how to use cURL with TLS implementation

Hello

I'm evaluating cURL with nrf9160DK,zephyrOS.

Finally, it goes well with cURL - http - however, it cant do with TLS - https -

Could you let me know how to implement TLS/SSL for using cURL ?

Does it require some config ?

Here is my snipet code. (non - TLS)

-------------------------------------------------------------

static size_t write_callback(void *contents, size_t size, size_t nmemb, void *userp) {
size_t realsize = size * nmemb;
char **response_ptr = (char **)userp; // Cast userp to the correct type
char *response = realloc(*response_ptr, strlen(*response_ptr) + realsize + 1);

if (response == NULL) {
LOG_ERR("Not enough memory to store response\n");
return 0; // If realloc fails, return 0 to stop curl
}

*response_ptr = response;
strncat(response, (char *)contents, realsize);

return realsize;
}

static void http_request_example(void) {
CURL *hnd;
CURLcode ret;
char *response = malloc(4096); // Allocate initial memory for the response
if (response == NULL) {
LOG_ERR("Memory allocation failed for response buffer");
return;
}
response[0] = '\0'; // Initialize the response buffer

LOG_INF("Starting HTTP request example");

// Initialize libcurl
hnd = curl_easy_init();
if (hnd) {
// Set the URL for the HTTP GET request
curl_easy_setopt(hnd, CURLOPT_URL, "">http://httpbin.org/get");

// Set the callback function for handling response data
curl_easy_setopt(hnd, CURLOPT_WRITEFUNCTION, write_callback);
curl_easy_setopt(hnd, CURLOPT_WRITEDATA, (void *)&response);

#if 1
curl_version_info_data *curl_info = curl_version_info(CURLVERSION_NOW);
if (curl_info->protocols) {
const char * const *proto;
for (proto = curl_info->protocols; *proto; ++proto) {
LOG_INF("Supported protocol: %s\n", *proto);
}
}
#endif

// Perform the request
ret = curl_easy_perform(hnd);

// Check if the request was successful
if (ret != CURLE_OK) {
LOG_ERR("curl_easy_perform() failed: %s", curl_easy_strerror(ret));
} else {
// Print the response
LOG_INF("Response: %s", response);
}

// Clean up and free the resources
curl_easy_cleanup(hnd);
free(response);
} else {
LOG_ERR("Failed to initialize curl");
}
}

Parents
  • Updated my code and however, still no work well.

    >>curl_version_info(CURLVERSION_NOW);

    Return - http

    >>curl_easy_perform() failed: Unsupported protocol

    how to integrated SSL/TLS ?

    here is the snipet code

    -----------------------------------------------------------------------

    static void https_request_example(void) {
    CURL *ch;
    CURLcode ret;

    char *response = malloc(4096); // Allocate initial memory for the response
    if (response == NULL) {
    LOG_ERR("Memory allocation failed for response buffer");
    return;
    }
    response[0] = '\0'; // Initialize the response buffer

    LOG_INF("Starting HTTPS request example");

    /* Dynamically allocate memory for the PEM certificate */
    char *mypem = (char *)malloc(strlen(cert_pem) + 1);
    if (!mypem) {
    printf("malloc failed for PEM certificate\n");
    return CURLE_OUT_OF_MEMORY;
    }
    strcpy(mypem, cert_pem);

    curl_global_init(CURL_GLOBAL_ALL);
    ch = curl_easy_init();
    if (ch) {

    curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM");
    curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L);
    curl_easy_setopt(ch, CURLOPT_URL, "">https://www.example.com/");

    /* Install the function to modify the SSL context */
    curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
    curl_easy_setopt(ch, CURLOPT_SSL_CTX_DATA, mypem);


    // Set the callback function for handling response data
    curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, write_callback);
    curl_easy_setopt(ch, CURLOPT_WRITEDATA, (void *)&response);

    #if 1
    curl_version_info_data *curl_info = curl_version_info(CURLVERSION_NOW);
    if (curl_info->protocols) {
    const char * const *proto;
    for (proto = curl_info->protocols; *proto; ++proto) {
    LOG_INF("Supported protocol: %s\n", *proto);
    }
    }
    #endif

    // Perform the request
    ret = curl_easy_perform(ch);

    // Check if the request was successful
    if (ret != CURLE_OK) {
    LOG_ERR("curl_easy_perform() failed: %s", curl_easy_strerror(ret));
    } else {
    // Print the response
    LOG_INF("Response: %s", response);
    }

    // Clean up and free the resources
    curl_easy_cleanup(ch);
    free(response);

    } else {
    LOG_ERR("Failed to initialize curl");
    }

    /* Clean up */
    curl_easy_cleanup(ch);
    curl_global_cleanup();
    free(mypem); /* Free dynamically allocated memory */
    free(response);

    return ret;
    }

  • Hello

    Still not going well and I'm looking for solution.

    Any idea and advice would be highly appreciated.

    thx

  • Hello,

    Is curl necessary in your situation? Implementing HTTPS with curl will be heavy for flash and RAM. You will have to start with configuring mbedTLS for that.

    For HTTPS in general we would recommend using for example our HTTPS Client sample as the base.

    Best regards,

    Michal

Reply
  • Hello,

    Is curl necessary in your situation? Implementing HTTPS with curl will be heavy for flash and RAM. You will have to start with configuring mbedTLS for that.

    For HTTPS in general we would recommend using for example our HTTPS Client sample as the base.

    Best regards,

    Michal

Children
  • Do you have an idea how much additional flash and RAM adding mbedTLS would add?

    For my project I am making architectural decisions and I want to know what the risk/impact of using mbedTLS would be.

  • I am checking that internally, but I am not sure if there are any concrete numbers I'd be able to find

    Since we don't have a ready curl implementation with HTTPS support, you the answer may be that you need to experiment on your own.

    We have a Memory Report tool in the nRF Connect for VS Code extension to help out with that as well.

    I tried some basic experiments, but those were too basic and didn't really increase the code by more than the bare minimum.

    Best regards.

    Michal