first commit

Author: andreaz98

.gitignore

@@ -0,0 +1 @@
+build

CMakeLists.txt

@@ -0,0 +1,10 @@
+# For more information about build system see
+# https://docs.espressif.com/projects/esp-idf/en/latest/api-guides/build-system.html
+# The following five lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.16)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(esp-tls-test)
+
+target_add_binary_data(esp-tls-test.elf "main/ca.crt" TEXT)

main/CMakeLists.txt

@@ -0,0 +1,2 @@
+idf_component_register(SRCS "esp-tls-test.c"
+                    INCLUDE_DIRS ".")

main/ca.conf

@@ -0,0 +1,10 @@
+basicConstraints = CA:TRUE
+keyUsage = cRLSign, keyCertSign
+[req]
+distinguished_name = req_distinguished_name
+prompt = no
+[req_distinguished_name]
+C   = IT
+ST  = Marche
+L   = Gabicce Mare
+CN  = My personal CA for IoT

main/ca.crt

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDMzCCAhsCFCiUx7QcE8xH1A1IAP8hRVDPk/rkMA0GCSqGSIb3DQEBDQUAMFYx
+CzAJBgNVBAYTAklUMQ8wDQYDVQQIDAZNYXJjaGUxFTATBgNVBAcMDEdhYmljY2Ug
+TWFyZTEfMB0GA1UEAwwWTXkgcGVyc29uYWwgQ0EgZm9yIElvVDAeFw0yMzAxMjcw
+OTM4MDRaFw00MzAxMjkwOTM4MDRaMFYxCzAJBgNVBAYTAklUMQ8wDQYDVQQIDAZN
+YXJjaGUxFTATBgNVBAcMDEdhYmljY2UgTWFyZTEfMB0GA1UEAwwWTXkgcGVyc29u
+YWwgQ0EgZm9yIElvVDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJuk
+xFx6tHmvMNPiYtWwA3v3t1b+PTjcGBI4s789+mUbwXKRS/kSbfNjtZZdAbkoLRuh
+L04aqvcjuOlelFRVgK2sU2HnVveaNvjFQo2szrDQthTV6JUIFSfgoCjFk8jNEf18
+v1DxgTo1I61rYyJhgf2jAtwRDosVTDvDfcRKKdql6ZduD4N6PNTumJzqj8bDECJF
+ByBUwfTMz3etBmkiTExjeSGstdiFS8tl8vG9N+IFp7gWzU2bSAefzVTWOCumnimC
+Er+HATK0sjNGY7OEWF0AQklSus0137Iw+ypIWx6DVjJo1B9dx3ty9CwYWWv2KYxd
+YgtCpZ57fXVjLAkXhHcCAwEAATANBgkqhkiG9w0BAQ0FAAOCAQEAg9sf+QgRJ7ag
+C4R6f12eVyePiNBhee5/31tD9ooE5pjH/WAh61nH5NhB9YIcx0fKc/Rn18cQULPj
+cu4JsQ5QgY3Wb7rZFOZ9nxlmTbn9ds18DNBu8PBavNWlYLMp2PRsu3OOfjROt1Wc
+t6vr3aUTotQZ+6l8TUC4cNK4UXcViNcn2/hTdF0uwrTpyrfKG0jD98xq83X2bhcp
+bE0AUkM8c5+otHQ1xEgSGXo11YINPD8iIpvFGIfahjjXMLGJWxSLNs6PaaKRjHSO
+gzKeDAEXrtlp9uTnBSYJvlI76Q5dCG4QE1Hl8XarBWod22CYScx6L9P/+cjuDgvM
+J9KwoZgG2A==
+-----END CERTIFICATE-----

