espressif/ESP8266_RTOS_SDK
1
0
Fork 0
mirror of https://github.com/espressif/ESP8266_RTOS_SDK.git synced 2025-05-30 23:19:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(examples): Add https-wolfssl example

Browse Source
This commit is contained in:
zhangjunhao
2018-04-23 14:12:47 +08:00
committed by Zhang Jun Hao
parent 993e1c2260
commit a1abb1ef32
8 changed files with 415 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
examples/protocols/https_wolfssl/main/Kconfig.projbuild Normal file
View File

@ -0,0 +1,23 @@
menu "Example Configuration"
config WIFI_SSID
string "WiFi SSID"
default "myssid"
help
SSID (network name) for the example to connect to.
config WIFI_PASSWORD
string "WiFi Password"
default "mypassword"
help
WiFi password (WPA or WPA2) for the example to use.
Can be left blank if the network has no security set.
config CERT_AUTH
bool "enable certificate verification"
default y
help
Enable certificate verification.
endmenu

5
examples/protocols/https_wolfssl/main/component.mk Normal file
View File

@ -0,0 +1,5 @@
#
# "main" pseudo-component makefile.
#
# (Uses default behaviour of compiling all source files in directory, adding 'include' to include path.)
COMPONENT_EMBED_TXTFILES := server_root_cert.pem

305
examples/protocols/https_wolfssl/main/https_wolfssl_example_main.c Executable file
View File

