Merge branch 'test/esp_ssl_example' into 'master'

examples: Add esp-ssl example tests server/client

Closes IDF-1156

See merge request espressif/esp-idf!12366
This commit is contained in:
David Čermák 2021-04-22 12:21:20 +00:00
commit f14cdd8a31
24 changed files with 600 additions and 233 deletions

View File

@ -8,3 +8,11 @@ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_exam
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(openssl_client)
if(CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN)
# This ca.crt is used when connecting to local(python executed) server
target_add_binary_data(openssl_client.elf "server_certs/ca.crt" TEXT)
else()
# This ca.crt is used when connecting to www.baidu.com
target_add_binary_data(openssl_client.elf "main/baidu_ca.crt" TEXT)
endif()

View File

@ -1,17 +1,67 @@
# Openssl Example
# OpenSSL Client Example
The Example contains of OpenSSL client demo.
(See the README.md file in the upper level 'examples' directory for more information about examples.)
Open the project configuration menu (`idf.py menuconfig`):
This example shows how to set up esp openssl client and communicate over ssl transport layer.
* Configure Wi-Fi or Ethernet under "Example Connection Configuration" menu. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../README.md) for more details.
## How to use example
### Python scripts
Script example_test.py could be used as a client part to the ESP-OPENSSL server demo,
```
python example_test.py
```
Note that this script is used in automated tests, as well, so the IDF test framework packages need to be imported;
please add `$IDF_PATH/tools/ci/python_packages` to `PYTHONPATH`.
### Hardware Required
This example can be executed on any ESP32 board, the only required interface is WiFi and connection to internet.
### Configure the project
* Open the project configuration menu (`idf.py menuconfig`)
* Configure Wi-Fi or Ethernet under "Example Connection Configuration" menu. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../../README.md) for more details.
* Configure the openssl client endpoint URI under "Example Configuration", if "OPENSSL_CLIENT_URI_FROM_STDIN" is selected then the example application will connect to the URI it reads from stdin (used for testing)
* When using Make build system, set `Default serial port` under `Serial flasher config`.
* Configure target domain and port number under "Example Configuration"
* When using OPENSSL_CLIENT_URI_FROM_STRING configure target domain and port number under "Example Configuration"
If you want to test the OpenSSL client demo:
1. compile the code and load the firmware
2. open the UART TTY, then you can see it print the context of target domain
* Please note that verification mode is VERIFY_PEER by default, that's why during connection to public host('www.baidu.com') it's needed to use
appropriate certificates('baidu_ca.crt'), or it is needed to change verify mode to VERIFY_NONE.
See the README.md file in the upper level 'examples' directory for more information about examples.
### Build and Flash
Build the project and flash it to the board, then run monitor tool to view serial output:
```
idf.py -p PORT flash monitor
```
(To exit the serial monitor, type ``Ctrl-]``.)
See the Getting Started Guide for full steps to configure and use ESP-IDF to build projects.
## Example Output
```
I (2601) esp_netif_handlers: example_connect: sta ip: 192.168.1.191, mask: 255.255.255.0, gw: 192.168.1.1
I (2601) example_connect: Got IPv4 event: Interface "example_connect: sta" address: 192.168.1.191
I (3601) example_connect: Got IPv6 event: Interface "example_connect: sta" address: fe80:0000:0000:0000:260a:c4ff:fee7:a660, type: ESP_IP6_ADDR_IS_LINK_LOCAL
I (3601) example_connect: Connected to example_connect: sta
I (3611) example_connect: - IPv4 address: 192.168.1.191
I (3611) example_connect: - IPv6 address: fe80:0000:0000:0000:260a:c4ff:fee7:a660, type: ESP_IP6_ADDR_IS_LINK_LOCAL
I (3631) openssl_example: Test started
I (3631) openssl_example: Trying connect to www.baidu.com port 443 ...
I (3641) openssl_example: DNS lookup succeeded. IP=103.235.46.39
I (4101) openssl_example: OK
I (4101) openssl_example: Create SSL obj
I (4101) openssl_example: OK
I (4101) openssl_example: SSL verify mode = 0 connected to www.baidu.com port 443 ...
I (8091) openssl_example: OK
I (8091) openssl_example: SSL Connection Succeed
```

View File

@ -0,0 +1,126 @@
from __future__ import print_function, unicode_literals
import os
import re
import socket
import ssl
from threading import Event, Thread
import ttfw_idf
SERVER_CERTS_DIR = 'server_certs/'
def _path(f):
return os.path.join(os.path.dirname(os.path.realpath(__file__)),f)
def get_my_ip():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
try:
# doesn't even have to be reachable
s.connect(('10.255.255.255', 1))
IP = s.getsockname()[0]
except socket.error:
IP = '127.0.0.1'
finally:
s.close()
return IP
# Simple TLS server
class TlsServer:
def __init__(self, port, negotiated_protocol=ssl.PROTOCOL_TLSv1):
self.port = port
self.socket = socket.socket()
self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
self.socket.settimeout(20.0)
self.shutdown = Event()
self.negotiated_protocol = negotiated_protocol
self.conn = None
self.ssl_error = None
self.server_thread = None
def __enter__(self):
try:
self.socket.bind(('', self.port))
except socket.error as e:
print('Bind failed:{}'.format(e))
raise
self.socket.listen(1)
self.server_thread = Thread(target=self.run_server)
self.server_thread.start()
return self
def __exit__(self, exc_type, exc_value, traceback):
self.shutdown.set()
self.server_thread.join()
self.socket.close()
if (self.conn is not None):
self.conn.close()
def run_server(self):
ctx = ssl.SSLContext(self.negotiated_protocol)
ctx.load_cert_chain(certfile=_path(SERVER_CERTS_DIR + 'ca.crt'), keyfile=_path(SERVER_CERTS_DIR + 'ca.key'))
self.socket = ctx.wrap_socket(self.socket, server_side=True)
try:
print('Listening socket')
self.conn, address = self.socket.accept() # accept new connection
self.socket.settimeout(20.0)
print(' - connection from: {}'.format(address))
except ssl.SSLError as e:
self.conn = None
self.ssl_error = str(e)
print(' - SSLError: {}'.format(str(e)))
def test_echo(dut):
dut.expect('SSL Connection Succeed')
print('SSL Connection Succeed')
@ttfw_idf.idf_example_test(env_tag='Example_WIFI')
def test_example_protocol_openssl_client(env, extra_data):
"""
steps:
1. join AP
2. connect to uri "xxxx.xxxx.xxxx.xxxx:port"
3. send and receive data
"""
dut1 = env.get_dut('openssl_client', 'examples/protocols/openssl_client', dut_class=ttfw_idf.ESP32DUT)
# check and log bin size
binary_file = os.path.join(dut1.app.binary_path, 'openssl_client.bin')
binary_size = os.path.getsize(binary_file)
ttfw_idf.log_performance('openssl_client_bin_size', '{}KB'.format(binary_size // 1024))
try:
if 'CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN' in dut1.app.get_sdkconfig():
uri_from_stdin = True
else:
uri = dut1.app.get_sdkconfig()['CONFIG_EXAMPLE_OPENSSL_CLIENT_TARGET_DOMAIN'].strip('"')
uri_from_stdin = False
except Exception:
print('ENV_TEST_FAILURE: Cannot find target domain in sdkconfig')
raise
# start test
dut1.start_app()
dut1.expect(re.compile(r' IPv4 address: ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)'), timeout=30)
ip = get_my_ip()
if uri_from_stdin:
server_port = 2222
with TlsServer(server_port, negotiated_protocol=ssl.PROTOCOL_TLSv1_1):
print('Starting test')
dut1.write('{} {}'.format(ip, server_port))
dut1.expect(re.compile('SSL Connection Succeed'), timeout=10)
else:
print('DUT connecting to {}'.format(uri))
test_echo(dut1)
if __name__ == '__main__':
test_example_protocol_openssl_client()

