获得mbedtls源码
git clone -b mbedtls-2.7 https://github.com/ARMmbed/mbedtls.git
- 1
clone下来时这样
上面主要4个目录
- configs 是mbedtls参考的配置文件
- include 是源码头文件,mbedtls的默认配置头文件是config.h就在这里面
- library 是源码C文件,mbedtls的实现
- programs 是一些示例,可以参考里面的例子看怎么用mbedtls
建立实验工程编写makefile
建立实验工程目录如下
mbedtls目录就是clone下来的mbedtls源码,projects是一个个工程目录,si是用来保存各个工程source insight的文件。
每个project会使用这个makefile
PRJ_DIR :=$(PWD)
#sdk路径。。
SDK_DIR :=$(PRJ_DIR)/../..
#components
COMPONENTS_DIR :=$(SDK_DIR)/components
#libs
LIBS_DIR :=$(SDK_DIR)/libs
#可执行文件输出路径
OUT_DIR :=$(PRJ_DIR)/out
#工程名字
TARGET ?=
(
<
/
s
p
a
n
>
n
o
t
d
i
r
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
p
u
n
c
t
u
a
t
i
o
n
"
>
(</span>notdir <span class="token punctuation">
(</span>notdir<spanclass="tokenpunctuation">(PRJ_DIR))
CROSS_COMPILE ?=
CC := $(CROSS_COMPILE)gcc
( < / s p a n > s h e l l < s p a n c l a s s = " t o k e n k e y w o r d " > i f < / s p a n > < s p a n c l a s s = " t o k e n p u n c t u a t i o n " > [ < / s p a n > − f < s p a n c l a s s = " t o k e n p u n c t u a t i o n " > (</span>shell <span class="token keyword">if</span> <span class="token punctuation">[</span> -f <span class="token punctuation"> (</span>shell<spanclass="tokenkeyword">if</span><spanclass="tokenpunctuation">[</span>−f<spanclass="tokenpunctuation">(OUT_DIR) ];then echo “exist” ; else mkdir -p $(OUT_DIR); fi;)
#头文件路径
INCDIRS := $(COMPONENTS_DIR)/mbedtls/include
#源文件路径
SRCDIRS :=
(
<
/
s
p
a
n
>
C
O
M
P
O
N
E
N
T
S
D
I
R
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
)
<
/
s
p
a
n
>
<
/
s
p
a
n
>
/
m
b
e
d
t
l
s
/
l
i
b
r
a
r
y
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
(</span>COMPONENTS_DIR<span class="token variable">)</span></span>/mbedtls/library \ <span class="token variable"><span class="token variable">
(</span>COMPONENTSDIR<spanclass="tokenvariable">)</span></span>/mbedtls/library <spanclass="tokenvariable"><spanclass="tokenvariable">(PRJ_DIR)/src
ALL_INCLUDE := ( < / s p a n > p a t s u b s t (</span>patsubst %, -I %, <span class="token punctuation"> (</span>patsubst(INCDIRS))
ALL_CFILES := ( < / s p a n > f o r e a c h d i r , < s p a n c l a s s = " t o k e n p u n c t u a t i o n " > (</span>foreach dir, <span class="token punctuation"> (</span>foreachdir,<spanclass="tokenpunctuation">(SRCDIRS), ( < / s p a n > w i l d c a r d < s p a n c l a s s = " t o k e n p u n c t u a t i o n " > (</span>wildcard <span class="token punctuation"> (</span>wildcard<spanclass="tokenpunctuation">(dir)/*.c))
ALL_CFILENDIR := ( < / s p a n > n o t d i r < s p a n c l a s s = " t o k e n p u n c t u a t i o n " > (</span>notdir <span class="token punctuation"> (</span>notdir<spanclass="tokenpunctuation">(ALL_CFILES))
ALL_COBJS := ( < / s p a n > p a t s u b s t (</span>patsubst %, <span class="token punctuation"> (</span>patsubst(OUT_DIR)/%, $(ALL_CFILENDIR:.c=.o))
ALL_OBJS := $(ALL_COBJS)
VPATH := $(SRCDIRS)
#CFLAGS :=-I$(COMPONENTS_DIR)/mbedtls/configs -DMBEDTLS_CONFIG_FILE=‘<config-mini-tls1_1.h>’
(
<
/
s
p
a
n
>
T
A
R
G
E
T
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
)
<
/
s
p
a
n
>
<
/
s
p
a
n
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
k
e
y
w
o
r
d
"
>
:
<
/
s
p
a
n
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
(</span>TARGET<span class="token variable">)</span></span> <span class="token keyword">:</span> <span class="token variable"><span class="token variable">
(</span>TARGET<spanclass="tokenvariable">)</span></span><spanclass="tokenkeyword">:</span><spanclass="tokenvariable"><spanclass="tokenvariable">(ALL_OBJS)
(
<
/
s
p
a
n
>
C
C
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
)
<
/
s
p
a
n
>
<
/
s
p
a
n
>
−
o
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
(</span>CC<span class="token variable">)</span></span> -o <span class="token variable"><span class="token variable">
(</span>CC<spanclass="tokenvariable">)</span></span>−o<spanclass="tokenvariable"><spanclass="tokenvariable">(TARGET) $^
(
<
/
s
p
a
n
>
A
L
L
O
B
J
S
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
)
<
/
s
p
a
n
>
<
/
s
p
a
n
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
k
e
y
w
o
r
d
"
>
:
<
/
s
p
a
n
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
(</span>ALL_OBJS<span class="token variable">)</span></span> <span class="token keyword">:</span> <span class="token variable"><span class="token variable">
(</span>ALLOBJS<spanclass="tokenvariable">)</span></span><spanclass="tokenkeyword">:</span><spanclass="tokenvariable"><spanclass="tokenvariable">(OUT_DIR)/%.o : %.c
(
<
/
s
p
a
n
>
C
C
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
)
<
/
s
p
a
n
>
<
/
s
p
a
n
>
−
c
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
(</span>CC<span class="token variable">)</span></span> -c <span class="token variable"><span class="token variable">
(</span>CC<spanclass="tokenvariable">)</span></span>−c<spanclass="tokenvariable"><spanclass="tokenvariable">(ALL_INCLUDE)
(
<
/
s
p
a
n
>
C
F
L
A
G
S
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
)
<
/
s
p
a
n
>
<
/
s
p
a
n
>
−
o
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
(</span>CFLAGS<span class="token variable">)</span></span> -o <span class="token variable">
(</span>CFLAGS<spanclass="tokenvariable">)</span></span>−o<spanclass="tokenvariable">@ $<
