feat(example): Restructure examples folder

examples/protocols/openssl_client/Makefile

@@ -0,0 +1,9 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := openssl_client
+
+include $(IDF_PATH)/make/project.mk
+

examples/protocols/openssl_client/README.md

@@ -0,0 +1,48 @@
+1. Run ./gencrt.sh or if you have your own certificate, move to the openssl_client directory, the name is ca.crt,server.crt, server.key, client.crt and client.key.
+
+    The server.crt and client.crt was generate by the same ca.crt in ./gencrt.sh.
+
+    Server side needs ca.crt(to verify client.crt), server.crt, server.key
+
+    Client side needs ca.crt(to verify server.crt), client.crt, client.key
+
+    If you have two ca.crt to generate server.crt and client.crt respectively, client1.crt is generate by ca1.crt and client1.key, server2.crt is generate by ca2.crt and server2.key:
+
+    Client side needs ca2.crt, client1.crt, client1.key.
+
+    Server side needs ca1.crt, server2.crt, server2.key.
+
+    Rename ca2.crt client1.crt client1.key to ca.crt client.crt client.key and run ./genheader.sh.
+
+    Use ca1.crt in openssl s_server -CAfile option.
+
+2. Run ./genheader.sh.
+
+3. Modify this two lines in file openssl_demo.c to your computer server ip and port.
+
+    ```#define OPENSSL_DEMO_TARGET_NAME "192.168.3.196"```
+
+    ```#define OPENSSL_DEMO_TARGET_TCP_PORT 443```
+
+
+4. Modify thease two lines in file user_config.h to your local Wi-Fi SSID and Password.
+
+    ```#define SSID "HUAWEI001"```
+
+    ```#define PASSWORD ""```
+
+5. Make sure that the computer and ESP8266 are in the same local area network.
+
+6. Run ./gen_misc.sh.
+
+7. Run openssl s_server -CAfile ca.crt -cert server.crt -key server.key -verify 1 -tls1_1 -accept 443.
+
+8. Download bin file to ESP8266.
+
+**ATTENTION**
+
+**1. Make sure the free heap size larger than 30K.**
+
+**2. Make sure the private key length larger than 2048.**
+
+**3. Make sure the fragment size range is between 2048 and 8192.**

examples/protocols/openssl_client/gencrt.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+#
+# Generate the certificates and keys for testing.
+#
+
+SAVEIFS=$IFS
+IFS=$(echo -en "\n\b")
+
+ROOT_SUBJECT="/C=C1/ST=JS1/L=WX1/O=ESP1/OU=ESP1/CN=Server1 CA/emailAddress=ESP1"
+LEVEL2_SUBJECT="/C=C2/ST=JS22/L=WX22/O=ESP22/OU=ESP22/CN=Server22 CA/emailAddress=ESP22"
+LEVEL3_SUBJECT="/C=C3/ST=JS333/L=WX333/O=ESP333/OU=ESP333/CN=Server333 CA/emailAddress=ESP333"
+
+# private key generation
+openssl genrsa -out ca.key 2048
+openssl genrsa -out server.key 2048
+openssl genrsa -out client.key 2048
+
+# cert requests
+openssl req -new -key ca.key -out ca.csr -text -subj $ROOT_SUBJECT
+openssl req -new -key server.key -out server.csr -text -subj $LEVEL2_SUBJECT
+openssl req -new -key client.key -out client.csr -text -subj $LEVEL3_SUBJECT
+
+# generate the actual certs.
+openssl x509 -req -in ca.csr -out ca.crt -sha1 -days 5000 -signkey ca.key -text -extensions v3_ca
+openssl x509 -req -in server.csr -out server.crt -sha1 -CAcreateserial -days 5000 -CA ca.crt -CAkey ca.key -text -extensions v3_ca
+openssl x509 -req -in client.csr -out client.crt -sha1 -CAcreateserial -days 5000 -CA ca.crt -CAkey ca.key -text -extensions v3_ca

examples/protocols/openssl_client/genheader.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# set ca crt for use in the client
+xxd -i ca.crt | sed -e "s/ca_crt/ca_crt/" > ssl_client_crt.h
+
+# set client crt for use in the client
+xxd -i client.crt | sed -e "s/client_crt/client_crt/" >> ssl_client_crt.h
+
+# set private key for use in the client
+xxd -i client.key | sed -e "s/client_key/client_key/" >> ssl_client_crt.h
+
+mv ssl_client_crt.h ./include

