Technical information

Secure Socket Protocol

2-58 AT+i Commands Reference Manual May 31, 2008

Secure FTP Session on W24

W24 supports a secure FTP session using SSL3/TLS1 sockets for both the FTP command and

FTP data channels. The command used for opening a secure FTP session is AT+iFOPS.

Secure FTP implementation in W24 is based on RFC 2228 (FTP security extensions) and the

IETF Internet draft "Securing FTP with TLS" (draft-murray-auth-ftp-ssl-16.txt).

When the AT+iFOPS command is used to initiate a secure FTP session, W24 performs the

following operations:

1. Opens an FTP control socket.

2. Sends AUTH TLS.

3. Performs the SSL3/TLS1 handshake.

4. Sends USER command.

5. Sends PASS command.

6. Sends PBSZ 0, followed by PROT P.

Once the data channel TCP socket is established, all subsequent data connections (send or

retrieve files as well as directory listings) start with an SSL3/TLS1 handshake. When a data

socket is re-opened for another FTP command, W24 attempts a quick re-negotiation using the

previous SSL3/TLS1 session parameters.

AT+iSSL:0 W24 is instructed to negotiate an

SSL3/TLS1 connection on socket handle 0.

I/OK SSL3/TLS1 handshake was successful.

SSL3/TLS1 connection established on

socket handle 0.

AT+iSSND%:0,323:<…323 bytes of plain text data> Host sends 323 bytes of plain text data via

SSL3/TLS1 socket. W24 encrypts data and

sends cipher text over the Internet. The '%'

attribute indicates immediate flush.

I/OK W24 encrypted and sent data.

AT+iRP4 Request socket status.

I/(1267,-200,-200,-200,-200,-200,-200,-200,-200,-200) Socket 0 has 1267 plain text bytes buffered.

The data was originally sent encrypted by

the server. W24 decrypted the cipher text in

the background.

AT+iSRCV:0 Command to retrieve buffered plain text.

I/1267:<…1267 bytes of plaintext data…> W24 transmits buffered data to host.

AT+iscls:0 Close socket handle 0.

I/OK SSL3/TLS1 socket is closed.

I/DONE W24 is offline.