RIOT icon indicating copy to clipboard operation
RIOT copied to clipboard
verified publisher icon RIOT-OS

pkg/mbedtls: add TLS support for LWIP

Open mariemC opened this issue 3 years ago • 2 comments

Contribution description

  • The client node connects to openssl server and sends an encrypted message after a handshake and key exchange.
  • mbedtls package is added.
  • lwip package is also modified.

Testing procedure

  • Board used for the test: same5-xpro.
  • A wifi shield is used to connect the board to wifi.

Issues/PRs references

-Depends on PR #15671

mariemC avatar Jan 14 '22 12:01 mariemC

Please rebase. While you are at it, please also prefix the commit messages with the relevant subsystem, so pkg/mbedtls: and pkg/lwip:

benpicco avatar Jan 18 '22 07:01 benpicco

It should not be necessary to copy the mbedtls header files into pkg/mbedtls/include/

PeterKietzmann avatar Jan 19 '22 12:01 PeterKietzmann

@mariemC thanks for cleaning up the configuration files. The implementation and its representation in menuconfig look good at first sight. I do, unfortunately, not have time for a full review + testing. Anyway, some thoughts on the rest of the PR:

  • Extend the test README so one knows what to execute (shell commands?), what to expect, and maybe give some context which certificates are included in the folder and how they are incorporated.
  • The name of the test folder is suboptimal. Usually, we prefix folders that relate to a package with pkg_. Now pkg_mbedtls exists already. Maybe something like pkg_mbedtls_lwip? In general I was wondering if we should execute some more of the built in mbedtls tests in RIOT. Possible to extract some of the tests that you include there?
  • Most of the Kconfig symbols that you include are enabled by default. I think they shouldn't, but the particular test case should enable the relevant ones.

PeterKietzmann avatar Sep 27 '22 16:09 PeterKietzmann