1. Add more documentation 2. Add cleanup functions for client and server before return 3. Add the ability for client to use a hostname for SERVER_IP
5.2 KiB
wolfSSL for Microsoft Azure Sphere Devices
Description
This directory contains the Visual Studio projects targeted for Azure Sphere.
The example projects include a client, server and wolfCrypt Library Test.
Each of these projects relies on the wolfSSL static library project.
Each project uses user_settings.h
for to enable and disable features.
Set Up Steps
-
Setup your Azure Sphere device. Install Azure Sphere Set up an account Claim your device Configure networking
-
Open the wolfssl Microsoft Visual Studio Solution
-
Build All the Projects
- Right Click:
Solution 'wolfssl' (4 of 4 projects)
- Click:
Build Solution
- Right Click:
-
Connect your Azure Sphere MT3620 Development Board using USB.
-
Run the wolfCrypt Library Test
- Right Click:
wolfcrypt_test (Azure Sphere)
- Click:
Debug->'Start new instance'.
- Right Click:
-
Wait for the wolfCrypt Library Test to finish.
-
Test the client.
- Run client(Azure Sphere) using:
Debug->'Start new instance'
- Run client(Azure Sphere) using:
It's OK if the HTTP GET request returns an error. The TLS connection was successful.
- Test the server.
- Run server(Azure Sphere) using:
Debug->'Start new instance'
- Run the following wolfSSL example client command inside wolfssl directory.
- Run server(Azure Sphere) using:
./examples/client/client -h "Server IP Address" -p 11111 -A ./certs/ca-cert.pem
Client
The client project has defines in user_settings.h
for:
SERVER_IP
, CERT
, SIZEOF_CERT
, DEFAULT_PORT
and msg
.
These are set by default to connect to www.wolfssl.com
.
If CUSTOM_SERVER_CONNECTION
is defined then the client would be ready to connect
to a example server at an IP address of 192.168.1.200
.
The example server could be started with the following command:
./examples/server/server -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
Server Options Explanation:
-b Bind to any interface instead of localhost only
-c <file> Certificate file, default ./certs/server-cert.pem
-d Disable client cert check
-k <file> Key file, default ./certs/server-key.pem
-p <num> Port to listen on, not 0, default 11111
-? <num> Help, print this usage
This command assumes that you're in the base directory of 'wolfssl' and it has
been configured and compiled on a computer with an IP address of 192.168.1.200
.
Change SERVER_IP
under CUSTOM_SERVER_CONNECTION
in user_settings.h
accordingly.
If you would like to connect to a website on the internet other then
www.wolfssl.com
then you would need to put it's corresponding CA certificate
in client.h
similarly to wolfssl_website_root_ca
.
The CERT
and SIZEOF_CERT
array could be created using the dertoc.pl
script under wolfssl/scripts/dertoc.pl
.
Usage Example:
./scripts/dertoc.pl ./certs/server-cert.der server_cert_der_2048 dertoc.c
You would then copy the generated output from dertoc.c
into client.h
and set
CERT and SIZEOF_CERT
accordingly inside user_settings.h
.
The IP address of the server to connect to also needs to be added to the client's
app_manifest.json
under 'AllowedConnections'. There are IP addresses in the
default app_manifest.json
for testing purposes and can be removed if not needed.
Server
The Server application will wait for any incoming client connections once built and uploaded to the MT3620 Development board.
The following wolfSSL example client can connect to a server on the MT3620 board:
./examples/client/client -h "Server IP Address" -p 11111 -A ./certs/ca-cert.pem
Client Options Explanation:
-A <file> Certificate Authority file, default ./certs/ca-cert.pem
-h <host> Host to connect to, default 127.0.0.1
-p <num> Port to listen on, not 0, default 11111
-? <num> Help, print this usage
wolfCrypt Test
This tests the wolfCrypt Library.
This is a good test to run if you change the options in user_settings.h
.
Troubleshooting
-
Ensure your Azure Sphere MT3620 Development Board was set up using the instructions using the Azure Sphere Documentation (See Link Below). This includes claiming your device, updating device, setting up networking, and prepping for debug.
-
The commands for the example client/server assumes it is being run from the base directory of wolfssl.
Resources
[wolfSSL API Reference] (https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
[wolfCrypt API Reference] (https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)