espressif/ESP8266_RTOS_SDK
1
0
Fork 0
mirror of https://github.com/espressif/ESP8266_RTOS_SDK.git synced 2025-08-06 15:15:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(example): Restructure examples folder

Browse Source
This commit is contained in:
Wu Jian Gang
2018-04-12 11:45:59 +08:00
parent 441c17634b
commit 3f0f3f152a
71 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
examples/protocols/openssl_server/Makefile Normal file
View File

@ -0,0 +1,9 @@
#
# This is a project Makefile. It is assumed the directory this Makefile resides in is a
# project subdirectory.
#
PROJECT_NAME := hello-world
include $(IDF_PATH)/make/project.mk

44
examples/protocols/openssl_server/README.md Normal file
View File

@ -0,0 +1,44 @@
1. Run ./gencrt.sh or if you have your own certificate, move to the openssl_server directory, the name is ca.crt,server.crt, server.key, client.crt and client.key.
The server.crt and client.crt was generate by the same ca.crt in ./gencrt.sh.
Server side needs ca.crt(to verify client.crt), server.crt, server.key
Client side needs ca.crt(to verify server.crt), client.crt, client.key
If you have two ca.crt to generate server.crt and client.crt respectively, client1.crt is generate by ca1.crt and client1.key, server2.crt is generate by ca2.crt and server2.key:
Client side needs ca2.crt, client1.crt, client1.key.
Server side needs ca1.crt, server2.crt, server2.key.
Rename ca1.crt server2.crt server2.key to ca.crt server.crt server.key and run ./genheader.sh.
Use ca2.crt in openssl s_client -CAfile option.
2. Run ./genheader.sh.
3. Modify thease two lines in file user_config.h to your local Wi-Fi SSID and Password.
```#define SSID "HUAWEI001"```
```#define PASSWORD ""```
4. Make sure that the computer and ESP8266 are in the same local area network.
5. Run ./gen_misc.sh.
6. Download bin file to ESP8266.
Find server ip address in ESP8266 UART log: ip:192.168.3.6,mask:255.255.255.0,gw:192.168.3.1.
7. Run openssl s_client -CAfile ca.crt -cert client.crt -key client.key -verify 1 -tls1_1 -host 192.168.3.6 -port 443.
**ATTENTION**
**1. Make sure the free heap size larger than 30K.**
**2. Make sure the private key length larger than 2048.**
**3. Make sure the fragment size range is between 2048 and 8192.**

27
examples/protocols/openssl_server/gencrt.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/bash
#
# Generate the certificates and keys for testing.
#
SAVEIFS=$IFS
IFS=$(echo -en "\n\b")
ROOT_SUBJECT="/C=C1/ST=JS1/L=WX1/O=ESP1/OU=ESP1/CN=Server1 CA/emailAddress=ESP1"
LEVEL2_SUBJECT="/C=C2/ST=JS22/L=WX22/O=ESP22/OU=ESP22/CN=Server22 CA/emailAddress=ESP22"
LEVEL3_SUBJECT="/C=C3/ST=JS333/L=WX333/O=ESP333/OU=ESP333/CN=Server333 CA/emailAddress=ESP333"
# private key generation
openssl genrsa -out ca.key 2048
openssl genrsa -out server.key 2048
openssl genrsa -out client.key 2048
# cert requests
openssl req -new -key ca.key -out ca.csr -text -subj $ROOT_SUBJECT
openssl req -new -key server.key -out server.csr -text -subj $LEVEL2_SUBJECT
openssl req -new -key client.key -out client.csr -text -subj $LEVEL3_SUBJECT
# generate the actual certs.
openssl x509 -req -in ca.csr -out ca.crt -sha1 -days 5000 -signkey ca.key -text -extensions v3_ca
openssl x509 -req -in server.csr -out server.crt -sha1 -CAcreateserial -days 5000 -CA ca.crt -CAkey ca.key -text -extensions v3_ca
openssl x509 -req -in client.csr -out client.crt -sha1 -CAcreateserial -days 5000 -CA ca.crt -CAkey ca.key -text -extensions v3_ca

12
examples/protocols/openssl_server/genheader.sh Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
# set ca crt for use in the server
xxd -i ca.crt | sed -e "s/ca_crt/ca_crt/" > ssl_server_crt.h
# set server crt for use in the server
xxd -i server.crt | sed -e "s/server_crt/server_crt/" >> ssl_server_crt.h
# set private key for use in the server
xxd -i server.key | sed -e "s/server_key/server_key/" >> ssl_server_crt.h
mv ssl_server_crt.h ./include

5
examples/protocols/openssl_server/main/component.mk Normal file
View File

@ -0,0 +1,5 @@
#
# "main" pseudo-component makefile.
#
# (Uses default behaviour of compiling all source files in directory, adding 'include' to include path.)

