OrgZephyr/zephyr
OrgZephyr
/
zephyr
mirror of https://github.com/zephyrproject-rtos/zephyr.git
1
0
Fork 0
Code Issues Releases Wiki Activity
zephyr/samples/net/mbedtls_dtlsserver
History
Marcus Shawcroft 8a612c3a44 samples/mbedtls_dtls_server: Use k_uptime_get_32() 
The kernel provides an API call to get the least signficant 32 bits of
system time, use it rather than	reaching under the hood.

Change-Id: I98fabdcadfd0a4fe5ae10226dabf4e6d31e88df6
Signed-off-by: Marcus Shawcroft <marcus.shawcroft@arm.com>
 		2017-02-09 14:26:57 +00:00
..
src samples/mbedtls_dtls_server: Use k_uptime_get_32() 2017-02-09 14:26:57 +00:00
Makefile license: Replace Apache boilerplate with SPDX tag 2017-01-19 03:50:58 +00:00
README.rst doc: net: use Qemu setup section in current documentation 2017-02-03 15:59:19 +02:00
prj_qemu_x86.conf net: samples: Fix config option 2017-01-27 12:35:51 +02:00
testcase.ini

README.rst 

mbedTLS DTLS sample server
############################

Overview
********
This sample code shows a simple DTLS server using mbedTLS on top of Zephyr.

Building and Running
********************

Follow the steps for testing :ref:`networking with Qemu <networking_with_qemu>`.

In the application directory type:

.. code-block:: console

   $make run

.. code-block:: console

   . Seeding the random number generator... ok
   . Setting up the DTLS structure... ok
   . Setting connection
   ok
   . Setting up ecjpake password ... ok
   . Performing the TLS handshake...

In other terminal window, obtain the mbed TLS code from:

	https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz

and put it in a well known directory, in your Linux machine, this will be your
client.

Move to that directory and compile the mbedTLS on your host machine

.. code-block:: console

   tar -xvzf mbedtls-2.3.0-apache.tgz
   cd mbedtls-2.3.0
   CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<config-thread.h>'" make

   ./programs/ssl/ssl_client2 server_addr=192.0.2.1 dtls=1 ecjpake_pw=passwd

You will get the following output:

.. code-block:: console

   . Seeding the random number generator... ok
   . Connecting to udp/192.0.2.1/4433... ok
   . Setting up the SSL/TLS structure... ok
   . Performing the SSL/TLS handshake... ok
   [ Protocol is DTLSv1.2 ]
   [ Ciphersuite is TLS-ECJPAKE-WITH-AES-128-CCM-8 ]
   [ Record expansion is 29 ]
   [ Maximum fragment length is 16384 ]
   > Write to server: 34 bytes written in 1 fragments

   GET / HTTP/1.0
   Extra-header:


   < Read from server: 34 bytes read

   GET / HTTP/1.0
   Extra-header:

   . Closing the connection... done

From the app directory type the screen should display

.. code-block:: console

   . Performing the TLS handshake... hello verification requested
   . Setting up ecjpake password ... ok
   . Performing the TLS handshake... ok
   < Read from client: 34 bytes read

   GET / HTTP/1.0
   Extra-header:


   > Write to client: 34 bytes written

   GET / HTTP/1.0
   Extra-header:

   < Read from client: connection was closed gracefully
   . Closing the connection... done
   . Setting up ecjpake password ... ok
   . Performing the TLS handshake...

If trying to use IPv6 edit the file prj_qemu_x86.conf and chage the line from
CONFIG_NET_IPV6=n to CONFIG_NET_IPV6=y

And run the client on mbedTLS as

.. code-block:: console

   ./programs/ssl/ssl_client2 server_addr=2001:db8::1 dtls=1 ecjpake_pw=passwd

If the server does not receive the  messages, restart the app and try to connect
the client again.

References
**********

* https://tls.mbed.org/