Crash_Override/OVMS3-idf
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add _der variants for esp_transport_ssl_set_(client_cert|client_key|cert_data)

Browse source 
Signed-off-by: David Cermak <cermak@espressif.com>

Merges https://github.com/espressif/esp-idf/pull/3783
This commit is contained in:
Henning Fleddermann 2019-07-15 17:53:39 +02:00 committed by David Cermak
parent 73624e8560
commit 546b625433
2 changed files with 60 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
components/tcp_transport/include/esp_transport_ssl.h
View file

@ -40,6 +40,17 @@ esp_transport_handle_t esp_transport_ssl_init();
*/
void esp_transport_ssl_set_cert_data(esp_transport_handle_t t, const char *data, int len);
/**
* @brief Set SSL certificate data (as DER format).
* Note that, this function stores the pointer to data, rather than making a copy.
* So this data must remain valid until after the connection is cleaned up
*
* @param t ssl transport
* @param[in] data The der data
* @param[in] len The length
*/
void esp_transport_ssl_set_cert_data_der(esp_transport_handle_t t, const char *data, int len);
/**
* @brief Enable global CA store for SSL connection
*
@ -58,6 +69,17 @@ void esp_transport_ssl_enable_global_ca_store(esp_transport_handle_t t);
*/
void esp_transport_ssl_set_client_cert_data(esp_transport_handle_t t, const char *data, int len);
/**
* @brief Set SSL client certificate data for mutual authentication (as DER format).
* Note that, this function stores the pointer to data, rather than making a copy.
* So this data must remain valid until after the connection is cleaned up
*
* @param t ssl transport
* @param[in] data The der data
* @param[in] len The length
*/
void esp_transport_ssl_set_client_cert_data_der(esp_transport_handle_t t, const char *data, int len);
/**
* @brief Set SSL client key data for mutual authentication (as PEM format).
* Note that, this function stores the pointer to data, rather than making a copy.
@ -69,6 +91,17 @@ void esp_transport_ssl_set_client_cert_data(esp_transport_handle_t t, const char
*/
void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char *data, int len);
/**
* @brief Set SSL client key data for mutual authentication (as DER format).
* Note that, this function stores the pointer to data, rather than making a copy.
* So this data must remain valid until after the connection is cleaned up
*
* @param t ssl transport
* @param[in] data The der data
* @param[in] len The length
*/
void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len);
/**
* @brief Skip validation of certificate's common name field
*

27
components/tcp_transport/transport_ssl.c
View file

@ -178,6 +178,15 @@ void esp_transport_ssl_set_cert_data(esp_transport_handle_t t, const char *data,
}
}
void esp_transport_ssl_set_cert_data_der(esp_transport_handle_t t, const char *data, int len)
{
transport_ssl_t *ssl = esp_transport_get_context_data(t);
if (t && ssl) {
ssl->cfg.cacert_pem_buf = (void *)data;
ssl->cfg.cacert_pem_bytes = len;
}
}
void esp_transport_ssl_set_client_cert_data(esp_transport_handle_t t, const char *data, int len)
{
transport_ssl_t *ssl = esp_transport_get_context_data(t);
@ -187,6 +196,15 @@ void esp_transport_ssl_set_client_cert_data(esp_transport_handle_t t, const char
}
}
void esp_transport_ssl_set_client_cert_data_der(esp_transport_handle_t t, const char *data, int len)
{
transport_ssl_t *ssl = esp_transport_get_context_data(t);
if (t && ssl) {
ssl->cfg.clientcert_pem_buf = (void *)data;
ssl->cfg.clientcert_pem_bytes = len;
}
}
void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char *data, int len)
{
transport_ssl_t *ssl = esp_transport_get_context_data(t);
@ -196,6 +214,15 @@ void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char
}
}
void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len)
{
transport_ssl_t *ssl = esp_transport_get_context_data(t);
if (t && ssl) {
ssl->cfg.clientkey_pem_buf = (void *)data;
ssl->cfg.clientkey_pem_bytes = len;
}
}
void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t)
{
transport_ssl_t *ssl = esp_transport_get_context_data(t);