OrgZephyr/zephyr
OrgZephyr
/
zephyr
mirror of https://github.com/zephyrproject-rtos/zephyr.git
1
0
Fork 0
Code Issues Releases Wiki Activity
zephyr/samples/net/mbedtls_sslclient
History
Anas Nashif fe958df4dd libc: rework libc selection and reduce Kconfigs 
Moved all libc Kconfigs to where the code is and remove the default
Kconfig for selecting the minimal libc. Minimal libc is now the default
if nothing else is configured in.

Removed the options for extended libc, this obviously was restricting
features in the minimal libc without a good reason, most of the
functions are available directly when using newlib, so there is no
reason why we need to restrict those in minimal libc.

Jira: ZEP-1440
Change-Id: If0a3adf4314e2ebdf0e139dee3eb4f47ce07aa89
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
 		2016-12-15 22:31:28 +00:00
..
src samples/net: mbedTLS TCP client use unified thread spawn API 2016-11-11 02:51:32 +00:00
Makefile samples/net: mbedTLS TCP client use unified kernel 2016-11-11 02:51:31 +00:00
README
prj_galileo.conf libc: rework libc selection and reduce Kconfigs 2016-12-15 22:31:28 +00:00
testcase.ini net: Remove legacy Contiki based uIP stack 2016-12-02 12:41:17 +02:00

README 

mbed TLS ssl client
+++++++++++

This sample code shows a simple client using mbed TLS on top of Zephyr


Prerequisites
=============

- Galileo Gen 2 Development Board
- USB to UART TTL (CH340, FTDI or equivalent)
- PC with Linux.
- screen command and gcc compiler
- LAN for testing purposes


Procedure
=========

a) Change the server, netmask and client addresses according to your network
   in src/tcp_cfg.h.

b) From a terminal window, type:

    make pristine && make BOARD=galileo

c) Copy the binary (outdir/zephyr.strip) to the Galileo's boot
   device. Insert the boot device.

d) Plug the USB side of the USB-UART cable to the PC.
   Connect the USB-UART cable to the Galileo.
   Connect the Galileo to the LAN.

e) Open a terminal window, type:

    screen /dev/ttyUSB0 115200

f) Obtain the mbed TLS code from and put it in a well know directory, in
   your Linux machine, this will be your server.

	- https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz

g) cd to that directory and start the server using a the preshared key

# tar -xvzf mbedtls-2.3.0-apache.tgz
# cd mbedtls-2.3.0
# CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<config-ccm-psk-tls1_2.h>'" make
# ./programs/ssl/ssl_server2 psk=000102030405060708090a0b0c0d0e0f

You should see something like this

  . Seeding the random number generator... ok
  . Bind on tcp://*:4433/ ... ok
  . Setting up the SSL/TLS structure... ok
  . Waiting for a remote connection ...


h) Power-up the board

i) 'screen' will show this after a few seconds:

WARNING: no console will be available to OS
error: no suitable video mode found.

  . Seeding the random number generator... ok
  . Setting up the SSL/TLS structure... ok
  . Connecting to tcp/localhost/4433... ok
  . Performing the SSL/TLS handshake... ok
  > Write to server: ok
  . Closing the connection... done

j) The server side should print

  . Waiting for a remote connection ... ok
  . Performing the SSL/TLS handshake... ok
    [ Protocol is TLSv1.2 ]
    [ Ciphersuite is TLS-PSK-WITH-AES-256-CCM-8 ]
    [ Record expansion is 21 ]
  < Read from client: 18 bytes read

GET / HTTP/1.0

  > Write to client: 139 bytes written in 1 fragments

HTTP/1.0 200 OK
Content-Type: text/html

<h2>mbed TLS Test Server</h2>
<p>Successful connection using: TLS-PSK-WITH-AES-256-CCM-8</p>

  . Closing the connection... done


Troubleshooting
===============

- If the server does not receive the  messages, use a network
  traffic analyzer, like Wireshark.

- Reset the board

References
==========

[1] https://www.zephyrproject.org/doc/getting_started/getting_started.html
[2] https://wiki.zephyrproject.org/view/Galileo_Gen1_Gen2
[3] https://tls.mbed.org/