+++ /dev/null
-# Openssl Example
-
-The Example contains of OpenSSL client and server demo.
-
-First you should config the project by "menuconfig":
- Example Configuration ->
- 1. Openssl demo: select your demo (client or server)
- 2. WiFi SSID: you own wifi, which you pc is connected to alse.
- 3. WiFi Password: wifi password
-
-If you want to test the OpenSSL client demo:
- 1. compile the code and load the firmware
- 2. you can see it will download the "www.baidu.com" main page and print the context
-
-IF you want to test the openSSL client demo:
- 1. compile the code and load the firmware
- 2. You should input the context of "https://192.168.17.128", the IP of your module may not be 192.168.17.128, you should input your module's IP
- 3. You may see that it shows the website is not able to be trusted, but you should select that "go on to visit it"
- 4. You should wait for a moment until your see the "OpenSSL server demo!" in your IE page
-
-See the README.md file in the upper level 'examples' directory for more information about examples.
+++ /dev/null
-menu "Example Configuration"
-
-choice OPENSSL_DEMO
- prompt "Openssl demo"
- default OPENSSL_CLIENT_DEMO
- help
- Openssl test demo mode, client or server.
-
-config OPENSSL_CLIENT_DEMO
- bool "client demo"
-config OPENSSL_SERVER_DEMO
- bool "server demon"
-endchoice
-
-config WIFI_SSID
- string "WiFi SSID"
- default "myssid"
- help
- SSID (network name) for the example to connect to.
-
-config WIFI_PASSWORD
- string "WiFi Password"
- default "myssid"
- help
- WiFi password (WPA or WPA2) for the example to use.
-
-endmenu
\ No newline at end of file
+++ /dev/null
-#include <stddef.h>
-#include <string.h>
-
-#include "openssl_demo.h"
-#include "openssl/ssl.h"
-
-#include "freertos/FreeRTOS.h"
-#include "freertos/task.h"
-#include "freertos/event_groups.h"
-
-#include "esp_types.h"
-#include "esp_system.h"
-#include "esp_wifi.h"
-#include "esp_event_loop.h"
-#include "esp_log.h"
-
-#include "lwip/sockets.h"
-#include "lwip/api.h"
-
-#include "nvs_flash.h"
-
-
-#define os_printf(fmt, ...) ESP_LOGI("openssl_demo", fmt, ##__VA_ARGS__)
-
-#define IP_ADDR(ip) ip.u_addr.ip4.addr
-
-/* The examples use simple WiFi configuration that you can set via
- 'make menuconfig'.
-
- If you'd rather not, just change the below entries to strings with
- the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
-*/
-#define EXAMPLE_WIFI_SSID CONFIG_WIFI_SSID
-#define EXAMPLE_WIFI_PASS CONFIG_WIFI_PASSWORD
-
-#define OPENSSL_DEMO_THREAD_STACK_WORDS 8192
-#define OPENSSL_DEMO_THREAD_PRORIOTY 6
-
-#define OPENSSL_DEMO_FRAGMENT_SIZE 8192
-
-#define OPENSSL_DEMO_RECV_BUF_LEN 1024
-
-#define OPENSSL_DEMO_LOCAL_TCP_PORT 443
-
-#ifdef CONFIG_OPENSSL_CLIENT_DEMO
-
-#define OPENSSL_DEMO_THREAD_NAME "ssl_client"
-
-#define OPENSSL_DEMO_TARGET_NAME "www.baidu.com"
-#define OPENSSL_DEMO_TARGET_TCP_PORT 443
-
-#define OPENSSL_DEMO_REQUEST "{\"path\": \"/v1/ping/\", \"method\": \"GET\"}\r\n"
-
-LOCAL void openssl_demo_thread(void *p)
-{
- int ret;
-
- SSL_CTX *ctx;
- SSL *ssl;
-
- int socket;
- struct sockaddr_in sock_addr;
-
- ip_addr_t target_ip;
-
- int recv_bytes = 0;
-
- LOCAL char send_data[] = OPENSSL_DEMO_REQUEST;
- LOCAL int send_bytes = sizeof(send_data);
-
- LOCAL char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
-
- os_printf("OpenSSL demo thread start\n");
-
- do {
- ret = netconn_gethostbyname(OPENSSL_DEMO_TARGET_NAME, &target_ip);
- } while(ret);
- os_printf("get target IP is %d.%d.%d.%d\n",
- (unsigned char)((IP_ADDR(target_ip) & 0x000000ff) >> 0),
- (unsigned char)((IP_ADDR(target_ip) & 0x0000ff00) >> 8),
- (unsigned char)((IP_ADDR(target_ip) & 0x00ff0000) >> 16),
- (unsigned char)((IP_ADDR(target_ip) & 0xff000000) >> 24));
-
- os_printf("create SSL context ......");
- ctx = SSL_CTX_new(TLSv1_1_client_method());
- if (!ctx) {
- os_printf("failed\n");
- goto failed1;
- }
- os_printf("OK\n");
-
- /**
- * The openssl does not support "SSL_CTX_set_default_read_buffer_len"
- * at the platform of ESP32 esp_idf now.
