mbedTLS and MPLABx IDE - PIC32MX MCU

Mbed TLS Platform specific questions
19

@acpie360 Thanks very much for note this. “\n”? or maybe “\r\n”? or maybe both will work?

@roneld01
Thanks, I have added mbedtls_ssl_setup.

Now, regarding mbedTLS, I have the following in my project:

mbedtls_net_context server_fd;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt cacert;
int mbedtls_hardware_poll (void *data, unsigned char *output, size_t len, size_t *olen) 
{
    data = NULL;                
    
    uint16_t i = 0;
    
    //supply up to 64 numbers, and a maximum of 'len' bytes (requested)
    while (i < ManchesterRandomNumberQty && i < len) 
    {
        *(output+i) = ManchesterReadRandomNumber(DECOD_MANCHESTER());
        i++;
    }
    
    *olen = i;
    return 0;
}
void my_debug ( void *ctx, int level, const char *file, int line, const char *str ) 
{ 
    //((void) level); 
    fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); fflush( (FILE *) ctx ); 
}
void TLSClose (void) 
{
    mbedtls_ssl_free( &ssl );
    mbedtls_ctr_drbg_free( &ctr_drbg );
    mbedtls_ssl_config_free( &conf );
    mbedtls_entropy_free( &entropy );    
}
int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len ) 
{
   
}
int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len) 
{
    
}

These are called one time at MCU startup:

mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_entropy_init( &entropy );

And before sending/receive data to/from the server:

//------------------------------------------------------------------------
        //TLS - CONNECTION SETUP
        if( ( ret = mbedtls_ssl_config_defaults( &conf, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) { }
        mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
        mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
        if( ( ret = mbedtls_ssl_set_hostname( &ssl, "abomin3v3l-3e161.firebaseio.com" ) ) != 0 ) {  }
        mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
        //------------------------------------------------------------------------

        
        //------------------------------------------------------------------------
        //TLS - SERVER CERTIFICATE AUTHORITY
        const char cafile[] = "-----BEGIN CERTIFICATE-----MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIxMTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRmLwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOtIZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY=-----END CERTIFICATE-----"; 
        
        mbedtls_x509_crt_init( &cacert );
        if( ( ret = mbedtls_x509_crt_parse( &cacert, cafile, strlen(cafile)+1 ) ) != 0 ) { }
        mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
        //------------------------------------------------------------------------


        mbedtls_ssl_setup(&ssl, &conf);

I just need to implement rx/tx functions now? Do you see something else missing?

Regards.