main/ca.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCbpMRcerR5rzDT
+4mLVsAN797dW/j043BgSOLO/PfplG8FykUv5Em3zY7WWXQG5KC0boS9OGqr3I7jp
+XpRUVYCtrFNh51b3mjb4xUKNrM6w0LYU1eiVCBUn4KAoxZPIzRH9fL9Q8YE6NSOt
+a2MiYYH9owLcEQ6LFUw7w33ESinapemXbg+DejzU7pic6o/GwxAiRQcgVMH0zM93
+rQZpIkxMY3khrLXYhUvLZfLxvTfiBae4Fs1Nm0gHn81U1jgrpp4pghK/hwEytLIz
+RmOzhFhdAEJJUrrNNd+yMPsqSFseg1YyaNQfXcd7cvQsGFlr9imMXWILQqWee311
+YywJF4R3AgMBAAECggEALoJAWQAjsN7sYMxby03i5Kbjpr+nDLgcC0ndUG7VRWRT
+XIhVYvKiX2Hyr6FQNANw4zo5mAW5A8utZDLqcP7xyjPd4LoPz0JKXfEYD5zNUKG1
+XymCbBIzvCxPv482t4Cr+QrPYoEgJAQgCqC1yV7IyMFux9Li/SWal5s1mDOvKRIG
+cXCHb6+FDHSqRWjxO0a+hA5pJClExKKNTXESUM7WGi3IKsD3WweQqFfT35qmBOJ6
+D7UgD3+leNA81H899gNyalx7mCvWoVki7udxfiqJMOpwIJOW4xe3Yzl1mdHHWekt
+O0QeBgid7qXM+dJWfzzWIpAwZJ9KMHbGVKc6rZzeBQKBgQC9O597gDZdsUfZQoTO
+XRiSR4sBOCbqGbQNE81tyV4piBbMUTQX0tTypSAR6H4JZhF8QDW5ik9+IhlErou9
+IpWke5mvZel+/6ECz9SJrydXXJTnaheWe/rty58zxcblDsurnGes/M7H00zcUw6H
+THBX/XHHNGgeaIoMSKEzyeME/QKBgQDSjzUSlp2pZk92E2STwVDK7k2jfeIn6VQE
+PddnL73gGSV127R66Qdu2BTlAs72H3K+C3ZVGKRVcx8E+6bSyTQA1sDWsNw2Tmah
+mm9HGnYmdEberCyykSHrHEQAW5Q2B/jG+sYVDC8CfXOs20axqe8E3jtaQHmPktkS
+VIkj8WEDgwKBgQC12keQgw08CvN2ObOxMcw8P165hEH5dUwPyTkBSaQhG3R1U5BR
+WL5mlQN10kzVMW6aToaS0PVFzPUliOwnjcXrNRDje3fiIT2Vmy6wRk/zZ7h9j/ot
+FuZ1gdp0AZv7YrWeLQeBOc5qQIi7r2Hl6jKIjLq76oQovOP1nBK210xA7QKBgBV7
+9T9bTOT/AnaazfVhkTvTiup2qr/FyAPSx4rIzUfzaOYYr9amtlJyC9e+LJ3iYZPQ
+mZdfN01cvLqGbuQtEXhQcUa2rxF/eGte1aHcqleMH7sSuFDUDDDwJmQe9AV7VMAA
+0HtPTfCkGkx150WzgCbwAgBYec7TfgCnzYJ0W6C/AoGAbHddgp7GBwZaT/Z8sSej
+ghF1uMLIyLuR8MsexU6OhLff9rtS+L+NPRqDoc53X+09mFxus7Ubwp7YRXkvJUwF
+JVTifVT5IglQsRtmBSWc0gU8zDfZyGsOxT0WSGbTj5OXqlMxuWz3xZt3w7k9tJC8
+Xac6m3MVP8GajmAxyJbaUPs=
+-----END PRIVATE KEY-----

