10. SSL | momoiot

AT Commands For SSL

No	Command	Description
F1001	AT+CCHSTART	Start SSL service
F1002	AT+CCHSTOP	Stop SSL service
F1003	AT+CCHOPEN	Connect to SSL server
F1004	AT+CCHCLOSE	Disconnect from SSL server
F1005	AT+CCHSEND	Send data to SSL server
F1006	AT+CCHRECV	Read the cached data that received from the SSL server
F1007	AT+CCHCFG	Configure the client context
F1008	AT+CCHSSLCFG	Set the SSL context
F1009	AT+CCHSET	Configure the report mode of sending and receiving data
F1010	AT+CCHMODE	Configure the mode of sending and receiving data
F1011	AT+CCHADDR	Get the IPV4 address
F1012	AT+CSSLCFG	Configure the SSL context
F1013	AT+CCERTDOWN	Download certificate into the module
F1014	AT+CCERTLIST	List certificates
F1015	AT+CCERTDELE	Delete certificates

F1001 AT+CCHSTART Start SSL Service

AT+CCHSTART is used to start SSL service by activating PDP context.

You must execute AT+CCHSTART before any other SSL related operations.

E) AT+CCHSTART

a)If start SSL service successfully:

OK

+CCHSTART: 0

b) If start SSL service successfully:

+CCHSTART: 0

OK

c) If failed:

ERROR

d) If failed:

OK

+CCHSTART: <err>

Maximum Response Time

120000ms

<err>

Integer type, which indicates the result code.

Example

AT+CCHSTART

OK

+CCHSTART: 0

NOTE

You must execute AT+CCHSTART before any other SSL related operations

F1002 AT+CCHSTOP Stop SSL Service

AT+CCHSTOP is used to stop SSL service.

E) AT+CCHSTOP

a)If stop SSL service successfully:

+CCHSTOP: 0

OK

b)If stop SSL service successfully:

OK

+CCHSTOP: 0

c)If failed:

ERROR

<err>

Integer type, which indicates the result code.

Example

AT+CCHSTOP

OK

+CCHSTOP: 0

F1003 AT+CCHOPEN Connect To SSL Server

This command is used to connect to SSL server.

Note: If there is other service working in transparent mode, it is not allowed setup transparent connection by cchopen cmd.

T) AT+CCHOPEN=?

+CCHOPEN: (0-1),”ADDRESS”,(1-65535)[,(1-2)[,(1-65535)]]

OK

R) AT+CCHOPEN?

If connect to a server, it will show the connected information. Otherwise, the connected information is empty.

+CCHOPEN: 0,”<host>”,<port>,<client_type>[,<bind_port>]

+CCHOPEN: 1,”<host>”,<port>,<client_type>[,<bind_port>]

OK

W) AT+CCHOPEN=<session_id>,

”host”,<port>

[,<client_type>[,<bind_port>]]

a) If connect successfully：

+CCHOPEN: <session_id>,0

OK

b) If connect successfully：

OK

+CCHOPEN: <session_id>,0

c) If connect successfully in transparent mode：

CONNECT [<text>]

d) If failed：

OK

+CCHOPEN: <session_id>,<err>

[+CCHCLOSE: <session_id>,<err>]

e)If failed:

ERROR

f)If failed in transparent mode:

CONNECT FAIL

<session_id>	The session index to operate. It’s from 0 to 1.
<host>	The server address, length range is 1 to 256.
<port>	The server port which to be connected, the range is from 1 to 65535.
<client_type>	The type of client: 1 TCP client. 2 SSL/TLS client. Default value is 2.
<bind_port>	The local port for channel, the range is from 1 to 65535.
<text>	CONNECT result code string; the string formats please refer ATX/AT\V/AT&E command.
<err>	Integer type, the result of operation. 0 is success, other value is failure.

Example

AT+CCHOPEN=0,”www.baidu.com”,443,2

OK

+CCHOPEN: 0,0

NOTE

If you don’t set the SSL context by AT+CCHSSLCFG before connecting a SSL/TLS server by AT+CCHOPEN,

it will use the <session_id> (the 1’st parameter of AT+CCHOPEN) SSL context when connecting to the server.

F1004 AT+CCHCLOSE Disconnect From SSL Server

AT+CCHCLOSE is used to disconnect from the server.

W) AT+CCHCLOSE=<session_id>

a)If successfully：

+CCHCLOSE: <session_id>,0

OK

b)If successfully：

OK

+CCHCLOSE: <session_id>,0

c)If successfully in transparent mode：

OK

CLOSED

d)If failed:

ERROR

<session_id>	The session index to operate. It’s from 0 to 1.
<err>	Integer type, the result of operation. 0 is success, other value is failure

Example

AT+CCHCLOSE=0

OK

+CCHCLOSE: 0,0

L1005 AT+CCHSEND Send Data To SSL Server

AT+CCHCLOSE is used to disconnect from the server.

