Hi All,
A gentle reminder that the Asia-Europe timezone-friendly MBed TLS Tech
forum is *next Monday at 10:00am PM UK time.* Invite details can be found
on the online calendar here <https://www.trustedfirmware.org/meetings/>.
If you have any topics, please let Dave Rodgman know. :)
Best regards,
Don Harbin
TrustedFirmware Community Manager
don.harbin(a)linaro.org
ReplyReply to allForward
Hi All,
Note you may have received another instance of this note but when I
attempted to send to all TF ML's simultaneously it seemed to fail, so
sending to each one at a time. Sorry about that. :/
We've created a Discord Server for real time chats/sharing. This solution
comes at no cost to the project, is set up with channels for each project,
includes a #general channel, and supports direct 1-1 chats between members,
all with the goal of improving collaboration between trustedfirmware.org
developers.
We encourage all to join! :) Instructions for joining can be found on
the TF.org
FAQ page <https://www.trustedfirmware.org/faq/>.
See you all there and please don't hesitate to reach out if you have any
questions!
Don Harbin
TrustedFirmware Community Manager
don.harbin(a)linaro.org
Hi,
I am trying to use a certificate with its public key algorithm is NIST
P-384 and its signature algorithm is ED448.
I am working on ESP board with IDF framework which supports mbedtls. But
when I am trying to use that certificate, I got error message about
'MBEDTLS_ERR_X509_UNKOWN_SIG_ALG'.
So, I thought that maybe mbedtls does not support certificates which signed
with ED448.
Hi,
I am trying to use a certificate with its public key algorithm is NIST
P-384 and its signature algorithm is ED448.
I am working on ESP board with IDF framework which supports mbedtls. But
when I am trying to use that certificate, I got error message about
'MBEDTLS_ERR_X509_UNKOWN_SIG_ALG'.
So, I thought that maybe mbedtls does not support certificates which signed
with ED448.
I've got mbedTLS 3.1.4 and want to use TLS 1.3. My handshake fails very early because I don't have any Pre-Shared Keys. Does mbedTLS TLS1.3 only support PSKs, or can I still use generated session keys as does TLS 1.2? If so, how?
Jeff Thompson | Senior Electrical Engineer - Firmware
+1 704 752 6513 x1394
www.invue.com
[cid:image001.gif@01D9D729.620C6230]
Hello,
I am trying to build MbedTLS on a Mac, as part of a project to support
MbedTLS in the "picoquic" implementation of QUIC. I have a small
problem, probably something of my making. I have cloned the repo on an
"mbedtls" directory, created a "build" subdirectory, and from there
run"cmake ..", which worked fine, and then tried to run "make", which
fails in "generating psa_crypto_driver_wrapper.c" when trying the python
script "generate_driver_wrappers.py" because it cannot find the python
module "jsonschema".
I tried to solve that by installing that module using "pip", and test
programs running python3 do find the "jsonschema". Calling
print(jsonschema.__file__) shows the module is installed in my user
directory:
/users/christianhuitema/Library/python3.9/lib/python/...
Is there a simple way to fix that?
-- Christian Huitema
Hello,
I'm currently engaged in a project where I'm utilizing mbedtls for the management of certificates. Within this project, I'm aiming to integrate a revocation feature using Certificate Revocation Lists (CRLs). However, my search for resources on how to effectively implement a comprehensive certificate revocation process using mbedtls has unfortunately yielded no productive outcomes.
I am concerned about how to first create a crl file and sign it using my self-signed CA, how to revocate a certificate if we need to revocate it, and how to update the CRL, then when parsing the cert how to detect that this certificate has been revocated. ( I am using LPCXpresso55S16 as a client and raspberry pi as a server and I am doing all with coding).
Thank you in advance for your support.
Best regards,
Ahmed.
Hello,
I need some help to setup mbedtls as a CMake subproject, I added it as a subdirectory in my CMakeLists.
However, I can't figure out how to use my own config file for mbedtls (MBEDTLS_CONFIG_FILE option to the file I want as a config file).
When I put my custom config file to the include folder of mbedtls in the place of the original mbedtls_config.h file it works wel,l but it's not a future-proof option for me, is there anyone that could help me with this setup ?
