ST / Mbed 2 deprecated TLS_HelloWorld_IDW01M1

Connect a secure socket with TLS server authentication through X-NUCLEO_IDW01M1 Wi-Fi.

Dependencies:   NetworkSocketAPI X_NUCLEO_IDW01M1v2 mbed

Fork of HelloWorld_IDW01M1v2 by ST

Example of TLS connection using X-NUCLEO-IDW01M1 Wi-Fi expansion board.
The application is meant to be used with mbed OS 2 ("Classic") only (no mbedOS 5 support).
It uses the TLS/SSL feature provided natively by the Wi-Fi module and performs secure connection to https://mbed.org also verifying the server identity.
To avoid expired CA certificates, system time (in epoch) must be manually entered (e..g. using http://www.epochconverter.com/ ) .
Retrieval of current time from an NTP server is shown by this example.

main.cpp@12:7b6b23225fd0, 2017-01-16 (annotated)

Committer:
mapellil
Date:
Mon Jan 16 13:20:06 2017 +0000
Revision:
12:7b6b23225fd0
Parent:
11:0b4472769b08 
Removed unsecure socket connection (only secure socket connection  with server authentication)

Who changed what in which revision?

UserRevisionLine numberNew contents of line
mridup 0:dee849b0e6e6 1 /* SpwfInterface NetworkSocketAPI Example Program
mridup 0:dee849b0e6e6 2 * Copyright (c) 2015 ARM Limited
mridup 0:dee849b0e6e6 3 *
mridup 0:dee849b0e6e6 4 * Licensed under the Apache License, Version 2.0 (the "License");
mridup 0:dee849b0e6e6 5 * you may not use this file except in compliance with the License.
mridup 0:dee849b0e6e6 6 * You may obtain a copy of the License at
mridup 0:dee849b0e6e6 7 *
mridup 0:dee849b0e6e6 8 * http://www.apache.org/licenses/LICENSE-2.0
mridup 0:dee849b0e6e6 9 *
mridup 0:dee849b0e6e6 10 * Unless required by applicable law or agreed to in writing, software
mridup 0:dee849b0e6e6 11 * distributed under the License is distributed on an "AS IS" BASIS,
mridup 0:dee849b0e6e6 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
mridup 0:dee849b0e6e6 13 * See the License for the specific language governing permissions and
mridup 0:dee849b0e6e6 14 * limitations under the License.
mridup 0:dee849b0e6e6 15 */
mridup 0:dee849b0e6e6 16
mridup 0:dee849b0e6e6 17 #include "mbed.h"
mridup 0:dee849b0e6e6 18 #include "SpwfInterface.h"
mridup 0:dee849b0e6e6 19 #include "TCPSocket.h"
mridup 0:dee849b0e6e6 20
mapellil 10:cc61a766cd1f 21 //www.mbed.com CA certificate in PEM format
mapellil 8:74b827befe72 22 char CA_cert []="-----BEGIN CERTIFICATE-----\r\n"
mapellil 10:cc61a766cd1f 23 "MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT\r\n"
mapellil 10:cc61a766cd1f 24 "MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i\r\n"
mapellil 10:cc61a766cd1f 25 "YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG\r\n"
mapellil 10:cc61a766cd1f 26 "EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg\r\n"
mapellil 10:cc61a766cd1f 27 "R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9\r\n"
mapellil 10:cc61a766cd1f 28 "9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq\r\n"
mapellil 10:cc61a766cd1f 29 "fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv\r\n"
mapellil 10:cc61a766cd1f 30 "iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU\r\n"
mapellil 10:cc61a766cd1f 31 "1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+\r\n"
