Add initial mbedTLS and HTTPS example project (using howsmyssl.com JSON API)
mbedTLS version 2.1.0 (current stable) Has some known issues/hacks: * Entropy source not hooked in at all * Linker script has a messy hack in it to store some (not all) data in irom
This commit is contained in:
parent
68012041a7
commit
9f5dedd1a8
10 changed files with 3455 additions and 58 deletions
examples/http_get_mbedtls/include/mbedtls
27
examples/http_get_mbedtls/include/mbedtls/config.h
Normal file
27
examples/http_get_mbedtls/include/mbedtls/config.h
Normal file
|
@ -0,0 +1,27 @@
|
|||
/* Special mbedTLS config file for http_get_mbedtls example,
|
||||
overrides supported cipher suite list.
|
||||
|
||||
Overriding the set of cipher suites saves small amounts of ROM and
|
||||
RAM, and is a good practice in general if you know what server(s)
|
||||
you want to connect to.
|
||||
|
||||
However it's extra important here because the howsmyssl API sends
|
||||
back the list of ciphers we send it as a JSON list in the, and we
|
||||
only have a 4096kB receive buffer. If the server supported maximum
|
||||
fragment length option then we wouldn't have this problem either,
|
||||
but we do so this is a good workaround.
|
||||
|
||||
The ciphers chosen below are common ECDHE ciphers, the same ones
|
||||
Firefox uses when connecting to a TLSv1.2 server.
|
||||
*/
|
||||
#ifndef MBEDTLS_CONFIG_H
|
||||
|
||||
/* include_next picks up default config from extras/mbedtls/include/mbedtls/config.h */
|
||||
#include_next<mbedtls/config.h>
|
||||
|
||||
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
|
||||
/* uncomment next line to include debug output from example */
|
||||
//#define MBEDTLS_DEBUG_C
|
||||
|
||||
#endif
|
Loading…
Add table
Add a link
Reference in a new issue