10 +21,6 @@
#include "nvs.h"
#include "nvs_flash.h"
#if CONFIG_SSL_USING_WOLFSSL
#include "lwip/apps/sntp.h"
#endif
static const char *TAG = "simple_ota_example";
extern const uint8_t server_cert_pem_start[] asm("_binary_ca_cert_pem_start");
extern const uint8_t server_cert_pem_end[] asm("_binary_ca_cert_pem_end");
@ -37,40 +33,6 @@ static EventGroupHandle_t wifi_event_group;
to the AP with an IP? */
const int CONNECTED_BIT = BIT0;
#if CONFIG_SSL_USING_WOLFSSL
static void get_time()
{
struct timeval now;
int sntp_retry_cnt = 0;
int sntp_retry_time = 0;
sntp_setoperatingmode(0);
sntp_setservername(0, "pool.ntp.org");
sntp_init();
while (1) {
for (int32_t i = 0; (i < (SNTP_RECV_TIMEOUT / 100)) && now.tv_sec < 1525952900; i++) {
vTaskDelay(100 / portTICK_RATE_MS);
gettimeofday(&now, NULL);
}
if (now.tv_sec < 1525952900) {
sntp_retry_time = SNTP_RECV_TIMEOUT << sntp_retry_cnt;
if (SNTP_RECV_TIMEOUT << (sntp_retry_cnt + 1) < SNTP_RETRY_TIMEOUT_MAX) {
sntp_retry_cnt ++;
}
ESP_LOGI(TAG, "SNTP get time failed, retry after %d ms\n", sntp_retry_time);
vTaskDelay(sntp_retry_time / portTICK_RATE_MS);
} else {
ESP_LOGI(TAG, "SNTP get time success\n");
break;
}
}
}
#endif
esp_err_t _http_event_handler(esp_http_client_event_t *evt)
{
switch(evt->event_id) {
@ -150,11 +112,6 @@ void simple_ota_example_task(void * pvParameter)
{
ESP_LOGI(TAG, "Starting OTA example...");
#if CONFIG_SSL_USING_WOLFSSL
/* CA date verification need system time */
get_time();
#endif
/* Wait for the callback to set the CONNECTED_BIT in the
event group.
*/

1
examples/system/ota/simple_ota_example/sdkconfig.defaults
View File

@ -3,6 +3,5 @@
CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y
CONFIG_PARTITION_TABLE_TWO_OTA=y
CONFIG_NEWLIB_LIBRARY_LEVEL_NORMAL=y
CONFIG_SSL_USING_MBEDTLS=y
CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=1024
CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=16384