ESP32 mbed TLS cypher suits supported on client hello

Nikhil1520
Posts: 3
Joined: Fri Jun 11, 2021 6:22 am

ESP32 mbed TLS cypher suits supported on client hello

Postby Nikhil1520 » Fri Jun 11, 2021 9:50 am

HI,

i am using ESP-IDF version 4.2, established a connected to tls connection with server, when the packets are sniffed on wireshark we observed that client (ESP32) is supporting only below cypher suits:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA

we have not made any specific configuration in the sdk config and as per configuration mbedtls supports SHA384 and SHA512. can anyone let us know why ESP32 (client) is unable to send below cipher suits to server in hello message:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

are we missing some configuration to enable them? below are attached ireshark capture image and mbedtls configuration.

Regards
Nikhil

Who is online

Users browsing this forum: No registered users and 96 guests