Stack Overflow
Stack Overflow

Questions tagged [mbedtls]

mbed TLS (formerly known as PolarSSL) makes it easier for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products, facilitating this functionality with a minimal coding footprint.

mbed TLS (formerly known as PolarSSL) makes it easier for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products, with a minimal coding footprint.

160 questions
6
votes
1 answer

wolfSSL vs. MBEDTLS vs. OpenSSL - What is the difference?

I am researching different SSL/TLS library for embedded devices. I would like to know what people think the pros and cons for each of these libraries would be, and if there are specific use cases for any of these libraries.
Kajal S
  • 69
  • 1
  • 3
6
votes
0 answers

Use mbedTLS as SSL library in QT

By default QT looks for OpenSSL header during compilation to enable support for encryption/SSL in code. Due to several reasons, I want to use mbedTLS in my code instead and would like QT to use that as encryption library as well. Has anyone been…
tunafish24
  • 2,288
  • 6
  • 28
  • 47
6
votes
2 answers

How can you extract individual OIDs from a certificate with mbedtls?

I have a x509 certificate loaded into mbedtls and I can get the entire subject field via: mbedtls_x509_dn_gets(p, n, cert.subject); It is possible to string tokenize the output to extract the particular fields but this seems error prone. Is there…
Chris Morgan
  • 1,277
  • 1
  • 13
  • 33
4
votes
1 answer

How to check the certificate is a CA or User certificate using mbedTLS library or openssl

I have a certificate received from client. In my server application I need to check if the received certificate is a CA or User certificate. I am currently using mbedTLS library for implementing security. There is an example already to check this…
jayx
  • 103
  • 9
4
votes
1 answer

Verify server certificate using open_ssl and curl

I have an embedded device (running mbedTLS) which can contain only a very limited number of server certificates and I want to verify the PEM file I'm putting on the device with curl. I'm using icanhazip.com (IPv6) to verify. To create the PEM file I…
thomas.fogh
  • 369
  • 1
  • 4
  • 17
4
votes
1 answer

mbedtls: error on mbedtls_ctr_drbg_seed

I'm using mbedtls to run SSL server. The function mbedtls_ctr_drbg_seed returned -34. My code is below: const char *pers = "ssl_server2"; mbedtls_havege_state hs; mbedtls_ssl_session ssn; mbedtls_entropy_context entropy; …
imen bhiri
  • 395
  • 1
  • 6
  • 19
4
votes
1 answer

Specifying Arduino WiFiClientSecure Certificates

In what format are you supposed to supply the certificates (and keys) in the WifiClientSecure module? NO examples exist, or documentation of it's usage. I am following the Arduino (ESP32) WiFiClientSecure example code - and trying to connect while…
Brad
  • 11,262
  • 8
  • 55
  • 74
3
votes
2 answers

mbedtls: How to transfer and load public key as raw bytes

I want to use a public/private key pair (ECDSA using secp256r1 curve) to sign commands sent to an embedded device via BLE, and verify them on the device. This means sending the public key to the embedded device (during registration) and storing the…
Jeremy
  • 1,083
  • 3
  • 13
  • 25
3
votes
2 answers

MbedTLS and .NET BouncyCastle interoperability issue with Curve25519

EDIT: Code changed to provide a simpler test case I'm creating a simple client/server application that uses Curve25519 for key exchange. The client is implemented in C with mbedtls and the server is implemented in .NET with…
sauza
  • 33
  • 4
3
votes
1 answer

Hash a file with SHA on a memory-constrained system using mbedlts

I want to calculate the SHA256 value of a file, which has a size of more than 1M. In order to get this hash value with the mbedtls library, I need to copy the whole file to the memory. But my memory size is only 100K. So I want to know if there is…
Jade
  • 289
  • 4
  • 16
3
votes
1 answer

How to parse public key with N= and E= in golang?

I have a mbedtls-generated RSA public key, created on an embedded device that I need to parse in Golang. My key is not in pem format, only contains the modulus and exponent and looks like this: N =…
Ali Afshar
  • 40,967
  • 12
  • 95
  • 109
3
votes
1 answer

What's the difference between mbedtls release? Mbed TLS 2.xx.x and 2.x.xx

In mbed.org website updates: https://tls.mbed.org/tech-updates/releases We can see : What's the difference btw this two release version? (e.g. why have this two branches release?) How to decide which realse should be used?
yunzhi
  • 31
  • 2
3
votes
2 answers

How can I verify with mbedtls, that a cert validates a key?

Mbedtls can validate an x509 cert with its mbedtls_x509_crt_verify(...) function (link). However, what I have: A public/private key pair (saved in an mbedtls_pk_context). A certificate I've got from a different source (thus, there is no guarantee…
peterh
  • 11,875
  • 18
  • 85
  • 108
3
votes
1 answer

mbedTLS ECC Operations

I've already searched for my question in the documentation of mbedtls but there was no explicit answer. Is there any way to generate public and private ECC keys with mbedTLS? I've already got sha256 properly working, with the help of a tutorial, but…
Habebit
  • 957
  • 6
  • 23
2
votes
2 answers

ECDSA signature generated with mbedtls not verifiable in JOSE (while code worked with RSA key)

I have a small application running on an ESP32 dev board (I use the Arduino IDE together with the shipped mbedtls) that issues and verifies JWT tokens. I have at first used RSA signatures successfully, but now wanted to go for shorter signatures and…
mkuhlmann
  • 23
  • 5
1
2 3
10 11