• Registered: 2018-12-07
  • Posts: 6

Topic: wolfSSL with libxbee3

Hi,
I have already used libxbee3 https://github.com/attie/libxbee3 to communicate between two XBee Zigbee module, where the server and client codes are communicating over ZigBee without any trouble.

Now I am trying to integrate TLS connection between them using wolfSSL. As libxbee3 abstracts the serial socket, I have no direct access to it. So I am trying to use wolfSSL memory-tls code https://github.com/wolfSSL/wolfssl-exam … mory-tls.c to communicate between the server and client.

My client send callback (libxbee3 sends little more than 64 bytes at a time, so I chose 64 bytes):

int ClientSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
        printf("/*-------------------Send SZ: %d ------------------*/\n", sz);
        int i=64, j=0, k;
        char tmpbuf[65]={0};
        char endbuf[]="END";

        int tcnt=sz*2;
        char asciiString[tcnt +1];
        for (k = 0; k<sz; k++) {
                sprintf(asciiString+2*k,"%02X", (unsigned char) *(buf+k));
        }
        asciiString[tcnt] = 0;

        while((tcnt-j)>64){
                memset(tmpbuf,0,sizeof(tmpbuf));
                memcpy(tmpbuf,asciiString+j,i);
                if ((xbee_conTx(con, NULL, tmpbuf)) != XBEE_ENONE) {
                        xbee_log(xbee, -1, "xbee_conTx() returned for sendloop");
                }
                else{
                        j=j+i;
                }
        }
        memset(tmpbuf,0,sizeof(tmpbuf));
        memcpy(tmpbuf,asciiString+j,(tcnt-j));
        if ((xbee_conTx(con, NULL, tmpbuf)) != XBEE_ENONE) {
                xbee_log(xbee, -1, "xbee_conTx() returned for last remaining bytes");
        }
        if ((xbee_conTx(con, NULL, endbuf)) != XBEE_ENONE) {
                xbee_log(xbee, -1, "xbee_conTx() returned for ENDBUF");
        }

        printf("/*------------------- CLIENT SENDING ------------------*/\n");
        for (k = 0; k < sz; k++) {
            if (k > 0 && (k % 16) == 0)
                printf("\n");
            printf("%02x ", (unsigned char) buf[k]);
        }
        printf("\n/*------------------- CLIENT SENDING END ------------------*/\n");
        return sz;
}

And my server receive callback:

int ServerRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
        char endbuf[4];
        int i, j=0;
        xbee_err ret;
        struct xbee_pkt *pkt;
        memset(buf,0,sizeof(buf));
        while(1){
                if((ret=xbee_conRx(localCon, &pkt, NULL)) != XBEE_ENONE){
                        xbee_log(xbee, -1, "xbee_conRx() returned for whileloop");
                        printf("Nothing rcvd\n");
                        continue;
                }
                if ((pkt)->dataLen > 0) {
                        memcpy(endbuf, (pkt)->data, 3);
                        if(!strncmp(endbuf,"END",3)){
                                xbee_pktFree(pkt);
                                break;
                        }

                        int hlpbuf[3]={0}, k=0, num;
                        for(k;k<((pkt)->dataLen/2);k++){
                                memcpy(hlpbuf,(pkt)->data+2*k,2);
                                num = (int)strtoul(hlpbuf, NULL, 16);
                                *(buf+j+k)=num;
                        }
                        j=j+((pkt)->dataLen/2);
                        if (xbee_pktFree(pkt) != XBEE_ENONE) return 1;
                }
        }

        *(buf+j)='\0';
        sz = j;
        printf("SERVER WANTS TO READ: %d bytes\n", sz);
        printf("/*------------------- SERVER READING ------------------*/\n");
        for (i = 0; i < sz; i++) {
            if (i > 0 && (i % 16) == 0)
                printf("\n");
            printf("%02x ", (unsigned char) *(buf+i));
        }
        printf("\n/*------------------- SERVER READING ------------------*/\n");
        return sz;
}

Both Server send and Client receive callback are similar to above. When I run the code the client sends 148 bytes of data and then trying to receive using the receive callback:

/*-------------------Send SZ: 148 ------------------*/
/*------------------- CLIENT SENDING ------------------*/
16 03 03 00 8f 01 00 00 8b 03 03 c2 97 2f eb c4 
53 e7 1e 4f c8 23 1c c3 90 f6 9f 4e 18 88 f7 a4 
5d a7 f9 73 7d 08 80 5c 96 56 42 00 00 30 c0 2c 
c0 2b c0 30 c0 2f 00 9f 00 9e cc a9 cc a8 cc aa 
c0 27 c0 23 c0 28 c0 24 c0 0a c0 09 c0 14 c0 13 
00 6b 00 67 00 39 00 33 cc 14 cc 13 cc 15 01 00 
00 32 00 0d 00 12 00 10 06 03 05 03 04 03 02 03 
06 01 05 01 04 01 02 01 00 0b 00 02 01 00 00 0a 
00 0e 00 0c 00 10 00 13 00 15 00 17 00 18 00 19 
00 17 00 00 
/*------------------- CLIENT SENDING END ------------------*/
/*-------------------RCV SZ: 5 ------------------*/
Nothing rcvd
Nothing rcvd
Nothing rcvd
...

