[问答]

ESP32-S3 HTTPS esp_mbedtls_handshake握手平均耗时3s以上，有什么改善方法吗？

问答对人有帮助，内容完整，我也想知道答案 0 当我使用HTTP POST/GET请求时，每次请求耗时一般在100-300ms左右更改为HTTPS，并加入服务器证书校验后，每次请求耗时需要3s以上我尝试过下面这几种配置方式，但是耗时变化不大 1、 esp_tls_cfg_t cfg = { .use_global_ca_store = true, }; 2、 esp_tls_cfg_t cfg = { .cacert_buf = (const unsigned char ) server_root_cert_pem_start, .cacert_bytes = server_root_cert_pem_end - server_root_cert_pem_start, }; 3、 esp_tls_cfg_t cfg = { .crt_bundle_attach = esp_crt_bundle_attach, }; 然后我跟踪源码运行发现，每次请求耗时主要在esp_mbedtls_handshake内 Then I tracked the source code and ran and found that each request took less than esp_mbedtls_handshake E (9881) esp-tls-mbedtls: -------start = 9270ms esp_mbedtls_handshake I (10691) esp-x509-crt-bundle: Certificate validated E (15741) esp-tls-mbedtls: -------end =15130ms esp_mbedtls_handshake 这是否是正常的HTTPS请求耗时？还是我的配置出现问题？是否有优化请求耗时的方法呢？下方是完整的启动、请求日志： entry 0x40080694 I (27) boot: ESP-IDF v4.4.2-378-g9269a536ac-dirty 2nd stage bootloader I (27) boot: compile time 22:13:45 I (28) boot: chip revision: 3 I (32) boot_comm: chip revision: 3, min. bootloader chip revision: 0 I (39) boot.esp32: SPI Speed : 40MHz I (44) boot.esp32: SPI Mode : DIO I (48) boot.esp32: SPI Flash Size : 2MB I (53) boot: Enabling RNG early entropy source... I (58) boot: Partition Table: I (62) boot: ## Label Usage Type ST Offset Length I (69) boot: 0 nvs WiFi data 01 02 00009000 00006000 I (77) boot: 1 phy_init RF data 01 01 0000f000 00001000 I (84) boot: 2 factory factory app 00 00 00010000 00100000 I (92) boot: End of partition table I (96) boot_comm: chip revision: 3, min. application chip revision: 0 I (103) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=28eb8h (167608) map I (172) esp_image: segment 1: paddr=00038ee0 vaddr=3ffb0000 size=03800h ( 14336) load I (178) esp_image: segment 2: paddr=0003c6e8 vaddr=40080000 size=03930h ( 14640) load I (184) esp_image: segment 3: paddr=00040020 vaddr=400d0020 size=88158h (557400) map I (388) esp_image: segment 4: paddr=000c8180 vaddr=40083930 size=10f64h ( 69476) load I (417) esp_image: segment 5: paddr=000d90ec vaddr=50000000 size=00010h ( 16) load I (427) boot: Loaded app from partition at offset 0x10000 I (427) boot: Disabling RNG early entropy source... I (439) cpu_start: Pro cpu up. I (439) cpu_start: Starting app cpu, entry point is 0x400811a4 0x400811a4: call_start_cpu1 at /home/leo/work/esp/esp-idf/components/esp_system/port/cpu_start.c:148 I (0) cpu_start: App cpu up. I (456) cpu_start: Pro cpu start user code I (456) cpu_start: cpu freq: 160000000 I (456) cpu_start: Application information: I (460) cpu_start: Project name: https_request I (466) cpu_start: App version: 1 I (470) cpu_start: Compile time: Jan 10 2023 22:13:40 I (476) cpu_start: ELF file SHA256: 3ad1424200dff368... I (482) cpu_start: ESP-IDF: v4.4.2-378-g9269a536ac-dirty I (489) heap_init: Initializing. RAM available for dynamic allocation: I (496) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM I (502) heap_init: At 3FFB7790 len 00028870 (162 KiB): DRAM I (508) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM I (515) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM I (521) heap_init: At 40094894 len 0000B76C (45 KiB): IRAM I (529) spi_flash: detected chip: generic I (532) spi_flash: flash io: dio W (536) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header. I (550) cpu_start: Starting scheduler on PRO CPU. I (0) cpu_start: Starting scheduler on APP CPU. I (671) wifi:wifi driver task: 3ffc01f8, prio:23, stack:6656, core=0 I (671) system_api: Base MAC address is not set I (671) system_api: read default base MAC address from EFUSE I (691) wifi:wifi firmware version: f1d33cc I (691) wifi:wifi certification version: v7.0 I (691) wifi:config NVS flash: enabled I (691) wifi:config nano formating: disabled I (701) wifi:Init data frame dynamic rx buffer num: 32 I (701) wifi:Init management frame dynamic rx buffer num: 32 I (711) wifi:Init management short buffer num: 32 I (711) wifi:Init dynamic tx buffer num: 32 I (721) wifi:Init