添加智能灯固件代码

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/CMakeLists.txt

@@ -0,0 +1,10 @@
+# The following lines of boilerplate have to be in your project's CMakeLists
+# in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+# (Not part of the boilerplate)
+# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(openssl_server)

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := openssl_server
+
+EXTRA_COMPONENT_DIRS = $(IDF_PATH)/examples/common_components/protocol_examples_common
+
+include $(IDF_PATH)/make/project.mk
+

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/README.md

@@ -0,0 +1,22 @@
+# Openssl Example
+
+The Example contains of OpenSSL server demo.
+
+Open the project configuration menu (`idf.py menuconfig`):
+
+* Configure Wi-Fi or Ethernet under "Example Connection Configuration" menu. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../README.md) for more details.
+
+* When using Make build system, set `Default serial port` under `Serial flasher config`.
+    
+IF you want to test the OpenSSL server demo: 
+  1. compile the code and load the firmware 
+  2. input the context of "https://192.168.17.128" into your web browser, the IP of your module may not be 192.168.17.128, you should input your module's IP
+  3. You may see that it shows the website is not able to be trusted, but you should select that "go on to visit it"
+  4. You should wait for a moment until your see the "OpenSSL server demo!" in your web browser
+  
+Note:
+  The private key and certification at the example are not trusted by web browser, because they are not created by CA official, just by ourselves.
+  You can alse create your own private key and ceritification by "openssl at ubuntu or others". 
+  We have the document of "ESP8266_SDKSSL_User_Manual_EN_v1.4.pdf" at "https://www.espressif.com/en/support/download/documents". By it you can gernerate the private key and certification with the fomate of ".pem"
+
+See the README.md file in the upper level 'examples' directory for more information about examples.

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/main/CMakeLists.txt

@@ -0,0 +1,4 @@
+# Embed the certificate & key data directly in the built binary
+idf_component_register(SRCS "openssl_server_example_main.c"
+                    INCLUDE_DIRS "."
+                    EMBED_TXTFILES cacert.pem prvtkey.pem)

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/main/cacert.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDezCCAmOgAwIBAgIJAPMMNobNczaUMA0GCSqGSIb3DQEBBAUAMHQxEzARBgNV
+BAMTCk15IFRlc3QgQ0ExCzAJBgNVBAgTAkhaMQswCQYDVQQGEwJDTjEcMBoGCSqG
+SIb3DQEJARYNdGVzdEBjZXJ0LmNvbTElMCMGA1UEChMcUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eTAeFw0xNjExMTUwNTA0MThaFw0xOTExMTUwNTA0MThaMHQx
+EzARBgNVBAMTCk15IFRlc3QgQ0ExCzAJBgNVBAgTAkhaMQswCQYDVQQGEwJDTjEc
+MBoGCSqGSIb3DQEJARYNdGVzdEBjZXJ0LmNvbTElMCMGA1UEChMcUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALDjSPDlomepHCzbw4MUrquQAU0xTV4/Npb27k9I5TRVTjIoOs/5hNI2LPFW
+e4CREx09ZrT8K3NFOBoSy7bhPAsjGaFxCYYWc9tiX1m5gq3ToVRSmbZ65fE3kvnI
+8E/d5VyzA0OMmWbfaolBSTMoWgqRynEaT+z1Eh2yDTzVFy9eov1DdQFUqGDqbH5b
+QYvTY5Fyem7UcKWAe2yS0j3H4dVtVBKNY7qV3Px08yGAs5fQFgUwhyB5+qwhvkeL
+JdgapGaSTwLgoQKWHbe/lA3NiBIB9hznFUGKo3hmniAvYZbrQcn3tc0l/J4I39v2
+Pm29FAyjWvQyBkGktz2q4elOZYkCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkq
+hkiG9w0BAQQFAAOCAQEAJCJ+97oae/FcOLbPpjCpUQnWqYydgSChgalkZNvr4fVp
+TnuNg471l0Y2oTJLoWn2YcbPSFVOEeKkU47mpjMzucHHp0zGaW9SdzhZalWwmbgK
+q2ijecIbuFHFNedYTk/03K7eaAcjVhD8e0oOJImeLOL6DAFivA1LUnSgXsdGPDtD
+zhISsCPTu+cL1j0yP6HBvLeAyb8kaCWJ05RtiVLRANNHQn/keHajJYpMwnEEbJdG
+cqN3whfJoGVbZ6isEf2RQJ0pYRnP7uGLW3wGkLWxfdto8uER8HVDx7fZpevLIqGd
+1OoSEi3cIJXWBAjx0TLzzhtb6aeIxBJWQqHThtkKdg==
+-----END CERTIFICATE-----