examples/protocols/openssl_client/main/component.mk

@@ -0,0 +1,5 @@
+#
+# "main" pseudo-component makefile.
+#
+# (Uses default behaviour of compiling all source files in directory, adding 'include' to include path.)
+

examples/protocols/openssl_client/main/openssl_demo.c

@@ -0,0 +1,242 @@
+/*
+ * ESPRESSIF MIT License
+ *
+ * Copyright (c) 2017 <ESPRESSIF SYSTEMS (SHANGHAI) PTE LTD>
+ *
+ * Permission is hereby granted for use on ESPRESSIF SYSTEMS ESP8266 only, in which case,
+ * it is free of charge, to any person obtaining a copy of this software and associated
+ * documentation files (the "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the Software is furnished
+ * to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all copies or
+ * substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ */
+
+#include <stddef.h>
+#include "openssl_demo.h"
+#include "openssl/ssl.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "c_types.h"
+#include "esp_misc.h"
+#include "lwip/sockets.h"
+#include "ssl_client_crt.h"
+
+#define OPENSSL_DEMO_THREAD_NAME "ssl_demo"
+#define OPENSSL_DEMO_THREAD_STACK_WORDS 2048
+#define OPENSSL_DEMO_THREAD_PRORIOTY 6
+
+/*
+Fragment size range 2048~8192
+| Private key len | Fragment size recommend |
+| RSA2048         | 2048                    |
+| RSA3072         | 3072                    |
+| RSA4096         | 4096                    |
+*/
+#define OPENSSL_DEMO_FRAGMENT_SIZE 2048
+
+/* Local tcp port */
+#define OPENSSL_DEMO_LOCAL_TCP_PORT 1000
+
+/* Server ip address */
+#define OPENSSL_DEMO_TARGET_NAME "192.168.3.196"
+
+/* Server tcp port */
+#define OPENSSL_DEMO_TARGET_TCP_PORT 443
+
+#define OPENSSL_DEMO_REQUEST "{\"path\": \"/v1/ping/\", \"method\": \"GET\"}\r\n"
+
+/* receive length */
+#define OPENSSL_DEMO_RECV_BUF_LEN 1024
+
+LOCAL xTaskHandle openssl_handle;
+
+LOCAL char send_data[] = OPENSSL_DEMO_REQUEST;
+LOCAL int send_bytes = sizeof(send_data);
+
+LOCAL char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
+
+LOCAL void openssl_demo_thread(void* p)
+{
+    int ret;
+
+    SSL_CTX* ctx;
+    SSL* ssl;
+
+    int socket;
+    struct sockaddr_in sock_addr;
+
+    ip_addr_t target_ip;
+
+    int recv_bytes = 0;
+
+    printf("OpenSSL demo thread start...\n");
+
+    do {
+        ret = netconn_gethostbyname(OPENSSL_DEMO_TARGET_NAME, &target_ip);
+    } while (ret);
+
+    printf("get target IP is "IPSTR"\n", IP2STR(&target_ip));
+
+    printf("create SSL context ......");
+    ctx = SSL_CTX_new(TLSv1_1_client_method());
+    if (!ctx) {
+        printf("failed\n");
+        goto failed1;
+    }
+    printf("OK\n");
+
+    printf("load ca crt ......");
+    X509 *cacrt = d2i_X509(NULL, ca_crt, ca_crt_len);
+    if(cacrt){
+        SSL_CTX_add_client_CA(ctx, cacrt);
+        printf("OK\n");
+    }else{
+        printf("failed\n");
+        goto failed2;
+    }
+
+    printf("load client crt ......");
+    ret = SSL_CTX_use_certificate_ASN1(ctx, client_crt_len, client_crt);
+    if(ret){
+        printf("OK\n");
+    }else{
+        printf("failed\n");
+        goto failed2;
+    }
+
+    printf("load client private key ......");
+    ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, client_key, client_key_len);
