OrgZephyr/zephyr
OrgZephyr
/
zephyr
mirror of https://github.com/zephyrproject-rtos/zephyr.git
1
0
Fork 0
Code Issues Releases Wiki Activity
zephyr/samples/net/mbedtls_dtlsserver
History
Andrew Boie 39962dc92c samples: use k_thread_create() 
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
 		2017-05-11 20:24:22 -04:00
..
src samples: use k_thread_create() 2017-05-11 20:24:22 -04:00
Makefile
README.rst doc: add labels to net sample docs for linking 2017-04-04 19:52:06 +00:00
prj_qemu_x86.conf net: Rename Kconfig.samples and its main option for future changes 2017-03-31 11:24:26 +02:00
testcase.ini

README.rst 

.. _mbedtsl-delsserver-sample:

mbedTLS DTLS sample server
############################

Overview
********
This sample code shows a simple DTLS server using mbedTLS on top of Zephyr.

Building and Running
********************

Follow the steps for testing :ref:`networking with Qemu <networking_with_qemu>`.

In the application directory type:

.. code-block:: console

   $make run

.. code-block:: console

   . Seeding the random number generator... ok
   . Setting up the DTLS structure... ok
   . Setting connection
   ok
   . Setting up ecjpake password ... ok
   . Performing the TLS handshake...

In other terminal window, obtain the mbed TLS code from:

	https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz

and put it in a well known directory, in your Linux machine, this will be your
client.

Move to that directory and compile the mbedTLS on your host machine

.. code-block:: console

   tar -xvzf mbedtls-2.3.0-apache.tgz
   cd mbedtls-2.3.0
   CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<config-thread.h>'" make

   ./programs/ssl/ssl_client2 server_addr=192.0.2.1 dtls=1 ecjpake_pw=passwd

You will get the following output:

.. code-block:: console

   . Seeding the random number generator... ok
   . Connecting to udp/192.0.2.1/4433... ok
   . Setting up the SSL/TLS structure... ok
   . Performing the SSL/TLS handshake... ok
   [ Protocol is DTLSv1.2 ]
   [ Ciphersuite is TLS-ECJPAKE-WITH-AES-128-CCM-8 ]
   [ Record expansion is 29 ]
   [ Maximum fragment length is 16384 ]
   > Write to server: 34 bytes written in 1 fragments

   GET / HTTP/1.0
   Extra-header:


   < Read from server: 34 bytes read

   GET / HTTP/1.0
   Extra-header:

   . Closing the connection... done

From the app directory type the screen should display

.. code-block:: console

   . Performing the TLS handshake... hello verification requested
   . Setting up ecjpake password ... ok
   . Performing the TLS handshake... ok
   < Read from client: 34 bytes read

   GET / HTTP/1.0
   Extra-header:


   > Write to client: 34 bytes written

   GET / HTTP/1.0
   Extra-header:

   < Read from client: connection was closed gracefully
   . Closing the connection... done
   . Setting up ecjpake password ... ok
   . Performing the TLS handshake...

If trying to use IPv6 edit the file prj_qemu_x86.conf and chage the line from
CONFIG_NET_IPV6=n to CONFIG_NET_IPV6=y

And run the client on mbedTLS as

.. code-block:: console

   ./programs/ssl/ssl_client2 server_addr=2001:db8::1 dtls=1 ecjpake_pw=passwd

If the server does not receive the  messages, restart the app and try to connect
the client again.

References
**********

* https://tls.mbed.org/