View File

@ -1,15 +1,27 @@
menu "Example Configuration"
config TARGET_DOMAIN
choice EXAMPLE_OPENSSL_CLIENT_URI_SOURCE
prompt "SSL Client URI source"
default EXAMPLE_OPENSSL_CLIENT_URI_FROM_STRING
help
Selects the source of the URI used in the example.
config EXAMPLE_OPENSSL_CLIENT_URI_FROM_STRING
bool "From string"
config EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN
bool "From stdin"
endchoice
config EXAMPLE_OPENSSL_CLIENT_TARGET_DOMAIN
string "Target Domain"
default "www.baidu.com"
help
Target domain for the example to connect to.
config TARGET_PORT_NUMBER
int "Target port number"
range 0 65535
default 443
config EXAMPLE_OPENSSL_CLIENT_TARGET_PORT
string "Target port number"
default "443"
help
Target port number for the example to connect to.

View File

@ -0,0 +1,26 @@
-----BEGIN CERTIFICATE-----
MIIEaTCCA1GgAwIBAgILBAAAAAABRE7wQkcwDQYJKoZIhvcNAQELBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw
MDBaFw0yNDAyMjAxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBW
YWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHDmw/I5N/zHClnSDDDlM/fsBOwphJykfVI+8DNIV0yKMCLkZc
C33JiJ1Pi/D4nGyMVTXbv/Kz6vvjVudKRtkTIso21ZvBqOOWQ5PyDLzm+ebomchj
SHh/VzZpGhkdWtHUfcKc1H/hgBKueuqI6lfYygoKOhJJomIZeg0k9zfrtHOSewUj
mxK1zusp36QUArkBpdSmnENkiN74fv7j9R7l/tyjqORmMdlMJekYuYlZCa7pnRxt
Nw9KHjUgKOKv1CGLAcRFrW4rY6uSa2EKTSDtc7p8zv4WtdufgPDWi2zZCHlKT3hl
2pK8vjX5s8T5J4BO/5ZS5gIg4Qdz6V0rvbLxAgMBAAGjggElMIIBITAOBgNVHQ8B
Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUlt5h8b0cFilT
HMDMfTuDAEDmGnwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0
dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCow
KKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYB
BQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNv
bS9yb290cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZI
hvcNAQELBQADggEBAEYq7l69rgFgNzERhnF0tkZJyBAW/i9iIxerH4f4gu3K3w4s
32R1juUYcqeMOovJrKV3UPfvnqTgoI8UV6MqX+x+bRDmuo2wCId2Dkyy2VG7EQLy
XN0cvfNVlg/UBsD84iOKJHDTu/B5GqdhcIOKrwbFINihY9Bsrk8y1658GEV1BSl3
30JAZGSGvip2CTFvHST0mdCF/vIhCPnG9vHQWe3WVjwIKANnuvD58ZAWR65n5ryA
SOlCdjSXVWkkDoPWoC209fN5ikkodBpBocLTJIg1MGCUF7ThBCIxPTsvFwayuJ2G
K1pp74P1S8SqtCr4fKGxhZSM9AyHDPSsQPhZSZg=
-----END CERTIFICATE-----

View File

@ -1,3 +1,10 @@
#
# Main Makefile. This is basically the same as a component makefile.
#
ifdef CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN
COMPONENT_EMBED_TXTFILES := ${PROJECT_PATH}/server_certs/ca.crt
else
COMPONENT_EMBED_TXTFILES := ${PROJECT_PATH}/main/baidu_ca.crt
endif
COMPONENT_EMBED_TXTFILES += ${PROJECT_PATH}/server_certs/ca.key

View File

@ -17,17 +17,15 @@
the config you want - ie #define OPENSSL_EXAMPLE_TARGET_NAME "www.baidu.com"
and ie #define OPENSSL_EXAMPLE_TARGET_TCP_PORT 433
*/
#define OPENSSL_EXAMPLE_TARGET_NAME CONFIG_TARGET_DOMAIN
#define OPENSSL_EXAMPLE_TARGET_TCP_PORT CONFIG_TARGET_PORT_NUMBER
#define EXAMPLE_OPENSSL_TARGET_DOMAIN CONFIG_EXAMPLE_OPENSSL_CLIENT_TARGET_DOMAIN
#define EXAMPLE_OPENSSL_TARGET_PORT CONFIG_EXAMPLE_OPENSSL_CLIENT_TARGET_PORT
#define OPENSSL_EXAMPLE_REQUEST "{\"path\": \"/v1/ping/\", \"method\": \"GET\"}\r\n"
#define EXAMPLE_OPENSSL_REQUEST "{\"path\": \"/v1/ping/\", \"method\": \"GET\"}\r\n"
#define OPENSSL_EXAMPLE_TASK_NAME "openssl_example"
#define OPENSSL_EXAMPLE_TASK_STACK_WORDS 10240
#define OPENSSL_EXAMPLE_TASK_PRIORITY 8
#define EXAMPLE_OPENSSL_TASK_NAME "openssl_example"
#define EXAMPLE_OPENSSL_TASK_STACK_WORDS 10240
#define EXAMPLE_OPENSSL_TASK_PRIORITY 8
#define OPENSSL_EXAMPLE_RECV_BUF_LEN 1024
#define OPENSSL_EXAMPLE_LOCAL_TCP_PORT 443
#define EXAMPLE_OPENSSL_RECV_BUF_LEN 1024
#endif

