add _der variants for esp_transport_ssl_set_(client_cert|client_key|cert_data)

Signed-off-by: David Cermak <cermak@espressif.com> Merges https://github.com/espressif/esp-idf/pull/3783
2019-07-15 17:53:39 +02:00 · 2019-07-15 17:53:39 +02:00 · 546b625433
commit 546b625433
--- a/components/tcp_transport/include/esp_transport_ssl.h
+++ b/components/tcp_transport/include/esp_transport_ssl.h
@ -40,6 +40,17 @@ esp_transport_handle_t esp_transport_ssl_init();
 */
 void esp_transport_ssl_set_cert_data(esp_transport_handle_t t, const char *data, int len);

+/**
+ * @brief      Set SSL certificate data (as DER format).
+ *             Note that, this function stores the pointer to data, rather than making a copy.
+ *             So this data must remain valid until after the connection is cleaned up
+ *
+ * @param      t     ssl transport
+ * @param[in]  data  The der data
+ * @param[in]  len   The length
+ */
+void esp_transport_ssl_set_cert_data_der(esp_transport_handle_t t, const char *data, int len);
+
 /**
 * @brief      Enable global CA store for SSL connection
 *
@ -58,6 +69,17 @@ void esp_transport_ssl_enable_global_ca_store(esp_transport_handle_t t);
 */
 void esp_transport_ssl_set_client_cert_data(esp_transport_handle_t t, const char *data, int len);

+/**
+ * @brief      Set SSL client certificate data for mutual authentication (as DER format).
+ *             Note that, this function stores the pointer to data, rather than making a copy.
+ *             So this data must remain valid until after the connection is cleaned up
+ *
+ * @param      t     ssl transport
+ * @param[in]  data  The der data
+ * @param[in]  len   The length
+ */
+void esp_transport_ssl_set_client_cert_data_der(esp_transport_handle_t t, const char *data, int len);
+
 /**
 * @brief      Set SSL client key data for mutual authentication (as PEM format).
 *             Note that, this function stores the pointer to data, rather than making a copy.
@ -69,6 +91,17 @@ void esp_transport_ssl_set_client_cert_data(esp_transport_handle_t t, const char
 */
 void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char *data, int len);

+/**
+ * @brief      Set SSL client key data for mutual authentication (as DER format).
+ *             Note that, this function stores the pointer to data, rather than making a copy.
+ *             So this data must remain valid until after the connection is cleaned up
+ *
+ * @param      t     ssl transport
+ * @param[in]  data  The der data
+ * @param[in]  len   The length
+ */
+void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len);
+
 /**
 * @brief      Skip validation of certificate's common name field
 *
--- a/components/tcp_transport/transport_ssl.c
+++ b/components/tcp_transport/transport_ssl.c
@ -178,6 +178,15 @@ void esp_transport_ssl_set_cert_data(esp_transport_handle_t t, const char *data,
    }
 }

+void esp_transport_ssl_set_cert_data_der(esp_transport_handle_t t, const char *data, int len)
+{
+    transport_ssl_t *ssl = esp_transport_get_context_data(t);
+    if (t && ssl) {
+        ssl->cfg.cacert_pem_buf = (void *)data;
+        ssl->cfg.cacert_pem_bytes = len;
+    }
+}
+
 void esp_transport_ssl_set_client_cert_data(esp_transport_handle_t t, const char *data, int len)
 {
    transport_ssl_t *ssl = esp_transport_get_context_data(t);
@ -187,6 +196,15 @@ void esp_transport_ssl_set_client_cert_data(esp_transport_handle_t t, const char
    }
 }

+void esp_transport_ssl_set_client_cert_data_der(esp_transport_handle_t t, const char *data, int len)
+{
+    transport_ssl_t *ssl = esp_transport_get_context_data(t);
+    if (t && ssl) {
+        ssl->cfg.clientcert_pem_buf = (void *)data;
+        ssl->cfg.clientcert_pem_bytes = len;
+    }
+}
+
 void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char *data, int len)
 {
    transport_ssl_t *ssl = esp_transport_get_context_data(t);
@ -196,6 +214,15 @@ void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char
    }
 }

+void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len)
+{
+    transport_ssl_t *ssl = esp_transport_get_context_data(t);
+    if (t && ssl) {
+        ssl->cfg.clientkey_pem_buf = (void *)data;
+        ssl->cfg.clientkey_pem_bytes = len;
+    }
+}
+
 void esp_transport_ssl_skip_common_name_check(esp_transport_handle_t t)
 {
    transport_ssl_t *ssl = esp_transport_get_context_data(t);