- *
- * So you should not care it now. And We my let it work later.
- */
- os_printf("set SSL context read buffer size ......");
- SSL_CTX_set_default_read_buffer_len(ctx, OPENSSL_DEMO_FRAGMENT_SIZE);
- ret = 0;
- if (ret) {
- os_printf("failed, return %d\n", ret);
- goto failed2;
- }
- os_printf("OK\n");
-
- os_printf("create socket ......");
- socket = socket(AF_INET, SOCK_STREAM, 0);
- if (socket < 0) {
- os_printf("failed\n");
- goto failed3;
- }
- os_printf("OK\n");
-
- os_printf("bind socket ......");
- memset(&sock_addr, 0, sizeof(sock_addr));
- sock_addr.sin_family = AF_INET;
- sock_addr.sin_addr.s_addr = 0;
- sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
- ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
- if (ret) {
- os_printf("failed\n");
- goto failed4;
- }
- os_printf("OK\n");
-
- os_printf("socket connect to remote %s ......", OPENSSL_DEMO_TARGET_NAME);
- memset(&sock_addr, 0, sizeof(sock_addr));
- sock_addr.sin_family = AF_INET;
- sock_addr.sin_addr.s_addr = IP_ADDR(target_ip);
- sock_addr.sin_port = htons(OPENSSL_DEMO_TARGET_TCP_PORT);
- ret = connect(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
- if (ret) {
- os_printf("failed\n");
- goto failed5;
- }
- os_printf("OK\n");
-
- os_printf("create SSL ......");
- ssl = SSL_new(ctx);
- if (!ssl) {
- os_printf("failed\n");
- goto failed6;
- }
- os_printf("OK\n");
-
- SSL_set_fd(ssl, socket);
-
- os_printf("SSL connected to %s port %d ......",
- OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);
- ret = SSL_connect(ssl);
- if (!ret) {
- os_printf("failed, return [-0x%x]\n", -ret);
- goto failed7;
- }
- os_printf("OK\n");
-
- os_printf("send https request to %s port %d ......",
- OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);
- ret = SSL_write(ssl, send_data, send_bytes);
- if (ret <= 0) {
- os_printf("failed\n");
- goto failed8;
- }
- os_printf("OK\n\n");
-
- do {
- ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
- if (ret <= 0) {
- break;
- }
- recv_bytes += ret;
- os_printf("%s", recv_buf);
- } while (1);
-
- os_printf("\r\ntotaly read %d bytes data from %s ......\n", recv_bytes, OPENSSL_DEMO_TARGET_NAME);
-
-failed8:
- SSL_shutdown(ssl);
-failed7:
- SSL_free(ssl);
- ssl = NULL;
-failed6:
-failed5:
-failed4:
- close(socket);
- socket = -1;
-failed3:
-failed2:
- SSL_CTX_free(ctx);
- ctx = NULL;
-failed1:
- vTaskDelete(NULL);
-
- os_printf("task exit\n");
-
- return ;
-}
-
-#elif defined(CONFIG_OPENSSL_SERVER_DEMO)
-
-#define OPENSSL_DEMO_THREAD_NAME "openssl_server"
-
-#define OPENSSL_DEMO_CLIENT_REQUEST "{\"path\": \"/v1/ping/\", \"method\": \"GET\"}\r\n"
-
-#define OPENSSL_DEMO_SERVER_ACK "HTTP/1.1 200 OK\r\n" \
- "Content-Type: text/html\r\n" \
- "Content-Length: 98\r\n" \
- "<html>\r\n" \
- "<head>\r\n" \
- "<title>openSSL demo</title></head><body>\r\n" \
- "OpenSSL server demo!\r\n" \
- "</body>\r\n" \
- "</html>\r\n"
-
-LOCAL void openssl_demo_thread(void *p)
-{
- int ret;
-
- SSL_CTX *ctx;
- SSL *ssl;
-
- int socket, new_socket;
- socklen_t addr_len;
- struct sockaddr_in sock_addr;
-
- LOCAL char send_data[] = OPENSSL_DEMO_SERVER_ACK;
- LOCAL int send_bytes = sizeof(send_data);
-
- LOCAL char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];
-
- os_printf("server SSL context create ......");
- ctx = SSL_CTX_new(SSLv3_server_method());
- if (!ctx) {
- os_printf("failed\n");
- goto failed1;
- }
- os_printf("OK\n");
-
- /**
- * The openssl does not support "SSL_CTX_set_default_read_buffer_len"
- * at the platform of ESP32 esp_idf now.
