• State Resolved
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 200 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC3120: How to install the Playground certificates to CC3120 WiFi module.

Navaneeth MP
Prodigy 30 points
Part Number: CC3120

Hi,

I am using CC3120 based WiFi module for my project. We have http stack from MQX rtos which is integrated to our platform. We need to add https to our web server for adding network security. When checking the possibilities I found that CC3120 WiFi module provides secure socket creation by calling this sl_SetSockOpt(server->sock_v4, SL_SOL_SOCKET, SL_SO_SECMETHOD, &method, sizeof(SlSockSecureMethod_t)). Also we need to install necessary certificates to CC3120 WiFi module. I have downloaded TI CC3120 SDK and found some certificates are available in the following path. C:\ti\simplelink_sdk_wifi_plugin_4_20_00_10\tools\cc31xx_tools\certificate-playground.

Please somebody help me how to install this playground certificates to CC3120 module and what certificates are mandatory to work it as a server.

Regards

Navaneeth

  • 0
    TI__Mastermind 38980 points

    Hi Navaneeth,

    You can create and flash an image using ImageCreator. See the sections on Adding a User File and Trusted Root-Certificate Catalog in the UniFlash ImageCreator Basics tutorial. You will need a CC31XXEMUBOOST or some other USB-to-UART hardware.

    Please note the dummy certificates and certificate playground are for development only and cannot be used for production.

    Best regards,

    Sarah

  • +1 in reply to Sarah P
    Prodigy 30 points

    Hi Sarah,

    Thanks for the quick reply,

    Is it possible to update the certificates using supported apis from sl provisioning code?. We can't use the eternal tool for programming WiFi module, since the product is already in field. I found below example code from TI document to write files to CC3120. Will this code work without using any signature in sl_FsClose?.

    // file_name = dummy-root-ca-cert, dummy-root-ca-cert-key

    int32_t writeCert(uint8_t *data , uint32_t len, char * file_name)
    {
      int32_t fHdl;
      int32_t status;
      uint32_t offset;
      uint32_t writeLen;
      fHdl = sl_FsOpen(file_name, SL_FS_CREATE | SL_FS_OVERWRITE |SL_FS_CREATE_FAILSAFE | SL_FS_CREATE_MAX_SIZE( len ), NULL);
      if( fHdl >= 0 )
      {
        offset = 0;
        do
        {
             if (len < CERT_WRITE_CHUNK_SIZE)
             {
                  writeLen = len;
             }
             else
             {
                 writeLen = CERT_WRITE_CHUNK_SIZE;
             }
             status = sl_FsWrite(fHdl, offset, &(data[offset]), writeLen);
            offset += writeLen;
        }while (offset < len);
        sl_FsClose(fHdl,0,0,0);
        return 0;
      }
      else
      {
          return -1;
      }
    }

    I am writing dummy-root-ca-cert-key and dummy-root-ca-cert to the CC3120 flash. After writing I use 

    SetSockOpt(server->sock_v4, SL_SOL_SOCKET, SL_SO_SECURE_FILES_CERTIFICATE_FILE_NAME, "dummy-root-ca-cert",strlen("dummy-root-ca-cert"));

    SetSockOpt(server->sock_v4, SL_SOL_SOCKET, SL_SO_SECURE_FILES_PRIVATE_KEY_FILE_NAME, "dummy-root-ca-cert-key",strlen("dummy-root-ca-cert-key"))

    still it doesn't work, it shows error -457 (SL_ERROR_BSD_ESECBADCERTFILE). 

    If we want to use the signature for writing, how will we get the signature for dummy-root-ca-cert-key and dummy-root-ca-cert images?.

    Also are these certificates enough to write to CC3120?.

    Thanks 

    Navaneeth