T) AT+CCHSEND=?

+CCHSEND: (0-1),(1-2048)

OK

R) AT+CCHSEND?

+CCHSEND: 0,<unsent_len_0>,1,<unsent_len_1>

OK

W) AT+CCHSEND=<session_id>,
<len>

a)if parameter is right:

> <input data here>

When the total size of the inputted data reaches <len>, TA will report the following code.

Otherwise, the serial port will be blocked.

OK

b)If parameter is wrong or other errors occur:

ERROR

<session_id>	The session index to operate. It’s from 0 to 1.
<len>	The length of data to send. Its range is from 1 to 2048 bytes.
<unsent_len_0>	The data of connection 0 cached in sending buffer which is waiting to be sent.
<unsent_len_1>	The data of connection 1 cached in sending buffer which is waiting to be sent.

Example

AT+CCHSEND=0,125

> GET / HTTP/1.1

Host: www.google.com.hk

User-Agent: MAUI htp User Agent

Proxy-Connection: keep-alive

Content-Length: 0

OK

F1006 AT+CCHRECV Read The Cached Data That Received From The Server

You can use AT+CCHRECV to read the cached data which received from the server.

R) AT+CCHRECV?

+CCHRECV: LEN,<cache_len_0>,<cache_len_1>

OK

W) AT+CCHRECV=<session_id>

[,<max_recv_len>]

a)if parameter is right and there are cached data:

OK

[+CCHRECV: DATA,<session_id>,<len>

…

+CCHRECV: DATA,<session_id>,<len>

…]

+CCHRECV: <session_id>,<err>

b) if parameter is not right or any other error occurs:

+CCHRECV: <session_id>,<err>

ERROR

<session_id>	The session_id to operate. It’s from 0 to 1.
<max_recv_len>	Maximum bytes of data to receive in the current AT+CCHRECV calling. It will read all the received data when the value is greater than the length of RX data cached for session <session_id>. 0 means the maximum bytes to receive is 2048 bytes. (But, when 2048 is greater than the length of RX data cached for session <session_id>, 0 means the length of RX data cached for session <session_id>). The default value is the length of RX data cached for session <session_id>. It will be not allowed when there is no data in the cache.
<cache_len_0>	The length of RX data cached for connection 0.
<cache_len_1>	The length of RX data cached for connection 1.
<len>	The length of data followed.
<err>	String type, displays the cause of occurring error, please refer to Chapter 10.3 for details.

Example

AT+CCHRECV=1

OK

+CCHRECV: DATA,1,249

HTTP/1.1 200 OK

Content-Type: text/html

Content-Language: zh-CN

Content-Length: 57

Date: Tue, 31 Mar 2009 01:56:05 GMT

Connection: Close

Proxy-Connection: Close

<html>

<header>test</header>

<body> Test body

</body>

+CCHRECV: 1,0

F1007 AT+CCHADDR Get IPV4 Address

AT+CCHADDR is used to inquire socket PDP address.

E) AT+CCHADDR

+CCHADDR: <ip_address>

OK

<ip_address>

A string parameter that identifies the IPV4 address after PDP activated.

Example

AT+CCHADDR

+CCHADDR: 10.71.155.118

OK

F1008 AT+CCHCFG Configure The Client Context

AT+CCHCFG is used to set the client session context. It must be called before AT+CCHOPEN and after AT+CCHSTART.

The setting will be cleared after AT+CCHOPEN failed or AT+CCHCLOSE.

T) AT+CCHCFG=?

+CCHCFG: “sendtimeout”,(0-1),(60-150)

+CCHCFG: “sslctx”,(0-1),(0-9)

OK

R) AT+CCHCFG?

+CCHCFG: 0,<sendtimeout_val>,<sslctx_index>

+CCHCFG: 1,<sendtimeout_val>,<sslctx_index>

OK

Configure the timeout value of

the specified client when sending data.

W) AT+CCHCFG=”sendtimeout”,

<session_id>,<sendtimeout_val>

If successfully:

OK

If failed:

ERROR

Configure the SSL context index,

it’s as same as AT+CSSLCFG

W) AT+CCHCFG=”sslctx”,<session_id>,

<sslctx_index>

If successfully:

OK

If failed:

ERROR

<session_id>

The session_id to operate. It’s from 0 to 1.

<sendtimeout_val>

The timeout value used in sending data stage. The range is 60-150 seconds.

The default value is 150.

<sslctx_index>

The SSL context ID which will be used in the SSL connection.

Refer to the <ssl_ctx_index> of AT+CSSLCFG.

Example

AT+CCHCFG=”sendtimeout”,0,60

OK

NOTE

This command must be called before AT+CCHOPEN and after AT+CCHSTART.

The setting will be cleared after AT+CCHOPEN failed or AT+CCHCLOSE.