static rx buffer size: 1600 I (721) wifi:Init static rx buffer num: 10 I (731) wifi:Init dynamic rx buffer num: 32 I (731) wifi_init: rx ba win: 6 I (731) wifi_init: tcpip mbox: 32 I (741) wifi_init: udp mbox: 6 I (741) wifi_init: tcp mbox: 6 I (741) wifi_init: tcp tx win: 5744 I (751) wifi_init: tcp rx win: 5744 I (751) wifi_init: tcp mss: 1440 I (761) wifi_init: WiFi IRAM OP enabled I (761) wifi_init: WiFi RX IRAM OP enabled I (771) example_connect: Connecting to midea_ceshi_002... I (771) phy_init: phy_version 4670,719f9f6,Feb 18 2021,17:07:07 W (781) phy_init: failed to load RF calibration data (0xffffffff), falling back to full calibration I (1051) wifi:mode : sta (b8:d6:1a:33:d0:e4) I (1051) wifi:enable tsf I (1061) example_connect: Waiting for IP(s) I (3471) wifi<8,0>, old:<1,0>, ap:<255,255>, sta:<8,0>, prof:1 I (4211) wifi:state: init -> auth (b0) I (4221) wifi:state: auth -> assoc (0) I (4221) wifi:state: assoc -> run (10) W (4231) wifi:idx:0 (ifx:0, 34:97:f6:b6:22:a0), tid:0, ssn:0, winSize:64 I (4251) wifi:connected with midea_ceshi_002, aid = 7, channel 8, BW20, bssid = 34:97:f6:b6:22:a0 I (4251) wifi:security: WPA2-PSK, phy: bgn, rssi: -42 I (4251) wifi:pm start, type: 1 I (4331) wifi:AP's beacon interval = 102400 us, DTIM period = 3 I (5661) example_connect: Got IPv6 event: Interface "example_connect: sta" address: fe80:0000:0000:0000:bad6:1aff:fe33:d0e4, type: ESP_IP6_ADDR_IS_LINK_LOCAL I (9161) esp_netif_handlers: example_connect: sta ip: 192.168.3.137, mask: 255.255.255.0, gw: 192.168.3.1 I (9161) example_connect: Got IPv4 event: Interface "example_connect: sta" address: 192.168.3.137 I (9171) example_connect: Connected to example_connect: sta I (9171) example_connect: - IPv4 address: 192.168.3.137 I (9181) example_connect: - IPv6 address: fe80:0000:0000:0000:bad6:1aff:fe33:d0e4, type: ESP_IP6_ADDR_IS_LINK_LOCAL I (9191) example: Start https_request example I (9201) example: https_request using crt bundle E (9881) esp-tls-mbedtls: -------start = 9270ms esp_mbedtls_handshake I (10691) esp-x509-crt-bundle: Certificate validated E (15741) esp-tls-mbedtls: -------end =15130ms esp_mbedtls_handshake I (15741) example: Connection established... I (15751) example: 106 bytes written I (15751) example: Reading HTTP response... HTTP/1.1 200 OK Content-Length: 2091 Access-Control-Allow-Origin: Connection: close Content-Type: application/json Date: Wed, 11 Jan 2023 06:15:16 GMT Strict-Transport-Security: max-age=631138519; includeSubdomains; preload ... I (42881) example: https_request using global ca_store E (44281) esp-tls-mbedtls: -------start = 43670ms esp_mbedtls_handshake E (47381) esp-tls-mbedtls: -------end =46770ms esp_mbedtls_handshake I (47391) example: Connection established... I (47401) example: 106 bytes written I (47401) example: Reading HTTP response... HTTP/1.1 200 OK Content-Length: 2091 Access-Control-Allow-Origin: * Connection: close Content-Type: application/json Date: Wed, 11 Jan 2023 06:15:48 GMT Strict-Transport-Security: max-age=631138519; includeSubdomains; preload Top 以下内容为评论 ESP_YJM Posts: 300 Joined: Fri Feb 26, 2021 10:30 am Re: ESP32-S3 HTTPS esp_mbedtls_handshake握手平均耗时3s以上 Quote Postby ESP_YJM » Wed Jan 11, 2023 11:12 am 能否提供下你的 sdkconfig 以及打开 mbedtls debug 查看下 mbedtls 握手所使用的套件。 Top kangzy4 Posts: 6 Joined: Wed Jan 11, 2023 7:18 am Re: ESP32-S3 HTTPS esp_mbedtls_handshake握手平均耗时3s以上 Quote Postby kangzy4 » Sun Jan 15, 2023 12:46 am 好的，这里提供下配置和日志信息如下: 下方是sdkconfig与TLS相关的配置 # # ESP-TLS # CONFIG_ESP_TLS_USING_MBEDTLS=y CONFIG_ESP_TLS_USE_DS_PERIPHERAL=y # CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS is not set # CONFIG_ESP_TLS_SERVER is not set # CONFIG_ESP_TLS_PSK_VERIFICATION is not set CONFIG_ESP_TLS_INSECURE=y CONFIG_ESP_TLS_SKIP_SERVER_CERT_VERIFY=y # end of ESP-TLS # # mbedTLS # CONFIG_MBEDTLS_INTERNAL_MEM_ALLOC=y # CONFIG_MBEDTLS_EXTERNAL_MEM_ALLOC is not set # CONFIG_MBEDTLS_DEFAULT_MEM_ALLOC is not set # CONFIG_MBEDTLS_CUSTOM_MEM_ALLOC is not set CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN=y CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=16384 CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=4096 # CONFIG_MBEDTLS_DYNAMIC_BUFFER is not set CONFIG_MBEDTLS_DEBUG=y # CONFIG_MBEDTLS_DEBUG_LEVEL_WARN is not set # CONFIG_MBEDTLS_DEBUG_LEVEL_INFO is not set # CONFIG_MBEDTLS_DEBUG_LEVEL_DEBUG is not set CONFIG_MBEDTLS_DEBUG_LEVEL_VERBOSE=y CONFIG_MBEDTLS_DEBUG_LEVEL=4 # # mbedTLS v2.28.x related # # CONFIG_MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH is not set # CONFIG_MBEDTLS_X509_TRUSTED_CERT_CALLBACK is not set # CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION is not set CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=y # end of mbedTLS v2.28.x related # # Certificate Bundle # CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=y CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL=y # CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_CMN is not set # CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_NONE is not set # CONFIG_MBEDTLS_CUSTOM_CERTIFICATE_BUNDLE is not set CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_MAX_CERTS=200 # end of Certificate Bundle # CONFIG_MBEDTLS_ECP_RESTARTABLE is not set # CONFIG_MBEDTLS_CMAC_C is not set CONFIG_MBEDTLS_HARDWARE_AES=y CONFIG_MBEDTLS_AES_USE_INTERRUPT=y CONFIG_MBEDTLS_HARDWARE_MPI=y CONFIG_MBEDTLS_HARDWARE_SHA=y CONFIG_MBEDTLS_ROM_MD5=y # CONFIG_MBEDTLS_ATCA_HW_ECDSA_SIGN is not set # CONFIG_MBEDTLS_ATCA_HW_ECDSA_VERIFY is not set CONFIG_MBEDTLS_HAVE_TIME=y # CONFIG_MBEDTLS_HAVE_TIME_DATE is not set CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=y CONFIG_MBEDTLS_SHA512_C=y CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=y # CONFIG_MBEDTLS_TLS_SERVER_ONLY is not set # CONFIG_MBEDTLS_TLS_CLIENT_ONLY is not set # CONFIG_MBEDTLS_TLS_DISABLED is not set CONFIG_MBEDTLS_TLS_SERVER=y CONFIG_MBEDTLS_TLS_CLIENT=y CONFIG_MBEDTLS_TLS_ENABLED=y # # TLS Key Exchange Methods # # CONFIG_MBEDTLS_PSK_MODES is not set CONFIG_MBEDTLS_KEY_EXCHANGE_RSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA=y # end of TLS Key Exchange Methods CONFIG_MBEDTLS_SSL_RENEGOTIATION=y # CONFIG_MBEDTLS_SSL_PROTO_SSL3 is not set CONFIG_MBEDTLS_SSL_PROTO_TLS1=y CONFIG_MBEDTLS_SSL_PROTO_TLS1_1=y CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y # CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1 is not set # CONFIG_MBEDTLS_SSL_PROTO_DTLS is not set CONFIG_MBEDTLS_SSL_ALPN=y CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS=y CONFIG_MBEDTLS_X509_CHECK_KEY_USAGE=y CONFIG_MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE=y CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=y # # Symmetric Ciphers # CONFIG_MBEDTLS_AES_C=y # CONFIG_MBEDTLS_CAMELLIA_C is not set # CONFIG_MBEDTLS_DES_C is not set CONFIG_MBEDTLS_RC4_DISABLED=y # CONFIG_MBEDTLS_RC4_ENABLED_NO_DEFAULT is not set # CONFIG_MBEDTLS_RC4_ENABLED is not set # CONFIG_MBEDTLS_BLOWFISH_C is not set # CONFIG_MBEDTLS_XTEA_C is not set CONFIG_MBEDTLS_CCM_C=y CONFIG_MBEDTLS_GCM_C=y # CONFIG_MBEDTLS_NIST_KW_C is not set # end of Symmetric Ciphers # CONFIG_MBEDTLS_RIPEMD160_C is not set # # Certificates # CONFIG_MBEDTLS_PEM_PARSE_C=y CONFIG_MBEDTLS_PEM_WRITE_C=y CONFIG_MBEDTLS_X509_CRL_PARSE_C=y CONFIG_MBEDTLS_X509_CSR_PARSE_C=y # end of Certificates CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_ECDH_C=y CONFIG_MBEDTLS_ECDSA_C=y # CONFIG_MBEDTLS_ECJPAKE_C is not set CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED=y CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED=y CONFIG_MBEDTLS_ECP_NIST_OPTIM=y # CONFIG_MBEDTLS_POLY1305_C is not set # CONFIG_MBEDTLS_CHACHA20_C is not set # CONFIG_MBEDTLS_HKDF_C is not set # CONFIG_MBEDTLS_THREADING_C is not set # CONFIG_MBEDTLS_LARGE_KEY_SOFTWARE_MPI is not set # CONFIG_MBEDTLS_SECURITY_RISKS is not set # end of mbedTLS 下面是开启Mbedtls后的日志 I (31829) ms_camera: picture: 1280 x 720 22111byte I (31834) ms_http_client: picture size = 22111 I (31846) ms_http_client: http_get_task 2 I (31851) ms_http_client: http_loader_len = 22553 