View File

@ -1,4 +1,4 @@
/* OpenSSL client Example
/* OpenSSL Client Example
This example code is in the Public Domain (or CC0 licensed, at your option.)
@ -6,172 +6,151 @@
software is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied.
*/
#include "openssl_client_example.h"
#include <string.h>
#include "openssl/ssl.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "lwip/netdb.h"
#include "lwip/sockets.h"
#include "esp_log.h"
#include "esp_wifi.h"
#include "esp_event.h"
#include "nvs_flash.h"
#include "esp_netif.h"
#include "esp_event.h"
#include "esp_log.h"
#include "protocol_examples_common.h"
#include "lwip/sockets.h"
#include "lwip/netdb.h"
const static char *TAG = "openssl_example";
static const char *TAG = "openssl_example";
static void openssl_example_task(void *p)
static int open_connection(const char *host, char *port)
{
int ret;
SSL_CTX *ctx;
SSL *ssl;
const struct addrinfo hints = {
.ai_family = AF_INET,
.ai_socktype = SOCK_STREAM,
};
struct addrinfo * res;
struct in_addr *addr;
int sd;
int err = getaddrinfo(host, port, &hints, &res);
if (err < 0) {
ESP_LOGE(TAG, "getaddrinfo() failed for IPV4 destination address. error: %d", err);
return -1;
}
if (res == 0) {
ESP_LOGE(TAG, "getaddrinfo() did not return any addresses");
return -1;
}
addr = &((struct sockaddr_in *)res->ai_addr)->sin_addr;
ESP_LOGI(TAG, "DNS lookup succeeded. IP=%s", inet_ntoa(*addr));
sd = socket(res->ai_family, res->ai_socktype, 0);
if(sd < 0) {
ESP_LOGE(TAG, "Failed to allocate socket.");
freeaddrinfo(res);
return -1;
}
if (connect(sd, res->ai_addr, res->ai_addrlen) != 0) {
ESP_LOGE(TAG, "Socket connect failed");
return -1;
}
return sd;
}
static SSL_CTX* init_contex(void)
{
#if CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN
extern const unsigned char cacert_pem_start[] asm("_binary_ca_crt_start");
extern const unsigned char cacert_pem_end[] asm("_binary_ca_crt_end");
#else
extern const unsigned char cacert_pem_start[] asm("_binary_baidu_ca_crt_start");
extern const unsigned char cacert_pem_end[] asm("_binary_baidu_ca_crt_end");
#endif
const unsigned int cacert_pem_bytes = cacert_pem_end - cacert_pem_start;
const SSL_METHOD *mtd = TLSv1_1_client_method();
SSL_CTX *ctx = SSL_CTX_new(mtd); /* Create new context */
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
X509 *x = d2i_X509(NULL, cacert_pem_start, cacert_pem_bytes);
if(!x) {
ESP_LOGI(TAG,"Loading certs failed \n");
}
SSL_CTX_add_client_CA(ctx, x);
return ctx;
}
static void start_example(const char *host, char *port)
{
SSL_CTX *ctx = NULL;
SSL *ssl = NULL;
int sockfd;
struct sockaddr_in sock_addr;
struct hostent *hp;
struct ip4_addr *ip4_addr;
int ret;
int recv_bytes = 0;
char recv_buf[OPENSSL_EXAMPLE_RECV_BUF_LEN];
const char send_data[] = OPENSSL_EXAMPLE_REQUEST;
const int send_bytes = sizeof(send_data);
ESP_LOGI(TAG, "OpenSSL demo thread start OK");
ESP_LOGI(TAG, "get target IP address");
hp = gethostbyname(OPENSSL_EXAMPLE_TARGET_NAME);
if (!hp) {
ESP_LOGI(TAG, "failed");
goto failed1;
}
ESP_LOGI(TAG, "OK");
ip4_addr = (struct ip4_addr *)hp->h_addr;
ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
ESP_LOGI(TAG, "create SSL context ......");
ctx = SSL_CTX_new(TLSv1_1_client_method());
ctx = init_contex();
if (!ctx) {
ESP_LOGI(TAG, "failed");
ESP_LOGE(TAG, "Failed");
goto failed1;
}
ESP_LOGI(TAG, "Trying connect to %s port %s ...", host, port);
sockfd = open_connection(host, port);
if(sockfd < 0) {
ESP_LOGE(TAG,"Failed");
goto failed1;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "create socket ......");
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
ESP_LOGI(TAG, "failed");
ESP_LOGI(TAG, "Create SSL obj");
ssl = SSL_new(ctx);
if (!ssl) {
ESP_LOGE(TAG,"Failed");
goto failed2;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "bind socket ......");
memset(&sock_addr, 0, sizeof(sock_addr));
sock_addr.sin_family = AF_INET;
sock_addr.sin_addr.s_addr = 0;
sock_addr.sin_port = htons(OPENSSL_EXAMPLE_LOCAL_TCP_PORT);
ret = bind(sockfd, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
if (ret) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "socket connect to remote %s ......", OPENSSL_EXAMPLE_TARGET_NAME);
memset(&sock_addr, 0, sizeof(sock_addr));
sock_addr.sin_family = AF_INET;
sock_addr.sin_addr.s_addr = ip4_addr->addr;
sock_addr.sin_port = htons(OPENSSL_EXAMPLE_TARGET_TCP_PORT);
ret = connect(sockfd, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
if (ret) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "create SSL ......");
ssl = SSL_new(ctx);
if (!ssl) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
SSL_set_fd(ssl, sockfd);
ESP_LOGI(TAG, "SSL connected to %s port %d ......",
OPENSSL_EXAMPLE_TARGET_NAME, OPENSSL_EXAMPLE_TARGET_TCP_PORT);
ret = SSL_connect(ssl);
if (!ret) {
ESP_LOGI(TAG, "failed " );
goto failed4;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "send https request to %s port %d ......",
OPENSSL_EXAMPLE_TARGET_NAME, OPENSSL_EXAMPLE_TARGET_TCP_PORT);
ret = SSL_write(ssl, send_data, send_bytes);
if (ret <= 0) {
ESP_LOGI(TAG, "failed");
goto failed5;
ESP_LOGE(TAG,"SSL Connection Failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
do {
ret = SSL_read(ssl, recv_buf, OPENSSL_EXAMPLE_RECV_BUF_LEN - 1);
if (ret <= 0) {
break;
}
recv_buf[ret] = '\0';
recv_bytes += ret;
ESP_LOGI(TAG, "%s", recv_buf);
} while (1);
ESP_LOGI(TAG, "totally read %d bytes data from %s ......", recv_bytes, OPENSSL_EXAMPLE_TARGET_NAME);
failed5:
SSL_shutdown(ssl);
failed4:
ESP_LOGI(TAG,"SSL Connection Succeed");
failed3:
SSL_free(ssl);
ssl = NULL;
failed3:
failed2:
close(sockfd);
sockfd = -1;
failed2:
failed1:
SSL_CTX_free(ctx);
ctx = NULL;
failed1:
vTaskDelete(NULL);
return ;
}
static void openssl_example_client_init(void)
#if CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN
static void get_string(char *line, size_t size)
{
int ret;
xTaskHandle openssl_handle;
ret = xTaskCreate(openssl_example_task,
OPENSSL_EXAMPLE_TASK_NAME,
OPENSSL_EXAMPLE_TASK_STACK_WORDS,
NULL,
OPENSSL_EXAMPLE_TASK_PRIORITY,
&openssl_handle);
if (ret != pdPASS) {
ESP_LOGI(TAG, "create thread %s failed", OPENSSL_EXAMPLE_TASK_NAME);
int count = 0;
while (count < size) {
int c = fgetc(stdin);
if (c == '\n') {
line[count] = '\0';
break;
} else if (c > 0 && c < 127) {
line[count] = c;
++count;
}
vTaskDelay(10 / portTICK_PERIOD_MS);
}
}
#endif /* CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN */
void app_main(void)
{
char host[128] = EXAMPLE_OPENSSL_TARGET_DOMAIN;
char port[32] = EXAMPLE_OPENSSL_TARGET_PORT;
ESP_LOGI(TAG, "[APP] Startup..");
ESP_LOGI(TAG, "[APP] Free memory: %d bytes", esp_get_free_heap_size());
ESP_LOGI(TAG, "[APP] IDF version: %s", esp_get_idf_version());
ESP_ERROR_CHECK(nvs_flash_init());
ESP_ERROR_CHECK(esp_netif_init());
ESP_ERROR_CHECK(esp_event_loop_create_default());
@ -182,5 +161,10 @@ void app_main(void)
*/
ESP_ERROR_CHECK(example_connect());
openssl_example_client_init();
#if CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN
char line[256] = "";
get_string(line, sizeof(line));
sscanf(line, "%s %s", host, port);
#endif /* CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN */
start_example(host, port);
}