But the server is only receiving, and then give an error without trying to send back anything:

SERVER WANTS TO READ: 148 bytes
/*------------------- SERVER READING ------------------*/
16 03 03 00 8f 01 00 00 8b 03 03 c2 97 2f eb c4 
53 e7 1e 4f c8 23 1c c3 90 f6 9f 4e 18 88 f7 a4 
5d a7 f9 73 7d 08 80 5c 96 56 42 00 00 30 c0 2c 
c0 2b c0 30 c0 2f 00 9f 00 9e cc a9 cc a8 cc aa 
c0 27 c0 23 c0 28 c0 24 c0 0a c0 09 c0 14 c0 13 
00 6b 00 67 00 39 00 33 cc 14 cc 13 cc 15 01 00 
00 32 00 0d 00 12 00 10 06 03 05 03 04 03 02 03 
06 01 05 01 04 01 02 01 00 0b 00 02 01 00 00 0a 
00 0e 00 0c 00 10 00 13 00 15 00 17 00 18 00 19 
00 17 00 00 
/*------------------- SERVER READING ------------------*/
wolfSSL error: bad server tls accept

How could I check what the problem is? Why is it not working? The ssl setup code for the client and server are identical to memory-tls.c.

Please help me to find the issue.

Thank you.

Best regards

Share

  • Jacob
  • Moderator
  • Offline
  • Registered: 2014-08-21
  • Posts: 79

Re: wolfSSL with libxbee3

Hi rrsuj,

How is the client receive callback function set up or is it the default wolfSSL one reading from a TCP/UDP socket?

One thing to check for is that if a callback receive function gets more bytes than what was requested of the callback it needs a mechanism to store the extra bytes for the next call. Unless this is being handled by libxbee3 and the callback is only reading the requested amount. A scenario is wolfSSL requests 5 bytes (for packet header) and the callback ends up reading the whole packet not just the first 5. When wolfSSL calls the receive callback function again it is expecting to get the rest of the packet (everything after the first 5 bytes).

Regards,
Jacob

Share

  • Registered: 2018-12-07
  • Posts: 6

Re: wolfSSL with libxbee3

Hi Jacob,
Thank you very much for your reply. Definitely I did not handle that 5 bytes issue, because my client receive callback function is almost identical to server receive callback. Here it is-

int ClientRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
        char endbuf[4];
        printf("/*-------------------RCV SZ: %d ------------------*/\n", sz);
        int j=0;
        struct xbee_pkt *pkt;
        xbee_err ret;
        while(1){

                if ((ret=xbee_conRx(con, &pkt, NULL)) != XBEE_ENONE){
                        xbee_log(xbee, -1, "xbee_conRx() returned for whileloop");
                        printf("Nothing rcvd\n");
                        usleep(100000);
                        continue;
                }

                if ((pkt)->dataLen > 0) {
                        memcpy(endbuf, (pkt)->data, 3);
                        if(!strncmp(endbuf,"END",3)){
                                xbee_pktFree(pkt);
                                break;
                        }

                        int hlpbuf[3]={0}, k=0, num;
                        for(k;k<((pkt)->dataLen/2);k++){
                                memcpy(hlpbuf,(pkt)->data+2*k,2);
                                num = (int)strtoul(hlpbuf, NULL, 16);
                                *(buf+j+k)=num;
                                printf("TTPACKT %02X \n", (unsigned char) *(buf+j+k));
                        }
                        j=j+((pkt)->dataLen/2);
                        if (xbee_pktFree(pkt) != XBEE_ENONE) return 1;
                }
        }
        sz = j; 
        buf[sz] = 0;
        int i;
        printf("Client WANTS TO READ: %d bytes\n", sz);
        printf("/*------------------- CLIENT READING ------------------*/\n");
        for (i = 0; i < sz; i++) {
            printf("%02x ", (unsigned char) buf[i]);
            if (i > 0 && (i % 16) == 0)
                printf("\n");
        }
        printf("\n/*------------------- CLIENT READING END ------------------*/\n");
        return sz;
}

And it is set up by -


    WOLFSSL_CTX* cli_ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
    if (cli_ctx == NULL) err_sys("bad client ctx new");

    int retssl = wolfSSL_CTX_load_verify_locations(cli_ctx, CACERT, NULL);
    if (retssl != SSL_SUCCESS) err_sys("bad ca load");

    wolfSSL_SetIOSend(cli_ctx, ClientSend);
    wolfSSL_SetIORecv(cli_ctx, ClientRecv);

    WOLFSSL* cli_ssl = wolfSSL_new(cli_ctx);
    if (cli_ctx == NULL) err_sys("bad client new");

    retssl = wolfSSL_connect(cli_ssl);
    if (retssl != SSL_SUCCESS) err_sys("bad client tls connect");

I understood what you describe, but I am not sure how to implement that in my code. I have to try and check.

Best regards

Share

  • Jacob
  • Moderator
  • Offline
  • Registered: 2014-08-21
  • Posts: 79

Re: wolfSSL with libxbee3

rrsuj,

As with many programing solutions there is multiple ways to go about it. One thing that may be useful for your case though is the user context provided for the IO callbacks. This can be set with the functions wolfSSL_SetIOReadCtx and wolfSSL_SetIOWriteCtx. When used, the 4th argument (void* ctx) in the callbacks gets set to the pointer passed into the wolfSSL_SetIO*Ctx functions. This could be anything including a structure that has a buffer used for storing extra data.

Regards,
Jacob

Share

  • Registered: 2018-12-07
  • Posts: 6

Re: wolfSSL with libxbee3

Hi Jacob,
Everything works fine. Thank you for your support. I was waiting to reply you because I wanted to confirm that no other issues were there regarding wolfssl.

Best regards

Share