[axtls-general] axTLS with support for PSK ciphersuites
Brought to you by:
cameronrich
From: Mordy O. <mor...@gm...> - 2017-11-01 16:33:56
|
All, I made a version of axTLS with support for TLS's preshared keys ciphersuites: https://github.com/mordyovits/axtls-svn-mirror/tree/add-psk-ciphers In many IoT use cases PSK ciphersuites are useful (though they're not useful for connecting to typical HTTPS services). There are a few big advantages to PSK in IoT: 1) Performance. There's no RSA operations ever, so it's fast and uses little energy in handshaking. 2) Size. Configuring axTLS with PSK support strips out support for the RSA ciphersuites. I did it this mutually-exclusive way (with Cameron Rich's blessing) because few uses cases need both kinds of ciphersuites. More importantly, it means that a PSK build of axTLS is truly tiny, since all the RSA, bigint, X.509, and ASN.1 code is #ifdef-ed away. I emailed Cameron about my work and he was interested in it. I don't know where he stands on merging it, but I appreciate any opinion on it. Thanks, Mordy |