【嵌入式实战】STM32+FreeRTOS+LWIP+WolfSSL 实现 HT _嵌入

下图是一个简单版本的 https 通讯过程，这里不详细讲解了
二、简单介绍 2.1是什么？
嵌入式 SSL库是用 ANSI C 编写的轻量级 SSL / TLS 库，主要针对嵌入式，RTOS 和资源受限的环境——主要是因为其体积小，速度快和功能集丰富。由于其免版税定价和出色的跨平台支持，它也通常用于标准操作环境。支持高达当前 TLS 1.3 和 DTLS 1.2 级别的行业标准，比小多达20倍，并提供诸如，，NTRU 和之类的渐进密码。在通过使用时，用户基准测试和反馈报告可显着提高性能。
2.2 获取官方 SDK
官网
三、STM32 Cube 配置 3.1 Cube 配置
3.2 修改 PHY 地址

文章插图
本项目使用的是芯片，需要修改 PHY为 0
四、生成工程的简单测试 4.1 手动修改 MAC 地址
Cube 生成的 MAC 地址是固定的，防止和测试环境中的其他设备相撞，需要打开文件 .c 手动修改 MAC 地址，我这里提取了芯片ID作为MAC地址的最后几位，这里是的芯片ID的地址
【【嵌入式实战】STM32+FreeRTOS+LWIP+WolfSSL 实现 HT】

uint32_t sn0 = *(uint32_t *)(0x1FF0F420);//STM32 cpu idMACAddr[3] = (sn0 >> 16) & 0xFF;MACAddr[4] = (sn0 >> 8) & 0xFFF;MACAddr[5] = sn0 & 0xFF;

4.2 Ping 测试
编译 -> 烧录到单片机里面，拿一条和 PC 在同一局域网内的网线，根据 ()函数下面设置的 IP 测试 ping 功能,下面是成功的结果图：
五、使用 Lwip +实现 HTTPs 5.1 引入库
#define WOLFSSL_USER_SETTINGS//使用自定义配置