main/esp-tls-test.c

@@ -0,0 +1,154 @@
+#include <stdio.h>
+
+#include <unistd.h>
+#include <string.h>
+
+#include <esp_system.h>
+#include <esp_tls.h>
+#include <esp_wifi.h>
+#include <nvs_flash.h>
+
+#include <lwip/dns.h>
+
+#include <freertos/event_groups.h>
+
+//================ WIFI ============= 
+#define ESP_WIFI_SSID      "SSID"
+#define ESP_WIFI_PASS      "p4zzw0rd"
+#define ESP_MAXIMUM_RETRY  5
+#define WIFI_CONNECTED_BIT BIT0
+
+
+static bool s_is_wifi_connected = false;
+static EventGroupHandle_t s_event_group_handler;
+static int s_retry_count = 0;
+//===================================
+
+ip4_addr_t server_ip; //DNS server IP
+
+
+
+//================ TLS =============
+extern const uint8_t ca_crt_start[] asm("_binary_ca_crt_start");
+extern const uint8_t ca_crt_end[] asm("_binary_ca_crt_end");
+
+char * hostname = "sslserver.home";
+//==================================
+
+//event handler of the WiFi
+static void event_handler(void* arg, esp_event_base_t event_base, int32_t event_id, void* event_data)
+{
+    if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START)
+    {
+        esp_wifi_connect();
+    }
+    else if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_DISCONNECTED)
+    {
+        if (s_retry_count < ESP_MAXIMUM_RETRY)
+        {
+            esp_wifi_connect();
+            s_retry_count++;
+        }
+    }
+    else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP)
+    {
+        xEventGroupSetBits(s_event_group_handler, WIFI_CONNECTED_BIT);
+        s_retry_count = 0;
+    }
+}
+
+void wifi_init_sta(void)
+{
+    s_event_group_handler = xEventGroupCreate();
+
+    ESP_ERROR_CHECK(esp_netif_init());
+
+    ESP_ERROR_CHECK(esp_event_loop_create_default());
+    esp_netif_create_default_wifi_sta();
+
+    wifi_init_config_t config = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK(esp_wifi_init(&config));
+
+    esp_event_handler_instance_t handler_any_id;
+    esp_event_handler_instance_t handler_got_ip;
+    ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
+                                                        ESP_EVENT_ANY_ID,
+                                                        &event_handler,
+                                                        NULL,
+                                                        &handler_any_id));
+    ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
+                                                        IP_EVENT_STA_GOT_IP,
+                                                        &event_handler,
+                                                        NULL,
+                                                        &handler_got_ip));
+
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = ESP_WIFI_SSID,
+            .password = ESP_WIFI_PASS,
+        }
+    };
+
+    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA));
+    ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config));
+    ESP_ERROR_CHECK(esp_wifi_start());
+
+    EventBits_t bits = xEventGroupWaitBits(s_event_group_handler,
+            WIFI_CONNECTED_BIT,
+            pdFALSE,
+            pdFALSE,
+            portMAX_DELAY);
+
+    if (bits & WIFI_CONNECTED_BIT)
+        s_is_wifi_connected = true;
+
+    ESP_ERROR_CHECK(esp_event_handler_instance_unregister(IP_EVENT, IP_EVENT_STA_GOT_IP, handler_got_ip));
+    ESP_ERROR_CHECK(esp_event_handler_instance_unregister(WIFI_EVENT, ESP_EVENT_ANY_ID, handler_any_id));
+    vEventGroupDelete(s_event_group_handler);
+}
+
+void app_main(void)
+{
+    {// set wifi connection
+    esp_err_t ret = nvs_flash_init();
+    if (ret == ESP_ERR_NVS_NO_FREE_PAGES || ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
+      ESP_ERROR_CHECK(nvs_flash_erase());
+      ret = nvs_flash_init();
+    }
+    ESP_ERROR_CHECK(ret);
+
+    printf("\n[WIFI] Connecting to WiFi...\n");
+    wifi_init_sta();
+    while (!s_is_wifi_connected)
+    {
+        printf("[WIFI] Waiting for the WiFi to connect\n");
+        sleep(1);
+    }
+
+    printf("[WIFI] Connected to WiFi\n");
+}
+
+    IP4_ADDR(&server_ip, 192, 168, 1, 199);
+    dns_setserver(0, &server_ip);
+
+    
+    esp_tls_t *tls = esp_tls_init();
+    if(!tls){
+        printf("[TLS] not initialised successfully\n");
+        return;
+    }
+
+    ESP_ERROR_CHECK(esp_tls_set_global_ca_store(ca_crt_start, ca_crt_end - ca_crt_start));
+
+    esp_tls_cfg_t cfg = {
+        .use_global_ca_store = true
+    };
+
+    
+    esp_tls_conn_new_sync(hostname, strlen(hostname) + 1, 6000, &cfg, tls);
+    esp_tls_conn_write(tls, "some encrypted data", strlen("some encrypted data"));
+
+    esp_tls_conn_destroy(tls);
+
+    printf("bye ;)\n");
+}