I (31855) ms_http_client: HTTP POST:30606 E (31860) TRANSPORT_BASE: -------send time test=30611ms ssl_connect E (31907) esp-tls: -------send time test3=30658ms tcp_connect E (31907) esp-tls-mbedtls: -------send time2=30658ms esp_mbedtls_handshake I (31910) mbedtls: ssl_tls.c:5905 => handshake I (31922) mbedtls: ssl_cli.c:4483 client state: 0 I (31927) mbedtls: ssl_msg.c:2102 => flush output I (31933) mbedtls: ssl_msg.c:2114 <= flush output I (31945) mbedtls: ssl_cli.c:4483 client state: 1 I (31950) mbedtls: ssl_msg.c:2102 => flush output I (31956) mbedtls: ssl_msg.c:2114 <= flush output I (31961) mbedtls: ssl_cli.c:999 => write client hello I (31970) mbedtls: ssl_msg.c:2542 => write handshake message I (31974) mbedtls: ssl_msg.c:2701 => write record I (31981) mbedtls: ssl_msg.c:2102 => flush output I (31985) mbedtls: ssl_msg.c:2122 message length: 244, out_left: 244 I (31994) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 244 (-0xffffff0c) I (32000) mbedtls: ssl_msg.c:2155 <= flush output I (32006) mbedtls: ssl_msg.c:2870 <= write record I (32011) mbedtls: ssl_msg.c:2678 <= write handshake message I (32018) mbedtls: ssl_cli.c:1467 <= write client hello I (32030) mbedtls: ssl_cli.c:4483 client state: 2 I (32036) mbedtls: ssl_msg.c:2102 => flush output I (32041) mbedtls: ssl_msg.c:2114 <= flush output I (32047) mbedtls: ssl_cli.c:2082 => parse server hello I (32053) mbedtls: ssl_msg.c:3941 => read record I (32058) mbedtls: ssl_msg.c:1886 => fetch input I (32064) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (32070) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (32076) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (32085) mbedtls: ssl_msg.c:2089 <= fetch input I (32090) mbedtls: ssl_msg.c:1886 => fetch input I (32096) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 70 I (32102) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 70 I (32108) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 65 (-0xffffffbf) I (32117) mbedtls: ssl_msg.c:2089 <= fetch input I (32123) mbedtls: ssl_msg.c:4015 <= read record I (32128) mbedtls: ssl_cli.c:2385 server hello, total extension length: 21 I (32136) mbedtls: ssl_cli.c:2627 <= parse server hello I (32148) mbedtls: ssl_cli.c:4483 client state: 3 I (32153) mbedtls: ssl_msg.c:2102 => flush output I (32159) mbedtls: ssl_msg.c:2114 <= flush output I (32164) mbedtls: ssl_tls.c:2878 => parse certificate I (32170) mbedtls: ssl_msg.c:3941 => read record I (32176) mbedtls: ssl_msg.c:1886 => fetch input I (32181) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (32188) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (32194) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (32202) mbedtls: ssl_msg.c:2089 <= fetch input I (32208) mbedtls: ssl_msg.c:1886 => fetch input I (32213) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 2738 I (32221) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 2738 I (32226) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 2733 (-0xfffff553) I (32235) mbedtls: ssl_msg.c:2089 <= fetch input I (32259) mbedtls: ssl_msg.c:4015 <= read record I (32266) mbedtls: ssl_tls.c:2989 <= parse certificate I (32268) mbedtls: ssl_cli.c:4483 client state: 4 I (32273) mbedtls: ssl_msg.c:2102 => flush output I (32279) mbedtls: ssl_msg.c:2114 <= flush output I (32284) mbedtls: ssl_cli.c:3094 => parse server key exchange I (32291) mbedtls: ssl_msg.c:3941 => read record I (32297) mbedtls: ssl_msg.c:1886 => fetch input I (32302) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (32309) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (32315) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (32323) mbedtls: ssl_msg.c:2089 <= fetch input I (32329) mbedtls: ssl_msg.c:1886 => fetch input I (32334) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 305 I (32341) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 305 I (32347) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 300 (-0xfffffed4) I (32355) mbedtls: ssl_msg.c:2089 <= fetch input I (32363) mbedtls: ssl_msg.c:4015 <= read record I (32369) mbedtls: ssl_cli.c:2699 ECDH curve: x25519 I (32372) mbedtls: ssl_cli.c:3018 Server used SignatureAlgorithm 1 I (32379) mbedtls: ssl_cli.c:3020 Server used HashAlgorithm 4 I (32407) mbedtls: ssl_cli.c:3487 <= parse server key exchange I (32410) mbedtls: ssl_cli.c:4483 client state: 5 I (32415) mbedtls: ssl_msg.c:2102 => flush output I (32421) mbedtls: ssl_msg.c:2114 <= flush output I (32427) mbedtls: ssl_cli.c:3522 => parse certificate request I (32433) mbedtls: ssl_msg.c:3941 => read record I (32439) mbedtls: ssl_msg.c:1886 => fetch input I (32444) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (32451) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (32457) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (32465) mbedtls: ssl_msg.c:2089 <= fetch input I (32471) mbedtls: ssl_msg.c:1886 => fetch input I (32476) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 9 I (32482) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 9 I (32488) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 4 (-0xfffffffc) I (32497) mbedtls: ssl_msg.c:2089 <= fetch input I (32502) mbedtls: ssl_msg.c:4015 <= read record I (32508) mbedtls: ssl_cli.c:3678 <= parse certificate request I (32521) mbedtls: ssl_cli.c:4483 client state: 6 I (32526) mbedtls: ssl_msg.c:2102 => flush output I (32532) mbedtls: ssl_msg.c:2114 <= flush output I (32537) mbedtls: ssl_cli.c:3689 => parse server hello done I (32544) mbedtls: ssl_msg.c:3941 => read record I (32549) mbedtls: ssl_msg.c:4011 reuse previously read message I (32556) mbedtls: ssl_msg.c:4015 <= read record I (32562) mbedtls: ssl_cli.c:3719 <= parse server hello done I (32575) mbedtls: ssl_cli.c:4483 client state: 7 I (32580) mbedtls: ssl_msg.c:2102 => flush output I (32586) mbedtls: ssl_msg.c:2114 <= flush output I (32591) mbedtls: ssl_tls.c:2229 => write certificate I (32597) mbedtls: ssl_tls.c:2243 <= skip write certificate I (32610) mbedtls: ssl_cli.c:4483 client state: 8 I (32616) mbedtls: ssl_msg.c:2102 => flush output I (32621) mbedtls: ssl_msg.c:2114 <= flush output I (32627) mbedtls: ssl_cli.c:3734 => write client key exchange I (33112) mbedtls: ssl_msg.c:2542 => write handshake message I (33113) mbedtls: ssl_msg.c:2701 => write record I (33114) mbedtls: ssl_msg.c:2102 => flush output I (33119) mbedtls: ssl_msg.c:2122 message length: 42, out_left: 42 I (33127) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 42 (-0xffffffd6) I (33134) mbedtls: ssl_msg.c:2155 <= flush output I (33139) mbedtls: ssl_msg.c:2870 <= write record I (33145) mbedtls: ssl_msg.c:2678 <= write handshake message I (33151) mbedtls: ssl_cli.c:4151 <= write client key exchange I (33165) mbedtls: ssl_cli.c:4483 client state: 9 I (33170) mbedtls: ssl_msg.c:2102 => flush output I (33175) mbedtls: ssl_msg.c:2114 <= flush output I (33181) mbedtls: ssl_cli.c:4196 => write certificate verify I (33188) mbedtls: ssl_tls.c:1728 => derive keys I (33193) mbedtls: ssl_tls.c:1930 => calc verify sha256 I (33200) mbedtls: ssl_tls.c:1938 <= calc verify I (33212) mbedtls: ssl_tls.c:1807 <= derive keys I (33213) mbedtls: ssl_cli.c:4221 <= skip write certificate verify I (33224) mbedtls: ssl_cli.c:4483 client state: 10 I (33229) mbedtls: ssl_msg.c:2102 => flush output I (33235) mbedtls: ssl_msg.c:2114 <= flush output I (33240) mbedtls: ssl_msg.c:5012 => write change cipher spec I (33247) mbedtls: ssl_msg.c:2542 => write handshake message I (33253) mbedtls: ssl_msg.c:2701 => write record I (33259) mbedtls: ssl_msg.c:2102 => flush output I (33265) mbedtls: ssl_msg.c:2122 message length: 6, out_left: 6 I (33272) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 6 (-0xfffffffa) I (33279) mbedtls: ssl_msg.c:2155 <= flush output I (33285) mbedtls: ssl_msg.c:2870 <= write record I (33290) mbedtls: ssl_msg.c:2678 <= write handshake message I (33297) mbedtls: ssl_msg.c:5026 <= write change cipher spec I (33310) mbedtls: ssl_cli.c:4483 client state: 11 I (33315) mbedtls: ssl_msg.c:2102 => flush output I (33321) mbedtls: ssl_msg.c:2114 <= flush output I (33327) mbedtls: ssl_tls.c:3533 => write finished I (33332) mbedtls: ssl_tls.c:3323 => calc finished tls sha256 I (33340) mbedtls: ssl_tls.c:3349 <= calc finished I (33345) mbedtls: ssl_msg.c:2542 => write handshake message I (33351) mbedtls: ssl_msg.c:2701 => write record I (33357) mbedtls: ssl_msg.c:632 => encrypt buf I (33363) mbedtls: ssl_msg.c:1120 <= encrypt buf I (33368) mbedtls: ssl_msg.c:2102 => flush output I (33373) mbedtls: ssl_msg.c:2122 message length: 45, out_left: 45 I (33381) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 45 (-0xffffffd3) I (33388) mbedtls: ssl_msg.c:2155 <= flush output I (33393) mbedtls: ssl_msg.c:2870 <= write record I (33399) mbedtls: ssl_msg.c:2678 <= write handshake message I (33405) mbedtls: ssl_tls.c:3642 <= write finished I (33418) mbedtls: ssl_cli.c:4483 client state: 12 I (33423) mbedtls: ssl_msg.c:2102 => flush output I (33429) mbedtls: ssl_msg.c:2114 <= flush output I (33435) mbedtls: ssl_cli.c:4365 => parse new session ticket I (33441) mbedtls: ssl_msg.c:3941 => read record I (33446) mbedtls: ssl_msg.c:1886 => fetch input I (33452) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (33479) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (33480) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (33483) mbedtls: ssl_msg.c:2089 <= fetch input I (33489) mbedtls: ssl_msg.c:1886 => fetch input I (33494) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 191 I (33501) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 191 I (33507) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 186 (-0xffffff46) I (33516) mbedtls: ssl_msg.c:2089 <= fetch input I (33523) mbedtls: ssl_msg.c:4015 <= read record I (33527) mbedtls: ssl_cli.c:4467 <= parse new session ticket I (33540) mbedtls: ssl_cli.c:4483 client state: 12 I (33545) mbedtls: ssl_msg.c:2102 => flush output I (33551) mbedtls: ssl_msg.c:2114 <= flush output I (33556) mbedtls: ssl_msg.c:5035 => parse change cipher spec I (33563) mbedtls: ssl_msg.c:3941 => read record I (33568) mbedtls: ssl_msg.c:1886 => fetch input I (33574) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (33580) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (33586) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (33595) mbedtls: ssl_msg.c:2089 <= fetch input I (33600) mbedtls: ssl_msg.c:1886 => fetch input I (33606) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 6 I (33612) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 6 I (33618) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 1 (-0xffffffff) I (33626) mbedtls: ssl_msg.c:2089 <= fetch input I (33632) mbedtls: ssl_msg.c:4015 <= read record I (33637) mbedtls: ssl_msg.c:5099 <= parse change cipher spec I (33651) mbedtls: ssl_cli.c:4483 client state: 13 I (33656) mbedtls: ssl_msg.c:2102 => flush output I (33662) mbedtls: ssl_msg.c:2114 <= flush output I (33667) mbedtls: ssl_tls.c:3659 => parse finished I (33673) mbedtls: ssl_tls.c:3323 => calc finished tls sha256 I (33681) mbedtls: ssl_tls.c:3349 <= calc finished I (33685) mbedtls: ssl_msg.c:3941 => read record I (33691) mbedtls: ssl_msg.c:1886 => fetch input I (33696) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (33703) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (33709) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (33717) mbedtls: ssl_msg.c:2089 <= fetch input I (33723) mbedtls: ssl_msg.c:1886 => fetch input I (33728) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 45 I (33734) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 45 I (33740) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 40 (-0xffffffd8) I (33749) mbedtls: ssl_msg.c:2089 <= fetch input I (33755) mbedtls: ssl_msg.c:1144 => decrypt buf I (33761) mbedtls: ssl_msg.c:1741 <= decrypt buf I (33766) mbedtls: ssl_msg.c:4015 <= read record I (33771) mbedtls: ssl_tls.c:3730 <= parse finished I (33783) mbedtls: ssl_cli.c:4483 client state: 14 I (33789) mbedtls: ssl_msg.c:2102 => flush output I (33794) mbedtls: ssl_msg.c:2114 <= flush