mbed TLS ssl client
+++++++++++
This sample code shows a simple client using mbed TLS on top of Zephyr
Prerequisites
=============
- Galileo Gen 2 Development Board
- USB to UART TTL (CH340, FTDI or equivalent)
- PC with Linux.
- screen command and gcc compiler
- LAN for testing purposes
Procedure
=========
a) Change the server, netmask and client addresses according to your network
in src/tcp_cfg.h.
b) From a terminal window, type:
make pristine && make BOARD=galileo
c) Copy the binary (outdir/zephyr.strip) to the Galileo's boot
device. Insert the boot device.
d) Plug the USB side of the USB-UART cable to the PC.
Connect the USB-UART cable to the Galileo.
Connect the Galileo to the LAN.
e) Open a terminal window, type:
screen /dev/ttyUSB0 115200
f) Obtain the mbed TLS code from and put it in a well know directory, in
your Linux machine, this will be your server.
- https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz
g) cd to that directory and start the server using a the preshared key
# tar -xvzf mbedtls-2.3.0-apache.tgz
# cd mbedtls-2.3.0
# CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<config-ccm-psk-tls1_2.h>'" make
# ./programs/ssl/ssl_server2 psk=000102030405060708090a0b0c0d0e0f
You should see something like this
. Seeding the random number generator... ok
. Bind on tcp://*:4433/ ... ok
. Setting up the SSL/TLS structure... ok
. Waiting for a remote connection ...
h) Power-up the board
i) 'screen' will show this after a few seconds:
WARNING: no console will be available to OS
error: no suitable video mode found.
. Seeding the random number generator... ok
. Setting up the SSL/TLS structure... ok
. Connecting to tcp/localhost/4433... ok
. Performing the SSL/TLS handshake... ok
> Write to server: ok
. Closing the connection... done
j) The server side should print
. Waiting for a remote connection ... ok
. Performing the SSL/TLS handshake... ok
[ Protocol is TLSv1.2 ]
[ Ciphersuite is TLS-PSK-WITH-AES-256-CCM-8 ]
[ Record expansion is 21 ]
< Read from client: 18 bytes read
GET / HTTP/1.0
> Write to client: 139 bytes written in 1 fragments
HTTP/1.0 200 OK
Content-Type: text/html
<h2>mbed TLS Test Server</h2>
<p>Successful connection using: TLS-PSK-WITH-AES-256-CCM-8</p>
. Closing the connection... done
Troubleshooting
===============
- If the server does not receive the messages, use a network
traffic analyzer, like Wireshark.
- Reset the board
References
==========
[1] https://www.zephyrproject.org/doc/getting_started/getting_started.html
[2] https://www.zephyrproject.org/doc/boards/x86/galileo/doc/galileo.html
[3] https://tls.mbed.org/