User's Manual
Table Of Contents
- AT+i Command Set
- Scope
- AT+i Command Guidelines
- AT+i Command Format
- Escape Code Sequence
- Socket Command Abort
- Flexible Host and Modem Interfaces
- Auto Baud Rate Detection
- High Speed USART
- Reset via Serial Link
- Entering Rescue Mode during Runtime
- Internet Session Hang-Up Procedure (Modem Only)
- Modem Startup
- Analog-to-Digital Converter
- iChip Readiness Indication
- Programming iChip’s Serial Number into Flash Memory
- Programming a Unique ID String into Flash Memory
- General Format
- AT+i Result Code Summary
- Report Status
- Connection
- E-mail Send Commands
- E-Mail Retrieve
- HTTP Client Interface
- SerialNET Mode Initiation
- Web Server Interface
- File Transfer Protocol (FTP)
- +i[@]FOPN — FTP Open Session
- +iFDL — FTP Directory Listing
- +iFDNL — FTP Directory Names Listing
- +iFMKD — FTP Make Directory
- +iFCWD — FTP Change Working Directory
- +iFSZ — FTP File Size
- +iFRCV — FTP Receive File
- +iFSTO — FTP Open File for Storage
- +iFAPN — FTP Open File for Appending
- +iFSND — FTP Send File Data
- +iFCLF — FTP Close File
- +iFDEL — FTP Delete File
- +iFCLS — FTP Close Session
- Telnet Client
- Direct Socket Interface
- +iSTCP — Open and Connect A TCP Socket
- +iSUDP — Open A Connectionless UDP Socket
- +iLTCP — Open A TCP Listening Socket
- +iLSST — Get A Listening Socket’s Active Connection Status
- +iSST — Get A Single Socket Status Report
- +iSCS — Get A Socket Connection Status Report
- +iSSND[%] — Send A Byte Stream to A Socket
- +iSRCV — Receive A Byte Stream from A Socket’s Input Buffer
- +iGPNM — Get Peer Name for A Specified Socket
- +iSDMP — Dump Socket Buffer
- +iSFSH[%] — Flush Socket’s Outbound Data
- +iSCLS — Close Socket
- Special Modem Commands
- Wireless LAN Mode
- IP Registration
- DHCP Client
- DHCP Server
- iRouter Mode
- Ad-Hoc Networks
- Secure Socket Protocol
- Network Time Client
- MIME Encapsulated E-Mail Messages
- Flow Control
- Remote Firmware Update
- iChip Parameter Update
- iChip Embedded Web Server
- Introduction
- Features
- Web Server Modes
- The Application Website
- Parameter Tags
- iChip Configuration Mode
- Host Interaction Mode
- Website Creation, Packing, and Uploading
- Manipulating Variables in the Application Website
- Security and Restrictions
- Parameter Update Error Handling
- File Types Supported by iChip’s Web Server
- iChip RAS Server
- SerialNET Theory of Operation
- File Transfer Protocol (FTP) Theory of Operation
- Telnet Client Operation
- Secure Socket Protocol Theory of Operation
- Remote AT+i Service
- Nonvolatile Parameter Database
- Parameter Descriptions
- +iFD — Restore All Parameters to Factory Defaults
- Operational Parameters
- +iXRC — Extended Result Code
- +iDMD — Modem Dial Mode
- +iMIS — Modem Initialization String
- +iMTYP — Set Type of Modem Connected to iChip
- +iWTC — Wait Time Constant
- +iTTO — TCP Timeout
- +iPGT — PING Timeout
- +iMPS — Max PPP Packet Size
- +iTTR — TCP Retransmit Timeout
- +iBDRF — Define A Fixed Baud Rate on Host Connection
- +iBDRM — Define A Fixed Baud Rate on iChip( Modem Connection
- +iBDRD — Baud Rate Divider
- +iAWS — Activate WEB Server Automatically
- +iLATI — TCP/IP Listening Socket to Service Remote AT+i Commands
- +iFLW — Set Flow Control Mode
- +iCPF — Active Communications Platform
- +iPSE — Set Power Save Mode
- +iSDM — Service Disabling Mode
- +iDF — IP Protocol ‘Don’t Fragment’ Bit Value
- +iCKSM — Checksum Mode
- +iHIF — Host Interface
- +iMIF — Modem Interface
- +iADCL — ADC Level
- +iADCD — ADC Delta
- +iADCT — ADC Polling Time
- +iADCP — ADC GPIO Pin
- +iRRA — iChip Readiness Report Activation
- +iRRHW — iChip Readiness Hardware Pin
- ISP Connection Parameters
- Server Profile Parameters
- +iLVS — ‘Leave on Server’ Flag
- +iDNSn — Define Domain Name Server IP Address
- +iSMTP — Define SMTP Server Name
- +iSMA — SMTP Authentication Method
- +iSMU — Define SMTP Login User Name
- +iSMP — Define SMTP Login Password
- +iPOP3 — Define POP3 Server Name
- +iMBX — Define POP3 Mailbox Name
- +iMPWD — Define POP3 Mailbox Password
- +iNTSn — Define Network Time Server
- +NTOD — Define Network Time-of-Day Activation Flag
- +iGMTO — Define Greenwich Mean Time Offset
- +iDSTD — Define Daylight Savings Transition Rule
- +iPDSn — Define PING Destination Server
- +iPFR — PING Destination Server Polling Frequency
- +iUFn — User Fields and Macro Substitution
- Email Format Parameters
- +iXFH — Transfer Headers Flag
- +iHDL — Limit Number of Header Lines
- +iFLS — Define Filter String
- +iDELF — Email Delete Filter String
- +iSBJ — Email Subject Field
- +iTOA — Define Primary Addressee
- +iTO — Email ‘To’ Description/Name
- +iREA — Return Email Address
- +iFRM — Email ‘From’ Description/Name
- +iCCn — Define Alternate Addressee
- +iMT — Media Type Value
