diff options
author | Sergio Rodriguez <sergio.sf.rodriguez@intel.com> | 2016-07-28 21:31:53 -0700 |
---|---|---|
committer | Andrew Boie <andrew.p.boie@intel.com> | 2016-07-31 17:00:45 +0000 |
commit | 259c24397def2443bde55f9d9a9c8062f2290a38 (patch) | |
tree | 00ab17d43c7c49bccfccf197b89b71cf58b3aa4a /ext | |
parent | 2f4975b625278c7436d8d830057890151f06a730 (diff) |
samples/net : Adding mbedTLS sample client
This is a client that uses shared keys to execute a TLS handshake and read
info from the server, information on how to run the test is in the README
file.
Jira: ZEP-327
Jira: ZEP-340
Jira: ZEP-495
Origin: https://tls.mbed.org/download/start/mbedtls-2.3.0-apache.tgz
Change-Id: I10f31f3635f346936807b7c8470b3d6ffb3af283
Signed-off-by: Sergio Rodriguez <sergio.sf.rodriguez@intel.com>
Diffstat (limited to 'ext')
-rw-r--r-- | ext/lib/crypto/mbedtls/configs/config-ccm-psk-tls1_2.h | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/ext/lib/crypto/mbedtls/configs/config-ccm-psk-tls1_2.h b/ext/lib/crypto/mbedtls/configs/config-ccm-psk-tls1_2.h new file mode 100644 index 000000000..7ea985a8b --- /dev/null +++ b/ext/lib/crypto/mbedtls/configs/config-ccm-psk-tls1_2.h @@ -0,0 +1,98 @@ +/* + * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + * Distinguishing features: + * - no bignum, no PK, no X509 + * - fully modern and secure (provided the pre-shared keys have high entropy) + * - very low record overhead with CCM-8 + * - optimized for low RAM usage + * + * See README.txt for usage instructions. + */ +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +/* System support */ +#define MBEDTLS_HAVE_ASM +#define MBEDTLS_PLATFORM_C +#define MBEDTLS_PLATFORM_MEMORY +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +#define MBEDTLS_PLATFORM_EXIT_ALT +#define MBEDTLS_NO_PLATFORM_ENTROPY +#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES +#define MBEDTLS_PLATFORM_PRINTF_ALT +#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO int + +#if defined(CONFIG_MBEDTLS_TEST) +#define MBEDTLS_SELF_TEST +#define MBEDTLS_DEBUG_C +#else +#define MBEDTLS_ENTROPY_C +#endif + +/* mbed TLS feature support */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/* mbed TLS modules */ +#define MBEDTLS_AES_C +#define MBEDTLS_CCM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_MD_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C + +/* Save RAM at the expense of ROM */ +#define MBEDTLS_AES_ROM_TABLES + +/* Save some RAM by adjusting to your exact needs */ +#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */ + +/* + * You should adjust this to the exact number of sources you're using: default + * is the "platform_entropy_poll" source, but you may want to add other ones + * Minimum is 2 for the entropy test suite. + */ +#define MBEDTLS_ENTROPY_MAX_SOURCES 2 + +/* + * Use only CCM_8 ciphersuites, and + * save ROM and a few bytes of RAM by specifying our own ciphersuite list + */ +#define MBEDTLS_SSL_CIPHERSUITES \ + MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ + MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 + +/* + * Save RAM at the expense of interoperability: do this only if you control + * both ends of the connection! (See comments in "mbedtls/ssl.h".) + * The optimal size here depends on the typical size of records. + */ +#define MBEDTLS_SSL_MAX_CONTENT_LEN 512 + +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ |