This value allows to set max payload length of a TLS protocol
message, and passed thru to mbedTLS as MBEDTLS_SSL_MAX_CONTENT_LEN
setting. The only safe value is 16384, which translates to 32KB
of RAM required just for mbedTLS input/output buffers. Any other
value can be configured *only* per a particular application
(e.g. knowing that it won't pass more than spefific amount of
data at once and/or won't connect to a server with a long cert
chain). Previosuly, we had quite an adhoc and inflexible config
with random values for that setting, based on protocol.
Note that while the safe value is 16384, "backward compatible"
default of 1500 is used (good for DTLS on the other hand).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This should clear up some of the confusion with random number
generators and drivers that obtain entropy from the hardware. Also,
many hardware number generators have limited bandwidth, so it's natural
for their output to be only used for seeding a random number generator.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
CONFIG_MQTT_LIB_TLS is introduced to enable TLS support.
Also, prj_frdm_k64f_tls.conf is added to demostrate the whole idea.
jira:ZEP-2261
Signed-off-by: Aska Wu <aska.wu@linaro.org>
Paul Sokolovsky