Arduino Due HTTPS Support

2019-01-31 16:24发布

问题:

In previous versions of Arduino, the limiting 8-bit microcontroller board, it seems that implementing HTTPS (not merely HTTP) was almost impossible. But the newer version of Arduino Due provides 32-bit ARM core - see spec here.

I tried to check several network libraries (libcurl, openssl, yaSSL), but I didn't find anyone that was already ported to work with Arduino Due.

OpenSSL is probably too heavy to be able to run on this processor, but I believe that yaSSL as an embedded library should be possible to do.

Do you have any information of a library that I can use to trigger HTTPS requests on Arduino Due?

回答1:

Unfortunately this is too long for a comment.

No out of the box solution

From what I have gathered, there is no straightforward solution for a webserver running on the Atmel SAM3X8E ARM Cortex-M3 CPU that outputs HTTPS out of the box. Texas Intstruments provides better options at the moment using their boards equipped with a Stellaris Microcontroller ARM Cortex-M3 CPU.

► Alternative

There are several options available that render cryptographic functions, based upon which one could lay out and implement a simple secure communication protocol that communicates with an intermediary device, which in turn facilitates Rapid Application Development and SSL.

This intermediary device, for instance an off-the-shelf 70$ Android smartphone that keeps your project mobile and connected, runs a service on a specified port which in turn communicates with Amazon SQS. Already available. This may sound ugly or tough, but is much easier than doing the programmatic groundwork for a webserver with full TLS 3 support on the Arduino. Given the proper motivation the latter may be easy, but not if one just wants a fast pragmatic solution to one's own project.

Cryptographic libraries

  • crypto-arduino-library http://code.google.com/p/crypto-arduino-library/ (not maintained since 2010)
  • matrixssl
  • mbed TLS (formerly PolarSSL)
  • wolfSSL (formerly CyaSSL)

Discussions

Following is a list of discussions to get you started:

  • HTTPS alternative on Arduino
  • SSL from a Microcontroller
  • Lightweight Packet Encryption

Many of these libraries would still need to be adapted, but community experts can help you with that fairly quickly.

Good luck! If you are at liberty to upload your final project to github then you just gained a thanks and a follower.



回答2:

IMHO Arduino (including the DUE) is the wrong tool for heavy and/or encrypted web based communication. I would strongly suggest to look for more appropriate hardware in the same size and price range. As soon you get into https you are close enough to also want a lot of the other stuff that real operating systems provide. With other words I suggest to go for something like the Raspi. Similar size and prize but way more powerful, especially it can run Linux. --> HTTPS becomes simple.



回答3:

The big problem with https support on an arduino is the danger of overloading your processor which could make the project unviable.

Even embedded platform targetted solutions like PolarSSL can eat up too much memory and use too much processing power. Remember that even on the most streamlined implementations, SSL support is going to have to be generalized for wide adoption and will include components that you won't find necessary. There's also the question of which Certificate Authorities you will trust and how you will communicate with them for things like certificate revocation.

I would look instead towards a solution that isn't as broken on the surface for your needs. Something like CurveProtect, which is an implementation of CurveCP.

Of course, your decision will largely be based on what you want to do and how much time you want to spend figuring the problem out. PolarSSL has a footprint that can be as small as 30K (more typically close to 100K).



标签: c https arduino