WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity
wolfssl-examples/btle
History
David Garske 20d94ae1c8 Added DEBUG_WOLFSSL to the debug flags in Makefile. Thanks Kaleb. 2017-07-31 16:04:47 -07:00
..
BTLESecureMessageExchange.pdf First pass at a BTLE example for ECC encrypt scheme. 2017-07-17 20:20:32 -07:00
Makefile Added DEBUG_WOLFSSL to the debug flags in Makefile. Thanks Kaleb. 2017-07-31 16:04:47 -07:00
README.md Fixed several typos in `btle/README.md`. Changed the `btle/Makefile` to default to non-debug / dynamic wolfSSL library. 2017-07-22 11:31:18 -07:00
btle-sim.c Fix bug with not sending server salt before setting peer salt. Added additional error check in `btle_send`. Fixed filename type in ecc-client.c. Added notes about how to validate server public key using a trusted cert (TODO). 2017-07-20 11:13:36 -07:00
btle-sim.h Added error response checking. Added header to indicate packet type and length. Added padding for packets. Testing almost complete. 2017-07-18 20:43:14 -07:00
ecc-client.c Fix bug with not sending server salt before setting peer salt. Added additional error check in `btle_send`. Fixed filename type in ecc-client.c. Added notes about how to validate server public key using a trusted cert (TODO). 2017-07-20 11:13:36 -07:00
ecc-server.c Fix bug with not sending server salt before setting peer salt. Added additional error check in `btle_send`. Fixed filename type in ecc-client.c. Added notes about how to validate server public key using a trusted cert (TODO). 2017-07-20 11:13:36 -07:00

README.md

BTLE Examples

BTLE / Lightweight Secure Transport Example:

Bluetooth Low Energy (BTLE) is a lightweight / low power wireless protocol. Its supported by Apple iPhone 4s and later and most Android phones. It operates in the 2.4GHz spectrum and has 3 advertising channels and 37 data channels.

This example demonstrates a lightweight method for exchanging data securely over any type of publicly visible link.

The first phase is key establishment, which is done through ECDH and HDKF. ECC was chosen for these examples because its lightweight and widely used. Then salt exchanged for each message to prevent reply attacks. The encryption is done with AES CBC. The data integrity is done using HMAC-SHA256.

ECC Encrypt/Decrypt Example

See BTLESecureMessageExchange.pdf for details.

Building

The wolfSSL library must be built and installed using './configure --enable-ecc --enable-eccencrypt --enable-hkdf && make && sudo make install' or by defining #define HAVE_ECC, #define HAVE_ECC_ENCRYPT and HAVE_HKDF.

Usage

Use two consoles and STDIN to exchange data between the client and server. From the client enter a message and hit enter. This will be encrypted and sent to the server. The server will decrypt, print and re-encrypt the message and send it back to the client (echo).

./ecc-server
./ecc-client

Debugging

To enable debugging or switch to using a static version of wolfSSL edit the Makefile and uncomment CFLAGS+=$(DEBUG_FLAGS) and STATIC_LIB+=$(LIB_PATH)/lib/libwolfssl.a. Then comment out LIBS+=$(DYN_LIB) -lm.

BTLE Simulator

The simulator uses IPC (pipes) to communicate between threads for simulated communication between two devices.