OpenSSL vs mBedTLS

hassan789
Posts: 40
Joined: Thu Jun 29, 2017 2:15 am

OpenSSL vs mBedTLS

Postby hassan789 » Fri Nov 24, 2017 4:37 am

Some basic SSL Questions, which I am having trouble with...

1. What is the difference between OpenSSL vs mbedTLS, as used in the ESP-IDF sdk? It looks like mbedTLS has additional crypto libraries as well.

2. Why do both libraries need to be included in the SDK? Sometimes I see examples using OpenSSL, while other times mbedTLS is used. When should I used one vs the other?

3. looks like mbedTLS is standard in embedded, and also seems to have more options than OpenSSL.. so why do we need OpenSSL?

Thanks

WiFive
Posts: 1218
Joined: Tue Dec 01, 2015 7:35 am

Re: OpenSSL vs mBedTLS

Postby WiFive » Fri Nov 24, 2017 5:46 am


hassan789
Posts: 40
Joined: Thu Jun 29, 2017 2:15 am

Re: OpenSSL vs mBedTLS

Postby hassan789 » Sat Nov 25, 2017 6:06 pm

Thanks WiFive. It looks like "esp-idf/components/openssl/platform/" wraps mbedtls to make it look like openssl.
Seems its easier to use the openssl API, but it gives less control and is less efficient than directly using mbedtls.

ESP_Angus
Posts: 617
Joined: Sun May 08, 2016 4:11 am

Re: OpenSSL vs mBedTLS

Postby ESP_Angus » Sun Nov 26, 2017 11:20 pm

hassan789 wrote:Seems its easier to use the openssl API, but it gives less control and is less efficient than directly using mbedtls.


This is 100% correct. The OpenSSL wrapper exists to allow some OpenSSL-based code to be directly ported to ESP-IDF. However for all other purposes it's better to use mbedTLS directly.

Who is online

Users browsing this forum: No registered users and 10 guests