- *
- * So you should not care it now. And We my let it work later.
- */
- os_printf("server SSL context set fragment ......");
- SSL_CTX_set_default_read_buffer_len(ctx, OPENSSL_DEMO_FRAGMENT_SIZE);
- ret = 0;
- if (ret) {
- os_printf("failed, return %d\n", ret);
- goto failed2;
- }
- os_printf("OK\n");
-
- os_printf("server SSL context set own certification......");
- ret = SSL_CTX_use_certificate_ASN1(ctx, cert_bytes, cert_ctx);
- if (!ret) {
- os_printf("failed, return %d\n", ret);
- goto failed2;
- }
- os_printf("OK\n");
-
- os_printf("server SSL context set private key......");
- ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, key_ctx, key_bytes);
- if (!ret) {
- os_printf("failed, return %d\n", ret);
- goto failed2;
- }
- os_printf("OK\n");
-
- os_printf("server create socket ......");
- socket = socket(AF_INET, SOCK_STREAM, 0);
- if (socket < 0) {
- os_printf("failed\n");
- goto failed2;
- }
- os_printf("OK\n");
-
- os_printf("server socket bind ......");
- memset(&sock_addr, 0, sizeof(sock_addr));
- sock_addr.sin_family = AF_INET;
- sock_addr.sin_addr.s_addr = 0;
- sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
- ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
- if (ret) {
- os_printf("failed\n");
- goto failed3;
- }
- os_printf("OK\n");
-
- os_printf("server socket listen ......");
- ret = listen(socket, 32);
- if (ret) {
- os_printf("failed\n");
- goto failed3;
- }
- os_printf("OK\n");
-
-reconnect:
- os_printf("server SSL create ......");
- ssl = SSL_new(ctx);
- if (!ssl) {
- os_printf("failed\n");
- goto failed3;
- }
- os_printf("OK\n");
-
- os_printf("server socket accept client ......");
- new_socket = accept(socket, (struct sockaddr *)&sock_addr, &addr_len);
- if (new_socket < 0) {
- os_printf("failed, return [-0x%x]\n", -new_socket);
- goto failed4;
- }
- os_printf("OK\n");
-
- SSL_set_fd(ssl, new_socket);
-
- os_printf("server SSL accept client ......");
- ret = SSL_accept(ssl);
- if (!ret) {
- os_printf("failed\n");
- goto failed5;
- }
- os_printf("OK\n");
-
- os_printf("server SSL read message ......");
- do {
- memset(recv_buf, 0, OPENSSL_DEMO_RECV_BUF_LEN);
- ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
- if (ret <= 0) {
- break;
- }
- if (strstr(recv_buf, "GET / HTTP/1.1")) {
- SSL_write(ssl, send_data, send_bytes);
- break;
- }
- } while (1);
-
- os_printf("result %d\n", ret);
-
- SSL_shutdown(ssl);
-failed5:
- close(new_socket);
- new_socket = -1;
-failed4:
- SSL_free(ssl);
- ssl = NULL;
- goto reconnect;
-failed3:
- close(socket);
- socket = -1;
-failed2:
- SSL_CTX_free(ctx);
- ctx = NULL;
-failed1:
- vTaskDelete(NULL);
-
- return ;
-}
-
-#else
- #error "you must choose the right demo type"
-#endif
-
