I'm trying to figure out how to use mbedTLS (formerly PolarSSL) to perform ECDHE-PSK encryption between two peers. Unfortunately, there isn't any article/documentation whatsoever on APIs that I need to use?
ECDHE-PSK mbedTLS example?
4.1k Views Asked by tunafish24 At
1
There are 1 best solutions below
Related Questions in ENCRYPTION
- Is TLS enough for client server encryption or if dealing with sensitive data, its better to add ur own encryption also. for example leverage AWS SSM?
- Secure Messaging Implementation in C#
- File splitting and encryption
- Large file processing in the web browser
- Java code of AES/GCM/NoPadding encryption algorithm with authentication tag
- AES-256-CBC encryption returning different result in Python and PHP , HELPPP
- Why are encrypted stored procedures taking a long time to execute in SQL Server 2022?
- Why/How does Apache auto-include "DHE" TLS1.2 ciphers while nginx needs "dhparams" file?
- Encrypt in Single Store and Decrypt in SQL Server
- Is it possible to develop a Transparent Data Encryption(TDE) system on macOS now?
- How can I ensure incremental changes in deciphered messages in Python substitution cipher decoding?
- Getting Error Message as "the input string is not a complete block" while Decryting using AES
- Laravel: How to fix "the MAC is invalid" on local environment
- How to encrypt a string and decrypt it using a password
- Willena's sqlite-jdbc-crypt driver for sqlite3 database encryption
Related Questions in MBED
- How should USB MIDI packets be formatted?
- How can I solve the Problem during Mbed compile?(depthwise_conv.cc)
- Is there a way to make these printf() statements execute only on the rising edge of a button press?
- Add BLE descriptors using mbed os
- Mbedtls_ssl_close_notify takes more than 30 seconds if a delay is not provided before the function
- Using Mbed with CY8CKIT_062_BLE
- Combine HAL libraries and mbed libraries on same project
- Read Characteristic with MBED OS BLE GattClient
- Coupling between the time() C function and the underlying hardware
- Issues with gdbserver and stlink in configuring a mbed studio IDE development platform
- Servo only moves once
- STM32 fails to generate PWM using some timers
- mbed MPU6050 - Using the Madgwick Orientation Filter library
- How do I parse the time values received from ds1302 to be in integer format?
- RX interrupt using mBed OS Serial throwing Mutex error at runtime
Related Questions in POLARSSL
- Polars Dataframe change null to np.nan in Int row when use .to_numpy()
- Construct date column from year, month and day in Polars dataframe
- rust polars convert string column to datetime
- Is it possible to include PolarSSL and OpenSSL in the same project?
- AES decryption failing
- How to use mpi_read_binary() function?
- What is size (in bytes) of Mbed TLS rsa_context?
- Use mbedTLS as SSL library in QT
- how to encrypt a string in aes waywith mbedtls?
- Why is mbedTLS ECDSA signature dependend on hashing algorithm?
- STM32F4 HW_CRYPTO lower performance
- PolarSSl bignum.c will cause crash in Android 5.0 and above while using JNI
- How to pass the public key in .pem file to the polarssl rsa_context
- mbed TLS initialization
- How to decode X509 OID data in mbedTLS?
Related Questions in TLS1.2
- Why/How does Apache auto-include "DHE" TLS1.2 ciphers while nginx needs "dhparams" file?
- SSL/TLS certificate exchange/renewal needs private key of the old certificate in CSR
- Envoyproxy misses some dynamic upstream clusters properties in config_dump
- HTTPClient is not reusing the SSL/TLS1.2 session and does handshake on every request
- Python MITM/Proxy
- Handling certificates for establishing connection to Oracle using the go-ora driver
- TLS handshake error: read tcp in NATS server K8 pod
- How to Force HttpClient 3.0.1 to use TLS 1.3?
- Tempo TLS issue
- Decrease openssl SECLEVEL in conf for only one connection
- .NET 8 C#: SslStream "Cannot determine the frame size or a corrupted frame was received."
- FTP over SSL, FTPS TLS not working - Rejecting data connection - Only is allowed
- Enabling SSL TLS1.2 in RabbitMQ in Python
- Disable ECDHE cipher in SslSocket in .NET Core
- SQL Server error 31 - "Encryption(ssl/tls) handshake failed", in an AWS Lambda function
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
ECDHE-PSK is a key exchange method used in TLS. You should first have a look at the mbed TLS TLS tutorial.
Then you need to configure the pre-shared key on both ends. This usually involves using
mbedtls_ssl_conf_psk()client-side and, though the same function could in theory be used server-side too if you only expect to communicate with a single client, in practice most of the time you'll want to usembedtls_ssl_conf_psk_cb()to set up a callback function that will select the appropriate pre-shared key for each client.You also need to adjust the list of allowed ciphersuites. This can be done at runtime using
mbedtls_ssl_conf_ciphersuites(). Alternatively, if you know you'll only use ECDHE-PSK, you can customize your build to disable all other key exchanges, which will also minimize your footprint.Finally, you can find fully working examples of doing TLS with various ciphersuites, including based on ECDHE-PSK in the mbed TLS distribution as ssl_client2.c and ssl_server2.c. You can check how the functions mentioned above are used in the examples, and in particular you'll find an example of server-side PSK callback.