View File

@ -0,0 +1,2 @@
CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STDIN=y
CONFIG_EXAMPLE_OPENSSL_CLIENT_URI_FROM_STRING=n

View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDTTCCAjWgAwIBAgIUe0ZW+zwJ0KauAHVreTmv8xqC9QgwDQYJKoZIhvcNAQEL
BQAwNjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAoM
CUVzcHJlc3NpZjAeFw0yMDA5MjMwNzU1NTRaFw00ODAyMDkwNzU1NTRaMDYxCzAJ
BgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMRIwEAYDVQQKDAlFc3ByZXNz
aWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC52tv077MpX817BVUP
yjmz/Nk1Tj7Za4pHlpVlbRRSlEz5h/62s7arB6dq9K2kC7fTIkw6MN/Qp4zPZ1Ug
0abzZesb71w3NLhw9ModiakDkvdRoDORXbxeJuxHbJyui/8N9UNJfb3IOPX/nSP+
coDWrkk0GrJbLwU1aLf7zr00iY2yx+lAEd75ElXhKrheUJJ/dpKYl4ZcGSm55WkQ
tJi5dHfZCx1dDXnt49q5hbGa7lsOwdIdE7xM4NtqWo61LJ2Z/scbha48RMvEAnAl
IfG9VcfjfOY1Y3LZemXS1NhuGRRgT3hc/xJFyTja4zg71XK1Z5VJO/QShFuDWnkx
oXrdAgMBAAGjUzBRMB0GA1UdDgQWBBRTSG/RoTNtlXzzHf/WrFRBCO9NMTAfBgNV
HSMEGDAWgBRTSG/RoTNtlXzzHf/WrFRBCO9NMTAPBgNVHRMBAf8EBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4IBAQBqu44Bdq2JWAx3gDrIz42Vvocq4kRkNEg2C00b7OEU
Hi/zm2JTOyoHQfLZWc1Y6dzcPTbA/+7JFgnlgyzfH4YCi8YosEjRB+cBqEwDeeGY
XS0vKxEG69vDb/neqsKsWawKU7P8TVar7qg/41eqoC84o/d23eBFJ0Tr/3EWO5hr
8ct2mSLkewCJIzxqQIsORynxjd7K9N2Dxb7Lg7kremM+nADfrbArSh443t+G9YEY
fDatlIgFXietPyg6i27Aob5Ogs5gmbdY2swEoYfnrN++DpLyLoPB9Y1t/691CkNF
AzCQft+CFyZfNXbjHBE7q3s660/UkC20OyHFyFt9C0q2
-----END CERTIFICATE-----