.PHONY: clean
clean:
rm -rf
(
<
/
s
p
a
n
>
T
A
R
G
E
T
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
)
<
/
s
p
a
n
>
<
/
s
p
a
n
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
<
s
p
a
n
c
l
a
s
s
=
"
t
o
k
e
n
v
a
r
i
a
b
l
e
"
>
(</span>TARGET<span class="token variable">)</span></span> <span class="token variable"><span class="token variable">
(</span>TARGET<spanclass="tokenvariable">)</span></span><spanclass="tokenvariable"><spanclass="tokenvariable">(ALL_OBJS)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
base64例子
procect:base64
base64是把非ASCII码数据转化成ASCII的编码方法,经过base64后的数据长度会比原来长1/3且base64有填充算法,使编码结果总是4字节整数倍。
#include <stdio.h>
#include <string.h>
#include <stdint.h>
#include “mbedtls/base64.h”
#include “mbedtls/platform.h”
static uint8_t msg[] =
{
0x14, 0xfb, 0x9c, 0x03, 0xd9, 0x7e
};
void dump_buf(char info, uint8_t buf, uint32_t len)
{
mbedtls_printf(“%s”, info);
for(uint32_t i = 0; i < len; i++) {
mbedtls_printf(“%02x “, msg[i]);
}
mbedtls_printf(”\n”);
}
int main(void)
{
size_t len;
uint8_t rst[512];
len <span class="token operator">=</span> <span class="token keyword">sizeof</span><span class="token punctuation">(</span>msg<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">dump_buf</span><span class="token punctuation">(</span><span class="token string">"\n base64 message: "</span><span class="token punctuation">,</span> msg<span class="token punctuation">,</span> len<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">mbedtls_base64_encode</span><span class="token punctuation">(</span>rst<span class="token punctuation">,</span> <span class="token keyword">sizeof</span><span class="token punctuation">(</span>rst<span class="token punctuation">)</span><span class="token punctuation">,</span> <span class="token operator">&</span>len<span class="token punctuation">,</span> msg<span class="token punctuation">,</span> len<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">mbedtls_printf</span><span class="token punctuation">(</span><span class="token string">" base64 encode : %s len %d\n"</span><span class="token punctuation">,</span> rst<span class="token punctuation">,</span>len<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">mbedtls_base64_decode</span><span class="token punctuation">(</span>rst<span class="token punctuation">,</span> <span class="token keyword">sizeof</span><span class="token punctuation">(</span>rst<span class="token punctuation">)</span><span class="token punctuation">,</span> <span class="token operator">&</span>len<span class="token punctuation">,</span> rst<span class="token punctuation">,</span> len<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">dump_buf</span><span class="token punctuation">(</span><span class="token string">" base64 decode : "</span><span class="token punctuation">,</span> rst<span class="token punctuation">,</span> len<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">printf</span><span class="token punctuation">(</span><span class="token string">"\n"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">return</span> <span class="token number">0</span><span class="token punctuation">;</span>
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
运行结果:
遍历mbedtls安全套件
procect:ciphersuite-list
例如TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
密钥协商算法ECDHE
身份认证算法ECDSA
对称加密算法AES_256
消息认证算法GCM
伪随机数算法SHA384
下面代码可以遍历mbedtls安全套件
#include <stdio.h> #include "mbedtls/ssl.h" #include "mbedtls/platform.h" int main( void ) { int index = 1; const int *list; const char *name;
<span class="token function">mbedtls_printf</span><span class="token punctuation">(</span><span class="token string">"\n Available Ciphersuite:\n"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> list <span class="token operator">=</span> <span class="token function">mbedtls_ssl_list_ciphersuites</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token keyword">for</span><span class="token punctuation">(</span><span class="token punctuation">;</span> <span class="token operator">*</span>list<span class="token punctuation">;</span> list<span class="token operator">++</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> name <span class="token operator">=</span> <span class="token function">mbedtls_ssl_get_ciphersuite_name</span><span class="token punctuation">(</span><span class="token operator">*</span>list<span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token function">mbedtls_printf</span><span class="token punctuation">(</span><span class="token string">" [%03d] %s\n"</span><span class="token punctuation">,</span> index<span class="token operator">++</span><span class="token punctuation">,</span> name<span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token function">mbedtls_printf</span><span class="token punctuation">(</span><span class="token string">"\n"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token keyword">return</span> <span class="token number">0</span><span class="token punctuation">;</span>
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
运行结果显示默认(mbedtls-2.7)的config.h有120种安全套件
。。。省略
而添加宏定义-DMBEDTLS_CONFIG_FILE='<config-mini-tls1_1.h>'
使用config-mini-tls1_1.h则裁剪到5种
参考书《密码技术与物联网安全:mbedtls开发实战》