+    if(ret){
+        printf("OK\n");
+    }else{
+        printf("failed\n");
+        goto failed2;
+    }
+
+    printf("set verify mode verify peer\n");
+    SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
+
+    printf("set SSL context read buffer size ......");
+    SSL_CTX_set_default_read_buffer_len(ctx, OPENSSL_DEMO_FRAGMENT_SIZE);
+    ret = 0;
+    if (ret) {
+        printf("failed, return %d\n", ret);
+        goto failed2;
+    }
+    printf("OK\n");
+
+    printf("create socket ......");
+    socket = socket(AF_INET, SOCK_STREAM, 0);
+    if (socket < 0) {
+        printf("failed\n");
+        goto failed3;
+    }
+    printf("OK\n");
+
+    printf("bind socket ......");
+    memset(&sock_addr, 0, sizeof(sock_addr));
+    sock_addr.sin_family = AF_INET;
+    sock_addr.sin_addr.s_addr = 0;
+    sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
+    ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
+    if (ret) {
+        printf("failed\n");
+        goto failed4;
+    }
+    printf("OK\n");
+
+    printf("socket connect to remote ......");
+    memset(&sock_addr, 0, sizeof(sock_addr));
+    sock_addr.sin_family = AF_INET;
+    sock_addr.sin_addr.s_addr = target_ip.addr;
+    sock_addr.sin_port = htons(OPENSSL_DEMO_TARGET_TCP_PORT);
+    ret = connect(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
+    if (ret) {
+        printf("failed\n", OPENSSL_DEMO_TARGET_NAME);
+        goto failed5;
+    }
+    printf("OK\n");
+
+    printf("create SSL ......");
+    ssl = SSL_new(ctx);
+    if (!ssl) {
+        printf("failed\n");
+        goto failed6;
+    }
+    printf("OK\n");
+
+    SSL_set_fd(ssl, socket);
+
+    printf("SSL connected to %s port %d ......", OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);
+    ret = SSL_connect(ssl);
+    if (ret <= 0) {
+        printf("failed, return [-0x%x]\n", -ret);
+        goto failed7;
+    }
+    printf("OK\n");
+
+    printf("send request to %s port %d ......", OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);
+    ret = SSL_write(ssl, send_data, send_bytes);
+    if (ret <= 0) {
+        printf("failed, return [-0x%x]\n", -ret);
+        goto failed8;
+    }
+    printf("OK\n\n");
+
+    do {
+        ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
+        if (ret <= 0) {
+            break;
+        }
+        recv_bytes += ret;
+        recv_buf[ret] = '\0';
+        printf("%s", recv_buf);
+    } while (1);
+    printf("read %d bytes data from %s ......\n", recv_bytes, OPENSSL_DEMO_TARGET_NAME);
+
+failed8:
+    SSL_shutdown(ssl);
+failed7:
+    SSL_free(ssl);
+failed6:
+failed5:
+failed4:
+    close(socket);
+failed3:
+failed2:
+    SSL_CTX_free(ctx);
+failed1:
+    vTaskDelete(NULL);
+
+    printf("task exit\n");
+
+    return ;
+}
+
+void user_conn_init(void)
+{
+    int ret;
+
+    ret = xTaskCreate(openssl_demo_thread,
+                      OPENSSL_DEMO_THREAD_NAME,
+                      OPENSSL_DEMO_THREAD_STACK_WORDS,
+                      NULL,
+                      OPENSSL_DEMO_THREAD_PRORIOTY,
+                      &openssl_handle);
+    if (ret != pdPASS)  {
+        printf("create thread %s failed\n", OPENSSL_DEMO_THREAD_NAME);
+        return ;
+    }
+}
+