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/main/component.mk

@@ -0,0 +1,6 @@
+#
+# Main Makefile. This is basically the same as a component makefile.
+#
+
+COMPONENT_EMBED_TXTFILES := cacert.pem
+COMPONENT_EMBED_TXTFILES += prvtkey.pem

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/main/openssl_server_example.h

@@ -0,0 +1,24 @@
+/* OpenSSL server Example
+
+   This example code is in the Public Domain (or CC0 licensed, at your option.)
+
+   Unless required by applicable law or agreed to in writing, this
+   software is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+   CONDITIONS OF ANY KIND, either express or implied.
+*/
+
+#ifndef _OPENSSL_SERVER_H_
+#define _OPENSSL_SERVER_H_
+
+#include "sdkconfig.h"
+
+#define OPENSSL_EXAMPLE_TASK_NAME        "openssl_example"
+#define OPENSSL_EXAMPLE_TASK_STACK_WORDS 10240
+#define OPENSSL_EXAMPLE_TASK_PRIORITY    8
+
+#define OPENSSL_EXAMPLE_RECV_BUF_LEN       1024
+
+#define OPENSSL_EXAMPLE_LOCAL_TCP_PORT     443
+
+#endif
+

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/main/openssl_server_example_main.c

@@ -0,0 +1,221 @@
+/* OpenSSL server Example
+
+   This example code is in the Public Domain (or CC0 licensed, at your option.)
+
+   Unless required by applicable law or agreed to in writing, this
+   software is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+   CONDITIONS OF ANY KIND, either express or implied.
+*/
+
+#include "openssl_server_example.h"
+
+#include <string.h>
+
+#include "openssl/ssl.h"
+
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event.h"
+#include "esp_netif.h"
+#include "nvs_flash.h"
+#include "protocol_examples_common.h"
+
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+
+
+const static char *TAG = "Openssl_example";
+
+#define OPENSSL_EXAMPLE_SERVER_ACK "HTTP/1.1 200 OK\r\n" \
+                                "Content-Type: text/html\r\n" \
+                                "Content-Length: 106\r\n\r\n" \
+                                "<html>\r\n" \
+                                "<head>\r\n" \
+                                "<title>OpenSSL example</title></head><body>\r\n" \
+                                "OpenSSL server example!\r\n" \
+                                "</body>\r\n" \
+                                "</html>\r\n" \
+                                "\r\n"
+
+static void openssl_example_task(void *p)
+{
+    int ret;
+
+    SSL_CTX *ctx;
+    SSL *ssl;
+
+    int sockfd, new_sockfd;
+    socklen_t addr_len;
+    struct sockaddr_in sock_addr;
+
+    char recv_buf[OPENSSL_EXAMPLE_RECV_BUF_LEN];
+
+    const char send_data[] = OPENSSL_EXAMPLE_SERVER_ACK;
+    const int send_bytes = sizeof(send_data);
+
+    extern const unsigned char cacert_pem_start[] asm("_binary_cacert_pem_start");
+    extern const unsigned char cacert_pem_end[]   asm("_binary_cacert_pem_end");
+    const unsigned int cacert_pem_bytes = cacert_pem_end - cacert_pem_start;
+
+    extern const unsigned char prvtkey_pem_start[] asm("_binary_prvtkey_pem_start");
+    extern const unsigned char prvtkey_pem_end[]   asm("_binary_prvtkey_pem_end");
+    const unsigned int prvtkey_pem_bytes = prvtkey_pem_end - prvtkey_pem_start;   
+
+    ESP_LOGI(TAG, "SSL server context create ......");
+    /* For security reasons, it is best if you can use
+       TLSv1_2_server_method() here instead of TLS_server_method().
+       However some old browsers may not support TLS v1.2.
+    */
+    ctx = SSL_CTX_new(TLS_server_method());
+    if (!ctx) {
+        ESP_LOGI(TAG, "failed");
+        goto failed1;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server context set own certification......");
+    ret = SSL_CTX_use_certificate_ASN1(ctx, cacert_pem_bytes, cacert_pem_start);