output I (33800) mbedtls: ssl_cli.c:4594 handshake: done I (33812) mbedtls: ssl_cli.c:4483 client state: 15 I (33817) mbedtls: ssl_msg.c:2102 => flush output I (33823) mbedtls: ssl_msg.c:2114 <= flush output I (33841) mbedtls: ssl_tls.c:5920 <= handshake E (33846) esp-tls-mbedtls: -------send time3=32597ms esp_mbedtls_handshake I (33855) mbedtls: ssl_msg.c:5820 => write I (33859) mbedtls: ssl_msg.c:2701 => write record I (33864) mbedtls: ssl_msg.c:632 => encrypt buf I (33873) mbedtls: ssl_msg.c:1120 <= encrypt buf I (33877) mbedtls: ssl_msg.c:2102 => flush output I (33881) mbedtls: ssl_msg.c:2122 message length: 238, out_left: 238 I (33889) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 238 (-0xffffff12) I (33896) mbedtls: ssl_msg.c:2155 <= flush output I (33901) mbedtls: ssl_msg.c:2870 <= write record I (33907) mbedtls: ssl_msg.c:5848 <= write I (33913) mbedtls: ssl_msg.c:5820 => write I (33917) mbedtls: ssl_msg.c:2701 => write record I (33922) mbedtls: ssl_msg.c:632 => encrypt buf I (33970) mbedtls: ssl_msg.c:1120 <= encrypt buf I (33998) mbedtls: ssl_msg.c:2102 => flush output I (33998) mbedtls: ssl_msg.c:2122 message length: 4125, out_left: 4125 I (34002) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 4125 (-0xffffefe3) I (34008) mbedtls: ssl_msg.c:2155 <= flush output I (34013) mbedtls: ssl_msg.c:2870 <= write record I (34019) mbedtls: ssl_msg.c:5848 <= write I (34024) mbedtls: ssl_msg.c:5820 => write I (34029) mbedtls: ssl_msg.c:2701 => write record I (34034) mbedtls: ssl_msg.c:632 => encrypt buf I (34083) mbedtls: ssl_msg.c:1120 <= encrypt buf I (34112) mbedtls: ssl_msg.c:2102 => flush output I (34112) mbedtls: ssl_msg.c:2122 message length: 4125, out_left: 4125 I (34116) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 4125 (-0xffffefe3) I (34122) mbedtls: ssl_msg.c:2155 <= flush output I (34127) mbedtls: ssl_msg.c:2870 <= write record I (34133) mbedtls: ssl_msg.c:5848 <= write I (34138) mbedtls: ssl_msg.c:5820 => write I (34143) mbedtls: ssl_msg.c:2701 => write record I (34148) mbedtls: ssl_msg.c:632 => encrypt buf I (34197) mbedtls: ssl_msg.c:1120 <= encrypt buf I (34225) mbedtls: ssl_msg.c:2102 => flush output I (34226) mbedtls: ssl_msg.c:2122 message length: 4125, out_left: 4125 I (34229) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 4125 (-0xffffefe3) I (34235) mbedtls: ssl_msg.c:2155 <= flush output I (34241) mbedtls: ssl_msg.c:2870 <= write record I (34246) mbedtls: ssl_msg.c:5848 <= write I (34251) mbedtls: ssl_msg.c:5820 => write I (34256) mbedtls: ssl_msg.c:2701 => write record I (34262) mbedtls: ssl_msg.c:632 => encrypt buf I (34310) mbedtls: ssl_msg.c:1120 <= encrypt buf I (34338) mbedtls: ssl_msg.c:2102 => flush output I (34339) mbedtls: ssl_msg.c:2122 message length: 4125, out_left: 4125 I (34342) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 4125 (-0xffffefe3) I (34348) mbedtls: ssl_msg.c:2155 <= flush output I (34354) mbedtls: ssl_msg.c:2870 <= write record I (34359) mbedtls: ssl_msg.c:5848 <= write I (34364) mbedtls: ssl_msg.c:5820 => write I (34369) mbedtls: ssl_msg.c:2701 => write record I (34375) mbedtls: ssl_msg.c:632 => encrypt buf I (34424) mbedtls: ssl_msg.c:1120 <= encrypt buf I (34452) mbedtls: ssl_msg.c:2102 => flush output I (34452) mbedtls: ssl_msg.c:2122 message length: 4125, out_left: 4125 I (34456) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 4125 (-0xffffefe3) I (34462) mbedtls: ssl_msg.c:2155 <= flush output I (34467) mbedtls: ssl_msg.c:2870 <= write record I (34473) mbedtls: ssl_msg.c:5848 <= write I (34478) mbedtls: ssl_msg.c:5820 => write I (34483) mbedtls: ssl_msg.c:2701 => write record I (34488) mbedtls: ssl_msg.c:632 => encrypt buf I (34517) mbedtls: ssl_msg.c:1120 <= encrypt buf I (34532) mbedtls: ssl_msg.c:2102 => flush output I (34533) mbedtls: ssl_msg.c:2122 message length: 2102, out_left: 2102 I (34536) mbedtls: ssl_msg.c:2127 ssl->f_send() returned 2102 (-0xfffff7ca) I (34542) mbedtls: ssl_msg.c:2155 <= flush output I (34548) mbedtls: ssl_msg.c:2870 <= write