mbed TLS ssl client
+++++++++++

This sample code shows a simple client using mbed TLS on top of Zephyr


Prerequisites
=============

- Galileo Gen 2 Development Board
- USB to UART TTL (CH340, FTDI or equivalent)
- PC with Linux.
- screen command and gcc compiler
- LAN for testing purposes


Procedure
=========

a) Change the server, netmask and client addresses according to your network
   in src/tcp_cfg.h.

b) From a terminal window, type:

    $ cd $ZEPHYR_BASE/samples/net/mbedtls_sslclient
    $ mkdir qemu_build && cd qemu_build
    $ cmake -DBOARD=<board to use> ..

c) Copy the binary (outdir/zephyr.strip) to the Galileo's boot
   device. Insert the boot device.

d) Plug the USB side of the USB-UART cable to the PC.
   Connect the USB-UART cable to the Galileo.
   Connect the Galileo to the LAN.

e) Open a terminal window, type:

    screen /dev/ttyUSB0 115200

f) Obtain the mbed TLS code from and put it in a well know directory, in
   your Linux machine, this will be your server.

	- https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz

g) cd to that directory and start the server using a the preshared key

# tar -xvzf mbedtls-2.3.0-apache.tgz
# cd mbedtls-2.3.0
# CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<config-ccm-psk-tls1_2.h>'" make
# ./programs/ssl/ssl_server2 psk=000102030405060708090a0b0c0d0e0f

You should see something like this

  . Seeding the random number generator... ok
  . Bind on tcp://*:4433/ ... ok
  . Setting up the SSL/TLS structure... ok
  . Waiting for a remote connection ...


h) Power-up the board

i) 'screen' will show this after a few seconds:

WARNING: no console will be available to OS
error: no suitable video mode found.

  . Seeding the random number generator... ok
  . Setting up the SSL/TLS structure... ok
  . Connecting to tcp/localhost/4433... ok
  . Performing the SSL/TLS handshake... ok
  > Write to server: ok
  . Closing the connection... done

j) The server side should print

  . Waiting for a remote connection ... ok
  . Performing the SSL/TLS handshake... ok
    [ Protocol is TLSv1.2 ]
    [ Ciphersuite is TLS-PSK-WITH-AES-256-CCM-8 ]
    [ Record expansion is 21 ]
  < Read from client: 18 bytes read

GET / HTTP/1.0

  > Write to client: 139 bytes written in 1 fragments

HTTP/1.0 200 OK
Content-Type: text/html

<h2>mbed TLS Test Server</h2>
<p>Successful connection using: TLS-PSK-WITH-AES-256-CCM-8</p>

  . Closing the connection... done


Troubleshooting
===============

- If the server does not receive the  messages, use a network
  traffic analyzer, like Wireshark.

- Reset the board

References
==========

[1] https://www.zephyrproject.org/doc/getting_started/getting_started.html
[2] https://www.zephyrproject.org/doc/boards/x86/galileo/doc/galileo.html
[3] https://tls.mbed.org/