| mbed TLS ssl client |
| +++++++++++ |
| |
| This sample code shows a simple client using mbed TLS on top of Zephyr |
| |
| |
| Prerequisites |
| ============= |
| |
| - Galileo Gen 2 Development Board |
| - USB to UART TTL (CH340, FTDI or equivalent) |
| - PC with Linux. |
| - screen command and gcc compiler |
| - LAN for testing purposes |
| |
| |
| Procedure |
| ========= |
| |
| a) Change the server, netmask and client addresses according to your network |
| in src/tcp_cfg.h. |
| |
| b) From a terminal window, type: |
| |
| make pristine && make BOARD=galileo |
| |
| c) Copy the binary (outdir/zephyr.strip) to the Galileo's boot |
| device. Insert the boot device. |
| |
| d) Plug the USB side of the USB-UART cable to the PC. |
| Connect the USB-UART cable to the Galileo. |
| Connect the Galileo to the LAN. |
| |
| e) Open a terminal window, type: |
| |
| screen /dev/ttyUSB0 115200 |
| |
| f) Obtain the mbed TLS code from and put it in a well know directory, in |
| your Linux machine, this will be your server. |
| |
| - https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz |
| |
| g) cd to that directory and start the server using a the preshared key |
| |
| # tar -xvzf mbedtls-2.3.0-apache.tgz |
| # cd mbedtls-2.3.0 |
| # CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<config-ccm-psk-tls1_2.h>'" make |
| # ./programs/ssl/ssl_server2 psk=000102030405060708090a0b0c0d0e0f |
| |
| You should see something like this |
| |
| . Seeding the random number generator... ok |
| . Bind on tcp://*:4433/ ... ok |
| . Setting up the SSL/TLS structure... ok |
| . Waiting for a remote connection ... |
| |
| |
| h) Power-up the board |
| |
| i) 'screen' will show this after a few seconds: |
| |
| WARNING: no console will be available to OS |
| error: no suitable video mode found. |
| |
| . Seeding the random number generator... ok |
| . Setting up the SSL/TLS structure... ok |
| . Connecting to tcp/localhost/4433... ok |
| . Performing the SSL/TLS handshake... ok |
| > Write to server: ok |
| . Closing the connection... done |
| |
| j) The server side should print |
| |
| . Waiting for a remote connection ... ok |
| . Performing the SSL/TLS handshake... ok |
| [ Protocol is TLSv1.2 ] |
| [ Ciphersuite is TLS-PSK-WITH-AES-256-CCM-8 ] |
| [ Record expansion is 21 ] |
| < Read from client: 18 bytes read |
| |
| GET / HTTP/1.0 |
| |
| > Write to client: 139 bytes written in 1 fragments |
| |
| HTTP/1.0 200 OK |
| Content-Type: text/html |
| |
| <h2>mbed TLS Test Server</h2> |
| <p>Successful connection using: TLS-PSK-WITH-AES-256-CCM-8</p> |
| |
| . Closing the connection... done |
| |
| |
| Troubleshooting |
| =============== |
| |
| - If the server does not receive the messages, use a network |
| traffic analyzer, like Wireshark. |
| |
| - Reset the board |
| |
| References |
| ========== |
| |
| [1] https://www.zephyrproject.org/doc/getting_started/getting_started.html |
| [2] https://www.zephyrproject.org/doc/boards/x86/galileo/doc/galileo.html |
| [3] https://tls.mbed.org/ |