-LOCAL void demo_init(void)
-{
- int ret = pdFALSE;
-
-#if defined(CONFIG_OPENSSL_CLIENT_DEMO) || defined(CONFIG_OPENSSL_SERVER_DEMO)
- xTaskHandle openssl_handle;
-
- ret = xTaskCreate(openssl_demo_thread,
- OPENSSL_DEMO_THREAD_NAME,
- OPENSSL_DEMO_THREAD_STACK_WORDS,
- NULL,
- OPENSSL_DEMO_THREAD_PRORIOTY,
- &openssl_handle);
-#endif
-
- if (ret != pdPASS) {
- os_printf("create thread %s failed\n", OPENSSL_DEMO_THREAD_NAME);
- return ;
- }
-}
-
-LOCAL esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
-{
- switch(event->event_id) {
- case SYSTEM_EVENT_STA_START:
- esp_wifi_connect();
- break;
- case SYSTEM_EVENT_STA_GOT_IP:
- demo_init();
- break;
- case SYSTEM_EVENT_STA_DISCONNECTED:
- /* This is a workaround as ESP32 WiFi libs don't currently
- auto-reassociate. */
- esp_wifi_connect();
- break;
- default:
- break;
- }
- return ESP_OK;
-}
-
-LOCAL void wifi_conn_init(void)
-{
- tcpip_adapter_init();
- ESP_ERROR_CHECK( esp_event_loop_init(wifi_event_handler, NULL) );
- wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
- ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
- ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
- wifi_config_t wifi_config = {
- .sta = {
- .ssid = EXAMPLE_WIFI_SSID,
- .password = EXAMPLE_WIFI_PASS,
- },
- };
- ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
- ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
- os_printf("start the WIFI SSID:[%s] password:[%s]\n", EXAMPLE_WIFI_SSID, EXAMPLE_WIFI_PASS);
- ESP_ERROR_CHECK( esp_wifi_start() );
-}
-
-void app_main(void)
-{
- nvs_flash_init();
- wifi_conn_init();
-}
-
+++ /dev/null
-#ifndef _OPENSSL_DEMO_H_
-#define _OPENSSL_DEMO_H_
-
-const static unsigned char key_ctx[] =
- "-----BEGIN PRIVATE KEY-----\r\n"
- "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDQyyF0WBb2XbkL\r\n"
- "wYFgyoPOanYvbb/qwbAkGf1zSPX35xruZmjszjcverMoyF6x2MBxD3gP1ijBR0Rr\r\n"
- "0J0CfluABDLkzqpF5smOVX9k8W7ePClm91NhcASuF+CaZOe6B+6vOYShYjhe6eFG\r\n"
- "AGk8SP4zSrG2XHNKXlR3w8duK9fyOOZLWRjL3T6+++HEaly1p4ujKZhrm5wHzywA\r\n"
- "DvjDdvIWBCW1Z+8j7Q9qUITjlsDWHjrXCpyEfclE1WQxTP/W7rBLxNVxTfwbrdcD\r\n"
- "HNrKTOXtN+oDmCruvmBnTkz9x4Te6wJuvtFd0fBtW1kWsMzomvOlKmvHo0gmpqfh\r\n"
- "CwEPoKCNAgMBAAECggEBAIVr+LHXBL1kQLZhbiKC5t1FrMY8FLKYGM3JCevciMlk\r\n"
- "lhIXwR7p29vsRYZfHBv7zWWyI9/C04JG31MiGOMaCbBxfnA2HBrVEqFwwxqnKVi8\r\n"
- "CxzwGQkfwu3Y9j7TEj0PipfQYo+aKzmDrN/FrXnHjyEJryxAQbAZPVLW+Z7OR41R\r\n"
- "ZOwtZLeVqmbeARGpu2Xd9SKAhbjdLSz96IdUcNrwbP/lzUgrKaiUioBMVFfIG5ce\r\n"
- "4Mm2seCwaWxI8k24q0keSjsjV+5IxatVUNtJ9vYv6Tzo+3oqGvPeUBO7w9xhbLKf\r\n"
- "jw1uEykcs0wcftWb1iB7r78bMPZ/KYhnSFsjT+vnIOECgYEA9LM5p63sn6OWrULd\r\n"
- "doBBLaIw1ZK9rDUFLLRwv0e6+7tuuB08ok6D7PSfOpx0bb10lIx7epOE8ogGSmLS\r\n"
