Other Parts Discussed in Thread: CC3100, UNIFLASH
Hi All,
I am using cc3100 with sdk 1.2 and ti rtos and tm4c129encpdt microcontroller. I am trying to use ftps. For that, I first tried ftp with the simplelink socket api and it worked good. Now I am using FTPS and used the TLS from the simplelink api itself. The way I followed is-
1. I have the root CA certificate in .pem format and wrote it into the serial flash of the cc3100 using the file systems api -
#define SL_SSL_CA_CERT_FILE_NAME "/cert/testcacert.der"
int32_t writeCert(uint8_t *data , uint32_t len) {
int32_t fHdl, file;
char filename[] = SL_SSL_CA_CERT_FILE_NAME;
int32_t status;
uint32_t offset, token;
uint32_t writeLen;
fHdl = sl_FsOpen(filename,
FS_MODE_OPEN_CREATE(len,
_FS_FILE_OPEN_FLAG_SECURE|_FS_FILE_OPEN_FLAG_COMMIT|_FS_FILE_PUBLIC_WRITE
|_FS_FILE_PUBLIC_READ),
&token, &file);
if( fHdl >= 0 ) {
offset = 0;
do {
if (len < CERT_WRITE_CHUNK_SIZE) {
writeLen = len;
} else {
writeLen = CERT_WRITE_CHUNK_SIZE;
}
status = sl_FsWrite(file, offset, &(data[offset]), writeLen);
offset += writeLen;
}
while (offset < len);
sl_FsClose(file,0,0,0);
return 0;
} else {
return -1;
}
}
This writes successfully as it return 0.
2. Now I use the slsocketopt -
SlSockSecureMethod method;
unsigned long cipher = SL_SEC_MASK_SECURE_DEFAULT ;
method.secureMethod = SL_SO_SEC_METHOD_TLSV1_2; // security method we want to use
//int sock = sl_Socket(SL_AF_INET,SL_SOCK_STREAM, IPPROTO_IP);
int sock = sl_Socket(SL_AF_INET,SL_SOCK_STREAM, SL_SEC_SOCKET);
if (sock == -1) {
logg("ftp: ***ERROR*** - socket not created.","");
sock = 0;goto sockCleanup;
} else {
if (ftp_debug) logStr("ftp: socket %s created successfully.","",ipAddress);
}
int ret = sl_SetSockOpt(sock, SL_SOL_SOCKET, SL_SO_SECMETHOD, (_u8 *)&method, sizeof(method));
ret = sl_SetSockOpt(sock, SL_SOL_SOCKET, SL_SO_SECURE_MASK, &cipher, sizeof(cipher));
ret= sl_SetSockOpt(sock, SL_SOL_SOCKET, SL_SO_SECURE_FILES_CA_FILE_NAME, selfCertFileName, (SlSocklen_t)strlen(selfCertFileName));
But when I try to call connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr));
It gives the -456 error which bad ca file.
I am using the self-signed root ca and generating the intermediate certificate to put into my local ftps server which is on Filezilla.
Why am I getting this error? I tried so many things. Help me out this.
My root CA is in .pem format. I copied the contents into the array and used the fs api to write into cc3100 serial flash. If I convert this .pem to .der format, the file looks likes this(opened in notepad++)-
0‚ð0‚Y ’X «0 *†H†÷ 010 UIN10U Karnataka10U Bengaluru10U Gluon10UEmbedded10U ftps.gluon1!0 *†H†÷ akhilesh@gluon.com0 191223093042Z 241221093042Z010 UIN10U Karnataka10U Bengaluru10U Gluon10UEmbedded10U ftps.gluon1!0 *†H†÷ akhilesh@gluon.com0Ÿ0 *†H†÷ 0‰ Ä3ê×bX¶h¥’šÆ"RXTÚX3ŽÝSÎ%ÿ8™Å@Ãji?¬Þ4”‰%}2V‡ ¥n:Ñ#¤_ «yQx‘›‘p±/¤¶m!_þÍ[ ‘hôúÌ0HQØÓéWêrü‚ˆéL²Å’-,õ È™~çÑgîbþ,P½±.Å –1v_ £P0N0U*f·éª ÔË…àQ•ßoþj0U#0€*f·éª ÔË…àQ•ßoþj0U0ÿ0 *†H†÷ ‹Ùm9(, á\âr$L¤º×—¡6¤’l*½ÌÉ=ÉdÏ4æÞÀélá3Xð„$·®oÙÒØÈXðp<šŠˆ)¾Ã„öµšÛ̲:‚ç £JÒíCzLO}k+]`C9ê«àÈ ¤»}3ÒA䩃¯$Øb§cv‘2€ñ
How to write .der format into serial flash using filesystem API?
Thanks
Akhilesh
