docs(http-client-example): add support for TLS 1.3

ROMemories · Dec 13, 2024 · 63f0415 · 63f0415
1 parent ae1e7e8
commit 63f0415
Show file tree

Hide file tree

Showing 6 changed files with 31 additions and 4 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -122,6 +122,7 @@ once_cell = { version = "=1.19.0", default-features = false, features = [
   "critical-section",
 ] }
 paste = { version = "1.0" }
+rand = { version = "0.8.5", default-features = false }
 rtt-target = { version = "0.6.0" }
 
 rp-pac = { version = "6.0", default-features = false }

diff --git a/examples/http-client/Cargo.toml b/examples/http-client/Cargo.toml
@@ -10,6 +10,7 @@ workspace = true
 
 [dependencies]
 ariel-os = { path = "../../src/ariel-os", features = [
+  "csprng",
   "dns",
   "mdns",
   "override-network-config",
@@ -18,4 +19,7 @@ ariel-os = { path = "../../src/ariel-os", features = [
 ] }
 ariel-os-boards = { path = "../../src/ariel-os-boards" }
 heapless = { workspace = true }
-reqwless = { version = "0.13.0", default-features = true }
+rand = { workspace = true }
+reqwless = { version = "0.13.0", default-features = true, features = [
+  "embedded-tls",
+] }
diff --git a/examples/http-client/laze.yml b/examples/http-client/laze.yml
@@ -6,3 +6,4 @@ apps:
           - CONFIG_ISR_STACKSIZE=32768
     selects:
       - network
+      - random
diff --git a/examples/http-client/src/main.rs b/examples/http-client/src/main.rs
@@ -14,7 +14,17 @@ use embassy_net::{
     tcp::client::{TcpClient, TcpClientState},
 };
 use embassy_time::{Duration, Timer};
-use reqwless::{client::HttpClient, request::Method};
+use reqwless::{
+    client::{HttpClient, TlsConfig, TlsVerify},
+    request::Method,
+};
+
+const MAX_ENCRYTPED_TLS_RECORD_SIZE: usize = 16640;
+// Required by `embedded_tls::TlsConnection::new()`.
+const TLS_READ_BUFFER_SIZE: usize = MAX_ENCRYTPED_TLS_RECORD_SIZE;
+// Can be smaller than the read buffer (could be adjusted: trade-off between memory usage and not
+// splitting large writes into multiple records).
+const TLS_WRITE_BUFFER_SIZE: usize = 4096;
 
 const MAX_CONCURRENT_CONNECTIONS: usize = 2;
 const TCP_BUFFER_SIZE: usize = 1024;
@@ -43,7 +53,17 @@ async fn main() {
     let tcp_client = TcpClient::new(stack, &tcp_client_state);
     let dns_client = DnsSocket::new(stack);
 
-    let mut client = HttpClient::new(&tcp_client, &dns_client);
+    let tls_seed: u64 = rand::Rng::gen(&mut ariel_os::random::crypto_rng());
+
+    let mut tls_rx_buffer = [0; TLS_READ_BUFFER_SIZE];
+    let mut tls_tx_buffer = [0; TLS_WRITE_BUFFER_SIZE];
+
+    // We do not verify the server in this example, as that would require setting up a PSK with the
+    // server.
+    let tls_verify = TlsVerify::None;
+    let tls_config = TlsConfig::new(tls_seed, &mut tls_rx_buffer, &mut tls_tx_buffer, tls_verify);
+
+    let mut client = HttpClient::new_with_tls(&tcp_client, &dns_client, tls_config);
 
     loop {
         if let Err(err) = send_http_get_request(&mut client, ENDPOINT_URL).await {

diff --git a/examples/random/Cargo.toml b/examples/random/Cargo.toml
@@ -13,4 +13,4 @@ workspace = true
 # random, but helps with interactive tools.
 ariel-os = { path = "../../src/ariel-os", features = ["random"] }
 ariel-os-boards = { path = "../../src/ariel-os-boards" }
-rand = { version = "0.8.5", default-features = false }
+rand = { workspace = true }
-Original file line number
+Diff line change
@@ Expand Up / @@ -6,3 +6,4 @@ apps: @@
               - CONFIG_ISR_STACKSIZE=32768
         selects:
           - network
+          - random