- "w0rMbmcKAlTLAJ/0nX1ierZkb+Ay21F398tKL3igEfnaB9CzuOHF8XhbsTqeGFDJ\r\n"
- "HFBMXxTbo4kfkUmZNYxwTombzkkCgYEA2m9teqjEOVZItqghOicWZ68JhWxBJFme\r\n"
- "oSfzJKLd8atfUOnBLqAhPzvg1PvdIxjLWBqy28tEJf+jdSQCNe9BmhlptOwbFrJy\r\n"
- "IyCXj6QTApSKTxyzIjMvzQkv1m8CxeCq5T64hvJ2++i7dlhumh21c7oL8aLeTnoe\r\n"
- "AG1dBLJ9UCUCgYAhSlDJsyvB/Ct/nt0qRgCYCLzEEZakWwI9Nr8wBr41iSZi/fdF\r\n"
- "zZC9J/qRqr9cPq4hl4sk/fTUWhUhAZjS4NY3HuWJs6d6ikhpNKm1MCMx5TqGA+ti\r\n"
- "VtHc63g7edZjwczxliWr2EgBMIxZmoQByhrZxKis8vbMeUrSsiyFQstjoQKBgD3k\r\n"
- "2Paqn39Hra7kERYzQSv78wy1UfgE1OgBM+orpAv4bTe2JKEbipAqXVi8TTrGqce7\r\n"
- "OPcCr7q8pwpoO6AgvUv263byd/KEecbuU0PGUASpJk+oaDHGo0LL2Zw/NF/xezsd\r\n"
- "/JdwWLqkhYnRIPXWeTXjf8LmTWubOqkQVA0irlNpAoGAJ+9N/NF3XAW0BroiVYLZ\r\n"
- "p0Btcgt+b4LWrBlm0XqHhzKUlqhfibAr3OtUkFjo/509ncYPiuOzVSNosyjXFJ86\r\n"
- "2kQ88fB3eeLnBAcbBXQKiOBPU2y6bCCfgdo+JEOK/cxVslaxMAyKSnFi9gdgzScd\r\n"
- "k+hOlkflXQVkic3W358kFto=\r\n"
- "-----END PRIVATE KEY-----\r\n"
- ;
-static int key_bytes = sizeof(key_ctx);
-
-const static unsigned char cert_ctx[] =
- "-----BEGIN CERTIFICATE-----\r\n"
- "MIID7jCCAtYCAQEwDQYJKoZIhvcNAQELBQAwgbwxCzAJBgNVBAYTAkNOMRAwDgYD\r\n"
- "VQQIDAdKaWFuZ3N1MQ0wCwYDVQQHDARXdXhpMSYwJAYDVQQKDB1Fc3ByZXNzaWYg\r\n"
- "Um9vdCBSU0EyMDQ4IHNoYTI1NjEcMBoGA1UECwwTUm9vdCBSU0EyMDQ4IHNoYTI1\r\n"
- "NjEfMB0GA1UEAwwWcm9vdGNlcnQuZXNwcmVzc2lmLmNvbTElMCMGCSqGSIb3DQEJ\r\n"
- "ARYWcm9vdGNlcnRAZXNwcmVzc2lmLmNvbTAeFw0xNjA2MjgwMjMxMjlaFw0yNjA2\r\n"
- "MjYwMjMxMjlaMIG8MQswCQYDVQQGEwJDTjEQMA4GA1UECAwHSmlhbmdzdTENMAsG\r\n"
- "A1UEBwwEV3V4aTEmMCQGA1UECgwdRXNwcmVzc2lmIFJvb3QgUlNBMjA0OCBzaGEy\r\n"
- "NTYxHDAaBgNVBAsME1Jvb3QgUlNBMjA0OCBzaGEyNTYxHzAdBgNVBAMMFnJvb3Rj\r\n"
- "ZXJ0LmVzcHJlc3NpZi5jb20xJTAjBgkqhkiG9w0BCQEWFnJvb3RjZXJ0QGVzcHJl\r\n"
- "c3NpZi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQyyF0WBb2\r\n"
- "XbkLwYFgyoPOanYvbb/qwbAkGf1zSPX35xruZmjszjcverMoyF6x2MBxD3gP1ijB\r\n"
- "R0Rr0J0CfluABDLkzqpF5smOVX9k8W7ePClm91NhcASuF+CaZOe6B+6vOYShYjhe\r\n"
- "6eFGAGk8SP4zSrG2XHNKXlR3w8duK9fyOOZLWRjL3T6+++HEaly1p4ujKZhrm5wH\r\n"
- "zywADvjDdvIWBCW1Z+8j7Q9qUITjlsDWHjrXCpyEfclE1WQxTP/W7rBLxNVxTfwb\r\n"
- "rdcDHNrKTOXtN+oDmCruvmBnTkz9x4Te6wJuvtFd0fBtW1kWsMzomvOlKmvHo0gm\r\n"
- "pqfhCwEPoKCNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBABTYZLiFHq51lqaa0nHI\r\n"
- "aDMAb29DfO93fqp+oHZYO4xKyEeLr8EhD39GjnQmhz710wO0TBCYV7nD+xnJ1h5F\r\n"
- "IbQUAQZO9NIy3ns4mYVRUWjnWYAo+evGeKgRrxvh7sjNLPBPzs9tg/u7XjBp/nor\r\n"
- "8JnnFFT0wXPyi/qg8J3QutqJvWRQGRRx2AP93F44+Zcj7ReFMVSmOXyzT4aNJL0+\r\n"
- "Ls+baKwA4pnyVRoAaKbs/JYDgd0/DunuktVKuhyvK/qOGjJSRLPhdrXbvSAegpiM\r\n"
- "4xIm6ZWKtTv8VvkGgXUVQ7RpruP6nV6506gDcUgecbEq7H2VDhEzUYcMmGCUQZlG\r\n"
- "sJ8=\r\n"
- "-----END CERTIFICATE-----\r\n"
- ;
-static int cert_bytes = sizeof(cert_ctx);
