Mbed TLS in prj.conf for 01_IOT

Hi!

01_IOT samples uses MBEDTLS in KConfig to be precise:

CONFIG_MBEDTLS_ENABLE_HEAP=y
CONFIG_MBEDTLS_HEAP_SIZE=10240
CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=2048
CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=2048

im wondering where is it used? I dont see any traces of code that leads to see how it works. What’s the method RSA? Is the whole communication encrypted or just credentials?

Hey @Dzolo,

Mbed TLS is one of the Golioth SDK dependencies that implements cryptographic primitives, X.509 certificate manipulation, and the SSL/TLS and DTLS protocols. Golioth encrypts data in transit via DTLS, and RSA is a (D)TLS key-exchange method.

In the zephyr-training repo, mbedtls can be found in deps/modules/crypto/mbedtls, which is where those Kconfig symbols come from.

I did found the original KConfig, but my question is - is the whole communication encrypted client(board) server(golioth) or just credentials in this example - why do i ask this ? Because ive found some samples that have much more KConfig enabled to make it work.

The entire communication between the client (device/board) and the server is encrypted. Golioth uses DTLS (Datagram Transport Layer Security) to secure data transmitted over UDP, ensuring that all data exchanges are encrypted. This secures both the credentials and the data being transmitted during communication, providing end-to-end encryption for IoT device management.