Re-examine use of lib/mbedtls, lib/mbedtls_config, lib/mbedtls_errors
#10294
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
mbedtls for CYW43 (Pico W) is provide by
lib/mbedtls. For Espressif, we use the ESP-IDFcomponent/mbedtls. But since pico-sdk 1.5.0,mbedtlsis included as a submodule inpico-sdk, and an API was added.#8926 moved
ssltoshared-module, which was welcome, allowing a lot of shared code.ESP-IDF v5.4 changed the in-flash root cert list format (see 62d16ce), which necessitated going back to ESP-IDF code for cert bundle management, instead of using the code in
lib/mbedtls_config.As the SDK's update their own use of mbedtls, version skew like this may continue to happen. Consider using the SDK-native mbedtls support in pico-sdk instead of the version copied from ESP-IDF, and using the version of mbedtls in pico-sdk to match that. A wrapper API could be developed for
shared-module/sslthat has separate implementations for pico-sdk and ESP-IDF.The text was updated successfully, but these errors were encountered: