Some basic SSL Questions, which I am having trouble with...
1. What is the difference between OpenSSL vs mbedTLS, as used in the ESP-IDF sdk? It looks like mbedTLS has additional crypto libraries as well.
2. Why do both libraries need to be included in the SDK? Sometimes I see examples using OpenSSL, while other times mbedTLS is used. When should I used one vs the other?
3. looks like mbedTLS is standard in embedded, and also seems to have more options than OpenSSL.. so why do we need OpenSSL?
Thanks
OpenSSL vs mBedTLS
Re: OpenSSL vs mBedTLS
Thanks WiFive. It looks like "esp-idf/components/openssl/platform/" wraps mbedtls to make it look like openssl.
Seems its easier to use the openssl API, but it gives less control and is less efficient than directly using mbedtls.
Seems its easier to use the openssl API, but it gives less control and is less efficient than directly using mbedtls.
Re: OpenSSL vs mBedTLS
This is 100% correct. The OpenSSL wrapper exists to allow some OpenSSL-based code to be directly ported to ESP-IDF. However for all other purposes it's better to use mbedTLS directly.hassan789 wrote: Seems its easier to use the openssl API, but it gives less control and is less efficient than directly using mbedtls.
Re: OpenSSL vs mBedTLS
nice answer from ESP_Angus - but why there is no https_mbedtls server example? If mbedtls is the library to prefer I would expect that there are more and better examples...
"Whoever believes to be someone has stopped becoming someone"
Sokrates
Sokrates
Re: OpenSSL vs mBedTLS
Its been my experience that the rich and detailed documentation supplied by ARM for mbedtls has been great. Here are a slew of example programs that I have used for reference when working with mbedtls.
https://github.com/ARMmbed/mbedtls/tree ... t/programs
I have the suspicion that mbedtls in ESP-IDF is a faithful port/hosting of general mbedtls and hence the thinking is that since mbedtls is exists outside of ESP32, all knowledge relating to using mbedtls in the wild would be applicable to ESP32.
https://github.com/ARMmbed/mbedtls/tree ... t/programs
I have the suspicion that mbedtls in ESP-IDF is a faithful port/hosting of general mbedtls and hence the thinking is that since mbedtls is exists outside of ESP32, all knowledge relating to using mbedtls in the wild would be applicable to ESP32.
Free book on ESP32 available here: https://leanpub.com/kolban-ESP32
Who is online
Users browsing this forum: No registered users and 113 guests