Secure Sockets Layer (SSL)

From openPicus Wiki
Jump to: navigation, search

Contents

What you are going to learn

You'll learn how to implement a Secure Sockets Layer (SSL) connection.

Disclaimer

As always this is all free software provided as is, no explicit and/or implied responsibilities are admitted and/or accepted.

Microchip SSL files are bound by U.S. law and therefore can not be made ​​available except by Microchip itself.

Introduction to SSL

A Secure Sockets Layer connection allows to create a secured communication between client and server. After a first handshake with of a verified certificate, all messages are encrypted.
Nowadays the most part of websites and all email account provider work with the SSL (HTTPS).

How to use it

Explanation

Some steps are necessary to create an SSL connection:

1) The first step is to download the Microchip Libraries For Applications package. Install it and copy ARCFOUR.c and RSA.c from \microchip_solutions_v2013-06-15\Microchip\TCPIP Stack to \FlyPort IDE\Microchip\TCPIP Stack.

2) Now it is possibile to create a new project with our IDE.

3) In project folder open TCPIPConfig.h file and uncomment this #define STACK_USE_SSL_CLIENT, remember to save it.

4) Click on "recompile all" in the IDE

5) Add more space to TCP buffer (TX and RX) using the Wizard (the space in addition depends on the server)

Now the project is SSL ready!

Send to Flyport via Serial Monitor:

  • h : to perform a GET (HTTPS)
  • e : to send an email with a GMAIL account (remember: 99.9% of email servers are SSL)


Note: if you download a new version of our IDE, you must re-import the SSL library.

Code example

Here is the entire taskFlyport.c
Note: the follow code example uses the HTTPlib library to make requests on the TCP connection.

#include "taskFlyport.h"
#include "HTTPlib.h"
 
char buff[300];
WORD report;
TCP_SOCKET client = INVALID_SOCKET;
char respHeader[500], respBody[500];
 
#define HOST "host"
#define PORT "port"
 
#define MY_EMAIL "my email"
#define MY_EMAIL_USER "username"
#define MY_EMAIL_PASS "password"
#define EMAIL_DEST    "destination email addr"
 
void FlyportTask()
{
    vTaskDelay(20);
 
    // Flyport connects to default network
    WFConnect(WF_DEFAULT);
    while(WFGetStat() != CONNECTED);
    vTaskDelay(25);
    _dbgwrite("Flyport Wi-fi connected...hello world!\r\n");
 
    while(1)
    {
	if(UARTBufferSize(1) > 0)
	{
	    vTaskDelay(30);
	    UARTRead(1, buff, 1);
	    UARTFlush(1);
	    switch(buff[0])
	    {
	        case 'h':
		    client = TCPClientOpen(HOST, PORT);
		    _dbgwrite("Connecting to server");
		    while(!TCPisConn(client))
		    {
			vTaskDelay(30);
			_dbgwrite(".");
		    }
		    _dbgwrite("OK\r\n");
 
                    /*special code for SSL connection with Start and Status functions,
                    after this it is possible to perform a HTTP request as usual*/
 
		    TCPSSLStart(client);
		    sprintf(buff, "SSL stat: %d\r\n", TCPSSLStatus(client));
		    _dbgwrite(buff);
      		    while(TCPSSLStatus(client) == 1);
 
		    sprintf(buff, "SSL stat: %d\r\n", TCPSSLStatus(client));
		    _dbgwrite(buff);
		    _dbgwrite("Performing HTTP GET request\r\n");
 
		    if( HTTP_Get(client, HOST, "/", "User-Agent: flyport\r\nAccept: */*", respHeader, ARRAY_SIZE(respHeader), respBody, ARRAY_SIZE(respBody),200) == 200 )
		    {
		        _dbgwrite("Response Header:\n");
			_dbgwrite(respHeader);
			_dbgwrite("Response Body:\n");
			_dbgwrite(respBody);
			_dbgwrite("\n");
		    }					
		    break;
		case 'e':
 
                    /*special code for SSL connection in this case is embedded in SMTP functions*/
 
		    if(SMTPStart())
		    {
			_dbgwrite("SMTP Started!\r\n");
 
			//SERVER parameters
			SMTPSetServer(SERVER_NAME, "smtp.gmail.com");
			SMTPSetServer(SERVER_USER, MY_EMAIL_USER);
			SMTPSetServer(SERVER_PASS, MY_EMAIL_PASS);
			SMTPSetServer(SERVER_PORT, "465");
 
                        //Message parameters
			SMTPSetMsg(MSG_TO, EMAIL_DEST);
			SMTPSetMsg(MSG_BODY, "This is an email sent by Flyport module!!!" );
			SMTPSetMsg(MSG_FROM, MY_EMAIL);
			SMTPSetMsg(MSG_SUBJECT, "Flyport SMTP test!!");		 
 
			_dbgwrite("Client SMTP initialized!\r\n");					  
 
			//Sending email and waiting for report
			if(SMTPSend())
			{
			    _dbgwrite("sending email...");
 
			    while(SMTPBusy() == TRUE)
			    {
				_dbgwrite(".");
				vTaskDelay(30);
			    }
			    _dbgwrite("Email sent!\r\n");
			}
			else
			{
			    _dbgwrite("ERROR\r\n");
			}
 
			report = SMTPReport();
			sprintf(buff, "Report result: %u\r\n", report);
			_dbgwrite(buff);
		    }	 
		    break;
	    }
	}
    }
}
Personal tools
Namespaces

Variants
Actions
START HERE
DEVELOPMENT
HARDWARE INFO
RESOURCES
PHASED OUT
Toolbox