From 63f0415472b453537f3fa4f8738339b97b8c1d6e Mon Sep 17 00:00:00 2001 From: ROMemories <152802150+ROMemories@users.noreply.github.com> Date: Sat, 7 Sep 2024 15:54:11 +0200 Subject: [PATCH] docs(http-client-example): add support for TLS 1.3 --- Cargo.lock | 1 + Cargo.toml | 1 + examples/http-client/Cargo.toml | 6 +++++- examples/http-client/laze.yml | 1 + examples/http-client/src/main.rs | 24 ++++++++++++++++++++++-- examples/random/Cargo.toml | 2 +- 6 files changed, 31 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1c2c9d5e2..6784e48bd 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2743,6 +2743,7 @@ dependencies = [ "ariel-os", "ariel-os-boards", "heapless 0.8.0", + "rand", "reqwless", ] diff --git a/Cargo.toml b/Cargo.toml index bf8159df4..d816b0412 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -122,6 +122,7 @@ once_cell = { version = "=1.19.0", default-features = false, features = [ "critical-section", ] } paste = { version = "1.0" } +rand = { version = "0.8.5", default-features = false } rtt-target = { version = "0.6.0" } rp-pac = { version = "6.0", default-features = false } diff --git a/examples/http-client/Cargo.toml b/examples/http-client/Cargo.toml index 03818928c..6a8e41352 100644 --- a/examples/http-client/Cargo.toml +++ b/examples/http-client/Cargo.toml @@ -10,6 +10,7 @@ workspace = true [dependencies] ariel-os = { path = "../../src/ariel-os", features = [ + "csprng", "dns", "mdns", "override-network-config", @@ -18,4 +19,7 @@ ariel-os = { path = "../../src/ariel-os", features = [ ] } ariel-os-boards = { path = "../../src/ariel-os-boards" } heapless = { workspace = true } -reqwless = { version = "0.13.0", default-features = true } +rand = { workspace = true } +reqwless = { version = "0.13.0", default-features = true, features = [ + "embedded-tls", +] } diff --git a/examples/http-client/laze.yml b/examples/http-client/laze.yml index 3fffa7fdd..c6f2e9ec0 100644 --- a/examples/http-client/laze.yml +++ b/examples/http-client/laze.yml @@ -6,3 +6,4 @@ apps: - CONFIG_ISR_STACKSIZE=32768 selects: - network + - random diff --git a/examples/http-client/src/main.rs b/examples/http-client/src/main.rs index 24f557d97..67c058dc3 100644 --- a/examples/http-client/src/main.rs +++ b/examples/http-client/src/main.rs @@ -14,7 +14,17 @@ use embassy_net::{ tcp::client::{TcpClient, TcpClientState}, }; use embassy_time::{Duration, Timer}; -use reqwless::{client::HttpClient, request::Method}; +use reqwless::{ + client::{HttpClient, TlsConfig, TlsVerify}, + request::Method, +}; + +const MAX_ENCRYTPED_TLS_RECORD_SIZE: usize = 16640; +// Required by `embedded_tls::TlsConnection::new()`. +const TLS_READ_BUFFER_SIZE: usize = MAX_ENCRYTPED_TLS_RECORD_SIZE; +// Can be smaller than the read buffer (could be adjusted: trade-off between memory usage and not +// splitting large writes into multiple records). +const TLS_WRITE_BUFFER_SIZE: usize = 4096; const MAX_CONCURRENT_CONNECTIONS: usize = 2; const TCP_BUFFER_SIZE: usize = 1024; @@ -43,7 +53,17 @@ async fn main() { let tcp_client = TcpClient::new(stack, &tcp_client_state); let dns_client = DnsSocket::new(stack); - let mut client = HttpClient::new(&tcp_client, &dns_client); + let tls_seed: u64 = rand::Rng::gen(&mut ariel_os::random::crypto_rng()); + + let mut tls_rx_buffer = [0; TLS_READ_BUFFER_SIZE]; + let mut tls_tx_buffer = [0; TLS_WRITE_BUFFER_SIZE]; + + // We do not verify the server in this example, as that would require setting up a PSK with the + // server. + let tls_verify = TlsVerify::None; + let tls_config = TlsConfig::new(tls_seed, &mut tls_rx_buffer, &mut tls_tx_buffer, tls_verify); + + let mut client = HttpClient::new_with_tls(&tcp_client, &dns_client, tls_config); loop { if let Err(err) = send_http_get_request(&mut client, ENDPOINT_URL).await { diff --git a/examples/random/Cargo.toml b/examples/random/Cargo.toml index ad44fbc12..852a026ae 100644 --- a/examples/random/Cargo.toml +++ b/examples/random/Cargo.toml @@ -13,4 +13,4 @@ workspace = true # random, but helps with interactive tools. ariel-os = { path = "../../src/ariel-os", features = ["random"] } ariel-os-boards = { path = "../../src/ariel-os-boards" } -rand = { version = "0.8.5", default-features = false } +rand = { workspace = true }