View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAudrb9O+zKV/NewVVD8o5s/zZNU4+2WuKR5aVZW0UUpRM+Yf+
trO2qwenavStpAu30yJMOjDf0KeMz2dVINGm82XrG+9cNzS4cPTKHYmpA5L3UaAz
kV28XibsR2ycrov/DfVDSX29yDj1/50j/nKA1q5JNBqyWy8FNWi3+869NImNssfp
QBHe+RJV4Sq4XlCSf3aSmJeGXBkpueVpELSYuXR32QsdXQ157ePauYWxmu5bDsHS
HRO8TODbalqOtSydmf7HG4WuPETLxAJwJSHxvVXH43zmNWNy2Xpl0tTYbhkUYE94
XP8SRck42uM4O9VytWeVSTv0EoRbg1p5MaF63QIDAQABAoIBAQC480UkcEz4hW/0
VpAZkILvzFVTKLR+pPgM2Zt+PZiVvSMExwMBScIkXQ+L7kXGFCswntcAqZZxC+ui
khAzAq+DVA8t03sPLRXGwrNHxbA98EjSH/xxUribcVx8j2c0g/ijKUl2nvz3fUfA
wd4J3mS8PuB2S4LmHtquFbHRkiDTX8RPtq+1ZGpl2+u2DlKIyPrkr8UZyZPVVjHd
ACyG4rJdFy/XVS3cGSQ0Nkp/Ml706oSOUklRPzQEumZt6UkdgRYt9VlLL65CzIrF
qW34v0olgD5pVM4hIKIV8GgqGCqKhfsj8Mv6kQ2iO4/Wu32iwwezGpqO5pOUVJLB
t/22iNxBAoGBAOmHHUN9Vl5wnZ88/TG1zU4aom/PHNiPCym1Zr4MekdMtCOFo+i/
8hB+X8ZfR8VfQpzF2TdvCde0f/nQCT7ixCFmx5ZgD6QqDU2oHqV1N+/6k3IFGG8X
BFcKMOyRU866E7RknMQfXmKc0V9BFnwo1hFfNlaQNUsiT6BX9TXvDzBVAoGBAMu9
Vpnv95FbFAb3+5gLABfFu9jUDSIanE+YJgtm5akDxF5paYZNTUcTe0KwT/h/nqyU
EyHeb32IbKUOzEmN1RlvfIec2QmZJk0u6TfLRLmORsBxM5z5dn+mvJwsYHaam0iI
pdpbnObCH+dIgGrn6zPPgaLr/NQ/GJMbVpGTVAhpAoGAc9p9MRtAOvABspsuPXgl
F2dtSKzmcaVdc160TvqfuzmZcLn/HBwFuhsH5sEkOQ3OXTpmTfL/Xg0FJGkJ/THA
/ZUg1UBo4heeq/UI5yrlCmA0v+85NPulQo0iwmpCup9j4S28/CtXxvJniKsgvY4A
zXN/4KgAWHr4J+MbGpuz3FUCgYB6ACr3iyaoN+3KLnzOEug/U/ykXnZu0ZiAYQ+H
DFrB1qukDWNPNMLtqNDKomGA4IrXtOOwCE6i0SqdvDrAYNoWnRfo7RdaFAdHeKvW
6TWCF5xuaFsLyKYY0nNm4XvyCaqqyIjoNKvD0sLf8B5V5gKFx+BM+xsuzYmdrWUt
Txem4QKBgQDGTEuEy8lX3AO7+iSwjgOC0mooLOR6MoH3iH81GUj+IuiwngIDRtHj
gIh0mNu6vgQkfBkaP27tyr00PBi3SIGAJOLaTKimjEOk0plTw1ewt4apMlhdcT/f
eVEUD7zpX3v1a8mN34wCRUEilpfMvEpIxW3GnDRzxVaXerydLiApJQ==
-----END RSA PRIVATE KEY-----

View File

@ -8,3 +8,6 @@ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_exam
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(openssl_server)
target_add_binary_data(openssl_server.elf "server_certs/ca.crt" TEXT)
target_add_binary_data(openssl_server.elf "server_certs/ca.key" TEXT)

View File

@ -1,22 +1,65 @@
# Openssl Example
# OpenSSL Server Example
The Example contains of OpenSSL server demo.
(See the README.md file in the upper level 'examples' directory for more information about examples.)
Open the project configuration menu (`idf.py menuconfig`):
This example connects to the ESP-OPENSSL server demo using ssl transport and and sends some messages.
* Configure Wi-Fi or Ethernet under "Example Connection Configuration" menu. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../README.md) for more details.
## How to use example
### Python scripts
Script example_test.py could be used as a client part to the ESP-OPENSSL server demo,
```
python example_test.py
```
Note that this script is used in automated tests, as well, so the IDF test framework packages need to be imported;
please add `$IDF_PATH/tools/ci/python_packages` to `PYTHONPATH`.
### Hardware Required
This example can be executed on any ESP32 board, the only required interface is WiFi and connection to internet.
### Configure the project
* Open the project configuration menu (`idf.py menuconfig`)
* Configure Wi-Fi or Ethernet under "Example Connection Configuration" menu. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../../README.md) for more details.
* When using Make build system, set `Default serial port` under `Serial flasher config`.
IF you want to test the OpenSSL server demo:
1. compile the code and load the firmware
2. input the context of "https://192.168.17.128" into your web browser, the IP of your module may not be 192.168.17.128, you should input your module's IP
3. You may see that it shows the website is not able to be trusted, but you should select that "go on to visit it"
4. You should wait for a moment until your see the "OpenSSL server demo!" in your web browser
### Build and Flash
Note:
The private key and certification at the example are not trusted by web browser, because they are not created by CA official, just by ourselves.
You can alse create your own private key and ceritification by "openssl at ubuntu or others".
We have the document of "ESP8266_SDKSSL_User_Manual_EN_v1.4.pdf" at "https://www.espressif.com/en/support/download/documents". By it you can gernerate the private key and certification with the fomate of ".pem"
Build the project and flash it to the board, then run monitor tool to view serial output:
See the README.md file in the upper level 'examples' directory for more information about examples.
```
idf.py -p PORT flash monitor
```
(To exit the serial monitor, type ``Ctrl-]``.)
See the Getting Started Guide for full steps to configure and use ESP-IDF to build projects.
## Example Output
```
I (2609) example_connect: Got IPv6 event: Interface "example_connect: sta" address: fe80:0000:0000:0000:260a:c4ff:fee7:a660, type: ESP_IP6_ADDR_IS_LINK_LOCAL
I (3609) esp_netif_handlers: example_connect: sta ip: 192.168.1.191, mask: 255.255.255.0, gw: 192.168.1.1
I (3609) example_connect: Got IPv4 event: Interface "example_connect: sta" address: 192.168.1.191
I (3619) example_connect: Connected to example_connect: sta
I (3619) example_connect: - IPv4 address: 192.168.1.191
I (3629) example_connect: - IPv6 address: fe80:0000:0000:0000:260a:c4ff:fee7:a660, type: ESP_IP6_ADDR_IS_LINK_LOCAL
I (3639) OPENSSL_EXAMPLE: SSL server context create ......
I (3649) OPENSSL_EXAMPLE: OK
I (3649) OPENSSL_EXAMPLE: SSL server context set own certification......
I (3659) OPENSSL_EXAMPLE: OK
I (3659) OPENSSL_EXAMPLE: SSL server context set private key......
I (3669) OPENSSL_EXAMPLE: OK
I (3669) OPENSSL_EXAMPLE: SSL server create socket ......
I (3679) OPENSSL_EXAMPLE: OK
I (3679) OPENSSL_EXAMPLE: SSL server socket bind ......
I (3689) OPENSSL_EXAMPLE: OK
I (3689) OPENSSL_EXAMPLE: SSL server socket listen on 443 port
I (3699) OPENSSL_EXAMPLE: OK
I (3699) OPENSSL_EXAMPLE: SSL server create ......
I (3709) OPENSSL_EXAMPLE: OK
I (3709) OPENSSL_EXAMPLE: SSL server socket accept client ......
```