+    if (!ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed2;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server context set private key......");
+    ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, prvtkey_pem_start, prvtkey_pem_bytes);
+    if (!ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed2;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server create socket ......");
+    sockfd = socket(AF_INET, SOCK_STREAM, 0);
+    if (sockfd < 0) {
+        ESP_LOGI(TAG, "failed");
+        goto failed2;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server socket bind ......");
+    memset(&sock_addr, 0, sizeof(sock_addr));
+    sock_addr.sin_family = AF_INET;
+    sock_addr.sin_addr.s_addr = 0;
+    sock_addr.sin_port = htons(OPENSSL_EXAMPLE_LOCAL_TCP_PORT);
+    ret = bind(sockfd, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
+    if (ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server socket listen ......");
+    ret = listen(sockfd, 32);
+    if (ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+reconnect:
+    ESP_LOGI(TAG, "SSL server create ......");
+    ssl = SSL_new(ctx);
+    if (!ssl) {
+        ESP_LOGI(TAG, "failed");
+        goto failed3;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server socket accept client ......");
+    new_sockfd = accept(sockfd, (struct sockaddr *)&sock_addr, &addr_len);
+    if (new_sockfd < 0) {
+        ESP_LOGI(TAG, "failed" );
+        goto failed4;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    SSL_set_fd(ssl, new_sockfd);
+
+    ESP_LOGI(TAG, "SSL server accept client ......");
+    ret = SSL_accept(ssl);
+    if (!ret) {
+        ESP_LOGI(TAG, "failed");
+        goto failed5;
+    }
+    ESP_LOGI(TAG, "OK");
+
+    ESP_LOGI(TAG, "SSL server read message ......");
+    do {
+        memset(recv_buf, 0, OPENSSL_EXAMPLE_RECV_BUF_LEN);
+        ret = SSL_read(ssl, recv_buf, OPENSSL_EXAMPLE_RECV_BUF_LEN - 1);
+        if (ret <= 0) {
+            break;
+        }
+        ESP_LOGI(TAG, "SSL read: %s", recv_buf);
+        if (strstr(recv_buf, "GET ") &&
+            strstr(recv_buf, " HTTP/1.1")) {
+            ESP_LOGI(TAG, "SSL get matched message");
+            ESP_LOGI(TAG, "SSL write message");
+            ret = SSL_write(ssl, send_data, send_bytes);
+            if (ret > 0) {
+                ESP_LOGI(TAG, "OK");
+            } else {
+                ESP_LOGI(TAG, "error");
+            }
+            break;
+        }
+    } while (1);
+    
+    SSL_shutdown(ssl);
+failed5:
+    close(new_sockfd);
+    new_sockfd = -1;
+failed4:
+    SSL_free(ssl);
+    ssl = NULL;
+    goto reconnect;
+failed3:
+    close(sockfd);
+    sockfd = -1;
+failed2:
+    SSL_CTX_free(ctx);
+    ctx = NULL;
+failed1:
+    vTaskDelete(NULL);
+    return ;
+} 
+
+static void openssl_server_init(void)
+{
+    int ret;
+    xTaskHandle openssl_handle;
+
+    ret = xTaskCreate(openssl_example_task,
+                      OPENSSL_EXAMPLE_TASK_NAME,
+                      OPENSSL_EXAMPLE_TASK_STACK_WORDS,
+                      NULL,
+                      OPENSSL_EXAMPLE_TASK_PRIORITY,
+                      &openssl_handle); 
+
+    if (ret != pdPASS)  {
+        ESP_LOGI(TAG, "create task %s failed", OPENSSL_EXAMPLE_TASK_NAME);
+    }
+}
+
+void app_main(void)
+{
+    ESP_ERROR_CHECK(nvs_flash_init());
+    ESP_ERROR_CHECK(esp_netif_init());
+    ESP_ERROR_CHECK(esp_event_loop_create_default());
+
+    /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
+     * Read "Establishing Wi-Fi or Ethernet Connection" section in
+     * examples/protocols/README.md for more information about this function.
+     */
+    ESP_ERROR_CHECK(example_connect());
+
+    openssl_server_init();
+}