-
-
-
-#endif
# project subdirectory.
#
-PROJECT_NAME := openssl
+PROJECT_NAME := openssl_client
include $(IDF_PATH)/make/project.mk
--- /dev/null
+# Openssl Example
+
+The Example contains of OpenSSL client demo.
+
+First you should config the project by "make menuconfig":
+ Example Configuration ->
+ 1. Target Domain : the domain that you want to connect to, and default is "www.baidu.com".
+ 2. Target port number : the port number of the target domain, and default is 443.
+ 3. WiFi SSID : you own wifi, which you pc is connected to alse, and default is "myssid".
+ 4. WiFi Password : wifi password, and default is "mypassword"
+
+If you want to test the OpenSSL client demo:
+ 1. compile the code and load the firmware
+ 2. open the UART TTY, then you can see it print the context of target domain
+
+See the README.md file in the upper level 'examples' directory for more information about examples.
--- /dev/null
+menu "Example Configuration"
+
+config TARGET_DOMAIN
+ string "Target Domain"
+ default "www.baidu.com"
+ help
+ Target domain for the example to connect to.
+
+config TARGET_PORT_NUMBER
+ int "Target port number"
+ range 0 65535
+ default 433
+ help
+ Target port number for the example to connect to.
+
+config WIFI_SSID
+ string "WiFi SSID"
+ default "myssid"
+ help
+ SSID (network name) for the example to connect to.
+
+config WIFI_PASSWORD
+ string "WiFi Password"
+ default "mypassword"
+ help
+ WiFi password (WPA or WPA2) for the example to use.
+
+endmenu
\ No newline at end of file
#
# Main Makefile. This is basically the same as a component makefile.
#
-# This Makefile should, at the very least, just include $(SDK_PATH)/make/component_common.mk. By default,
+# This Makefile should, at the very least, just include $(IDF_PATH)/make/component_common.mk. By default,
# this will take the sources in the src/ directory, compile them and link them into
# lib(subdirectory_name).a in the build directory. This behaviour is entirely configurable,
# please read the ESP-IDF documents if you need to do this.
--- /dev/null
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD\r
+//\r
+// Licensed under the Apache License, Version 2.0 (the "License");\r
+// you may not use this file except in compliance with the License.\r
+// You may obtain a copy of the License at\r
+\r
+// http://www.apache.org/licenses/LICENSE-2.0\r
+//\r
+// Unless required by applicable law or agreed to in writing, software\r
+// distributed under the License is distributed on an "AS IS" BASIS,\r
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+// See the License for the specific language governing permissions and\r
+// limitations under the License.\r
+\r
+#include "openssl_client.h"\r
+\r
+#include <string.h>\r
+\r
+#include "openssl/ssl.h"\r
+\r
+#include "freertos/FreeRTOS.h"\r
+#include "freertos/task.h"\r
+#include "freertos/event_groups.h"\r
+\r
+#include "esp_types.h"\r
+#include "esp_log.h"\r
+#include "esp_system.h"\r
+#include "esp_wifi.h"\r
+#include "esp_event_loop.h"\r
+#include "esp_log.h"\r
+\r
+#include "nvs_flash.h"\r
+#include "tcpip_adapter.h"\r
+\r
+#include "lwip/sockets.h"\r
+#include "lwip/netdb.h"\r
+\r
+static EventGroupHandle_t wifi_event_group;\r
+\r