View File

@ -0,0 +1,47 @@
from __future__ import print_function, unicode_literals
import os
import re
import socket
import ssl
import ttfw_idf
def _path(f):
return os.path.join(os.path.dirname(os.path.realpath(__file__)),f)
@ttfw_idf.idf_example_test(env_tag='Example_WIFI')
def test_example_protocol_openssl_server(env, extra_data):
"""
steps:
1. join AP
2. connect to uri "xxxx.xxxx.xxxx.xxxx:port"
3. send data
"""
dut1 = env.get_dut('openssl_server', 'examples/protocols/openssl_server', dut_class=ttfw_idf.ESP32DUT)
# check and log bin size
binary_file = os.path.join(dut1.app.binary_path, 'openssl_server.bin')
bin_size = os.path.getsize(binary_file)
ttfw_idf.log_performance('openssl_server_bin_size', '{}KB'.format(bin_size // 1024))
# start test
dut1.start_app()
ip = dut1.expect(re.compile(r' IPv4 address: ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)'), timeout=30)[0]
port = dut1.expect(re.compile(r' SSL server socket listen on ([0-9]+)'), timeout=30)[0]
# create socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(10)
addr = (ip, int(port))
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
# wrap socket
wrappedSocket = ssl.wrap_socket(sock, ca_certs=_path('server_certs/ca.crt'), cert_reqs=ssl.CERT_REQUIRED)
# connect and send data
wrappedSocket.connect(addr)
wrappedSocket.send('Some Data'.encode())
# close socket connection
wrappedSocket.close()
if __name__ == '__main__':
test_example_protocol_openssl_server()

View File

@ -1,4 +1,3 @@
# Embed the certificate & key data directly in the built binary
idf_component_register(SRCS "openssl_server_example_main.c"
INCLUDE_DIRS "."
EMBED_TXTFILES cacert.pem prvtkey.pem)
INCLUDE_DIRS ".")

View File

@ -0,0 +1,10 @@
menu "Example Configuration"
config EXAMPLE_OPENSSL_SERVER_PORT
int "Target port number"
range 0 65535
default 443
help
Target port number for the example to connect to.
endmenu

View File

@ -1,21 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIDezCCAmOgAwIBAgIJAPMMNobNczaUMA0GCSqGSIb3DQEBBAUAMHQxEzARBgNV
BAMTCk15IFRlc3QgQ0ExCzAJBgNVBAgTAkhaMQswCQYDVQQGEwJDTjEcMBoGCSqG
SIb3DQEJARYNdGVzdEBjZXJ0LmNvbTElMCMGA1UEChMcUm9vdCBDZXJ0aWZpY2F0
aW9uIEF1dGhvcml0eTAeFw0xNjExMTUwNTA0MThaFw0xOTExMTUwNTA0MThaMHQx
EzARBgNVBAMTCk15IFRlc3QgQ0ExCzAJBgNVBAgTAkhaMQswCQYDVQQGEwJDTjEc
MBoGCSqGSIb3DQEJARYNdGVzdEBjZXJ0LmNvbTElMCMGA1UEChMcUm9vdCBDZXJ0
aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDjSPDlomepHCzbw4MUrquQAU0xTV4/Npb27k9I5TRVTjIoOs/5hNI2LPFW
e4CREx09ZrT8K3NFOBoSy7bhPAsjGaFxCYYWc9tiX1m5gq3ToVRSmbZ65fE3kvnI
8E/d5VyzA0OMmWbfaolBSTMoWgqRynEaT+z1Eh2yDTzVFy9eov1DdQFUqGDqbH5b
QYvTY5Fyem7UcKWAe2yS0j3H4dVtVBKNY7qV3Px08yGAs5fQFgUwhyB5+qwhvkeL
JdgapGaSTwLgoQKWHbe/lA3NiBIB9hznFUGKo3hmniAvYZbrQcn3tc0l/J4I39v2
Pm29FAyjWvQyBkGktz2q4elOZYkCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkq
hkiG9w0BAQQFAAOCAQEAJCJ+97oae/FcOLbPpjCpUQnWqYydgSChgalkZNvr4fVp
TnuNg471l0Y2oTJLoWn2YcbPSFVOEeKkU47mpjMzucHHp0zGaW9SdzhZalWwmbgK
q2ijecIbuFHFNedYTk/03K7eaAcjVhD8e0oOJImeLOL6DAFivA1LUnSgXsdGPDtD
zhISsCPTu+cL1j0yP6HBvLeAyb8kaCWJ05RtiVLRANNHQn/keHajJYpMwnEEbJdG
cqN3whfJoGVbZ6isEf2RQJ0pYRnP7uGLW3wGkLWxfdto8uER8HVDx7fZpevLIqGd
1OoSEi3cIJXWBAjx0TLzzhtb6aeIxBJWQqHThtkKdg==
-----END CERTIFICATE-----

View File

@ -2,5 +2,5 @@
# Main Makefile. This is basically the same as a component makefile.
#
COMPONENT_EMBED_TXTFILES := cacert.pem
COMPONENT_EMBED_TXTFILES += prvtkey.pem
COMPONENT_EMBED_TXTFILES := ${PROJECT_PATH}/server_certs/ca.crt
COMPONENT_EMBED_TXTFILES += ${PROJECT_PATH}/server_certs/ca.key

View File

@ -18,6 +18,6 @@
#define OPENSSL_EXAMPLE_RECV_BUF_LEN 1024
#define OPENSSL_EXAMPLE_LOCAL_TCP_PORT 443
#define OPENSSL_EXAMPLE_LOCAL_TCP_PORT CONFIG_EXAMPLE_OPENSSL_SERVER_PORT
#endif