241
examples/protocols/openssl_server/main/openssl_demo.c Normal file
View File

@ -0,0 +1,241 @@
/*
* ESPRESSIF MIT License
*
* Copyright (c) 2017 <ESPRESSIF SYSTEMS (SHANGHAI) PTE LTD>
*
* Permission is hereby granted for use on ESPRESSIF SYSTEMS ESP8266 only, in which case,
* it is free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the Software is furnished
* to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or
* substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
*/
#include <stddef.h>
#include "openssl_demo.h"
#include "openssl/ssl.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "c_types.h"
#include "esp_misc.h"
#include "lwip/sockets.h"
#include "ssl_server_crt.h"
#define OPENSSL_DEMO_THREAD_NAME "ssl_demo"
#define OPENSSL_DEMO_THREAD_STACK_WORDS 2048
#define OPENSSL_DEMO_THREAD_PRORIOTY 6
/*
Fragment size range 2048~8192
| Private key len | Fragment size recommend |
| RSA2048 | 2048 |
| RSA3072 | 3072 |
| RSA4096 | 4096 |
*/
#define OPENSSL_DEMO_FRAGMENT_SIZE 2048
/* Local server tcp port */
#define OPENSSL_DEMO_LOCAL_TCP_PORT 443
#define OPENSSL_DEMO_REQUEST "{\"path\": \"/v1/ping/\", \"method\": \"GET\"}\r\n"
/* receive length */
#define OPENSSL_DEMO_RECV_BUF_LEN 1024
LOCAL xTaskHandle openssl_handle;
LOCAL char send_data[] = OPENSSL_DEMO_REQUEST;
LOCAL int send_bytes = sizeof(send_data);
LOCAL char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
LOCAL void openssl_demo_thread(void* p)
{
int ret;
SSL_CTX* ctx;
SSL* ssl;
struct sockaddr_in sock_addr;
int sockfd, new_sockfd;
int recv_bytes = 0;
socklen_t addr_len;
printf("OpenSSL demo thread start...\n");
printf("create SSL context ......");
ctx = SSL_CTX_new(TLSv1_1_server_method());
if (!ctx) {
printf("failed\n");
goto failed1;
}
printf("OK\n");
printf("load ca crt ......");
X509* cacrt = d2i_X509(NULL, ca_crt, ca_crt_len);
if (cacrt) {
SSL_CTX_add_client_CA(ctx, cacrt);
printf("OK\n");
} else {
printf("failed\n");
goto failed2;
}
printf("load server crt ......");
ret = SSL_CTX_use_certificate_ASN1(ctx, server_crt_len, server_crt);
if (ret) {
printf("OK\n");
} else {
printf("failed\n");
goto failed2;
}
printf("load server private key ......");
ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, server_key, server_key_len);
if (ret) {
printf("OK\n");
} else {
printf("failed\n");
goto failed2;
}
printf("set verify mode verify peer\n");
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
printf("set SSL context read buffer size ......OK\n");
SSL_CTX_set_default_read_buffer_len(ctx, OPENSSL_DEMO_FRAGMENT_SIZE);
printf("create socket ......");
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
printf("failed\n");
goto failed2;
}
printf("OK\n");
printf("socket bind ......");
memset(&sock_addr, 0, sizeof(sock_addr));
sock_addr.sin_family = AF_INET;
sock_addr.sin_addr.s_addr = 0;
sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
ret = bind(sockfd, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
if (ret) {
printf("bind failed\n");
goto failed3;
}
printf("bind OK\n");
printf("server socket listen ......");
ret = listen(sockfd, 32);
if (ret) {
printf("failed\n");
goto failed3;
}
printf("OK\n");
reconnect:
printf("SSL server create ......");
ssl = SSL_new(ctx);
if (!ssl) {
printf("failed\n");
goto failed3;
}
printf("OK\n");
printf("SSL server socket accept client ......");
new_sockfd = accept(sockfd, (struct sockaddr*)&sock_addr, &addr_len);
if (new_sockfd < 0) {
printf("failed");
goto failed4;
}
printf("OK\n");
SSL_set_fd(ssl, new_sockfd);
printf("SSL server accept client ......");
ret = SSL_accept(ssl);
if (!ret) {
printf("failed\n");
goto failed5;
}
printf("OK\n");
do {
ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
if (ret <= 0) {
break;
}
recv_bytes += ret;
recv_buf[ret] = '\0';
printf("%s", recv_buf);
} while (1);
SSL_shutdown(ssl);
failed5:
close(new_sockfd);
new_sockfd = -1;
failed4:
SSL_free(ssl);
ssl = NULL;
goto reconnect;
failed3:
close(sockfd);
sockfd = -1;
failed2:
SSL_CTX_free(ctx);
ctx = NULL;
failed1:
vTaskDelete(NULL);
printf("task exit\n");
return ;
}
void user_conn_init(void)
{
int ret;
ret = xTaskCreate(openssl_demo_thread,
OPENSSL_DEMO_THREAD_NAME,
OPENSSL_DEMO_THREAD_STACK_WORDS,
NULL,
OPENSSL_DEMO_THREAD_PRORIOTY,
&openssl_handle);
if (ret != pdPASS) {
printf("create thread %s failed\n", OPENSSL_DEMO_THREAD_NAME);
return ;
}
}

