Transport Layer Security (TLS)

Starting with TiOS release V4, select Tibbo devices gained support for encrypted outgoing TCP connections using Transport Layer Security (TLS) 1.2. Due to memory limitations, only one such encrypted outgoing connection can exist at any given time. TLS encryption for incoming TCP connections is not supported.

The following Tibbo programmable devices support TLS:

  • WM2000 — implements TLS1.2 with the RSA-2048 cryptosystem or the ECDSA cryptosystem using the secp384r1 elliptic curve profile

Regardless of platform, memory limitations mean that only one encrypted connection can be established at a time. On the WM2000, each encrypted socket consumes 32KB of RAM — this process is internal and will not affect your usable buffer. On the TPP2(G2), TPP3(G2), EM2000, and EM2001, you need to allocate a minimum of 39 pages of memory prior to establishing a secure connection.

object_sock_tls

Additional limitations

TLS is not compatible with the following features of the sock. object:

Prerequisites for a connection

Before you can configure your device to establish a secure connection to a remote server, you must:

Further reading