Skip to content

How to Setup TLS Using Microscurid

Adding the certificate

STM32 uses Mbed TLS and its APIs. Add the content of the certificate to examples/p-nucleo-wb55/Drivers/TLS/certificate.h. To use the certificate in STM32, we must format the file so that it resembles the one below:

const char  self_signed_certificate[] = \
"-----BEGIN CERTIFICATE----- \r\n" \
"MIIFPjCCAyagAwIBAgITc1wgneP76oa7kdwzfcsbFbziPjANBgkqhkiG9w0BAQsF \r\n" \
"cmlkLmNvbTAeFw0yMjExMDExNzAwMzZaFw0yMjExMTMwNjQ3MTVaMGsxCzAJBgNV \r\n" \
"8GshMG8AT85A56s/HVhd+/KW5IWCbz3KpyoG/Z5YBtKzxVEPI1bjZdmVHwlUDJVW \r\n" \
"YxY= \r\n" \
"-----END CERTIFICATE----- \r\n";

Here is a simple python script to edit the certificate to this format:

file1 = open('ca.crt', 'r')
Lines = file1.readlines()
n = len(Lines)

with open('ca-edited.crt', 'w') as f:
    for i, line in enumerate(Lines):
        if i == n - 1:
            f.write('"' + line.strip() + ' \\r\\n' + '"' + ";\n")
        f.write('"' + line.strip() + ' \\r\\n' + '"' + " \\" + "\n")

Coming soon.

Actual code

It takes about 2~3 minutes to establish the TLS connection on the STM32.

wiz_tls_context tlsContext;

ret = wiz_tls_init(&tlsContext,&server_fd); // should return 1

ret = wiz_tls_connect(&tlsContext, BACKEND_PORT, gServer_IP); // should return 0

while (create_identity(task_interface->hrng, &did) == -1)
    printf("Error generating did, trying again in 100ms...\r\n");

printf("\ndid:%s:%s\r\n\n", did.method, did.identifier);

data_len = create_data_buffer(&did, g_send_buf, timestamp);

/*  Write data to the SSL channel  */
ret = wiz_tls_write(&tlsContext, g_send_buf, data_len);

If running locally, you can check on Wireshark what is happening. The flow graph should look similar to here: flow_graph

Coming soon.