+/* The event group allows multiple bits for each event,\r
+ but we only care about one event - are we connected\r
+ to the AP with an IP? */\r
+const static int CONNECTED_BIT = BIT0;\r
+\r
+const static char *TAG = "Openssl_demo";\r
+\r
+void openssl_demo_thread(void *p)\r
+{\r
+ int ret;\r
+ SSL_CTX *ctx;\r
+ SSL *ssl;\r
+ int socket;\r
+ struct sockaddr_in sock_addr;\r
+ struct hostent *hp;\r
+ struct ip4_addr *ip4_addr;\r
+ \r
+ int recv_bytes = 0;\r
+ char send_data[] = OPENSSL_DEMO_REQUEST;\r
+ int send_bytes = sizeof(send_data);\r
+ char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];\r
+\r
+ ESP_LOGI(TAG, "OpenSSL demo thread start OK");\r
+\r
+ ESP_LOGI(TAG, "get target IP address");\r
+ hp = gethostbyname(OPENSSL_DEMO_TARGET_NAME);\r
+ if (!hp) {\r
+ ESP_LOGI(TAG, "failed");\r
+ goto failed1;\r
+ }\r
+ ESP_LOGI(TAG, "OK");\r
+\r
+ ip4_addr = (struct ip4_addr *)hp->h_addr;\r
+ ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));\r
+\r
+ ESP_LOGI(TAG, "create SSL context ......");\r
+ ctx = SSL_CTX_new(TLSv1_1_client_method());\r
+ if (!ctx) {\r
+ ESP_LOGI(TAG, "failed");\r
+ goto failed1;\r
+ }\r
+ ESP_LOGI(TAG, "OK");\r
+\r
+ ESP_LOGI(TAG, "create socket ......");\r
+ socket = socket(AF_INET, SOCK_STREAM, 0);\r
+ if (socket < 0) {\r
+ ESP_LOGI(TAG, "failed");\r
+ goto failed2;\r
+ }\r
+ ESP_LOGI(TAG, "OK");\r
+\r
+ ESP_LOGI(TAG, "bind socket ......");\r
+ memset(&sock_addr, 0, sizeof(sock_addr));\r
+ sock_addr.sin_family = AF_INET;\r
+ sock_addr.sin_addr.s_addr = 0;\r
+ sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);\r
+ ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));\r
+ if (ret) {\r
+ ESP_LOGI(TAG, "failed");\r
+ goto failed3;\r
+ }\r
+ ESP_LOGI(TAG, "OK");\r
+\r
+ ESP_LOGI(TAG, "socket connect to remote %s ......", OPENSSL_DEMO_TARGET_NAME);\r
+ memset(&sock_addr, 0, sizeof(sock_addr));\r
+ sock_addr.sin_family = AF_INET;\r
+ sock_addr.sin_addr.s_addr = ip4_addr->addr;\r
+ sock_addr.sin_port = htons(OPENSSL_DEMO_TARGET_TCP_PORT);\r
+ ret = connect(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));\r
+ if (ret) {\r
+ ESP_LOGI(TAG, "failed");\r
+ goto failed3;\r
+ }\r
+ ESP_LOGI(TAG, "OK");\r
+\r
+ ESP_LOGI(TAG, "create SSL ......");\r
+ ssl = SSL_new(ctx);\r
+ if (!ssl) {\r
+ ESP_LOGI(TAG, "failed");\r
+ goto failed3;\r
+ }\r
+ ESP_LOGI(TAG, "OK");\r
+\r
+ SSL_set_fd(ssl, socket);\r
+\r
+ ESP_LOGI(TAG, "SSL connected to %s port %d ......",\r
+ OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);\r
+ ret = SSL_connect(ssl);\r
+ if (!ret) {\r
+ ESP_LOGI(TAG, "failed " );\r
+ goto failed4;\r
+ }\r
+ ESP_LOGI(TAG, "OK");\r
+\r
+ ESP_LOGI(TAG, "send https request to %s port %d ......",\r
+ OPENSSL_DEMO_TARGET_NAME, OPENSSL_DEMO_TARGET_TCP_PORT);\r
+ ret = SSL_write(ssl, send_data, send_bytes);\r
+ if (ret <= 0) {\r
+ ESP_LOGI(TAG, "failed");\r
+ goto failed5;\r
+ }\r
+ ESP_LOGI(TAG, "OK");\r
+\r
+ do {\r
+ ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);\r
+ if (ret <= 0) {\r
+ break;\r
+ }\r
+ recv_bytes += ret;\r
+ ESP_LOGI(TAG, "%s", recv_buf);\r
+ } while (1);\r
+ \r
+ ESP_LOGI(TAG, "totaly read %d bytes data from %s ......", recv_bytes, OPENSSL_DEMO_TARGET_NAME);\r
+\r
+failed5:\r
+ SSL_shutdown(ssl);\r
