diff --git a/pico_w/wifi/mbedtls_config_examples_common.h b/pico_w/wifi/mbedtls_config_examples_common.h new file mode 100644 index 000000000..11b33fed6 --- /dev/null +++ b/pico_w/wifi/mbedtls_config_examples_common.h @@ -0,0 +1,71 @@ +#ifndef MBEDTLS_CONFIG_EXAMPLES_COMMON_H +#define MBEDTLS_CONFIG_EXAMPLES_COMMON_H + +/* Workaround for some mbedtls source files using INT_MAX without including limits.h */ +#include + +#define MBEDTLS_NO_PLATFORM_ENTROPY +#define MBEDTLS_ENTROPY_HARDWARE_ALT + +#define MBEDTLS_SSL_OUT_CONTENT_LEN 2048 + +#define MBEDTLS_ALLOW_PRIVATE_ACCESS +#define MBEDTLS_HAVE_TIME + +#define MBEDTLS_CIPHER_MODE_CBC +#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define MBEDTLS_ECP_DP_SECP521R1_ENABLED +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define MBEDTLS_ECP_DP_BP256R1_ENABLED +#define MBEDTLS_ECP_DP_BP384R1_ENABLED +#define MBEDTLS_ECP_DP_BP512R1_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#define MBEDTLS_PKCS1_V15 +#define MBEDTLS_SHA256_SMALLER +#define MBEDTLS_SSL_SERVER_NAME_INDICATION +#define MBEDTLS_AES_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_ERROR_C +#define MBEDTLS_MD_C +#define MBEDTLS_MD5_C +#define MBEDTLS_OID_C +#define MBEDTLS_PKCS5_C +#define MBEDTLS_PK_C +#define MBEDTLS_PK_PARSE_C +#define MBEDTLS_PLATFORM_C +#define MBEDTLS_RSA_C +#define MBEDTLS_SHA1_C +#define MBEDTLS_SHA224_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SHA512_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C +#define MBEDTLS_X509_CRT_PARSE_C +#define MBEDTLS_X509_USE_C +#define MBEDTLS_AES_FEWER_TABLES + +/* TLS 1.2 */ +#define MBEDTLS_SSL_PROTO_TLS1_2 +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#define MBEDTLS_GCM_C +#define MBEDTLS_ECDH_C +#define MBEDTLS_ECP_C +#define MBEDTLS_ECDSA_C +#define MBEDTLS_ASN1_WRITE_C + +// The following is needed to parse a certificate +#define MBEDTLS_PEM_PARSE_C +#define MBEDTLS_BASE64_C + +#endif \ No newline at end of file diff --git a/pico_w/wifi/tls_client/CMakeLists.txt b/pico_w/wifi/tls_client/CMakeLists.txt index 166a98644..fdbe6c056 100644 --- a/pico_w/wifi/tls_client/CMakeLists.txt +++ b/pico_w/wifi/tls_client/CMakeLists.txt @@ -8,7 +8,7 @@ target_compile_definitions(picow_tls_client_background PRIVATE ) target_include_directories(picow_tls_client_background PRIVATE ${CMAKE_CURRENT_LIST_DIR} - ${CMAKE_CURRENT_LIST_DIR}/.. # for our common lwipopts + ${CMAKE_CURRENT_LIST_DIR}/.. # for our common lwipopts and mbedtls_config.h ) target_link_libraries(picow_tls_client_background pico_cyw43_arch_lwip_threadsafe_background @@ -28,7 +28,7 @@ target_compile_definitions(picow_tls_client_poll PRIVATE ) target_include_directories(picow_tls_client_poll PRIVATE ${CMAKE_CURRENT_LIST_DIR} - ${CMAKE_CURRENT_LIST_DIR}/.. # for our common lwipopts + ${CMAKE_CURRENT_LIST_DIR}/.. # for our common lwipopts and mbedtls_config.h ) target_link_libraries(picow_tls_client_poll pico_cyw43_arch_lwip_poll @@ -52,7 +52,7 @@ target_compile_definitions(picow_tls_verify_background PRIVATE ) target_include_directories(picow_tls_verify_background PRIVATE ${CMAKE_CURRENT_LIST_DIR} - ${CMAKE_CURRENT_LIST_DIR}/.. # for our common lwipopts + ${CMAKE_CURRENT_LIST_DIR}/.. # for our common lwipopts and mbedtls_config.h ) target_link_libraries(picow_tls_verify_background pico_cyw43_arch_lwip_threadsafe_background diff --git a/pico_w/wifi/tls_client/mbedtls_config.h b/pico_w/wifi/tls_client/mbedtls_config.h index 0ceab1aad..f182c5661 100644 --- a/pico_w/wifi/tls_client/mbedtls_config.h +++ b/pico_w/wifi/tls_client/mbedtls_config.h @@ -1,66 +1,6 @@ -/* Workaround for some mbedtls source files using INT_MAX without including limits.h */ -#include +#ifndef MBEDTLS_CONFIG_TLS_CLIENT_H +#define MBEDTLS_CONFIG_TLS_CLIENT_H -#define MBEDTLS_NO_PLATFORM_ENTROPY -#define MBEDTLS_ENTROPY_HARDWARE_ALT +#include "mbedtls_config_examples_common.h" -#define MBEDTLS_SSL_OUT_CONTENT_LEN 2048 - -#define MBEDTLS_ALLOW_PRIVATE_ACCESS -#define MBEDTLS_HAVE_TIME - -#define MBEDTLS_CIPHER_MODE_CBC -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -#define MBEDTLS_PKCS1_V15 -#define MBEDTLS_SHA256_SMALLER -#define MBEDTLS_SSL_SERVER_NAME_INDICATION -#define MBEDTLS_AES_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_CIPHER_C -#define MBEDTLS_CTR_DRBG_C -#define MBEDTLS_ENTROPY_C -#define MBEDTLS_ERROR_C -#define MBEDTLS_MD_C -#define MBEDTLS_MD5_C -#define MBEDTLS_OID_C -#define MBEDTLS_PKCS5_C -#define MBEDTLS_PK_C -#define MBEDTLS_PK_PARSE_C -#define MBEDTLS_PLATFORM_C -#define MBEDTLS_RSA_C -#define MBEDTLS_SHA1_C -#define MBEDTLS_SHA224_C -#define MBEDTLS_SHA256_C -#define MBEDTLS_SHA512_C -#define MBEDTLS_SSL_CLI_C -#define MBEDTLS_SSL_SRV_C -#define MBEDTLS_SSL_TLS_C -#define MBEDTLS_X509_CRT_PARSE_C -#define MBEDTLS_X509_USE_C -#define MBEDTLS_AES_FEWER_TABLES - -/* TLS 1.2 */ -#define MBEDTLS_SSL_PROTO_TLS1_2 -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -#define MBEDTLS_GCM_C -#define MBEDTLS_ECDH_C -#define MBEDTLS_ECP_C -#define MBEDTLS_ECDSA_C -#define MBEDTLS_ASN1_WRITE_C - -// The following is needed to parse a certificate -#define MBEDTLS_PEM_PARSE_C -#define MBEDTLS_BASE64_C +#endif \ No newline at end of file