Topic: STM32 use without RTOS


I've got an existing project on an STM32H7 chip that uses LwIP (with no OS) to communicate over Ethernet (making a UDP socket connection with a host & exchanging data over it).  I'd like to add WolfSSL to the mix now, so I:

1. downloaded the 4.8.0 package for STM32CubeMX (6.3.0),
2. installed it,
3. selected all three software packs in my .ioc,
4. checked the box to enable "wolfSSL wolfSSL", then made a handful of selections under Parameter Settings, then
5. Generated code and built. 

No errors and no warnings!  But also it looks like all that Cube did was generate a header file (wolfSSL.I-CUBE-wolfSSL_conf.h) and then copy it and a bunch of other source files to the project.

There are 10 examples that come with the Cube pack, but nine of them involve FreeRTOS (which I'm not using) and the other (for the F207) looks a lot like what I've got, where there doesn't appear to be any actual implementation of SSL/crypto in the project.

So I'm trying to figure out how to get started; I apologize in advance if these are basic questions!  [I also apologize for a bunch of mangled URLs but the forum is limiting me to three, and is very clever about recognizing them.]

Looking through the forum here, I see … lfssl.html where the person mentions that Cube created MX_wolfSSL_Init() and MX_wolfSSL_Process() functions in main.c; I did not get those functions but poking around the Middlewares/Third_Party/wolfSSL_wolfSSL_wolfSSL/wolfssl directory I do see the 'wolfSSL_Init()' and 'wolfSSL_Cleanup()' functions mentioned later in that thread, so that's a starting point.  There's also a wolfssl_example.c file that looks helpful.

I looked at [the wolfssl web site]/docs/stm32/, which is referenced in a few other threads, but don't see much that would help in the absence of FreeRTOS (unless I missed something?)

I also saw … e-ide.html which ends with some helpful hints on generating callback functions, with a github link ([github]/wolfSSL/wolfssl-examples/blob/master/tls/client-tls-callback.c) that looks possibly helpful.

There's also a link to an apparently out-of-date pull request at [github]/wolfSSL/wolfssl/pull/599 but I haven't gone through it yet to see how it might merge with what I'm already doing. 

I also found … no-os.html which links to [github]/wolfSSL/wolfssl/tree/master/IDE/MDK-ARM ... I'm not using KEIL but maybe the code will be helpful (still going through it).

So after all of that, my question(s):

1. Is there a complete example, using any IDE, of a Cube-generated STM32 implementation of WolfSSL that doesn't use FreeRTOS?

2. Barring that, is the basic process going to be:
  a. Customize the wolfSSL.I-CUBE-wolfSSL_conf.h file and include it in main.c
  b. set up CA files & other basic init tasks
  c. Call wolfSSL_Init() after the hardware and LwIP initialization is complete (after the UDP socket is connected?)
  d. Somehow get in between lwip and my program, e.g. at the LwIP RX callback and where I call udp_send, and do something akin to the my_IORecv() and my_IOSend() functions at [github]/wolfSSL/wolfssl-examples/blob/master/tls/client-tls-callback.c?

Am I on the right track here?



Re: STM32 use without RTOS

Hi Elliot,

Please see this link: … /STM32Cube

The built-in example in IDE/STM32Cube/wolfssl-examples.c allows running the wolfCrypt test/benchmark and also an in-memory TLS cipher suite test (requires RTOS, with lots of heap and stack).

The wolfSSL cube pack pulls in the wolfSSL/wolfCrypt files and generates a configuration file `wolfSSL.I-CUBE-wolfSSL_conf.h`. This is included automatically with wolfssl/wolfcrypt/settings.h.

If you wanted to pull in your own TLS example from … master/tls just make sure it includes "wolfssl/wolfcrypt/settings.h" instead of wolfssl/options.h.

To use LWIP socket interface add the build option WOLFSSL_LWIP. Or setup your own IO callbacks using WOLFSSL_USER_IO and setting them with `wolfSSL_SetIORecv` or `wolfSSL_SetIOSend` like in the … callback.c example.

If you need to customize the generated configuration the easiest option is to rename "wolfSSL.I-CUBE-wolfSSL_conf.h" to "user_settings.h" and add build option WOLFSSL_USER_SETTINGS to your CFLAGS pre-processor macros.

David Garske, wolfSSL


Re: STM32 use without RTOS

Hi Elliot,

To be clear, wolfSSL does not require an RTOS. In the generated configuration if no RTOS is selected it will define SINGLE_THREADED. It is only our TLS in-memory example since it starts multiple threads, although even that could be written non-blocking and used in bare-metal with shared memory.

Let us know if you have any questions. It would be great to hear more about your project so we can best support you.

David Garske, wolfSSL


Re: STM32 use without RTOS

Hi David,

Thanks for the quick response!  I'll try with WOLFSSL_LWIP out and see how it goes.