+failed4:\r
+ SSL_free(ssl);\r
+ ssl = NULL;\r
+failed3:\r
+ close(socket);\r
+ socket = -1;\r
+failed2:\r
+ SSL_CTX_free(ctx);\r
+ ctx = NULL;\r
+failed1:\r
+ vTaskDelete(NULL);\r
+ return ;\r
+}\r
+\r
+static void openssl_client_init(void)\r
+{\r
+ int ret;\r
+ xTaskHandle openssl_handle;\r
+ extern void openssl_demo_thread(void *p);\r
+\r
+ ret = xTaskCreate(openssl_demo_thread,\r
+ OPENSSL_DEMO_THREAD_NAME,\r
+ OPENSSL_DEMO_THREAD_STACK_WORDS,\r
+ NULL,\r
+ OPENSSL_DEMO_THREAD_PRORIOTY,\r
+ &openssl_handle); \r
+\r
+ if (ret != pdPASS) {\r
+ ESP_LOGI(TAG, "create thread %s failed", OPENSSL_DEMO_THREAD_NAME);\r
+ return ;\r
+ }\r
+}\r
+\r
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)\r
+{\r
+ switch(event->event_id) {\r
+ case SYSTEM_EVENT_STA_START:\r
+ esp_wifi_connect();\r
+ break;\r
+ case SYSTEM_EVENT_STA_GOT_IP:\r
+ xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);\r
+ openssl_client_init();\r
+ break;\r
+ case SYSTEM_EVENT_STA_DISCONNECTED:\r
+ /* This is a workaround as ESP32 WiFi libs don't currently\r
+ auto-reassociate. */\r
+ esp_wifi_connect(); \r
+ xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);\r
+ break;\r
+ default:\r
+ break;\r
+ }\r
+ return ESP_OK;\r
+}\r
+\r
+static void wifi_conn_init(void)\r
+{\r
+ tcpip_adapter_init();\r
+ wifi_event_group = xEventGroupCreate();\r
+ ESP_ERROR_CHECK( esp_event_loop_init(wifi_event_handler, NULL) );\r
+ wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();\r
+ ESP_ERROR_CHECK( esp_wifi_init(&cfg) );\r
+ ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );\r
+ wifi_config_t wifi_config = {\r
+ .sta = {\r
+ .ssid = EXAMPLE_WIFI_SSID,\r
+ .password = EXAMPLE_WIFI_PASS,\r
+ },\r
+ };\r
+ ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );\r
+ ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );\r
+ ESP_LOGI(TAG, "start the WIFI SSID:[%s] password:[%s]\n", EXAMPLE_WIFI_SSID, EXAMPLE_WIFI_PASS);\r
+ ESP_ERROR_CHECK( esp_wifi_start() );\r
+}\r
+\r
+void app_main(void)\r
+{\r
+ nvs_flash_init();\r
+ wifi_conn_init();\r
+}\r
--- /dev/null
+#ifndef _OPENSSL_DEMO_H_
+#define _OPENSSL_DEMO_H_
+
+/* The examples use simple WiFi configuration that you can set via
+ 'make menuconfig'.
+
+ If you'd rather not, just change the below entries to strings with
+ the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
+*/
+#define EXAMPLE_WIFI_SSID CONFIG_WIFI_SSID
+#define EXAMPLE_WIFI_PASS CONFIG_WIFI_PASSWORD
+
+/* The examples use domain of "www.baidu.com" and port number of 433 that
+ you can set via 'make menuconfig'.
+
+ If you'd rather not, just change the below entries to strings with
+ the config you want - ie #define OPENSSL_DEMO_TARGET_NAME "www.baidu.com"
+ and ie #define OPENSSL_DEMO_TARGET_TCP_PORT 433
+*/
+#define OPENSSL_DEMO_TARGET_NAME CONFIG_TARGET_DOMAIN
+#define OPENSSL_DEMO_TARGET_TCP_PORT CONFIG_TARGET_PORT_NUMBER
+
+#define OPENSSL_DEMO_REQUEST "{\"path\": \"/v1/ping/\", \"method\": \"GET\"}\r\n"
+
+#define OPENSSL_DEMO_THREAD_NAME "OpenSSL_demo"
+#define OPENSSL_DEMO_THREAD_STACK_WORDS 10240
+#define OPENSSL_DEMO_THREAD_PRORIOTY 8
+
+#define OPENSSL_DEMO_RECV_BUF_LEN 1024
+
+#define OPENSSL_DEMO_LOCAL_TCP_PORT 443
+
+#endif
+
projects / esp-idf / commitdiff