Using built-in mbedTLS

Hi there,

I can see that mbedTLS is already available as part of device-os, is there a way to use it in a user application?

I have tried using the TLS Client Library however when including the Bosch Sensortech library, I get the error that

d:/program files (x86)/gnu tools arm embedded/5.3 2016q1/bin/../lib/gcc/arm-none-eabi/5.3.1/../../../../arm-none-eabi/bin/ld.exe: region `APP_FLASH' overflowed by 2052 bytes
collect2.exe: error: ld returned 1 exit status

My reasoning is that using the built-in mbedTLS library would save space that would prevent this error.

Do let me know if this is the way to go about it or should we be looking into using webhooks or some other method.

It is not possible to directly access the mbed library from user firmware. Aside from it not being possible, it’s not actually the whole library.

The linker removes the parts that are not used by system firmware. The system does not use the normal web server TLS over TCP, it uses DTLS (datagram TLS) on the Electron, Argon, Boron, and Xenon, and only includes the encryption algorithms that are needed to access the cloud.

@rickkas7 So the only way forward is using webhooks if we require using SSL? Unless I am missing something.

You can use TLS from the device, but you’ll probably need to take one of the existing libraries and trim out the parts you don’t need to get it to fit. Because there are so many encryption algorithms in use, the libraries tend to be large. However, if you know what algorithm your server uses, you can remove the ones you don’t need.

Got it, will have a look into it. Thanks