@ -0,0 +1,305 @@
/* wolfSSL example
This example code is in the Public Domain (or CC0 licensed, at your option.)
Unless required by applicable law or agreed to in writing, this
software is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied.
*/
#include "sdkconfig.h"
#include "esp_misc.h"
#include "esp_sta.h"
#include "esp_system.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include <sys/socket.h>
#include <netdb.h>
#include <wolfssl/ssl.h>
#if CONFIG_CERT_AUTH
extern const uint8_t server_root_cert_pem_start[] asm("_binary_server_root_cert_pem_start");
extern const uint8_t server_root_cert_pem_end[] asm("_binary_server_root_cert_pem_end");
#endif
/* Constants that aren't configurable in menuconfig */
#define WEB_SERVER "www.howsmyssl.com"
#define WEB_PORT 443
#define WEB_URL "https://www.howsmyssl.com/a/check"
#define REQUEST "GET " WEB_URL " HTTP/1.0\r\n" \
"Host: "WEB_SERVER"\r\n" \
"User-Agent: esp-idf/1.0 espressif\r\n" \
"\r\n"
#define WOLFSSL_DEMO_THREAD_NAME "wolfssl_client"
#define WOLFSSL_DEMO_THREAD_STACK_WORDS 2048
#define WOLFSSL_DEMO_THREAD_PRORIOTY 6
#define WOLFSSL_DEMO_SNTP_SERVERS "pool.ntp.org"
const char send_data[] = REQUEST;
const int32_t send_bytes = sizeof(send_data);
char recv_data[1024] = {0};
static void wolfssl_client(void* pv)
{
int32_t ret = 0;
const portTickType xDelay = 500 / portTICK_RATE_MS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
int32_t socket = -1;
struct sockaddr_in sock_addr;
struct hostent* entry = NULL;
#if CONFIG_CERT_AUTH
uint32_t current_timestamp = 0;
/*enable sntp for sync the time*/
sntp_setoperatingmode(0);
sntp_setservername(0, WOLFSSL_DEMO_SNTP_SERVERS);
sntp_init();
do {
current_timestamp = sntp_get_current_timestamp();
vTaskDelay(xDelay);
} while (current_timestamp == 0);
#endif
while (1) {
printf("Setting hostname for TLS session...\n");
/*get addr info for hostname*/
do {
entry = gethostbyname(WEB_SERVER);
vTaskDelay(xDelay);
} while (entry == NULL);
printf("Init wolfSSL...\n");
ret = wolfSSL_Init();
if (ret != WOLFSSL_SUCCESS) {
printf("Init wolfSSL failed:%d...\n", ret);
goto failed1;
}
printf("Set wolfSSL ctx ...\n");
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
if (!ctx) {
printf("Set wolfSSL ctx failed...\n");
goto failed1;
}
printf("Creat socket ...\n");
socket = socket(AF_INET, SOCK_STREAM, 0);
if (socket < 0) {
printf("Creat socket failed...\n");
goto failed2;
}
#if CONFIG_CERT_AUTH
printf("Loading the CA root certificate...\n");
ret = wolfSSL_CTX_load_verify_buffer(ctx, server_root_cert_pem_start, server_root_cert_pem_end - server_root_cert_pem_start, WOLFSSL_FILETYPE_PEM);
if (WOLFSSL_SUCCESS != ret) {
printf("Loading the CA root certificate failed...\n");
goto failed3;
}
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
#else
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
ctx->verifyDepth = 0;
#endif
memset(&sock_addr, 0, sizeof(sock_addr));
sock_addr.sin_family = AF_INET;
sock_addr.sin_port = htons(WEB_PORT);
memcpy(&sock_addr.sin_addr.s_addr, entry->h_addr_list[0], entry->h_length);
printf("Connecting to %s:%d...\n", WEB_SERVER, WEB_PORT);
ret = connect(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
if (ret) {
printf("Connecting to %s:%d failed: %d\n", WEB_SERVER, WEB_PORT, ret);
goto failed3;
}
printf("Create wolfSSL...\n");
ssl = wolfSSL_new(ctx);
if (!ssl) {
printf("Create wolfSSL failed...\n");
goto failed3;
}
wolfSSL_set_fd(ssl, socket);
printf("Performing the SSL/TLS handshake...\n");
ret = wolfSSL_connect(ssl);
if (WOLFSSL_SUCCESS != ret) {
printf("Performing the SSL/TLS handshake failed:%d\n", ret);
goto failed4;
}
printf("Writing HTTPS request...\n");
ret = wolfSSL_write(ssl, send_data, send_bytes);
if (ret <= 0) {
printf("Writing HTTPS request failed:%d\n", ret);
goto failed5;
}
printf("Reading HTTPS response...\n");
do {
ret = wolfSSL_read(ssl, recv_data, sizeof(recv_data));
if (ret <= 0) {
printf("\nConnection closed\n");
break;
}
/* Print response directly to stdout as it is read */
for (int i = 0; i < ret; i++) {
printf("%c", recv_data[i]);
}
} while (1);
failed5:
wolfSSL_shutdown(ssl);
failed4:
wolfSSL_free(ssl);
failed3:
close(socket);
failed2:
wolfSSL_CTX_free(ctx);
failed1:
wolfSSL_Cleanup();
for (int countdown = 10; countdown >= 0; countdown--) {
printf("%d...\n", countdown);
vTaskDelay(1000 / portTICK_RATE_MS);
}
printf("Starting again!\n");
}
}
void user_conn_init(void)
{
int32_t ret;
ret = xTaskCreate(wolfssl_client,
WOLFSSL_DEMO_THREAD_NAME,
WOLFSSL_DEMO_THREAD_STACK_WORDS,
NULL,
WOLFSSL_DEMO_THREAD_PRORIOTY,
NULL);
if (ret != pdPASS) {
printf("create thread %s failed\n", WOLFSSL_DEMO_THREAD_NAME);
return ;
}
}
/******************************************************************************
* FunctionName : user_rf_cal_sector_set
* Description : SDK just reversed 4 sectors, used for rf init data and paramters.
* We add this function to force users to set rf cal sector, since
* we don't know which sector is free in user's application.
* sector map for last several sectors : ABCCC
* A : rf cal/* Websocket example
* B : rf init data
* C : sdk parameters
* Parameters : none
* Returns : rf cal sector
*******************************************************************************/
uint32_t user_rf_cal_sector_set(void)
{
flash_size_map size_map = system_get_flash_size_map();
uint32_t rf_cal_sec = 0;
switch (size_map) {
case FLASH_SIZE_4M_MAP_256_256:
rf_cal_sec = 128 - 5;
break;
case FLASH_SIZE_8M_MAP_512_512:
rf_cal_sec = 256 - 5;
break;
case FLASH_SIZE_16M_MAP_512_512:
case FLASH_SIZE_16M_MAP_1024_1024:
rf_cal_sec = 512 - 5;
break;
case FLASH_SIZE_32M_MAP_512_512:
case FLASH_SIZE_32M_MAP_1024_1024:
rf_cal_sec = 1024 - 5;
break;
case FLASH_SIZE_64M_MAP_1024_1024:
rf_cal_sec = 2048 - 5;
break;
case FLASH_SIZE_128M_MAP_1024_1024:
rf_cal_sec = 4096 - 5;
break;
default:
rf_cal_sec = 0;
break;
}
return rf_cal_sec;
}
void wifi_event_handler_cb(System_Event_t* event)
{
if (event == NULL) {
return;
}
switch (event->event_id) {
case EVENT_STAMODE_GOT_IP:
printf("sta got ip\n");
user_conn_init();
break;
default:
break;
}
}
/******************************************************************************
* FunctionName : user_init
* Description : entry of user application, init user function here
* Parameters : none
* Returns : none
*******************************************************************************/
void user_init(void)
{
wifi_set_opmode(STATION_MODE);
// set AP parameter
struct station_config config;
bzero(&config, sizeof(struct station_config));
sprintf(config.ssid, CONFIG_WIFI_SSID);
sprintf(config.password, CONFIG_WIFI_PASSWORD);
wifi_station_set_config(&config);
wifi_set_event_handler_cb(wifi_event_handler_cb);
}

27
examples/protocols/https_wolfssl/main/server_root_cert.pem Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----