mapellil 10:cc61a766cd1f 32 "bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW\r\n"
mapellil 10:cc61a766cd1f 33 "MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA\r\n"
mapellil 10:cc61a766cd1f 34 "ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l\r\n"
mapellil 10:cc61a766cd1f 35 "uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn\r\n"
mapellil 10:cc61a766cd1f 36 "Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS\r\n"
mapellil 10:cc61a766cd1f 37 "tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF\r\n"
mapellil 10:cc61a766cd1f 38 "PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un\r\n"
mapellil 10:cc61a766cd1f 39 "hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV\r\n"
mapellil 10:cc61a766cd1f 40 "5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==\r\n"
mapellil 8:74b827befe72 41 "-----END CERTIFICATE-----\r\n";
mapellil 8:74b827befe72 42
mapellil 10:cc61a766cd1f 43
mridup 0:dee849b0e6e6 44 //------------------------------------
mridup 0:dee849b0e6e6 45 // Hyperterminal configuration
mridup 0:dee849b0e6e6 46 // 9600 bauds, 8-bit data, no parity
mridup 0:dee849b0e6e6 47 //------------------------------------
mridup 0:dee849b0e6e6 48
mridup 2:3a87dbea07a7 49 Serial pc(USBTX, USBRX);
mridup 0:dee849b0e6e6 50 DigitalOut myled(LED1);
mridup 1:daf71fa3674c 51
mridup 1:daf71fa3674c 52 /*************************************
mridup 1:daf71fa3674c 53 //FRDM-K64: D9->UART1_TX, D7->UART1_RX
mridup 1:daf71fa3674c 54 Pin connections:
mridup 1:daf71fa3674c 55 FRDM IDW01M1
mridup 1:daf71fa3674c 56 ------ ---------
mridup 1:daf71fa3674c 57 +3v3 <--> +3v3
mridup 1:daf71fa3674c 58 GND <--> GND
mridup 1:daf71fa3674c 59 D9 <--> D8
mridup 1:daf71fa3674c 60 D7 <--> D2
mridup 1:daf71fa3674c 61
mridup 1:daf71fa3674c 62 SpwfSAInterface spwf(D9, D7, false);
mridup 1:daf71fa3674c 63 *************************************/
mridup 2:3a87dbea07a7 64 /*************************************
mridup 2:3a87dbea07a7 65 //LPCXpresso11U68: D9->UART1_TX, D7->UART1_RX
mridup 2:3a87dbea07a7 66 Pin connections:
mridup 2:3a87dbea07a7 67 LPC IDW01M1
mridup 2:3a87dbea07a7 68 ------ ---------
mridup 2:3a87dbea07a7 69 +3v3 <--> +3v3
mridup 2:3a87dbea07a7 70 GND <--> GND
mridup 2:3a87dbea07a7 71 A1 <--> D8
mridup 2:3a87dbea07a7 72 A2 <--> D2
mridup 2:3a87dbea07a7 73
mridup 2:3a87dbea07a7 74 SpwfSAInterface spwf(A1, A2, false);
mridup 2:3a87dbea07a7 75 *************************************/
mridup 1:daf71fa3674c 76
mridup 1:daf71fa3674c 77 //NUCLEO: D8->UART1_TX (PA_9), D2->UART1_RX (PA_10)
mridup 1:daf71fa3674c 78 SpwfSAInterface spwf(D8, D2, false);
mridup 2:3a87dbea07a7 79
mridup 0:dee849b0e6e6 80 int main() {
mridup 0:dee849b0e6e6 81 int err;
nikapov 7:92b5480bb3e4 82 char * ssid = "STM";
mapellil 11:0b4472769b08 83 char * seckey = "STMDemo";
mapellil 12:7b6b23225fd0 84
mapellil 12:7b6b23225fd0 85 pc.printf("\r\nTLS_HelloWorld mbed Application\r\n");
mridup 0:dee849b0e6e6 86 pc.printf("\r\nconnecting to AP\r\n");
mridup 0:dee849b0e6e6 87
mridup 0:dee849b0e6e6 88 if(spwf.connect(ssid, seckey, NSAPI_SECURITY_WPA2)) {
mridup 0:dee849b0e6e6 89 pc.printf("\r\nnow connected\r\n");
mridup 0:dee849b0e6e6 90 } else {
mridup 0:dee849b0e6e6 91 pc.printf("\r\nerror connecting to AP.\r\n");
mridup 0:dee849b0e6e6 92 return -1;
