Skip to content

Commit a1bea8b

Browse files
pennampennam
committed
MbedSSLClient: add setCACert, setCertificate, setPrivateKey
1 parent 06d7756 commit a1bea8b

4 files changed

Lines changed: 57 additions & 5 deletions

File tree

libraries/SocketWrapper/src/AClient.cpp

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -143,3 +143,24 @@ void arduino::ASslClient::appendCustomCACert(const char* ca_cert) {
143143
}
144144
static_cast<MbedSSLClient*>(client.get())->appendCustomCACert(ca_cert);
145145
}
146+
147+
void arduino::ASslClient::setCACert(const char* rootCA) {
148+
if (!client) {
149+
newMbedClient();
150+
}
151+
static_cast<MbedSSLClient*>(client.get())->setCACert(rootCA);
152+
}
153+
154+
void arduino::ASslClient::setCertificate(const char* clientCert) {
155+
if (!client) {
156+
newMbedClient();
157+
}
158+
static_cast<MbedSSLClient*>(client.get())->setCertificate(clientCert);
159+
}
160+
161+
void arduino::ASslClient::setPrivateKey(const char* privateKey) {
162+
if (!client) {
163+
newMbedClient();
164+
}
165+
static_cast<MbedSSLClient*>(client.get())->setPrivateKey(privateKey);
166+
}

libraries/SocketWrapper/src/AClient.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,9 @@ class ASslClient : public AClient {
7474
void disableSNI(bool statusSNI);
7575

7676
void appendCustomCACert(const char* ca_cert);
77+
void setCACert(const char* rootCA);
78+
void setCertificate(const char* clientCert);
79+
void setPrivateKey(const char* privateKey);
7780

7881
protected:
7982
virtual void newMbedClient();

libraries/SocketWrapper/src/MbedSSLClient.cpp

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,10 @@
33
arduino::MbedSSLClient::MbedSSLClient()
44
: _ca_cert_custom(nullptr),
55
_hostname(nullptr),
6-
_disableSNI(false) {
6+
_clientCert(nullptr),
7+
_privateKey(nullptr),
8+
_disableSNI(false),
9+
_appendCA(true) {
710

811
onBeforeConnect(mbed::callback(this, &MbedSSLClient::setRootCA));
912
};

libraries/SocketWrapper/src/MbedSSLClient.h

Lines changed: 29 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -50,17 +50,46 @@ class MbedSSLClient : public arduino::MbedClient {
5050

5151
void appendCustomCACert(const char* ca_cert) {
5252
_ca_cert_custom = ca_cert;
53+
_appendCA = true;
54+
}
55+
void setCACert(const char* rootCA) {
56+
_ca_cert_custom = rootCA;
57+
_appendCA = false;
58+
}
59+
void setCertificate(const char* clientCert) {
60+
_clientCert = clientCert;
61+
}
62+
void setPrivateKey(const char* privateKey) {
63+
_privateKey = privateKey;
5364
}
5465

5566
protected:
5667
const char* _ca_cert_custom;
5768
const char* _hostname;
69+
const char* _clientCert;
70+
const char* _privateKey;
5871
bool _disableSNI;
72+
bool _appendCA;
5973

6074
private:
6175
int setRootCA() {
6276
int err = 0;
6377

78+
if(_hostname && !_disableSNI) {
79+
((TLSSocket*)sock)->set_hostname(_hostname);
80+
}
81+
82+
if(_clientCert && _privateKey) {
83+
err = ((TLSSocket*)sock)->set_client_cert_key(_clientCert, _privateKey);
84+
if( err != NSAPI_ERROR_OK) {
85+
return err;
86+
}
87+
}
88+
89+
if(!_appendCA && _ca_cert_custom) {
90+
return ((TLSSocket*)sock)->set_root_ca_cert(_ca_cert_custom);
91+
}
92+
6493
#if defined(MBEDTLS_FS_IO)
6594
mbed::BlockDevice* root = mbed::BlockDevice::get_default_instance();
6695
err = root->init();
@@ -82,10 +111,6 @@ class MbedSSLClient : public arduino::MbedClient {
82111
}
83112
#endif
84113

85-
if(_hostname && !_disableSNI) {
86-
((TLSSocket*)sock)->set_hostname(_hostname);
87-
}
88-
89114
if(_ca_cert_custom != NULL) {
90115
err = ((TLSSocket*)sock)->append_root_ca_cert(_ca_cert_custom);
91116
}

0 commit comments

Comments
 (0)