Example of a TCP socket with SSL?

[dizcza]

I already have a TCP client running on an ESP32 but I'd like to make it secure with SSL.

I found something similar for Arduino: https://github.com/khoih-prog/AsyncTCP_SSL. But, firstly, it's on Arduino and, secondly, the project is no longer maintained.

On the documentation page of ESP-IDF, I found only one related function - "esp_tls_plain_tcp_connect". But there are no examples. The only source code that uses this function is in the "components/tcp_transport/transport_ssl.c":

Code: Select all

static int tcp_connect(esp_transport_handle_t t, const char *host, int port, int timeout_ms)
{
    transport_esp_tls_t *ssl = ssl_get_context_data(t);
    esp_tls_last_error_t *err_handle = esp_transport_get_error_handle(t);

    ssl->cfg.timeout_ms = timeout_ms;
    esp_err_t err = esp_tls_plain_tcp_connect(host, strlen(host), port, &ssl->cfg, err_handle, &ssl->sockfd);
    if (err != ESP_OK) {
        ESP_LOGE(TAG, "Failed to open a new connection: %d", err);
        err_handle->last_error = err;
        ssl->sockfd = INVALID_SOCKET;
        return -1;
    }
    return 0;
}

Does anyone have a script to wrap a TCP connection with SSL in ESP-IDF?

[MicroController]

https://docs.espressif.com/projects/esp ... on-example ?

[dizcza]

I'm returning to the same question in two years. At first, I thought what a smart guy asked the thing - I'm surprised it was me.

The link posted by MicroController does not mention any TCP.

Has anyone succeeded?

[nopnop2002]

Here is a sample of WolfSSL.

https://github.com/espressif/esp-wolfss ... r/examples

Code: Select all

git clone --recursive https://github.com/espressif/esp-wolfssl
cd esp-wolfssl/examples/wolfssl_client
idf.py menuconfig
menuconfig -> Component Config -> ESP-TLS -> choose SSL Library -> wolfSSL

edit main/wolfssl_client_demo.c
    //int32_t ret = 0;
    int ret = 0;

idf.py build

[gojimmypi]

The client and server SSL / TLS examples here use TCP sockets:

https://github.com/wolfSSL/wolfssl/tree ... F/examples

Heads up the esp-wolfssl is no longer the preferred method of using wolfSSL in an ESP32 project.

The easiest way to get started with wolfSSL is to use the ESP Registry Managed Component:

https://components.espressif.com/compon ... sl/wolfssl

As of today, there's a good preview release for the the most recent version of wolfSSL there. I expect the stable release in the very near future.

There are also components for wolfSSH and wolfMQTT. The wolfTPM will likely be next. We have TPM support for the ESP32, just not in a managed component yet.

If you prefer to edit source code and make your own changes, the above examples also show how to include wolfSSL via a parent directory (default) or via a menuconfig explicit path. See the CMakeLists.txt in and Kconfig the components/wolfssl directory:

https://github.com/wolfSSL/wolfssl/tree ... ts/wolfssl

We love to hear how wolfSSL is being used in projects and share the details in our blogs. Contact us at facts [at] wolfssl.com and let us know what you are working on. If you need help, please reach out to support [at] wolfssl.com