TLS V1.3

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

TLS V1.3

SimonW
Does anyone have experience delivering TLS V1.3 with LwIP? I understand that
the current Mbed library only has V1.2. OpenSSL has V1.3. Can anyone point
me to any material about integrating OpenSSL into LwIP?




--
Sent from: http://lwip.100.n7.nabble.com/lwip-users-f3.html

_______________________________________________
lwip-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-users
Reply | Threaded
Open this post in threaded view
|

Re: TLS V1.3

kbreining
Hello Simon,

I started my TLS implementations on LwIP with matrixSSL. At that time I
was either using an older LwIP version or I just oversaw the ALTCP
layer, so I implemented this completely from scratch. In the meantime I
am using mbedTLS (in this case of course TLS 1.2) as I was running into
some issues with dropped connections. But with mbedTLS I face exactly
the same issue. I guess my CPU (Tiva TM4C129) is too slow.

Nevertheless: comparing the two solutions, matrixSSL is working with TLS
1.3 and I have the feeling that the memory management is more
intelligent. With mbedTLS I had to restrict the number of TCP_PCBs to 4
each connection needs a buffer of 16k. With matrixSSL I run 10 TCP_PCBs
without this restriction as they allocate the large buffers only for a
very restricted time, so I never ran into that issue.

Regards
Klaus

Am 17.04.2020 um 15:02 schrieb SimonW:

> Does anyone have experience delivering TLS V1.3 with LwIP? I understand that
> the current Mbed library only has V1.2. OpenSSL has V1.3. Can anyone point
> me to any material about integrating OpenSSL into LwIP?
>
>
>
>
> --
> Sent from: http://lwip.100.n7.nabble.com/lwip-users-f3.html
>
> _______________________________________________
> lwip-users mailing list
> [hidden email]
> https://lists.nongnu.org/mailman/listinfo/lwip-users



_______________________________________________
lwip-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-users