tcp_transport: added API for client-key password

pull/4609/head
David Cermak 2019-12-30 08:40:50 +01:00 zatwierdzone przez bot
rodzic 0a8c641e6f
commit b69ac4448e
3 zmienionych plików z 20 dodań i 1 usunięć

Wyświetl plik

@ -266,7 +266,7 @@ static esp_err_t set_pki_context(esp_tls_t *tls, const esp_tls_pki_t *pki)
} }
ret = mbedtls_pk_parse_key(pki->pk_key, pki->privkey_pem_buf, pki->privkey_pem_bytes, ret = mbedtls_pk_parse_key(pki->pk_key, pki->privkey_pem_buf, pki->privkey_pem_bytes,
NULL, 0); pki->privkey_password, pki->privkey_password_len);
if (ret < 0) { if (ret < 0) {
ESP_LOGE(TAG, "mbedtls_pk_parse_keyfile returned -0x%x", -ret); ESP_LOGE(TAG, "mbedtls_pk_parse_keyfile returned -0x%x", -ret);
ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ERR_TYPE_MBEDTLS, -ret); ESP_INT_EVENT_TRACKER_CAPTURE(tls->error_handle, ERR_TYPE_MBEDTLS, -ret);

Wyświetl plik

@ -92,6 +92,16 @@ void esp_transport_ssl_set_client_cert_data_der(esp_transport_handle_t t, const
*/ */
void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char *data, int len); void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char *data, int len);
/**
* @brief Set SSL client key password if the key is password protected. The configured
* password is passed to the underlying TLS stack to decrypt the client key
*
* @param t ssl transport
* @param[in] password Pointer to the password
* @param[in] password_len Password length
*/
void esp_transport_ssl_set_client_key_password(esp_transport_handle_t t, const char *password, int password_len);
/** /**
* @brief Set SSL client key data for mutual authentication (as DER format). * @brief Set SSL client key data for mutual authentication (as DER format).
* Note that, this function stores the pointer to data, rather than making a copy. * Note that, this function stores the pointer to data, rather than making a copy.

Wyświetl plik

@ -245,6 +245,15 @@ void esp_transport_ssl_set_client_key_data(esp_transport_handle_t t, const char
} }
} }
void esp_transport_ssl_set_client_key_password(esp_transport_handle_t t, const char *password, int password_len)
{
transport_ssl_t *ssl = esp_transport_get_context_data(t);
if (t && ssl) {
ssl->cfg.clientkey_password = (void *)password;
ssl->cfg.clientkey_password_len = password_len;
}
}
void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len) void esp_transport_ssl_set_client_key_data_der(esp_transport_handle_t t, const char *data, int len)
{ {
transport_ssl_t *ssl = esp_transport_get_context_data(t); transport_ssl_t *ssl = esp_transport_get_context_data(t);