 /* Example wolfSSL user settings for STM32F7 with CubeMX */#ifndef WOLFSSL_USER_SETTINGS_H#define WOLFSSL_USER_SETTINGS_H#ifdef __cplusplusextern "C" {#endif/* ------------------------------------------------------------------------- *//* Platform *//* ------------------------------------------------------------------------- */#undefWOLFSSL_GENERAL_ALIGNMENT#define WOLFSSL_GENERAL_ALIGNMENT4#undefSINGLE_THREADED#define SINGLE_THREADED#undefWOLFSSL_SMALL_STACK#define WOLFSSL_SMALL_STACK#undefWOLFSSL_STM32F7#define WOLFSSL_STM32F7#undefWOLFSSL_STM32_CUBEMX#define WOLFSSL_STM32_CUBEMX/* Optionally Disable Hardware Hashing Support */#define NO_STM32_HASH//#define NO_STM32_RNG#define NO_STM32_CRYPTO#undefFREERTOS#define FREERTOS#undefWOLFSSL_LWIP#define WOLFSSL_LWIP//#define HAVE_LWIP_NATIVE/* ------------------------------------------------------------------------- *//* Math Configuration *//* ------------------------------------------------------------------------- */#undefUSE_FAST_MATH#define USE_FAST_MATH#ifdef USE_FAST_MATH#undefTFM_TIMING_RESISTANT#define TFM_TIMING_RESISTANT#undefTFM_NO_ASM//#define TFM_NO_ASM/* Optimizations (TFM_ARM, TFM_ASM or none) *///#define TFM_ASM#endif/* ------------------------------------------------------------------------- *//* Crypto *//* ------------------------------------------------------------------------- *//* ECC */#if 1#undefHAVE_ECC#define HAVE_ECC/* Manually define enabled curves */#undefECC_USER_CURVES#define ECC_USER_CURVES//#define HAVE_ECC192//#define HAVE_ECC224#undef NO_ECC256//#define HAVE_ECC384//#define HAVE_ECC521/* Fixed point cache (speeds repeated operations against same private key) */#undefFP_ECC//#define FP_ECC#ifdef FP_ECC/* Bits / Entries */#undefFP_ENTRIES#define FP_ENTRIES2#undefFP_LUT#define FP_LUT4#endif/* Optional ECC calculation method *//* Note: doubles heap usage, but slightly faster */#undefECC_SHAMIR#define ECC_SHAMIR/* Reduces heap usage, but slower */#undefECC_TIMING_RESISTANT#define ECC_TIMING_RESISTANT#ifdef USE_FAST_MATH/* use reduced size math buffers for ecc points */#undefALT_ECC_SIZE#define ALT_ECC_SIZE/* optionally override the default max ecc bits *///#undefFP_MAX_BITS_ECC//#define FP_MAX_BITS_ECC512/* Enable TFM optimizations for ECC *///#define TFM_ECC192//#define TFM_ECC224//#define TFM_ECC256//#define TFM_ECC384//#define TFM_ECC521#endif#endif/* RSA */#undef NO_RSA#if 1#ifdef USE_FAST_MATH/* Maximum math bits (Max RSA key bits * 2) */#undefFP_MAX_BITS#define FP_MAX_BITS4096#endif/* half as much memory but twice as slow */#undefRSA_LOW_MEM//#define RSA_LOW_MEM/* Enables blinding mode, to prevent timing attacks */#undefWC_RSA_BLINDING#define WC_RSA_BLINDING#else#define NO_RSA#endif/* AES */#undef NO_AES#if 1#undefHAVE_AESGCM#define HAVE_AESGCM#ifdef HAVE_AESGCM/* GCM with hardware acceleration requires AES counter/direct for unaligned sizes */#undefWOLFSSL_AES_COUNTER#define WOLFSSL_AES_COUNTER#undefWOLFSSL_AES_DIRECT#define WOLFSSL_AES_DIRECT#endif/* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */#undefGCM_SMALL#define GCM_SMALL#else#define NO_AES#endif/* ChaCha20 / Poly1305 */#undef HAVE_CHACHA#undef HAVE_POLY1305#if 0#define HAVE_CHACHA#define HAVE_POLY1305/* Needed for Poly1305 */#undefHAVE_ONE_TIME_AUTH#define HAVE_ONE_TIME_AUTH#endif/* Ed25519 / Curve25519 */#undef HAVE_CURVE25519#undef HAVE_ED25519#if 0#define HAVE_CURVE25519#define HAVE_ED25519/* Optionally use small math (less flash usage, but much slower) */#if 0#define CURVED25519_SMALL#endif#endif/* ------------------------------------------------------------------------- *//* Hashing *//* ------------------------------------------------------------------------- *//* Sha */#undef NO_SHA#if 1/* 1k smaller, but 25% slower *///#define USE_SLOW_SHA#else#define NO_SHA#endif/* Sha256 */#undef NO_SHA256#if 1#if 1#define WOLFSSL_SHA224#endif#else#define NO_SHA256#endif/* Sha512 */#undef WOLFSSL_SHA512#if 1#define WOLFSSL_SHA512/* Sha384 */#undefWOLFSSL_SHA384#if 1#define WOLFSSL_SHA384#endif/* over twice as small, but 50% slower *///#define USE_SLOW_SHA2#endif/* MD5 */// #undefNO_MD5// #if 1///* enabled */// #else//#define NO_MD5// #endif/* ------------------------------------------------------------------------- *//* HW Crypto Acceleration *//* ------------------------------------------------------------------------- */// See