diff --git a/Cargo.toml b/Cargo.toml index 9d9d04d..a4dfd1d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -31,10 +31,13 @@ p256 = { version = "0.13", default-features = false, features = [ "ecdsa", "sha256", ] } -embedded-tls = { git = "https://github.com/drogue-iot/embedded-tls.git", default-features = false, features = ["rustpki"], optional = true } +embedded-tls = { git = "https://github.com/hackshare/embedded-tls.git", rev = "a095342a", default-features = false, features = ["rustpki"], optional = true } rand_chacha = { version = "0.3", default-features = false } nourl = "0.1.2" -esp-mbedtls = { version = "0.1", git = "https://github.com/esp-rs/esp-mbedtls.git", optional = true } +# esp-mbedtls dep removed — git URL is stale and we only use embedded-tls + +[lints.rust] +unexpected_cfgs = { level = "warn", check-cfg = ['cfg(feature, values("esp-mbedtls"))'] } [dev-dependencies] hyper = { version = "0.14.23", features = ["full"] } diff --git a/src/client.rs b/src/client.rs index 1f9b084..cc1a93c 100644 --- a/src/client.rs +++ b/src/client.rs @@ -23,14 +23,16 @@ use rand_core::CryptoRngCore; /// An async HTTP client that can establish a TCP connection and perform /// HTTP requests. -pub struct HttpClient<'a, T, D> +pub struct HttpClient<'a, T, D, const CERT_SIZE: usize = 4096> where T: TcpConnect + 'a, D: Dns + 'a, { client: &'a T, dns: &'a D, - #[cfg(any(feature = "embedded-tls", feature = "esp-mbedtls"))] + #[cfg(feature = "embedded-tls")] + tls: Option>, + #[cfg(all(not(feature = "embedded-tls"), feature = "esp-mbedtls"))] tls: Option>, } @@ -49,7 +51,7 @@ pub struct TlsConfig<'a, const RX_SIZE: usize = 4096, const TX_SIZE: usize = 409 /// Type for TLS configuration of HTTP client. #[cfg(feature = "embedded-tls")] -pub struct TlsConfig<'a> { +pub struct TlsConfig<'a, const CERT_SIZE: usize = 4096> { seed: u64, read_buffer: &'a mut [u8], write_buffer: &'a mut [u8], @@ -57,13 +59,13 @@ pub struct TlsConfig<'a> { } #[cfg(feature = "embedded-tls")] -struct Provider { +struct Provider { rng: rand_chacha::ChaCha8Rng, - verifier: CertVerifier, + verifier: CertVerifier, } #[cfg(feature = "embedded-tls")] -impl CryptoProvider for Provider { +impl CryptoProvider for Provider { type CipherSuite = Aes128GcmSha256; type Signature = DerSignature; @@ -103,7 +105,7 @@ pub enum TlsVerify<'a> { } #[cfg(feature = "embedded-tls")] -impl<'a> TlsConfig<'a> { +impl<'a, const CERT_SIZE: usize> TlsConfig<'a, CERT_SIZE> { pub fn new(seed: u64, read_buffer: &'a mut [u8], write_buffer: &'a mut [u8], verify: TlsVerify<'a>) -> Self { Self { seed, @@ -129,7 +131,7 @@ impl<'a, const RX_SIZE: usize, const TX_SIZE: usize> TlsConfig<'a, RX_SIZE, TX_S } } -impl<'a, T, D> HttpClient<'a, T, D> +impl<'a, T, D, const CERT_SIZE: usize> HttpClient<'a, T, D, CERT_SIZE> where T: TcpConnect + 'a, D: Dns + 'a, @@ -145,7 +147,17 @@ where } /// Create a new HTTP client for a given connection handle and a target host. - #[cfg(any(feature = "embedded-tls", feature = "esp-mbedtls"))] + #[cfg(feature = "embedded-tls")] + pub fn new_with_tls(client: &'a T, dns: &'a D, tls: TlsConfig<'a, CERT_SIZE>) -> Self { + Self { + client, + dns, + tls: Some(tls), + } + } + + /// Create a new HTTP client for a given connection handle and a target host. + #[cfg(all(not(feature = "embedded-tls"), feature = "esp-mbedtls"))] pub fn new_with_tls(client: &'a T, dns: &'a D, tls: TlsConfig<'a>) -> Self { Self { client, @@ -231,7 +243,7 @@ where conn.open(TlsContext::new( &config, - Provider { + Provider:: { rng: rng, verifier: embedded_tls::pki::CertVerifier::new(), },