record I (34553) mbedtls: ssl_msg.c:5848 <= write I (34625) mbedtls: ssl_msg.c:5399 => read I (34626) mbedtls: ssl_msg.c:3941 => read record I (34627) mbedtls: ssl_msg.c:1886 => fetch input I (34631) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (34637) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (34643) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (34652) mbedtls: ssl_msg.c:2089 <= fetch input I (34657) mbedtls: ssl_msg.c:1886 => fetch input I (34662) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 994 I (34670) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 994 I (34675) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 989 (-0xfffffc23) I (34684) mbedtls: ssl_msg.c:2089 <= fetch input I (34696) mbedtls: ssl_msg.c:1144 => decrypt buf I (34700) mbedtls: ssl_msg.c:1741 <= decrypt buf I (34707) mbedtls: ssl_msg.c:4015 <= read record I (34708) mbedtls: ssl_msg.c:5693 <= read I (34711) mbedtls: ssl_msg.c:5399 => read I (34715) mbedtls: ssl_msg.c:5693 <= read I (34721) HTTP_CLIENT: Body received in fetch header state, 0x3fcb4de2, 177 I (34729) mbedtls: ssl_msg.c:5399 => read I (34733) mbedtls: ssl_msg.c:3941 => read record I (34738) mbedtls: ssl_msg.c:1886 => fetch input I (34744) mbedtls: ssl_msg.c:2043 in_left: 0, nb_want: 5 I (34750) mbedtls: ssl_msg.c:2068 in_left: 0, nb_want: 5 I (34756) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) I (34764) mbedtls: ssl_msg.c:2089 <= fetch input I (34770) mbedtls: ssl_msg.c:1886 => fetch input I (34775) mbedtls: ssl_msg.c:2043 in_left: 5, nb_want: 34 I (34782) mbedtls: ssl_msg.c:2068 in_left: 5, nb_want: 34 I (34788) mbedtls: ssl_msg.c:2069 ssl->f_recv(_timeout)() returned 29 (-0xffffffe3) I (34796) mbedtls: ssl_msg.c:2089 <= fetch input I (34802) mbedtls: ssl_msg.c:1144 => decrypt buf I (34808) mbedtls: ssl_msg.c:1741 <= decrypt buf I (34813) mbedtls: ssl_msg.c:4015 <= read record I (34818) mbedtls: ssl_msg.c:5693 <= read I (34823) ms_http_client: end_time 2:33574 I (34828) ms_http_client: average_time 2:2111:2999 I (34833) ms_http_client: HTTP POST Status = 200, content_length = -1 0 本主题由 Harmony威廉希尔官方网站专家于 2024-6-13 09:38 审核通过
2024-6-13 06:37:55　　评论淘帖0 邀请回答您可以邀请以下用户，快速回答问题 × wang21cj 该类别下有 38 个回答。邀请回答 hgimtk 该类别下有 38 个回答。邀请回答新星之火12138 该类别下有 33 个回答。邀请回答 chm5 该类别下有 32 个回答。邀请回答 zyh34997 该类别下有 32 个回答。邀请回答就好国dd 该类别下有 32 个回答。邀请回答 zaichenxi 该类别下有 31 个回答。邀请回答 heks 该类别下有 31 个回答。邀请回答四川赵赵该类别下有 29 个回答。邀请回答 flowerddd 该类别下有 29 个回答。邀请回答 muwersddg 该类别下有 29 个回答。邀请回答 caosurround 该类别下有 28 个回答。邀请回答星星公交站该类别下有 28 个回答。邀请回答 vinww特烦恼该类别下有 28 个回答。邀请回答安德森大该类别下有 27 个回答。邀请回答 xwgc888 该类别下有 27 个回答。邀请回答 lkjflksjfsa 该类别下有 27 个回答。邀请回答 h1654155143.8331 该类别下有 27 个回答。邀请回答 723662364d 该类别下有 27 个回答。邀请回答 overheat 该类别下有 27 个回答。邀请回答举报张强相关推荐 • ESP32-S3 HTTPS esp_mbedtls_handshake握手平均耗时3s以上怎么解决？ 227 • ESP32-S3 HTTPS esp_mbedtls_handshake握手平均耗时3s以上是否正常？ 155 • 运行带有ESP32S3目标的ESP-IDF 5.0报错怎么解决? 272 • 使用VScode编辑和编译esp32-s3，目标设备选择esp32-s3时报错如何解决？ 494 • ESP32-S3(ESP32-S2,ESP32)在商用触摸按键面板上使用安全吗？ 501 • ESP32-S3有DAC吗？ 361 • VScode目标设备选择esp32-s3时报错的原因？ 200 • esp32S3无法烧写的原因是什么？ 527 • ESP32、ESP32-S3是否有类似ARM的位带操作？ 252 • 是否有适用于ESP32-S3的软件UART示例？ 267 1个回答

答案对人有帮助，有参考价值 0 在ESP32-S3上使用HTTPS时，握手耗时较长可能是由于多种原因导致的。以下是一些建议和优化方法，以帮助您减少握手时间： 1. 网络环境：确保您的设备连接到稳定的网络环境。网络延迟和不稳定可能会影响HTTPS握手时间。 2. 服务器性能：检查服务器的性能和响应时间。如果服务器响应较慢，可能会导致握手时间较长。 3. 证书大小：证书的大小可能会影响握手时间。尝试使用较小的证书，或者使用更高效的证书格式，如DER格式。 4. 使用预共享密钥：如果可能，使用预共享密钥（PSK）进行TLS握手。PSK可以减少握手过程中的计算和通信开销。 5. 优化mbedtls配置：尝试调整mbedtls的配置选项，以提高性能。例如，您可以使用以下配置： ```c mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); mbedtls_ssl_conf_ciphersuites(&conf, mbedtls_ssl_list_ciphersuites()); ``` 6. 减少重传次数：调整ESP32-S3的网络配置，减少因网络问题导致的重传次数。例如，您可以调整TCP重传次数和超时时间。 7. 使用硬件加速：如果您的ESP32-S3支持硬件加速，尝试启用硬件加速以提高性能。 8. 优化代码：检查您的代码，确保没有不必要的延迟或阻塞操作。优化代码逻辑，减少等待时间和资源占用。 9. 更新固件和库：确保您的ESP32-S3固件和相关库是最新版本。新版本可能包含性能改进和bug修复。 10. 调试和分析：使用调试工具和日志记录，分析HTTPS握手过程中的耗时和性能瓶颈。这可以帮助您找到问题所在并进行针对性的优化。综上所述，通过优化网络环境、服务器性能、证书配置、mbedtls配置、代码逻辑等方面，您可以有效地减少ESP32-S3在HTTPS握手过程中的耗时。同时，确保使用最新版本的固件和库，以及利用硬件加速等特性，进一步提高性能。

2024-6-13 16:20:51 评论举报李艳