View File

@ -1,4 +1,4 @@
/* OpenSSL server Example
/* OpenSSL Server Example
This example code is in the Public Domain (or CC0 licensed, at your option.)
@ -27,7 +27,7 @@
#include "lwip/netdb.h"
const static char *TAG = "Openssl_example";
const static char *TAG = "openssl_example";
#define OPENSSL_EXAMPLE_SERVER_ACK "HTTP/1.1 200 OK\r\n" \
"Content-Type: text/html\r\n" \
@ -56,13 +56,13 @@ static void openssl_example_task(void *p)
const char send_data[] = OPENSSL_EXAMPLE_SERVER_ACK;
const int send_bytes = sizeof(send_data);
extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
extern const unsigned char cacert_pem_end[] asm("_binary_cacert_pem_end");
const unsigned int cacert_pem_bytes = cacert_pem_end - cacert_pem_start;
extern const unsigned char ca_crt_start[] asm("_binary_ca_crt_start");
extern const unsigned char ca_crt_end[] asm("_binary_ca_crt_end");
const unsigned int ca_crt_bytes = ca_crt_end - ca_crt_start;
extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");
extern const unsigned char prvtkey_pem_end[] asm("_binary_prvtkey_pem_end");
const unsigned int prvtkey_pem_bytes = prvtkey_pem_end - prvtkey_pem_start;
extern const unsigned char ca_key_start[] asm("_binary_ca_key_start");
extern const unsigned char ca_key_end[] asm("_binary_ca_key_end");
const unsigned int ca_key_bytes = ca_key_end - ca_key_start;
ESP_LOGI(TAG, "SSL server context create ......");
/* For security reasons, it is best if you can use
@ -77,7 +77,7 @@ static void openssl_example_task(void *p)
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server context set own certification......");
ret = SSL_CTX_use_certificate_ASN1(ctx, cacert_pem_bytes, cacert_pem_start);
ret = SSL_CTX_use_certificate_ASN1(ctx, ca_crt_bytes, ca_crt_start);
if (!ret) {
ESP_LOGI(TAG, "failed");
goto failed2;
@ -85,7 +85,7 @@ static void openssl_example_task(void *p)
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server context set private key......");
ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, prvtkey_pem_start, prvtkey_pem_bytes);
ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, ca_key_start, ca_key_bytes);
if (!ret) {
ESP_LOGI(TAG, "failed");
goto failed2;
@ -112,7 +112,7 @@ static void openssl_example_task(void *p)
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "SSL server socket listen ......");
ESP_LOGI(TAG, "SSL server socket listen on %d port", OPENSSL_EXAMPLE_LOCAL_TCP_PORT);
ret = listen(sockfd, 32);
if (ret) {
ESP_LOGI(TAG, "failed");
@ -207,6 +207,10 @@ static void openssl_server_init(void)
void app_main(void)
{
ESP_LOGI(TAG, "[APP] Startup..");
ESP_LOGI(TAG, "[APP] Free memory: %d bytes", esp_get_free_heap_size());
ESP_LOGI(TAG, "[APP] IDF version: %s", esp_get_idf_version());
ESP_ERROR_CHECK(nvs_flash_init());
ESP_ERROR_CHECK(esp_netif_init());
ESP_ERROR_CHECK(esp_event_loop_create_default());

View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAsONI8OWiZ6kcLNvDgxSuq5ABTTFNXj82lvbuT0jlNFVOMig6
z/mE0jYs8VZ7gJETHT1mtPwrc0U4GhLLtuE8CyMZoXEJhhZz22JfWbmCrdOhVFKZ
tnrl8TeS+cjwT93lXLMDQ4yZZt9qiUFJMyhaCpHKcRpP7PUSHbINPNUXL16i/UN1
AVSoYOpsfltBi9NjkXJ6btRwpYB7bJLSPcfh1W1UEo1jupXc/HTzIYCzl9AWBTCH
IHn6rCG+R4sl2BqkZpJPAuChApYdt7+UDc2IEgH2HOcVQYqjeGaeIC9hlutByfe1
zSX8ngjf2/Y+bb0UDKNa9DIGQaS3Parh6U5liQIDAQABAoIBAB9K9jp3xXVlO3DM
KBhmbkg3n6NSV4eW00d9w8cO9E1/0eeZql3knJS7tNO1IwApqiIAHM1j1yP7WONz
88oUqpSlzwD6iF7KVhC3pHqxEOdDi0Tpn/viXg+Ab2X1IF5guRTfLnKiyviiCazi
edqtBtDb3d6Icx9Oc7gBKcpbQFDGt++wSOb5L+xhRm9B5B4l/6byikiPeKqIK5tC
SoP9Zr1mvpNoGm1P4LvEunFJcRBqVI010VNwfO9P98oVyzJu9/FZZrQxXoY9JdXF
OM6nbl+hMDM3TkEOda9NvBhImozEAvuc97CaaXyR3XivxMqNqNIb4+syUPa2PCS3
ZztI5qECgYEA1gbVG6ifpvpbBkDPi3Im8fM3F7FLLrQc48FdFjdMvDhHD9lVKucD
Uaa8PF9dbbvlu2cwMyfBOKSuWaXxRxRsiqiPmTunS1MvPzQcSrGwUrL2AogGucn6
+NrLQf5P4H5IpkDQ9ih3zwjO6xKFK1WeYnYpHM8qUBtl6q0YFyVBPu0CgYEA05Pn
StWA4D7VSbNnVi6lvFyEOUsTrK3v419598TFiq4eXLq6aV8/CQYzKsSzoG+aOZhX
Li+0uyT5cNzUcXYhTsW1hA/pNhMfxMrYiB1x14zlLp2WRGg4vd/+SxX6d9Yd3acX
7QzPKgdDicXs9QN8ozJOICKvNbUI53AJdATVEY0CgYEAwvpGeoQLrdq1weSZLrg3
soOX1QW3MDz1dKdbXjnStkWut0mOxR7fbysuoPFf8/ARQcCnsHKvHCMqkpESVWbN
2yPkbfxiU8Tcbf/TJljqAOz4ISY6ula/RKZONTixHBrvpEW4GAiV3Q5xMsYUe33s
ZFaw7YXtTj0ng7tdDvjpj6ECgYEApHdUU9ejVq2BHslWiqe4LbO9FMxHfvO2hgix
xugupp6y+2Irhb2EQn+PRq+g8hXOzPaezkhHNTKItDL08T3iplkJwJ6dqmszRsZn
i2dYFzZu8M2PAZ4CfZahFbz/9id7D9HTx3EtmH4NAgvZJpyPRkzUbiaIDDettDpj
Hsyi1AECgYAPLvjBzQj4kPF8Zo9pQEUcz4pmupRVfv3aRfjnahDK4qZHEePDRj+J
W7pzayrs1dyN9QLB8pTc424z7f8MB3llCICN+ohs8CR/eW0NEobE9ldDOeoCr1Vh
NhNSbrN1iZ8U4oLkRTMaDKkVngGffvjGi/q0tOU7hJdZOqNlk2Iahg==
-----END RSA PRIVATE KEY-----

