The “W5500 Ethernet Shield S” is a security enhanced version of the “W5500 Ethernet Shield” which has been redesigned to include SSL (Secure Sockets Layer) connectivity.
More information on the “W5500 Ethernet Shield” can be found here:
The “W5500 Ethernet Shield S” contains both the W5500 Hardwired TCP/IP chip for network connectivity and the MS1000 Secure MCU from eWBM for the security features required to make a secure connection. The MS1000’s strong security and high speed HW based crypto functions ensure that all data transferred between the server and a client is protected.
This “W5500 Ethernet Shield S” is Arduino pin-compatible.
Category | Description | Comment |
---|---|---|
Cipher Suit - Public Key Algorithm | RSA ECC | TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CCM_8 TLS_RSA_WITH_AES_256_CCM_8 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 |
Cipher Suit - Block/Stream Ciphers | AES CCM GCM CBC CTR ECB |
|
Cipher Suit - Hash Functions | SHA1 SHA256 |
|
Side of Connection | Client only | |
Client Authentication | APIs support | CA certificate load, Certificate/Private Key load |
Class | Description |
---|---|
Ethernet Class | Wiz Ethernet library which provides internet connectivity for Arduino boards. For more information on the WIZ Ethernet Library go to: https://github.com/Wiznet/WIZ_Ethernet_Library For the API Guide go to: https://www.arduino.cc/en/Reference/Ethernet |
SSL Class | eWBM SSL class which provides SSL connectivity for Arduino boards. |
The SSL Class performs the following functions:
Notes: eWBM SSL Class only provides SSL Client operation. SSL Server capability is not supported.
Open() | |
---|---|
Description | Open of SSL Socket |
Syntax | SSLClient.Open() |
Parameters | None |
Returns | If successful the call will return SSL_SUCCESS |
Close() | |
---|---|
Description | Close of SSL Socket |
Syntax | SSLClient.Close() |
Parameters | None |
Returns | If successful the call will return SSL_SUCCESS |
Connect() | |
---|---|
Description | This function is called on the client side and initiates an SSL/TLS handshake with a server |
Syntax | SSLClient.Connect(ip, port) SSLClient.Connect(hostname, port) |
Parameters | Ip: connecting to domain ip address hostname: connecting to hostname (ex: www.google.com) port: SSL port |
Returns | If successful the call will return SSL_SUCCESS |
WriteData() | |
---|---|
Description | This function writes sz bytes from the buffer, data, to the SSL connection, ssl |
Syntax | SSLClient.WriteData() |
Parameters | buf: data buffer which will be sent to peer size: size, in bytes, of data to send to the peer IsPMEM: the generating data to the Flash (Program) instead of SRAM memory |
Returns | If successful the call will return SSL_SUCCESS |
ReadData() | |
---|---|
Description | This function reads sz bytes from the SSL session (ssl) internal read buffer into the buffer data. The bytes read are removed from the internal receive buffer. |
Syntax | SSLClient.ReadData() |
Parameters | buf: data buffer which will be read to peer size: number of bytes to read into data. readsz: getting read size |
Returns | If successful the call will return SSL_SUCCESS |
SetPeerVerify() | |
---|---|
Description | This function sets the verification method for remote peers and also allows a verify callback to be registered with the SSL session. The verify callback will be called only when a verification failure has occurred. If no verify callback is desired, the NULL pointer can be used for verify_callback |
Syntax | SSLClient.SetPeerVerify() |
Parameters | verify: enable verify |
Returns | If successful the call will return SSL_SUCCESS |
SetRootCA() | |
---|---|
Description | This function sets a CA certificate buffer into the SSL. It behaves like the non buffered version, only differing in its ability to be called with a buffer as input instead of a file. |
Syntax | SSLClient.SetRootCA() |
Parameters | buf: the CA certificate buffer len: size of the input CA certificate buffer IsPMEM: the generating data to the Flash (Program) instead of SRAM memory |
Returns | If successful the call will return SSL_SUCCESS |
GetVersion() | |
---|---|
Description | This function gets the SSL/TLS protocol version for the specified SSL session using the version as specified by version. |
Syntax | SSLClient.GetVersion() |
Parameters | buf: the version information buffer len: length of buf |
Returns | If successful the call will return SSL_SUCCESS |
GetCipherName() | |
---|---|
Description | Retrieves the peer’s certificate cipher name |
Syntax | SSLClient.GetCipherName() |
Parameters | buf: the cipher name buffer len: length of buf |