F1009 AT+CCHSSLCFG Set The SSL Context

AT+CCHSSLCFG is used to set the SSL context which to be used in the SSL connection.

It must be called before AT+CCHOPEN and after AT+CCHSTART.

The setting will be cleared after AT+CCHOPEN failed or AT+CCHCLOSE.

Note: If you don’t set the SSL context by this command before connecting to SSL/TLS server by AT+CCHOPEN,

the CCHOPEN operation will use the SSL context as same as index <session_id> (the 1st parameter of AT+CCHOPEN) when connecting to the server.

T) AT+CCHSSLCFG=?

+CCHSSLCFG: (0-1),(0-9)

OK

R) AT+CCHSSLCFG?

+CCHSSLCFG: <session_id>,[ssl_ctx_index]

OK

W) AT+CCHSSLCFG=<session_id>,

<ssl_ctx_index>

a) If successfully:

OK

b) If failed:

ERROR

<session_id>

The session_id to operate. It’s from 0 to 1.

<ssl_ctx_index>

The SSL context ID which will be used in the SSL connection.

Refer to the <ssl_ctx_index> of AT+CSSLCFG.

Example

AT+CCHSSLCFG=?

+CCHSSLCFG: (0-1),(0-9)

OK

AT+CCHSSLCFG=1,1

OK

NOTE

This command must be called before AT+CCHOPEN and after AT+CCHSTART.

The setting will be cleared after AT+CCHOPEN failed or AT+CCHCLOSE.

If you don’t set the SSL context by this command before connecting to SSL/TLS server by AT+CCHOPEN,

the CCHOPEN operation will use the SSL context as same as index <session_id> (the 1st parameter of AT+CCHOPEN) when connecting to the server.

F1010 AT+CCHMODE Configure The Mode Of Sending And Receiving Data

AT+CCHMODE is used to elect transparent mode (data mode) or non-transparent mode (command mode).

The default mode is non-transparent mode. This AT command must be called before calling AT+CCHSTART.

Note: There is only one session in the transparent mode, it’s the first session

T) AT+CCHMODE=?

+CCHMODE: (0-1)

OK

R) AT+CCHMODE?

+CCHMODE: <mode>

OK

W) AT+CCHMODE=<mode>

a) If successfully:

OK

b) If failed:

ERROR

<mode>

The mode value: (The default value is 0)

0 Normal

1 Transparent mode

Example

AT+CCHMODE=?

+CCHMODE: (0-1)

OK

AT+CCHMODE=1

OK

NOTE

This command must be called before AT+CCHSTART.

There is only one session in the transparent mode, it’s the first

F1011 AT+CCHSET Configure The Report Mode Of Sending And Receiving Data

AT+CCHMODE is used to elect transparent mode (data mode) or non-transparent mode (command mode).

The default mode is non-transparent mode. This AT command must be called before calling AT+CCHSTART.

Note: There is only one session in the transparent mode, it’s the first session

T) AT+CCHSET=?

+CCHSET: (0-1),(0,1)

OK

R) AT+CCHSET?

+CCHSET: <report_send_result>,<recv_mode>

OK

W) AT+CCHSET=

<report_send_result>[,<recv_mode>]

a) If successfully:

OK

b) If failed:

ERROR

<report_send_result>

Whether to report result of CCHSEND, the default value is 0:

0 No.

1 Yes.

Module will report +CCHSEND: <session_id>,<err> to MCU when complete sending data.

<recv_mode>

The receiving mode:

0 Output the data to MCU whenever received data.

1 Module caches the received data and notifies MCU with +CCHEVENT: <session_id>, RECV EVENT.

MCU can use AT+CCHRECV to receive the cached data (only in manual receiving mode).

Example

AT+CCHSET=?

+CCHSET: (0-1),(0,1)

OK

AT+CCHSET=1,1

OK

NOTE

This command must be called before AT+CCHSTART.

F1012 AT+CSSLCFG Configure The SSL Context

AT+CSSLCFG is used to configure the SSL context.

T) AT+CSSLCFG=?

+CSSLCFG: “sslversion”,(0-9),(0-4)

+CSSLCFG: “authmode”,(0-9),(0-3)

+CSSLCFG: “ignorelocaltime”,(0-9),(0,1)

+CSSLCFG: “negotiatetime”,(0-9),(10-300)

+CSSLCFG: “cacert”,(0-9),(5-128)

+CSSLCFG: “clientcert”,(0-9),(5-128)

+CSSLCFG: “clientkey”,(0-9),(5-128)

+CSSLCFG: “enableSNI”,(0-9),(0,1)

+CSSLCFG: “keypwd”,(0-9),(0-128)

+CSSLCFG: “ciphersuites”,(0-9),(0x002F,0xFFFF)

OK

R) AT+CSSLCFG=?

+CSSLCFG:

0,<sslversion>,<authmode>,<ignoreltime>,<negotiatetime>,<ca_file>,<clientcert_file>,