lwip-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-users] lwIP with mbedTLS

From: Paweł
Subject: Re: [lwip-users] lwIP with mbedTLS
Date: Mon, 28 Jan 2019 21:59:59 +0100
Dear all,
I tried last suggestion with raising heap memory amount but it didn't help at all. I'm sure I have something wrong with mbedTLS to lwIP connection - mbedTLS is not waiting for the Client Hello message to leave, but is going on and tries to parse Server Hello...
I don't have any memory allocation errors on my console.

pon., 28 sty 2019 o 10:49 Paweł <address@hidden> napisał(a):
1. Check whether you have free these 20kB heaps and even try to increase it for testing.
Thanks for suggestion, I will definitly try it!
2. Change the authentication type from RSA to ECDSA, now you are using it TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, try change to TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 or similar.
 Well, this one I've chosen after observing transmission with another MQTT client over TLS. In the Client Hello message I've seen many cipher methods and in Server Hello this one was chosen. I had problems when I had different ones so I decided to select only that one and this resulted in proper response from Server.

pon., 28 sty 2019 o 10:37 tomek wilkxt <address@hidden> napisał(a):

This is TI CC1312R microcontroller (Cortex M4F, 80 kB RAM, 352 kB Flash). uC has got some crypto accelerators built in which I plan to use after establishing proper communication.
At the moment about 20 kB RAM free (I'm sure that I could make some additional savings). PBUF_POOL_BUFSIZE 1516 bytes (TCP_MSS 1460).
MBEDTLS_SSL_MAX_CONTENT_LEN and MBEDTLS_MPI_MAX_SIZE are set to 4096.

I had a similar problem with STM32f107 (64kB RAM), only I started the http server on it and yours works as a client. My problems were related to too little free RAM memory.
1. Check whether you have free these 20kB heaps and even try to increase it for testing.
2. Change the authentication type from RSA to ECDSA, now you are using it TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, try change to TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 or similar.
 


 
pon., 28 sty 2019 o 08:24 tomek wilkxt <address@hidden> napisał(a):
Hi
Which CPU do you use and how much free RAM do you have?
Ethernet frame size is 1514, how is your PBUF_POOL_BUFSIZE size?

niedz., 27 sty 2019 o 20:40 Paweł <address@hidden> napisał(a):
Hi Jan,
I encountered memory problems in the beginning (cpu hang - insufficient heap memory) but after little tuning the application works well.
Sometimes when Server Hello message is delayed a bit (what I'm contantly observing on Wireshark) handshake will just end with WANT_READ error before it could even read this message.
Also I don't see any memory problems on mbedTLS debug and no errors on lwip_stats.
Please look at logs below. I'm attaching also Wireshark packets with Handshake beginning. Packet 6510 is a client hello message (compared with Wireshark). Look when it is ready, and when it is sent out on interface - just after returning error on parsing Server Hello which couldn't be there as Client Hello is still in buffer! 
This is why I supposed threading problems.


--
pozdrawiam
tomek
_______________________________________________
lwip-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/lwip-users
reply via email to
[Prev in Thread] Current Thread [Next in Thread]