Returns | If successful the call will return SSL_SUCCESS |
GetX509IssuerName() | |
---|---|
Description | Retrieves the peer’s certificate issuer name |
Syntax | SSLClient.GetX509IssuerName |
Parameters | buf: the issuer name buffer len: length of buf |
Returns | If successful the call will return SSL_SUCCESS |
GetX509SubjectName() | |
---|---|
Description | Retrieves the peer’s certificate subject name |
Syntax | SSLClient.GetX509SubjectName |
Parameters | buf: the subject name buffer len: length of buf |
Returns | If successful the call will return. SSL_SUCCESS |
GetX509NextAltName() | |
---|---|
Description | Retrieves the peer’s certificate next altname |
Syntax | SSLClient.GetX509NextAltName |
Parameters | buf: the next altname buffer len: length of buf |
Returns | If successful the call will return SSL_SUCCESS |
GetX509SerialNum() | |
---|---|
Description | Retrieves the peer’s certificate serial number |
Syntax | SSLClient.GetX509SerialNum() |
Parameters | buf: the serial number buffer len: length of buf OutNumSz: getting a length of serial number |
Returns | If successful the call will return SSL_SUCCESS |
SetDate() | |
---|---|
Description | This function sets a date |
Syntax | SSLClient.SetDate() |
Parameters | buf: the date buffer len: length of buf |
Returns | None |
SetTime() | |
---|---|
Description | This function sets a time |
Syntax | SSLClient.SetTime() |
Parameters | buf: the time buffer len: length of buf |
Returns | None |
Download and install the Arduino Software (IDE) following the instructions on the Arduino website:
Step 1: Download the W5500 Ethernet Shield S library (EthernetSSL.zip) from:
Step 2: Import the “EthernetSSL” library using the .ZIP file by following the instructions on the Arduino website:
> Please refer to “Importing a .zip Library” section.
Step 3: Select the “EthernetSSL” under the “Sketch” tab:
“Include Library → EthernetSSL”
Step 4: After Step 3, “EthernetSSL” header files are inserted in the source code automatically by the Arduino IDE.
#include <Dhcp.h>
#include <Dns.h>
#include <Ethernet.h>
#include <EthernetClient.h>
#include <EthernetServer.h>
#include <EthernetUdp.h>
#include <SSL.h>
#include <Twitter.h>
#include <util.h>
Step 5: EthernetSSL library is now ready to be used within the Arduino IDE. The zip file will have been expanded in the libraries folder in the Arduino sketches directory.
(Default: C:\Users\<User Name>\Documents\Arduino\libraries\EthernetSSL)
Step 1: Open the Arduino IDE
Step 2: Select the SSL Gmail Test under the “File” tab:
“Example → Ethernet → SSLGmailTest”
Step 3: Select the board type and connected COM port under the “Tools” tab:
“board → Arduino Uno”
“port → COMx”
Step 4: Click “Verify” to check for code errors.
Step 5: Click “Upload” to load the example into the Arduino board
Step 6: Start the “Serial Monitor” when “Upload” is complete.
Step 7: Review the results of the SSL Gmail Test.
Description: 1) Initializes DHCP and the Network Configuration (Allocates an IP address) 2) Enter the date and time. 3) Receives the Gmail IP address via DNS SERVER 4) Connects to the Gmail server 5) Receives peer information (issuer/subject/altname/serial number) 6) Sends data to the SSL connection. 7) Receives data from the server (SSL Version/Cipher Suite/Content type/Content -Length)
32 bit Microcontroller with Embedded Security Engine for loT Complete Root of Trust, Dedicated Crypto Engine & Certification Authority
The Ms1000 is ARM8 Cortex-M3TM based microcontroller with security engine for embedded applications featuring a high level of integration and low-power consumption. The MS1000 operates at CPU frequencies to 100 MHz. The ARM Cortex-M3 CPU a built-in Wakeup Intemupt Controller (WIC and Nested Vectored Interrupt Controller (NVIO with an integrated Tick The Ms1000 features a security engine called tRoot suite. The tRoot suite of SPAcc, TRNG. It protects the device and its data at boot time, run time and during the communication with other devices or with the cloud. The peripheral complement of the Ms1000 includes up to 192 KB of internal sRAM, 8 KB One-Time Program mable bootloader, key storage, External Memory Interface, 4 SPI interface controllers, 2 DMA controllers, 2 Advanced Timers supporting PWM, 2 General Purpose Timer, a Real-Time Clock (RTO domain consisting of the RTC and a back-up SRAM, Windowed Watchdog Timer, eMMC interface, 4 UARTs, 4 12C, and up to 80 fast general purpose With its low-power, high performance, diverse connectivity options, and security features, the MS1000 is ideal for lor applications such as Smart home applications, Smart metering, Tele-monitoring, and Remote Healthcare