Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -31,10 +31,13 @@ p256 = { version = "0.13", default-features = false, features = [
"ecdsa",
"sha256",
] }
embedded-tls = { git = "https://github.com/drogue-iot/embedded-tls.git", default-features = false, features = ["rustpki"], optional = true }
embedded-tls = { git = "https://github.com/hackshare/embedded-tls.git", rev = "a095342a", default-features = false, features = ["rustpki"], optional = true }
rand_chacha = { version = "0.3", default-features = false }
nourl = "0.1.2"
esp-mbedtls = { version = "0.1", git = "https://github.com/esp-rs/esp-mbedtls.git", optional = true }
# esp-mbedtls dep removed — git URL is stale and we only use embedded-tls

[lints.rust]
unexpected_cfgs = { level = "warn", check-cfg = ['cfg(feature, values("esp-mbedtls"))'] }

[dev-dependencies]
hyper = { version = "0.14.23", features = ["full"] }
Expand Down
32 changes: 22 additions & 10 deletions src/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,16 @@ use rand_core::CryptoRngCore;

/// An async HTTP client that can establish a TCP connection and perform
/// HTTP requests.
pub struct HttpClient<'a, T, D>
pub struct HttpClient<'a, T, D, const CERT_SIZE: usize = 4096>
where
T: TcpConnect + 'a,
D: Dns + 'a,
{
client: &'a T,
dns: &'a D,
#[cfg(any(feature = "embedded-tls", feature = "esp-mbedtls"))]
#[cfg(feature = "embedded-tls")]
tls: Option<TlsConfig<'a, CERT_SIZE>>,
#[cfg(all(not(feature = "embedded-tls"), feature = "esp-mbedtls"))]
tls: Option<TlsConfig<'a>>,
}

Expand All @@ -49,21 +51,21 @@ pub struct TlsConfig<'a, const RX_SIZE: usize = 4096, const TX_SIZE: usize = 409

/// Type for TLS configuration of HTTP client.
#[cfg(feature = "embedded-tls")]
pub struct TlsConfig<'a> {
pub struct TlsConfig<'a, const CERT_SIZE: usize = 4096> {
seed: u64,
read_buffer: &'a mut [u8],
write_buffer: &'a mut [u8],
verify: TlsVerify<'a>,
}

#[cfg(feature = "embedded-tls")]
struct Provider {
struct Provider<const CERT_SIZE: usize> {
rng: rand_chacha::ChaCha8Rng,
verifier: CertVerifier<Aes128GcmSha256, NoClock, 4096>,
verifier: CertVerifier<Aes128GcmSha256, NoClock, CERT_SIZE>,
}

#[cfg(feature = "embedded-tls")]
impl CryptoProvider for Provider {
impl<const CERT_SIZE: usize> CryptoProvider for Provider<CERT_SIZE> {
type CipherSuite = Aes128GcmSha256;
type Signature = DerSignature;

Expand Down Expand Up @@ -103,7 +105,7 @@ pub enum TlsVerify<'a> {
}

#[cfg(feature = "embedded-tls")]
impl<'a> TlsConfig<'a> {
impl<'a, const CERT_SIZE: usize> TlsConfig<'a, CERT_SIZE> {
pub fn new(seed: u64, read_buffer: &'a mut [u8], write_buffer: &'a mut [u8], verify: TlsVerify<'a>) -> Self {
Self {
seed,
Expand All @@ -129,7 +131,7 @@ impl<'a, const RX_SIZE: usize, const TX_SIZE: usize> TlsConfig<'a, RX_SIZE, TX_S
}
}

impl<'a, T, D> HttpClient<'a, T, D>
impl<'a, T, D, const CERT_SIZE: usize> HttpClient<'a, T, D, CERT_SIZE>
where
T: TcpConnect + 'a,
D: Dns + 'a,
Expand All @@ -145,7 +147,17 @@ where
}

/// Create a new HTTP client for a given connection handle and a target host.
#[cfg(any(feature = "embedded-tls", feature = "esp-mbedtls"))]
#[cfg(feature = "embedded-tls")]
pub fn new_with_tls(client: &'a T, dns: &'a D, tls: TlsConfig<'a, CERT_SIZE>) -> Self {
Self {
client,
dns,
tls: Some(tls),
}
}

/// Create a new HTTP client for a given connection handle and a target host.
#[cfg(all(not(feature = "embedded-tls"), feature = "esp-mbedtls"))]
pub fn new_with_tls(client: &'a T, dns: &'a D, tls: TlsConfig<'a>) -> Self {
Self {
client,
Expand Down Expand Up @@ -231,7 +243,7 @@ where

conn.open(TlsContext::new(
&config,
Provider {
Provider::<CERT_SIZE> {
rng: rng,
verifier: embedded_tls::pki::CertVerifier::new(),
},
Expand Down