settings.h STM32F4 section/* ------------------------------------------------------------------------- *//* Benchmark / Test *//* ------------------------------------------------------------------------- *//* Use reduced benchmark / test sizes *///#undefBENCH_EMBEDDED//#define BENCH_EMBEDDED//#undefUSE_CERT_BUFFERS_2048//#define USE_CERT_BUFFERS_2048//#undefUSE_CERT_BUFFERS_256//#define USE_CERT_BUFFERS_256/* ------------------------------------------------------------------------- *//* Debugging *//* ------------------------------------------------------------------------- */#undefWOLFSSL_DEBUG#define WOLFSSL_DEBUG#ifdef WOLFSSL_DEBUG/* Use this to measure / print heap usage */#if 0#undefUSE_WOLFSSL_MEMORY#define USE_WOLFSSL_MEMORY#undefWOLFSSL_TRACK_MEMORY#define WOLFSSL_TRACK_MEMORY#endif#else//#undefNO_WOLFSSL_MEMORY//#define NO_WOLFSSL_MEMORY#undefNO_ERROR_STRINGS//#define NO_ERROR_STRINGS#endif#ifdef DEBUG_WOLFSSL#undefWOLFSSL_DEBUG_ERRORS_ONLY#include "dbg_tools.h"#define WOLFSSL_USER_LOG(x)	do { DbgPrint(x); DbgPrint("\n"); } while(0);#endif/* ------------------------------------------------------------------------- *//* Port *//* ------------------------------------------------------------------------- *//* Override Current Time *//* Allows custom "custom_time()" function to be used for benchmark */#define WOLFSSL_USER_CURRTIME/* ------------------------------------------------------------------------- *//* RNG *//* ------------------------------------------------------------------------- *//* Size of returned HW RNG value */#define CUSTOM_RAND_TYPEunsigned int#define NO_OLD_RNGNAME/* Choose RNG method */#if 1/* Use built-in P-RNG (SHA256 based) with HW RNG *//* P-RNG + HW RNG (P-RNG is ~8K) */#undefHAVE_HASHDRBG#define HAVE_HASHDRBG#if 0extern unsigned int custom_rand_generate(void);#undefCUSTOM_RAND_GENERATE#define CUSTOM_RAND_GENERATEcustom_rand_generate#endif#else/* Bypass P-RNG and use only HW RNG */extern int custom_rand_generate_block(unsigned char* output, unsigned int sz);#undefCUSTOM_RAND_GENERATE_BLOCK#define CUSTOM_RAND_GENERATE_BLOCKcustom_rand_generate_block#endif/* ------------------------------------------------------------------------- *//* Enable Features *//* ------------------------------------------------------------------------- */#undefKEEP_PEER_CERT//#define KEEP_PEER_CERT#undefHAVE_COMP_KEY//#define HAVE_COMP_KEY#undefHAVE_TLS_EXTENSIONS#define HAVE_TLS_EXTENSIONS#undefHAVE_SUPPORTED_CURVES#define HAVE_SUPPORTED_CURVES#undefWOLFSSL_BASE64_ENCODE#define WOLFSSL_BASE64_ENCODE/* TLS Session Cache */#if 0#define SMALL_SESSION_CACHE#else#define NO_SESSION_CACHE#endif#undefUSER_TIME#define USER_TIME//需要在应用层定义自己的 time_t XTIME(time_t * timer) 函数，直接定义即可/* ------------------------------------------------------------------------- *//* Disable Features *//* ------------------------------------------------------------------------- *///#undefNO_WOLFSSL_SERVER#define NO_WOLFSSL_SERVER//#undefNO_WOLFSSL_CLIENT#define NO_WOLFSSL_CLIENT//#undefNO_CRYPT_TEST#define NO_CRYPT_TEST//#undefNO_CRYPT_BENCHMARK#define NO_CRYPT_BENCHMARK///* In-lining of misc.c functions *////* If defined, must include wolfcrypt/src/misc.c in build *////* Slower, but about 1k smaller *///#undefNO_INLINE#define NO_INLINE//#undefNO_FILESYSTEM//#define NO_FILESYSTEM//#undefNO_WRITEV//#define NO_WRITEV//#undefNO_MAIN_DRIVER//#define NO_MAIN_DRIVER#undefNO_DEV_RANDOM#define NO_DEV_RANDOM//#undefNO_DSA//#define NO_DSA//#undefNO_DH//#define NO_DH//#undefNO_DES3//#define NO_DES3//#undefNO_RC4//#define NO_RC4//#undefNO_OLD_TLS//#define NO_OLD_TLS//#undefNO_HC128//#define NO_HC128//#undefNO_RABBIT//#define NO_RABBIT//#undefNO_PSK//#define NO_PSK//#undefNO_MD4//#define NO_MD4//#undefNO_PWDBASED//#define NO_PWDBASED#ifdef __cplusplus}#endif#endif /* WOLFSSL_USER_SETTINGS_H */

/* wolfssl includes. */#include #include /*!* @brief 重写 wolfssl 的时间获取函数*执行条件：无** @retval: 返回时间戳*/time_t XTIME(time_t * timer){time_t timestamp = get_timestamp(); // 没有实现 SNTP 的话，先使用网上获取的最新时间的时间戳 ， 例如：1595836376return timestamp;}

5.2 开启打印 Log 信息
在 .h 中定义宏定义

//开启 wolfssl 的log输出#define DEBUG_WOLFSSL#ifdef DEBUG_WOLFSSL#undefWOLFSSL_DEBUG_ERRORS_ONLY#include "bsp_printlog.h"#define WOLFSSL_USER_LOG(x)	do { print_log(x); print_log("\n"); } while(0);//需要自己实现 print_log 函数#endif

在程序开始之前，加入函数接口
wolfSSL_Debugging_ON();