firmware/esp-idf/wumei-smart-firmware/examples/protocols/openssl_server/main/prvtkey.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAsONI8OWiZ6kcLNvDgxSuq5ABTTFNXj82lvbuT0jlNFVOMig6
+z/mE0jYs8VZ7gJETHT1mtPwrc0U4GhLLtuE8CyMZoXEJhhZz22JfWbmCrdOhVFKZ
+tnrl8TeS+cjwT93lXLMDQ4yZZt9qiUFJMyhaCpHKcRpP7PUSHbINPNUXL16i/UN1
+AVSoYOpsfltBi9NjkXJ6btRwpYB7bJLSPcfh1W1UEo1jupXc/HTzIYCzl9AWBTCH
+IHn6rCG+R4sl2BqkZpJPAuChApYdt7+UDc2IEgH2HOcVQYqjeGaeIC9hlutByfe1
+zSX8ngjf2/Y+bb0UDKNa9DIGQaS3Parh6U5liQIDAQABAoIBAB9K9jp3xXVlO3DM
+KBhmbkg3n6NSV4eW00d9w8cO9E1/0eeZql3knJS7tNO1IwApqiIAHM1j1yP7WONz
+88oUqpSlzwD6iF7KVhC3pHqxEOdDi0Tpn/viXg+Ab2X1IF5guRTfLnKiyviiCazi
+edqtBtDb3d6Icx9Oc7gBKcpbQFDGt++wSOb5L+xhRm9B5B4l/6byikiPeKqIK5tC
+SoP9Zr1mvpNoGm1P4LvEunFJcRBqVI010VNwfO9P98oVyzJu9/FZZrQxXoY9JdXF
+OM6nbl+hMDM3TkEOda9NvBhImozEAvuc97CaaXyR3XivxMqNqNIb4+syUPa2PCS3
+ZztI5qECgYEA1gbVG6ifpvpbBkDPi3Im8fM3F7FLLrQc48FdFjdMvDhHD9lVKucD
+Uaa8PF9dbbvlu2cwMyfBOKSuWaXxRxRsiqiPmTunS1MvPzQcSrGwUrL2AogGucn6
++NrLQf5P4H5IpkDQ9ih3zwjO6xKFK1WeYnYpHM8qUBtl6q0YFyVBPu0CgYEA05Pn
+StWA4D7VSbNnVi6lvFyEOUsTrK3v419598TFiq4eXLq6aV8/CQYzKsSzoG+aOZhX
+Li+0uyT5cNzUcXYhTsW1hA/pNhMfxMrYiB1x14zlLp2WRGg4vd/+SxX6d9Yd3acX
+7QzPKgdDicXs9QN8ozJOICKvNbUI53AJdATVEY0CgYEAwvpGeoQLrdq1weSZLrg3
+soOX1QW3MDz1dKdbXjnStkWut0mOxR7fbysuoPFf8/ARQcCnsHKvHCMqkpESVWbN
+2yPkbfxiU8Tcbf/TJljqAOz4ISY6ula/RKZONTixHBrvpEW4GAiV3Q5xMsYUe33s
+ZFaw7YXtTj0ng7tdDvjpj6ECgYEApHdUU9ejVq2BHslWiqe4LbO9FMxHfvO2hgix
+xugupp6y+2Irhb2EQn+PRq+g8hXOzPaezkhHNTKItDL08T3iplkJwJ6dqmszRsZn
+i2dYFzZu8M2PAZ4CfZahFbz/9id7D9HTx3EtmH4NAgvZJpyPRkzUbiaIDDettDpj
+Hsyi1AECgYAPLvjBzQj4kPF8Zo9pQEUcz4pmupRVfv3aRfjnahDK4qZHEePDRj+J
+W7pzayrs1dyN9QLB8pTc424z7f8MB3llCICN+ohs8CR/eW0NEobE9ldDOeoCr1Vh
+NhNSbrN1iZ8U4oLkRTMaDKkVngGffvjGi/q0tOU7hJdZOqNlk2Iahg==
+-----END RSA PRIVATE KEY-----