zephyr/samples/net/mbedtls_sslclient
Paul Sokolovsky dcb80f7ab8 net: struct sockaddr should have field "sa_family"
POSIX requires struct sockaddr's field to be named "sa_family"
(not just "family"):
http://pubs.opengroup.org/onlinepubs/009696699/basedefs/sys/socket.h.html

This change allows to port POSIX apps easier (including writing
portable apps using BSD Sockets compatible API).

Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2017-08-18 16:34:51 -04:00
..
src net: struct sockaddr should have field "sa_family" 2017-08-18 16:34:51 -04:00
Makefile
README doc: fix wiki board references in non .rst files 2017-07-11 12:45:35 -05:00
prj_arduino_101.conf net: fix wrong Kconfig 2017-07-05 12:43:13 -04:00
prj_galileo.conf ethernet: fix Kconfig option for ETHERNET 2017-07-05 12:43:13 -04:00
sample.yaml tests: samples: convert testcase files to yaml 2017-06-21 20:56:53 -04:00

README

mbed TLS ssl client
+++++++++++

This sample code shows a simple client using mbed TLS on top of Zephyr


Prerequisites
=============

- Galileo Gen 2 Development Board
- USB to UART TTL (CH340, FTDI or equivalent)
- PC with Linux.
- screen command and gcc compiler
- LAN for testing purposes


Procedure
=========

a) Change the server, netmask and client addresses according to your network
   in src/tcp_cfg.h.

b) From a terminal window, type:

    make pristine && make BOARD=galileo

c) Copy the binary (outdir/zephyr.strip) to the Galileo's boot
   device. Insert the boot device.

d) Plug the USB side of the USB-UART cable to the PC.
   Connect the USB-UART cable to the Galileo.
   Connect the Galileo to the LAN.

e) Open a terminal window, type:

    screen /dev/ttyUSB0 115200

f) Obtain the mbed TLS code from and put it in a well know directory, in
   your Linux machine, this will be your server.

	- https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz

g) cd to that directory and start the server using a the preshared key

# tar -xvzf mbedtls-2.3.0-apache.tgz
# cd mbedtls-2.3.0
# CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<config-ccm-psk-tls1_2.h>'" make
# ./programs/ssl/ssl_server2 psk=000102030405060708090a0b0c0d0e0f

You should see something like this

  . Seeding the random number generator... ok
  . Bind on tcp://*:4433/ ... ok
  . Setting up the SSL/TLS structure... ok
  . Waiting for a remote connection ...


h) Power-up the board

i) 'screen' will show this after a few seconds:

WARNING: no console will be available to OS
error: no suitable video mode found.

  . Seeding the random number generator... ok
  . Setting up the SSL/TLS structure... ok
  . Connecting to tcp/localhost/4433... ok
  . Performing the SSL/TLS handshake... ok
  > Write to server: ok
  . Closing the connection... done

j) The server side should print

  . Waiting for a remote connection ... ok
  . Performing the SSL/TLS handshake... ok
    [ Protocol is TLSv1.2 ]
    [ Ciphersuite is TLS-PSK-WITH-AES-256-CCM-8 ]
    [ Record expansion is 21 ]
  < Read from client: 18 bytes read

GET / HTTP/1.0

  > Write to client: 139 bytes written in 1 fragments

HTTP/1.0 200 OK
Content-Type: text/html

<h2>mbed TLS Test Server</h2>
<p>Successful connection using: TLS-PSK-WITH-AES-256-CCM-8</p>

  . Closing the connection... done


Troubleshooting
===============

- If the server does not receive the  messages, use a network
  traffic analyzer, like Wireshark.

- Reset the board

References
==========

[1] https://www.zephyrproject.org/doc/getting_started/getting_started.html
[2] https://www.zephyrproject.org/doc/boards/x86/galileo/doc/galileo.html
[3] https://tls.mbed.org/