1、首先建立TCP连接,在TCP建连成功的callback中,开始SSL握手。
2、握手前的准备工作:
(1)、创建应用层ssl_ctx维护。
typedef struct
{
SSL_AT_Config_t SSL_AT_Config;
uint8_t SSL_sockServeType;
SSL_soket_state sslsocket_state;
int8_t ssl_socketid;
int8_t ssl_socketindex;
uint8_t contextID;
int8_t mqtts_socketindex;
mbedtls_ssl_context ssl_ctx;
mbedtls_net_context net_ctx;
mbedtls_ssl_config ssl_conf;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert;
mbedtls_pk_context pkey;
bool force_stop_handshake;
} SSLApptcpContext_t;
(2)、将x509证书导入文件系统储存。
(3)、初始化ssl_ctx。
mbedtls_ssl_init(&SSLApptcpContext_p->ssl_ctx);
mbedtls_net_init(&SSLApptcpContext_p->net_ctx);
mbedtls_ssl_config_init(&SSLApptcpContext_p->ssl_conf);
mbedtls_entropy_init(&SSLApptcpContext_p->entropy);
mbedtls_ctr_drbg_init(&SSLApptcpContext_p->ctr_drbg);
mbedtls_x509_crt_init(&SSLApptcpContext_p->cacert);
mbedtls_x509_crt_init(&SSLApptcpContext_p->clicert);
mbedtls_pk_init(&SSLApptcpContext_p->pkey);
(4)、配置随机数生成方式。
if ((ret =