mirror of
https://github.com/esp8266/Arduino.git
synced 2025-04-19 23:22:16 +03:00
Earle F. Philhower, III
GitHub
parent
04fe1b9667
commit
d205a63309
@ -1,5 +1,12 @@
|
|||||||
// Example of using SSL sessions to speed up SSL connection initiation
|
// Example of using SSL sessions to speed up SSL connection initiation
|
||||||
//
|
//
|
||||||
|
// Note that sessions are a function of individual HTTPS servers, so if you
|
||||||
|
// are connecting to a service through a load abalncer (i.e. Azure, AWS, GitHub)
|
||||||
|
// two connections to the same IP address will generally connect to two
|
||||||
|
// different web servers, meaning that sessions won't work. If you are
|
||||||
|
// connecting to a single server not behind a load balancer/etc., however,
|
||||||
|
// there should be a significant speedup.
|
||||||
|
//
|
||||||
// September 2018 by Earle F. Philhower, III
|
// September 2018 by Earle F. Philhower, III
|
||||||
// Released to the public domain
|
// Released to the public domain
|
||||||
|
|
||||||
@ -94,12 +101,14 @@ void fetchURL(BearSSL::WiFiClientSecure *client, const char *host, const uint16_
|
|||||||
void loop() {
|
void loop() {
|
||||||
uint32_t start, finish;
|
uint32_t start, finish;
|
||||||
BearSSL::WiFiClientSecure client;
|
BearSSL::WiFiClientSecure client;
|
||||||
BearSSL::X509List cert(cert_DigiCert_High_Assurance_EV_Root_CA);
|
BearSSL::X509List cert(certForum);
|
||||||
|
const char *host = "esp8266.com";
|
||||||
|
const int port = 443;
|
||||||
|
|
||||||
Serial.printf("Connecting without sessions...");
|
Serial.printf("Connecting without sessions...");
|
||||||
start = millis();
|
start = millis();
|
||||||
client.setTrustAnchors(&cert);
|
client.setTrustAnchors(&cert);
|
||||||
fetchURL(&client, github_host, github_port, path);
|
fetchURL(&client, host, port, path);
|
||||||
finish = millis();
|
finish = millis();
|
||||||
Serial.printf("Total time: %dms\n", finish - start);
|
Serial.printf("Total time: %dms\n", finish - start);
|
||||||
|
|
||||||
@ -108,21 +117,21 @@ void loop() {
|
|||||||
Serial.printf("Connecting with an uninitialized session...");
|
Serial.printf("Connecting with an uninitialized session...");
|
||||||
start = millis();
|
start = millis();
|
||||||
client.setTrustAnchors(&cert);
|
client.setTrustAnchors(&cert);
|
||||||
fetchURL(&client, github_host, github_port, path);
|
fetchURL(&client, host, port, path);
|
||||||
finish = millis();
|
finish = millis();
|
||||||
Serial.printf("Total time: %dms\n", finish - start);
|
Serial.printf("Total time: %dms\n", finish - start);
|
||||||
|
|
||||||
Serial.printf("Connecting with the just initialized session...");
|
Serial.printf("Connecting with the just initialized session...");
|
||||||
start = millis();
|
start = millis();
|
||||||
client.setTrustAnchors(&cert);
|
client.setTrustAnchors(&cert);
|
||||||
fetchURL(&client, github_host, github_port, path);
|
fetchURL(&client, host, port, path);
|
||||||
finish = millis();
|
finish = millis();
|
||||||
Serial.printf("Total time: %dms\n", finish - start);
|
Serial.printf("Total time: %dms\n", finish - start);
|
||||||
|
|
||||||
Serial.printf("Connecting again with the initialized session...");
|
Serial.printf("Connecting again with the initialized session...");
|
||||||
start = millis();
|
start = millis();
|
||||||
client.setTrustAnchors(&cert);
|
client.setTrustAnchors(&cert);
|
||||||
fetchURL(&client, github_host, github_port, path);
|
fetchURL(&client, host, port, path);
|
||||||
finish = millis();
|
finish = millis();
|
||||||
Serial.printf("Total time: %dms\n", finish - start);
|
Serial.printf("Total time: %dms\n", finish - start);
|
||||||
|
|
||||||
|
|||||||
@ -1,2 +0,0 @@
|
|||||||
cd ${0%/*} 2>/dev/null
|
|
||||||
python3 ../../../../tools/cert.py -s api.github.com -n github > certs.h
|
|
||||||
@ -1,90 +1,34 @@
|
|||||||
|
const char certForum [] PROGMEM = R"EOF(
|
||||||
// this file is autogenerated - any modification will be overwritten
|
|
||||||
// unused symbols will not be linked in the final binary
|
|
||||||
// generated on 2021-07-26 22:04:48
|
|
||||||
// by ['../../../../tools/cert.py', '-s', 'api.github.com', '-n', 'github']
|
|
||||||
|
|
||||||
#pragma once
|
|
||||||
|
|
||||||
////////////////////////////////////////////////////////////
|
|
||||||
// certificate chain for api.github.com:443
|
|
||||||
|
|
||||||
const char* github_host = "api.github.com";
|
|
||||||
const uint16_t github_port = 443;
|
|
||||||
|
|
||||||
// CN: *.github.com => name: __github_com
|
|
||||||
// not valid before: 2021-03-25 00:00:00
|
|
||||||
// not valid after: 2022-03-30 23:59:59
|
|
||||||
const char fingerprint___github_com [] PROGMEM = "96:84:07:df:0b:1c:f6:58:14:df:d7:33:35:57:51:9b:15:4d:8c:e7";
|
|
||||||
const char pubkey___github_com [] PROGMEM = R"PUBKEY(
|
|
||||||
-----BEGIN PUBLIC KEY-----
|
|
||||||
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElL9/+0TidTIALPfU/tiS6pI8zAIk
|
|
||||||
rU4pohUldVc0bb6O3FARl3cnqIDK9SoF65z3xiR6XsnFS8F0Oy/chXR/kQ==
|
|
||||||
-----END PUBLIC KEY-----
|
|
||||||
)PUBKEY";
|
|
||||||
|
|
||||||
// http://cacerts.digicert.com/DigiCertHighAssuranceTLSHybridECCSHA2562020CA1.crt
|
|
||||||
// CN: DigiCert High Assurance TLS Hybrid ECC SHA256 2020 CA1 => name: DigiCert_High_Assurance_TLS_Hybrid_ECC_SHA256_2020_CA1
|
|
||||||
// not valid before: 2020-12-17 00:00:00
|
|