- +iMST — Media Subtype String
- +iFN — Attachment File Name
- HTTP Parameters
- RAS Server Parameters
- LAN Parameters
- Wireless LAN Parameters
- +iWLCH — Wireless LAN Communication Channel
- +iWLSI — Wireless LAN Service Set Identifier
- +iWLWM — Wireless LAN WEP Mode
- +iWLKI — Wireless LAN Transmission WEP Key Index
- +iWLKn — Wireless LAN WEP Key Array
- +iWLPS — Wireless LAN Power Save
- +iWLPP — Personal Shared Key Pass-Phrase
- +iWROM — Enable Roaming in WiFi
- +iWPSI — Periodic WiFi Scan Interval
- +iWSRL — SNR Low Threshold
- +iWSRH — SNR High Threshold
- +iWSIn — Wireless LAN Service Set Identifier Array
- +iWPPn — Pre-Shared Key Passphrase Array
- +iWKYn — Wireless LAN WEP Key Array
- +iWSTn — Wireless LAN Security Type Array
- +iWSEC — Wireless LAN WPA Security
- IP Registration Parameters
- SerialNET Mode Parameters
- +iHSRV | +iHSRn — Host Server Name/IP
- +iHSS — Assign Special Characters to Hosts
- +iDSTR — Define Disconnection String for SerialNET Mode
- +iLPRT — SerialNET Device Listening Port
- +iMBTB — Max Bytes To Buffer
- +iMTTF — Max Timeout to Socket Flush
- +iFCHR — Flush Character
- +iMCBF — Maximum Characters before Socket Flush
- +iIATO — Inactivity Timeout
- +iSNSI — SerialNET Device Serial Interface
- +iSTYP — SerialNET Device Socket Type
- +iSNRD — SerialNET Device Re-Initialization Delay
- +iSPN — SerialNET Server Phone Number
- +iSDT — SerialNET Dialup Timeout
- +iSWT — SerialNET Wake-Up Timeout
- +iPTD — SerialNET Packets to Discard
- Remote Firmware Update Parameters
- Remote Parameter Update
- Note: This default value is shipped from the factory. The AT+iFD command does not restore RPG to this value.
- Appendix A
- Appendix B
- Appendix C
- Index
Secure Socket Protocol Theory of Operation
AT+i Programmer‘s Manual Version 8.32 32-1
32 Secure Socket Protocol Theory of Operation
32.1 Introduction
iChip implements an SSL3/TLS1 client socket connection. When connecting to an
SSL3/TLS1 server, iChip negotiates an SSL3/TLS1 secure connection. During the
negotiation process, the server identifies itself to the client (iChip) by sending a
certificate. The certificate‘s main purpose is to allow iChip to determine that the server is
indeed the server it claims to be.
To fulfill its purpose, the certificate contains the server‘s ID information (name, address,
description, etc.) and its public key. It also contains a digital signature, signed by a third-
party called a Certificate Authority (CA), which authenticates this information. The client
must trust the CA in order to accept its signature on a certificate. Furthermore, the trust
relationship between the client and the CA must be established prior to the
communication session and preferably using alternate methods. iChip‘s CA parameter is
used to store the CA‘s certificate. Once a trusted CA‘s certificate is stored on iChip, it
will accept certificates signed by that CA from SSL3/TLS1 servers it connects to.
32.2 Generating Certificates for Use with Servers
The most common way to obtain a certificate is to buy one from a commercial certificate
authority. This results in a public key that has been digitally signed by a trusted third-
party. Any clients receiving this certificate can be sure they are communicating with an
authentic entity. However, in a trusted environment, it is possible to create an in-house
CA and to self-sign the certificate.
Commercial CA‘s are usually preferred when connecting to multiple unknown servers.
However, in distributed system configurations where not more than a handful of secure
servers are deployed; an in-house CA is probably more appropriate and just as secure.
Several free software packages are available for generating certificates. The following
sections describe how to use the standard OpenSSL package to generate certificates. They
contain instructions on how to obtain your own certificates suitable for use with servers
to which iChip will connect. Furthermore, most FTP servers that support SSL3 include a
certificate generation utility that may be used to generate self-signed certificates. The
self-signed certificate is part of the FTP server‘s configuration and may also be loaded
into iChip to allow it to connect to that FTP server using SSL3 secure sockets.
32.3 Using the OpenSSL Package to Create Certificates
OpenSSL is a widely used SSL toolkit available for free download at
http://www.openssl.org. The SSL toolkit contains source code that can be compiled for
Unix, Linux, or Windows. Pre-compiled binaries are also available for these platforms.
OpenSSL comes with a command line utility for generating keys, creating CA‘s, and
creating certificates.
The following instructions assume the OpenSSL package has been installed and
configured properly on your machine. The instructions walk you through using OpenSSL