Manualshelf

Technical information

ManualsBrandsMotorola ManualsNetwork CardW24
919293949596979899100
Chapter 2: AT+i Commands Reference
May 31, 2008 AT+i Commands Reference Manual 2-57
Secure Socket Protocol
W24 supports the SSL3/TLS1 secure socket protocol, based on RFC2246. W24 supports the
following Cipher suites:
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
Establishing An SSL3/TLS1 Socket Connection
W24 supports a single SSL3/TLS1 TCP/IP active socket connection. Opening a secure socket on
W24 involves two steps:
1. Open a standard TCP/IP socket to a secure server.
2. Initiate an SSL3/TLS1 handshake over the open socket to establish a secure session.
SSL3/TLS1 handshake negotiations are initiated using the AT+iSSL command.
W24 negotiates the secure connection based on several security-related parameters. It
authenticates the remote secure server by verifying that the server's certificate is signed by a
trusted Certificate Authority (CA). The trusted CA's certificate is stored in W24's CA parameter.
Following a successful SSL3/TLS1 handshake, W24 encrypts all data sent across the socket
according to the cipher suite and keys agreed upon during the handshake. Data received on the
socket is decrypted by W24 prior to making it available to the host processor.
Sending and Receiving Data over An SSL3/TLS1 Socket
The AT+iSSND command is used to send data over an SSL3/TLS1 socket, using the same syntax
as for non-secure sockets:
AT+iSSND[%]:<hn>,<size>:<data>
However, the size parameter is interpreted as the size of the data packet to encrypt. It is limited to
2K. Receiving data on an SSL3/TLS1 socket is carried out using the AT+iSRCV command. W24
automatically decrypts data that arrives on the secure socket. The data transferred to the host is
always decrypted data.
SSL3/TLS1 Handshake and Session Example
Take for example an SSL3/TLS1 server at secure.sslserver.com running a secure
application on port 1503. Using W24, the following sequence opens a secure SSL3/TLS1 socket
to that application and exchanges data securely. For clarity, commands sent to W24 appear in
bold and W24 replies appear in italics.
AT+iSTCP:secure.sslserver.com,1503 Open a TCP/IP socket to a secure
application.
I/000 W24 opens socket and returns handle 0.