||||||
// not valid after: 2030-12-16 23:59:59
|
|
||||||
const char cert_DigiCert_High_Assurance_TLS_Hybrid_ECC_SHA256_2020_CA1 [] PROGMEM = R"CERT(
|
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIEGzCCAwOgAwIBAgIQBmcDW7sU/WOvwNaoU07+FjANBgkqhkiG9w0BAQsFADBs
|
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
|
||||||
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
|
||||||
ZSBFViBSb290IENBMB4XDTIwMTIxNzAwMDAwMFoXDTMwMTIxNjIzNTk1OVowZzEL
|
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
|
||||||
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMT8wPQYDVQQDEzZE
|
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
|
||||||
aWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBUTFMgSHlicmlkIEVDQyBTSEEyNTYgMjAy
|
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
|
||||||
MCBDQTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARnvW/xPOudvtC252wTq9ef
|
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
|
||||||
6fbdFeWPkOscfpRTkciuHj7UcumQSH3lzkPEIx0KpesWa8epsks7QwkZ4fU/Tkf9
|
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
|
||||||
o4IBhzCCAYMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUUGGmoNI1xBEq
|
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
|
||||||
II0fD6xC8M0pz0swHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDgYD
|
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
|
||||||
VR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB/Bggr
|
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
|
||||||
BgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv
|
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
|
||||||
bTBJBggrBgEFBQcwAoY9aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lD
|
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
|
||||||
ZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNydDBLBgNVHR8ERDBCMECgPqA8hjpo
|
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
|
||||||
dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZS
|
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
|
||||||
b290Q0EuY3JsMDAGA1UdIAQpMCcwCAYGZ4EMAQICMAgGBmeBDAECAzAHBgVngQwB
|
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
|
||||||
ATAIBgZngQwBAgEwDQYJKoZIhvcNAQELBQADggEBAHMQH8hhiBfNbxwEwxbbTAnu
|
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
|
||||||
jPyUh/oi0JrfZI3u9JuiLqca720D6foS/AB5+4EIxpm7CMG4MdN/l7oAiDipaCPv
|
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
|
||||||
mOmpYUpnT7A63Cr0q4g84rI1ZmdqA40lVUUf6qC6E34tC73qDQF8TJSrfscWFdCl
|
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
|
||||||
RXR9J4QGrkZ2VNMSDzlDRzWCaA95MfO8x01l+ZdopdE8FvM78gGd4zxeWb8v991+
|
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
|
||||||
mBxTDepqKuy/jF5Rm6Bhfxr33ADRs60s1t16dtZ3pOYLALBTPD5KhZ6a+/dk5dnh
|
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
|
||||||
6c4PaeZQYBUAh+GuxfaBlU4qQ8EtjBMCQHreMIwXHYHW5FRYGjgR4NMuaIw2jD0=
|
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
|
||||||
|
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
|
||||||
|
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
|
||||||
|
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
|
||||||
|
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
|
||||||
|
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
|
||||||
|
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
|
||||||
|
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
)CERT";
|
)EOF";
|
||||||
|
|
||||||
// http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt
|
|
||||||
// CN: DigiCert High Assurance EV Root CA => name: DigiCert_High_Assurance_EV_Root_CA
|
|
||||||
// not valid before: 2006-11-10 00:00:00
|
|
||||||
// not valid after: 2031-11-10 00:00:00
|
|
||||||
const char cert_DigiCert_High_Assurance_EV_Root_CA [] PROGMEM = R"CERT(
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
|
|
||||||
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
|
|
||||||
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
|
|
||||||
ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
|
|
||||||
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
|
|
||||||
LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
|
|
||||||
RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
|
|
||||||
+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
|
|
||||||
PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
|
|
||||||
xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
|
|
||||||
Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
|
|
||||||
hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
|
|
||||||
EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
|
|
||||||
MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
|
|
||||||
FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
|
|
||||||
nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
|
|
||||||
eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
|
|
||||||
hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
|
|
||||||
Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
|
|
||||||
vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
|
|
||||||
+OkuE6N36B9K
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
)CERT";
|
|
||||||
|
|
||||||
|
|
||||||
// end of certificate chain for api.github.com:443
|
|
||||||
////////////////////////////////////////////////////////////
|
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user