mridup 0:dee849b0e6e6 93 }
mapellil 8:74b827befe72 94
mapellil 12:7b6b23225fd0 95 // Start Secure Socket connection test (one way server autentication only)
mridup 0:dee849b0e6e6 96 TCPSocket socket(&spwf);
mapellil 8:74b827befe72 97 time_t ctTime;
mapellil 8:74b827befe72 98 ctTime = time(NULL);
mapellil 8:74b827befe72 99 printf ("Start Secure Socket connection with one way server autentication test\n\r");
mapellil 8:74b827befe72 100 printf("Initial System Time is: %s\r\n", ctime(&ctTime));
mapellil 8:74b827befe72 101 printf("Need to adjust time? if yes enter time in seconds elapsed since Epoch (cmd: date +'%%s'), otherwise enter 0 ");
mapellil 8:74b827befe72 102 int t=0;
mapellil 8:74b827befe72 103 scanf("%d",&t);
mapellil 8:74b827befe72 104 printf ("entered time is: %d \n\r", t);
mapellil 9:13bd9c989e6c 105 if (t != 0) { time_t txTm = t; set_time(txTm); } // set Nucleo system time
mapellil 9:13bd9c989e6c 106 ctTime = time(NULL);
mapellil 9:13bd9c989e6c 107 printf ("The current system time is: %s", ctime (&ctTime)); // set WiFi module systm time
mapellil 9:13bd9c989e6c 108 if (!spwf.set_time(ctTime)) printf ("ERROR set_time\n\r");
mapellil 8:74b827befe72 109 if (!spwf.clean_TLS_certificate(ALL)) printf ("ERROR clean_TLS_certificate\n\r");
mapellil 8:74b827befe72 110 if (!spwf.set_TLS_certificate(CA_cert, sizeof(CA_cert), FLASH_CA_ROOT_CERT)) printf ("ERROR set_TLS_certificate\n\r");
mapellil 10:cc61a766cd1f 111 if (!spwf.set_TLS_SRV_domain("*.mbed.com",FLASH_DOMAIN)) printf ("ERROR set_TLS_CA_domain\n\r");
mapellil 10:cc61a766cd1f 112 // NOTE: the Wifi API set_secure_mode() and set_unsecure_mode() refers to the whole interface so the socket must be created / opened after
mapellil 10:cc61a766cd1f 113 // having set the desidered mode (deft unsecure).
mapellil 10:cc61a766cd1f 114 //#define SEC_MODE1 // two possible ways to secure connect a socket are shown
mapellil 12:7b6b23225fd0 115 SocketAddress addr(&spwf, "");
mapellil 10:cc61a766cd1f 116 spwf.gethostbyname(&addr,"www.mbed.com"); // ask DNS to resolve URL/IP
mapellil 10:cc61a766cd1f 117 addr.set_port(443);
mapellil 10:cc61a766cd1f 118 spwf.set_secure_mode();
mapellil 8:74b827befe72 119 socket.open(&spwf);
mapellil 10:cc61a766cd1f 120 spwf.set_unsecure_mode();
mapellil 10:cc61a766cd1f 121 printf ("Connecting to www.mbed.com IP: %s ...\n\r", addr.get_ip_address());
mapellil 10:cc61a766cd1f 122 #ifdef SEC_MODE1
mapellil 8:74b827befe72 123 err = socket.connect(addr);
mapellil 10:cc61a766cd1f 124 #else
mapellil 10:cc61a766cd1f 125 err = socket.connect("www.mbed.com", 443);
mapellil 10:cc61a766cd1f 126 #endif
mapellil 8:74b827befe72 127 if (err != 0 )printf ("ERROR secure socket connection failed: %d\n\r", err);
mapellil 8:74b827befe72 128 else printf ("--->>> Secure socket CONNECTED to: %s\n\r", addr.get_ip_address());
mapellil 8:74b827befe72 129 socket.close();
mapellil 8:74b827befe72 130 printf ("Socket closed\n\r");
mridup 2:3a87dbea07a7 131 spwf.disconnect();
mapellil 8:74b827befe72 132 printf ("WIFI disconnected, exiting ...\n\r");
mapellil 8:74b827befe72 133
mridup 0:dee849b0e6e6 134 while(1) {
mridup 0:dee849b0e6e6 135 wait(1);
mridup 0:dee849b0e6e6 136 myled = !myled;
mridup 0:dee849b0e6e6 137 }
mridup 0:dee849b0e6e6 138 }