examples/protocols/openssl_client/main/openssl_demo.h

@@ -0,0 +1,30 @@
+/*
+ * ESPRESSIF MIT License
+ *
+ * Copyright (c) 2017 <ESPRESSIF SYSTEMS (SHANGHAI) PTE LTD>
+ *
+ * Permission is hereby granted for use on ESPRESSIF SYSTEMS ESP8266 only, in which case,
+ * it is free of charge, to any person obtaining a copy of this software and associated
+ * documentation files (the "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the Software is furnished
+ * to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all copies or
+ * substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ */
+
+#ifndef _OPENSSL_DEMO_H_
+#define _OPENSSL_DEMO_H_
+
+void user_conn_init(void);
+
+#endif

examples/protocols/openssl_client/main/user_config.h

@@ -0,0 +1,34 @@
+/*
+ * ESPRESSIF MIT License
+ *
+ * Copyright (c) 2017 <ESPRESSIF SYSTEMS (SHANGHAI) PTE LTD>
+ *
+ * Permission is hereby granted for use on ESPRESSIF SYSTEMS ESP8266 only, in which case,
+ * it is free of charge, to any person obtaining a copy of this software and associated
+ * documentation files (the "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the Software is furnished
+ * to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all copies or
+ * substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ */
+
+#ifndef __USER_CONFIG_H__
+#define __USER_CONFIG_H__
+
+#include "openssl_demo.h"
+
+#define SSID "HUAWEI001"
+#define PASSWORD ""
+
+#endif
+

examples/protocols/openssl_client/main/user_main.c

@@ -0,0 +1,115 @@
+/*
+ * ESPRESSIF MIT License
+ *
+ * Copyright (c) 2017 <ESPRESSIF SYSTEMS (SHANGHAI) PTE LTD>
+ *
+ * Permission is hereby granted for use on ESPRESSIF SYSTEMS ESP8266 only, in which case,
+ * it is free of charge, to any person obtaining a copy of this software and associated
+ * documentation files (the "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the Software is furnished
+ * to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all copies or
+ * substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+ * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+ * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ */
+
+#include "esp_common.h"
+#include "user_config.h"
+
+/******************************************************************************
+ * FunctionName : user_rf_cal_sector_set
+ * Description  : SDK just reversed 4 sectors, used for rf init data and paramters.
+ *                We add this function to force users to set rf cal sector, since
+ *                we don't know which sector is free in user's application.
+ *                sector map for last several sectors : ABCCC
+ *                A : rf cal
+ *                B : rf init data
+ *                C : sdk parameters
+ * Parameters   : none
+ * Returns      : rf cal sector
+*******************************************************************************/
+uint32 user_rf_cal_sector_set(void)
+{
+    flash_size_map size_map = system_get_flash_size_map();
+    uint32 rf_cal_sec = 0;
+
+    switch (size_map) {
+        case FLASH_SIZE_4M_MAP_256_256:
+            rf_cal_sec = 128 - 5;
+            break;
+
+        case FLASH_SIZE_8M_MAP_512_512:
+            rf_cal_sec = 256 - 5;
+            break;
+
+        case FLASH_SIZE_16M_MAP_512_512:
+        case FLASH_SIZE_16M_MAP_1024_1024:
+            rf_cal_sec = 512 - 5;
+            break;
+
+        case FLASH_SIZE_32M_MAP_512_512:
+        case FLASH_SIZE_32M_MAP_1024_1024:
+            rf_cal_sec = 1024 - 5;
+            break;
+
+        case FLASH_SIZE_64M_MAP_1024_1024:
+            rf_cal_sec = 2048 - 5;
+            break;
+
+        case FLASH_SIZE_128M_MAP_1024_1024:
+            rf_cal_sec = 4096 - 5;
+            break;
+
+        default:
+            rf_cal_sec = 0;
+            break;
+    }
+
+    return rf_cal_sec;
+}
+
+void wifi_event_handler_cb(System_Event_t* event)
+{
+    if (event == NULL) {
+        return;
+    }
+
+    switch (event->event_id) {
+        case EVENT_STAMODE_GOT_IP:
+            printf("sta got ip , creat task %d\n", system_get_free_heap_size());
+            user_conn_init();
+            break;
+
+        default:
+            break;
+    }
+}
+
+/******************************************************************************
+ * FunctionName : user_init
+ * Description  : entry of user application, init user function here
+ * Parameters   : none
+ * Returns      : none
+*******************************************************************************/
+void user_init(void)
+{
+    printf("SDK version:%s %d\n", system_get_sdk_version(), system_get_free_heap_size());
+    wifi_set_opmode(STATION_MODE);
+
+    // set AP parameter
+    struct station_config config;
+    bzero(&config, sizeof(struct station_config));
+    sprintf(config.ssid, SSID);
+    sprintf(config.password, PASSWORD);
+    wifi_station_set_config(&config);
+    wifi_set_event_handler_cb(wifi_event_handler_cb);
+}