30
examples/protocols/openssl_server/main/openssl_demo.h Normal file
View File

@ -0,0 +1,30 @@
/*
* ESPRESSIF MIT License
*
* Copyright (c) 2017 <ESPRESSIF SYSTEMS (SHANGHAI) PTE LTD>
*
* Permission is hereby granted for use on ESPRESSIF SYSTEMS ESP8266 only, in which case,
* it is free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the Software is furnished
* to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or
* substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
*/
#ifndef _OPENSSL_DEMO_H_
#define _OPENSSL_DEMO_H_
void user_conn_init(void);
#endif

34
examples/protocols/openssl_server/main/user_config.h Normal file
View File

@ -0,0 +1,34 @@
/*
* ESPRESSIF MIT License
*
* Copyright (c) 2017 <ESPRESSIF SYSTEMS (SHANGHAI) PTE LTD>
*
* Permission is hereby granted for use on ESPRESSIF SYSTEMS ESP8266 only, in which case,
* it is free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the Software is furnished
* to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or
* substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
*/
#ifndef __USER_CONFIG_H__
#define __USER_CONFIG_H__
#include "openssl_demo.h"
#define SSID "HUAWEI001"
#define PASSWORD ""
#endif

116
examples/protocols/openssl_server/main/user_main.c Normal file
View File

@ -0,0 +1,116 @@
/*
* ESPRESSIF MIT License
*
* Copyright (c) 2017 <ESPRESSIF SYSTEMS (SHANGHAI) PTE LTD>
*
* Permission is hereby granted for use on ESPRESSIF SYSTEMS ESP8266 only, in which case,
* it is free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the Software is furnished
* to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or
* substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
*/
#include "esp_common.h"
#include "user_config.h"
/******************************************************************************
* FunctionName : user_rf_cal_sector_set
* Description : SDK just reversed 4 sectors, used for rf init data and paramters.
* We add this function to force users to set rf cal sector, since
* we don't know which sector is free in user's application.
* sector map for last several sectors : ABCCC
* A : rf cal
* B : rf init data
* C : sdk parameters
* Parameters : none
* Returns : rf cal sector
*******************************************************************************/
uint32 user_rf_cal_sector_set(void)
{
flash_size_map size_map = system_get_flash_size_map();
uint32 rf_cal_sec = 0;
switch (size_map) {
case FLASH_SIZE_4M_MAP_256_256:
rf_cal_sec = 128 - 5;
break;
case FLASH_SIZE_8M_MAP_512_512:
rf_cal_sec = 256 - 5;
break;
case FLASH_SIZE_16M_MAP_512_512:
case FLASH_SIZE_16M_MAP_1024_1024:
rf_cal_sec = 512 - 5;
break;
case FLASH_SIZE_32M_MAP_512_512:
case FLASH_SIZE_32M_MAP_1024_1024:
rf_cal_sec = 1024 - 5;
break;
case FLASH_SIZE_64M_MAP_1024_1024:
rf_cal_sec = 2048 - 5;
break;
case FLASH_SIZE_128M_MAP_1024_1024:
rf_cal_sec = 4096 - 5;
break;
default:
rf_cal_sec = 0;
break;
}
return rf_cal_sec;
}
void wifi_event_handler_cb(System_Event_t* event)
{
if (event == NULL) {
return;
}
switch (event->event_id) {
case EVENT_STAMODE_GOT_IP:
printf("sta got ip , creat task %d\n", system_get_free_heap_size());
user_conn_init();
break;
default:
break;
}
}
/******************************************************************************
* FunctionName : user_init
* Description : entry of user application, init user function here
* Parameters : none
* Returns : none
*******************************************************************************/
void user_init(void)
{
printf("SDK version:%s %d\n", system_get_sdk_version(), system_get_free_heap_size());
wifi_set_opmode(STATION_MODE);
// set AP parameter
struct station_config config;
bzero(&config, sizeof(struct station_config));
sprintf(config.ssid, SSID);
sprintf(config.password, PASSWORD);
wifi_station_set_config(&config);
wifi_set_event_handler_cb(wifi_event_handler_cb);
}