Add TLS=mbedtls option

examples/device-dashboard/Makefile

@@ -9,13 +9,11 @@ CFLAGS = -W -Wall -Wextra -g -I.        # Build options
 CFLAGS_MONGOOSE +=
 
 ifeq ($(OS),Windows_NT)         # Windows settings. Assume MinGW compiler. To use VC: make CC=cl CFLAGS=/MD OUT=/Feprog.exe
-  PROG ?= example.exe           # Use .exe suffix for the binary
+  PROG = example.exe            # Use .exe suffix for the binary
   PACK = pack.exe               # Packing executable
   CC = gcc                      # Use MinGW gcc compiler
   CFLAGS += -lws2_32            # Link against Winsock library
   DELETE = cmd /C del /Q /F /S  # Command prompt command to delete files
-  OUT ?= -o $(PROG)             # Build output
-  MAKE += WINDOWS=1 CC=$(CC)
 endif
 
 # Default target. Build and run program
@@ -39,10 +37,14 @@ packed_fs.c: $(wildcard web_root/*) Makefile web_root/main.css web_root/bundle.j
 	$(CC) ../../test/pack.c -o $(PACK)
 	$(PACK) $(wildcard web_root/*) > $@
 
-# Pull and build mbedTLS library. See https://mongoose.ws/tutorials/tls/#how-to-build for TLS build options
 mbedtls:
 	git clone --depth 1 -b v2.28.2 https://github.com/mbed-tls/mbedtls $@
-	$(MAKE) -C mbedtls/library
+
+ifeq ($(TLS), mbedtls)
+CFLAGS += -DMG_ENABLE_MBEDTLS=1 -Wno-conversion -Imbedtls/include
+CFLAGS += -DMBEDTLS_CONFIG_FILE=\"mbedtls_config.h\" mbedtls/library/*.c
+$(PROG): mbedtls
+endif
 
 # Cleanup. Delete built program and all build artifacts
 clean:

examples/device-dashboard/mbedtls_config.h

@@ -0,0 +1,63 @@
+/* Workaround for some mbedtls source files using INT_MAX without including limits.h */
+#include <limits.h>
+
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+#define MBEDTLS_SSL_OUT_CONTENT_LEN    2048
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+#define MBEDTLS_HAVE_TIME
+
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+#define MBEDTLS_PKCS1_V15
+#define MBEDTLS_SHA256_SMALLER
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_MD5_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PKCS5_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_SHA1_C
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA512_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_SRV_C
+#define MBEDTLS_SSL_TLS_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_AES_FEWER_TABLES
+#define MBEDTLS_PEM_PARSE_C
+#define MBEDTLS_BASE64_C
+
+// TLS 1.2
+#define MBEDTLS_SSL_PROTO_TLS1_2
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+#define MBEDTLS_GCM_C
+#define MBEDTLS_ECDH_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ASN1_WRITE_C
+

examples/device-dashboard/net.c

@@ -72,6 +72,15 @@ static int event_next(int no, struct event *e) {
   return no + 1;
 }
 
+// This is for newlib and TLS (mbedTLS)
+int _gettimeofday(struct timeval *tv, void *tz) {
+  uint64_t now = mg_millis() + s_boot_timestamp;
+  (void) tz;
+  tv->tv_sec = (time_t) (now / 1000);
+  tv->tv_usec = (unsigned long) ((now % 1000) * 1000);
+  return 0;
+}
+
 // SNTP connection event handler. When we get a response from an SNTP server,
 // adjust s_boot_timestamp. We'll get a valid time from that point on
 static void sfn(struct mg_connection *c, int ev, void *ev_data, void *fn_data) {

examples/stm32/nucleo-f746zg-baremetal/Makefile

@@ -14,7 +14,7 @@ CFLAGS += -DMG_ENABLE_TCPIP=1 -DMG_ARCH=MG_ARCH_NEWLIB -DMG_ENABLE_CUSTOM_MILLIS
 CFLAGS += -DMG_ENABLE_CUSTOM_RANDOM=1 -DMG_ENABLE_PACKED_FS=1 $(CFLAGS_EXTRA)
 
 # Example specific build options. See README.md
-CFLAGS += -DHTTP_URL=\"http://0.0.0.0/\"
+CFLAGS += -DHTTP_URL=\"http://0.0.0.0/\" -DHTTPS_URL=\"https://0.0.0.0/\"
 
 ifeq ($(OS),Windows_NT)
   RM = cmd /C del /Q /F /S
@@ -27,7 +27,7 @@ all build example: firmware.bin
 firmware.bin: firmware.elf
 	arm-none-eabi-objcopy -O binary $< $@
 
-firmware.elf: cmsis_core cmsis_f7 $(SOURCES) hal.h link.ld 
+firmware.elf: cmsis_core cmsis_f7 $(SOURCES) hal.h link.ld Makefile
 	arm-none-eabi-gcc $(SOURCES) $(CFLAGS) $(LDFLAGS) -o $@
 
 flash: firmware.bin
@@ -37,6 +37,14 @@ cmsis_core:     # ARM CMSIS core headers
 	git clone --depth 1 -b 5.9.0 https://github.com/ARM-software/CMSIS_5 $@
 cmsis_f7:       # ST CMSIS headers for STM32F7 series
 	git clone --depth 1 -b v1.2.8 https://github.com/STMicroelectronics/cmsis_device_f7 $@
+mbedtls:        # mbedTLS library
+	git clone --depth 1 -b v2.28.2 https://github.com/mbed-tls/mbedtls $@
+
+ifeq ($(TLS), mbedtls)
+CFLAGS += -DMG_ENABLE_MBEDTLS=1 -Wno-conversion -Imbedtls/include
+CFLAGS += -DMBEDTLS_CONFIG_FILE=\"mbedtls_config.h\" mbedtls/library/*.c
+firmware.elf: mbedtls
+endif
 
 # Automated remote test. Requires env variable VCON_API_KEY set. See https://vcon.io/automated-firmware-tests/
 DEVICE_URL ?= https://dash.vcon.io/api/v3/devices/5

examples/stm32/nucleo-f746zg-baremetal/mbedtls_config.h

@@ -0,0 +1 @@
+../../device-dashboard/mbedtls_config.h