View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDTTCCAjWgAwIBAgIUe0ZW+zwJ0KauAHVreTmv8xqC9QgwDQYJKoZIhvcNAQEL
BQAwNjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAoM
CUVzcHJlc3NpZjAeFw0yMDA5MjMwNzU1NTRaFw00ODAyMDkwNzU1NTRaMDYxCzAJ
BgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMRIwEAYDVQQKDAlFc3ByZXNz
aWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC52tv077MpX817BVUP
yjmz/Nk1Tj7Za4pHlpVlbRRSlEz5h/62s7arB6dq9K2kC7fTIkw6MN/Qp4zPZ1Ug
0abzZesb71w3NLhw9ModiakDkvdRoDORXbxeJuxHbJyui/8N9UNJfb3IOPX/nSP+
coDWrkk0GrJbLwU1aLf7zr00iY2yx+lAEd75ElXhKrheUJJ/dpKYl4ZcGSm55WkQ
tJi5dHfZCx1dDXnt49q5hbGa7lsOwdIdE7xM4NtqWo61LJ2Z/scbha48RMvEAnAl
IfG9VcfjfOY1Y3LZemXS1NhuGRRgT3hc/xJFyTja4zg71XK1Z5VJO/QShFuDWnkx
oXrdAgMBAAGjUzBRMB0GA1UdDgQWBBRTSG/RoTNtlXzzHf/WrFRBCO9NMTAfBgNV
HSMEGDAWgBRTSG/RoTNtlXzzHf/WrFRBCO9NMTAPBgNVHRMBAf8EBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4IBAQBqu44Bdq2JWAx3gDrIz42Vvocq4kRkNEg2C00b7OEU
Hi/zm2JTOyoHQfLZWc1Y6dzcPTbA/+7JFgnlgyzfH4YCi8YosEjRB+cBqEwDeeGY
XS0vKxEG69vDb/neqsKsWawKU7P8TVar7qg/41eqoC84o/d23eBFJ0Tr/3EWO5hr
8ct2mSLkewCJIzxqQIsORynxjd7K9N2Dxb7Lg7kremM+nADfrbArSh443t+G9YEY
fDatlIgFXietPyg6i27Aob5Ogs5gmbdY2swEoYfnrN++DpLyLoPB9Y1t/691CkNF
AzCQft+CFyZfNXbjHBE7q3s660/UkC20OyHFyFt9C0q2
-----END CERTIFICATE-----

View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAudrb9O+zKV/NewVVD8o5s/zZNU4+2WuKR5aVZW0UUpRM+Yf+
trO2qwenavStpAu30yJMOjDf0KeMz2dVINGm82XrG+9cNzS4cPTKHYmpA5L3UaAz
kV28XibsR2ycrov/DfVDSX29yDj1/50j/nKA1q5JNBqyWy8FNWi3+869NImNssfp
QBHe+RJV4Sq4XlCSf3aSmJeGXBkpueVpELSYuXR32QsdXQ157ePauYWxmu5bDsHS
HRO8TODbalqOtSydmf7HG4WuPETLxAJwJSHxvVXH43zmNWNy2Xpl0tTYbhkUYE94
XP8SRck42uM4O9VytWeVSTv0EoRbg1p5MaF63QIDAQABAoIBAQC480UkcEz4hW/0
VpAZkILvzFVTKLR+pPgM2Zt+PZiVvSMExwMBScIkXQ+L7kXGFCswntcAqZZxC+ui
khAzAq+DVA8t03sPLRXGwrNHxbA98EjSH/xxUribcVx8j2c0g/ijKUl2nvz3fUfA
wd4J3mS8PuB2S4LmHtquFbHRkiDTX8RPtq+1ZGpl2+u2DlKIyPrkr8UZyZPVVjHd
ACyG4rJdFy/XVS3cGSQ0Nkp/Ml706oSOUklRPzQEumZt6UkdgRYt9VlLL65CzIrF
qW34v0olgD5pVM4hIKIV8GgqGCqKhfsj8Mv6kQ2iO4/Wu32iwwezGpqO5pOUVJLB
t/22iNxBAoGBAOmHHUN9Vl5wnZ88/TG1zU4aom/PHNiPCym1Zr4MekdMtCOFo+i/
8hB+X8ZfR8VfQpzF2TdvCde0f/nQCT7ixCFmx5ZgD6QqDU2oHqV1N+/6k3IFGG8X
BFcKMOyRU866E7RknMQfXmKc0V9BFnwo1hFfNlaQNUsiT6BX9TXvDzBVAoGBAMu9
Vpnv95FbFAb3+5gLABfFu9jUDSIanE+YJgtm5akDxF5paYZNTUcTe0KwT/h/nqyU
EyHeb32IbKUOzEmN1RlvfIec2QmZJk0u6TfLRLmORsBxM5z5dn+mvJwsYHaam0iI
pdpbnObCH+dIgGrn6zPPgaLr/NQ/GJMbVpGTVAhpAoGAc9p9MRtAOvABspsuPXgl
F2dtSKzmcaVdc160TvqfuzmZcLn/HBwFuhsH5sEkOQ3OXTpmTfL/Xg0FJGkJ/THA
/ZUg1UBo4heeq/UI5yrlCmA0v+85NPulQo0iwmpCup9j4S28/CtXxvJniKsgvY4A
zXN/4KgAWHr4J+MbGpuz3FUCgYB6ACr3iyaoN+3KLnzOEug/U/ykXnZu0ZiAYQ+H
DFrB1qukDWNPNMLtqNDKomGA4IrXtOOwCE6i0SqdvDrAYNoWnRfo7RdaFAdHeKvW
6TWCF5xuaFsLyKYY0nNm4XvyCaqqyIjoNKvD0sLf8B5V5gKFx+BM+xsuzYmdrWUt
Txem4QKBgQDGTEuEy8lX3AO7+iSwjgOC0mooLOR6MoH3iH81GUj+IuiwngIDRtHj
gIh0mNu6vgQkfBkaP27tyr00PBi3SIGAJOLaTKimjEOk0plTw1ewt4apMlhdcT/f
eVEUD7zpX3v1a8mN34wCRUEilpfMvEpIxW3GnDRzxVaXerydLiApJQ==
-----END RSA PRIVATE KEY-----

View File

@ -97,6 +97,8 @@ examples/protocols/mqtt/ssl_ds/configure_ds.py
examples/protocols/mqtt/tcp/mqtt_tcp_example_test.py
examples/protocols/mqtt/ws/mqtt_ws_example_test.py
examples/protocols/mqtt/wss/mqtt_wss_example_test.py
examples/protocols/openssl_client/example_test.py
examples/protocols/openssl_server/example_test.py
examples/protocols/pppos_client/example_test.py
examples/protocols/sntp/example_test.py
examples/protocols/sockets/tcp_client/example_test.py