I don't know if it can help, anyway I am using TLS 1.2 and certificate is Elliptic Curve secp256r1
Il giorno mer 22 gen 2025 alle ore 20:07 Stefano Tebaldi steteb@gmail.com ha scritto:
Hello,
thank you.
sorry, my previous mbedTLS version was 2.16.2 not 2.6.2.
I suspect the new version is using a different algorithm to encrypt data. Where can I check it ? What is the part of mbedTLS code that implements that ?
I don't think before it was using hardware, I didn't configure the library to do that or I didn't do anything to do that. I think the new version is probably using a different algorithm that is slower.
my config files can be opened with a text editor like notepad, I simply rename them.
Il giorno mar 21 gen 2025 alle ore 20:28 Michael Richardson < mcr@sandelman.ca> ha scritto:
Stefano Tebaldi via mbed-tls mbed-tls@lists.trustedfirmware.org wrote: > I recently updated mbedTLS library version 2.6.2 to 3.6.2. I am using the > library to add https to Mongoose web server on a STM32H753 with FreeRTOS + > LWIP.
I would start by checking on your server side logs (might need debug logs) to see what algorithms were negotiated. Are they the same?
> 2.6.2 was generated in a IAR project using STMCubeMX. > What I am noticing is that file transfer performance has gottenmuch worse. > With version 2.6.2 it took a few minutes to transfer a file of around 33 > MB, now with version 3.6.2 it takes around 15 min. What could this depend > on? Attached is the configuration used for the two versions. The > certificate for https is EC curve secp256r1.
My guess is that you were formerly benefitting from accelerated symmetric cipher and now you are not. Either because 3.x was not configured to use the hardware, or because a different cipher was selected which is not accelerated.
(I didn't look at your configs. Maybe you should use text/plain for a configuration, not octet-stream)