Скачать презентацию SSL on TELIT modules SSL implementation status Скачать презентацию SSL on TELIT modules SSL implementation status

7854adf864fbda4fe1fb9212e39129e3.ppt

  • Количество слайдов: 12

SSL on TELIT modules SSL on TELIT modules

SSL implementation status SSL in TELIT modules: v Is based developing SSL protocol on SSL implementation status SSL in TELIT modules: v Is based developing SSL protocol on existing Telit protocol stack v Available from SW version 10. 00. x 05 v A new set of AT commands to support SSL connections has been introduced v ONLINE mode and COMMAND mode are supported v Only one SSL socket is supported v For protocol details refer to [RFC 2246; The TLS Protocol Version 1]. 2

SSL implementation status 3 SSL implementation status 3

SSL Client SSL features: v Security data storage for authentication (Maximum size 1535 bytes): SSL Client SSL features: v Security data storage for authentication (Maximum size 1535 bytes): v to remote server (Server CA certificate) v to be authenticated from remote server (Client private key, Client certificate) v Security level supported: v no authentication v authentication from remote server v authentication of client and remote server v Connection to remote server using supported cipher suites or following request coming from server. Cipher suite: v SSL_RSA_WITH_RC 4_128_MD 5 v SSL_RSA_WITH_RC 4_128_SHA v TLS_RSA_WITH_AES_256_CBC_SHA 4

SSL socket preliminary settings Common GPRS preliminary operations: v Configuring and Activating the context SSL socket preliminary settings Common GPRS preliminary operations: v Configuring and Activating the context AT+CGDCONT=, IP, , … AT#SGACT= , , [], [] Specific SSL settings: v Enabling a SSL channel AT#SSLEN= , v Configuring SSL security AT#SSLSECCFG= , , v Storing security data AT#SSLSECDATA=, , v Performing the general configuration AT#SSLCFG=, , , , , 5

Working with SSL sockets (1/6) Open a secure socket: AT#SSLD= <SSId>, <remote. Port>, <remote. Working with SSL sockets (1/6) Open a secure socket: AT#SSLD= , , , , , Exchange data in ONLINE mode ( = 0) After the CONNECT message, the user can send data to the AT port which will be encrypted and sent to the server through the secure socket. It is possible to suspend the connection (without closing it) by sending the escape sequence (+++). Data mode can be restored at any time by sending the AT#SSLO command. AT#SSLO= 6

Working with SSL sockets (2/6) Exchange data in COMMAND mode (<mode> = 1) Data Working with SSL sockets (2/6) Exchange data in COMMAND mode ( = 1) Data can be exchanged in command mode through a SSL socket by means of the commands AT#SSLSEND and AT#SSLRECV. • Send data: AT#SSLSEND=, The data to be sent can be written to the AT port after the ‘>’ prompt; the user can confirm by writing the 0 x 1 A character (CTRL+Z) and the data will be forwarded through the secure socket. • Receive data: AT#SSLRECV=, , On success, the data is printed in the following format: #SSLRECV: OK 7

Working with SSL sockets (3/6) Close a secure socket: AT#SSLH=<SSId>, <closure. Type> Perform a Working with SSL sockets (3/6) Close a secure socket: AT#SSLH=, Perform a fast dial: SSL protocol allows to restore the previous session; this makes possible to avoid full handshake and perform a fast dial. In Telit Module this is done using AT#SSLFASTD that can be sent if #SSLD or #SSLH command have been executed setting =1. AT#SSLFASTD=, , 8

Working with SSL sockets (4/6) Example of ONLINE mode communication: AT#SSLD=1, 443, 123. 124. Working with SSL sockets (4/6) Example of ONLINE mode communication: AT#SSLD=1, 443, 123. 124. 125. 126, 0, 0 CONNECT …[bidirectional data exchange] [send +++] OK AT#SSLS=1 Query status #SSLS: 1, 2, OK AT#SSLO=1 CONNECT … [more bidirectional data exchange] [send +++] OK 9 AT#SSLH=1 OK

Working with SSL sockets (5/6) Example of COMMAND mode communication: AT#SSLD=1, 443, 123. 124. Working with SSL sockets (5/6) Example of COMMAND mode communication: AT#SSLD=1, 443, 123. 124. 125. 126, 0, 1 OK AT#SSLS=1 Query status #SSLS: 1, 2, OK • Send data: AT#SSLSEND=1 >Send this string to the SSL server 10

Working with SSL sockets (6/6) • Receive data: AT#SSLRECV=1, 15 #SSLRECV: 0 TIMEOUT The Working with SSL sockets (6/6) • Receive data: AT#SSLRECV=1, 15 #SSLRECV: 0 TIMEOUT The server has not sent a response within the timeout OK AT#SSLRECV=1, 15 #SSLRECV: 15 Response of the OK AT#SSLRECV=1, 15 #SSLRECV: 6 server OK 11 AT#SSLH=1 DISCONNECTED OK

Contact us EMEA Telit Communications S. p. A. Via Stazione di Prosecco, 5/B, 34010 Contact us EMEA Telit Communications S. p. A. Via Stazione di Prosecco, 5/B, 34010 Sgonico (Trieste), Italy Phone: +39 040 4192 200 Email: EMEA@telit. com North America Telit Wireless Solutions Inc. 3131 RDU Center Drive, Suite 135, Morrisville, NC 27560, USA Phone: +1 888 846 9773 Email: NORTHAMERICA@telit. com APAC Telit Wireless Solutions Co. Ltd. , APAC 12 th floor, Shinyoung Securities Building, 34 -12, Yeouido-dong, Yeongdeungpo-gu Seoul, 150 -884, Korea Phone: +82 2 368 4600 Email: APAC@telit. com Latin America Telit Wireless Solutions Inc. Rua Cunha Gago, 700 – cj 81, Pinheiros, São Paulo – SP, 05421001, Brazil Phone: +55 11 2679 4654 Email: LATINAMERICA@telit. com >> www. telit. com 12