zephyr

History

Flavio Santes fc24fc293a samples/mbedtls_dtlsclient: Add ARG_UNUSED This commit adds the ARG_UNUSED macro for the status variable in the udp_received callback. Change-Id: I8c592cab72ccf5ba314742ef705e96d4a4d067e9 Signed-off-by: Flavio Santes <flavio.santes@intel.com>		2016-12-16 19:14:53 +01:00
..
src	samples/mbedtls_dtlsclient: Add ARG_UNUSED	2016-12-16 19:14:53 +01:00
Makefile	samples/mbedtls_dtlsclient: mbedTLS sample DTLS compile on unified kernel.	2016-12-02 12:41:03 +02:00
README	…
README_arduino_101	samples/mbedtls_dtlsclient: mbedTLS sample DTLS client app on Arduino 101.	2016-12-02 12:41:01 +02:00
prj_arduino_101.conf	libc: rework libc selection and reduce Kconfigs	2016-12-15 22:31:28 +00:00
prj_qemu_x86.conf	libc: rework libc selection and reduce Kconfigs	2016-12-15 22:31:28 +00:00
testcase.ini	samples/mbedtls_dtlsclient: mbedTLS sample DTLS client app on Arduino 101.	2016-12-02 12:41:01 +02:00

README

mbed TLS DTSL client
+++++++++++

This sample code shows a simple DTSL client using mbed TLS on top of Zephyr


Prerequisites
=============

- PC with Linux.
- screen command and gcc compiler


Procedure
=========

a) Follow the prerequisites described in
https://wiki.zephyrproject.org/view/Networking-with-Qemu

	$ git clone https://gerrit.zephyrproject.org/r/net-tools
	$ cd net-tools
	$ make

b) From a terminal window, type:

	$ ./loop-socat.sh

c) Open another terminal window, change directory to the one where net-tools
are
	$ cd net-tools
	$ sudo ./loop-slip-tap.sh

d) In other terminal window, obtain the mbed TLS code from:

	https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz

and put it in a well know directory, in your Linux machine, this will be your
server.

e) cd to that directory and compile the mbedTLS on your host machine

	$ tar -xvzf mbedtls-2.3.0-apache.tgz
	$ cd mbedtls-2.3.0
	$ CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<config-thread.h>'" make

f) Assign the server IP address and start the DTSL server.

	$ sudo ip addr add 192.0.2.2/24 dev tap0
	$ ./programs/ssl/ssl_server2 dtls=1 ecjpake_pw=passwd

You should see something like this

 	. Seeding the random number generator... ok
 	. Bind on udp://*:4433/ ... ok
 	. Setting up the SSL/TLS structure... ok
 	. Waiting for a remote connection ...

To stop the server use Ctrl-C and repeat steps described in f) every time
QEMU gets terminated, due the Netwrok interface (tap) being restarted.


g) From the app directory type

	$make pristine && make qemu

The screen should display


 	. Seeding the random number generator... ok
 	. Setting up the DTLS structure... ok
 	. Connecting to udp 192.0.2.2:4433... ok
 	. Setting up ecjpake password ... ok
 	. Performing the SSL/TLS handshake... ok
 	> Write to server: ok
 	. Closing the connection... done

h) In the server side you should see this

	. Performing the SSL/TLS handshake... hello verification requested
  	. Waiting for a remote connection ... ok
	. Performing the SSL/TLS handshake... ok
	 [ Protocol is DTLSv1.2 ]
	 [ Ciphersuite is TLS-ECJPAKE-WITH-AES-128-CCM-8 ]
	 [ Record expansion is 29 ]
	 [ Maximum fragment length is 16384 ]
	< Read from client: 18 bytes read

GET / HTTP/1.0

  > Write to client: 143 bytes written in 1 fragments

HTTP/1.0 200 OK
Content-Type: text/html

<h2>mbed TLS Test Server</h2>
<p>Successful connection using: TLS-ECJPAKE-WITH-AES-128-CCM-8</p>

	. Closing the connection... done
	. Waiting for a remote connection ... ok
	. Performing the SSL/TLS handshake... failed
	! mbedtls_ssl_handshake returned -0x7900

	. Waiting for a remote connection ...

Disregard the last handshake failed message, due the closing connection


Troubleshooting
===============

- If the server does not receive the  messages, use a network
  traffic analyzer, like Wireshark.

- Reset the board

References
==========

[1] https://www.zephyrproject.org/doc/getting_started/getting_started.html
[2] https://wiki.zephyrproject.org/view/Networking-with-Qemu
[3] https://tls.mbed.org/