2 releases

0.1.1 Sep 3, 2024
0.1.0 Aug 29, 2024

#1165 in Cryptography

OLFL-1.3

10MB
202K SLoC

C 135K SLoC // 0.1% comments Shell 38K SLoC // 0.1% comments Python 12K SLoC // 0.3% comments Visual Studio Project 11K SLoC Jinja2 3K SLoC // 0.0% comments Perl 1K SLoC // 0.1% comments Rust 1K SLoC // 0.1% comments Visual Studio Solution 811 SLoC Bitbake 44 SLoC Batch 30 SLoC GDB Script 21 SLoC // 0.6% comments TCL 3 SLoC

embedded-mbedtls

An Mbed TLS Rust wrapper for constrained embedded devices.

Currently, this project is developed with no_std CoAPs and LwM2M devices in mind, though usage is not limited to these use cases. Targeting CoAPs and LwM2M, it uses a static Mbed TLS configuration:

  • DTLS support
  • (D)TLS 1.2
  • Client-only
  • TLS_PSK_WITH_AES_128_CCM_8 cipher suite support
  • CTR_DRBG pseudo-random number generator support

In the future, a dynamic configuration using Rust features might be implemented, but there is currently no roadmap to do so.

Platform abstraction

Usage Example

In addition to the following example code, also have a look at the example directory in the git repository. Due to the strong focus on no_std environments, the repository contains working examples for no_std hardware.

use embedded_mbedtls::ssl::{SslConnection, SslContext, Preset};
use nb::block;

// Assuming the variables in use contain a valid hardware abstraction and the server address
// Create the hardware context
let mut ctx = SslContext::new_udp_client_side(net_stack, clock, rng, server_addr);
// Create and configure the connection instance
let mut connection = SslConnection::new_dtls_client(&mut ctx, Preset::Default).unwrap();
connection
    .configure_psk(&[1, 2, 3, 4], "embedded-mbedtls".as_bytes())
    .unwrap();

// Set up connection
block!(connection.handshake()).unwrap();

// Send data
block!(connection.write("Hello, embedded-mbedtls".as_bytes())).unwrap();

// Receive data
let mut buf = [0u8; 1024];
let len = block!(connection.read(&mut buf)).unwrap();

// Close connection
block!(connection.close_notify()).unwrap();

Features

  • alloc: enables use of heap allocated contexts, see the explanation in SslConnection

License

Open Logistics License
Version 1.3, January 2023

See the LICENSE file in the top-level directory.

Contact

Fraunhofer IML Embedded Rust Group - embedded-rust@iml.fraunhofer.de

Dependencies