MbedSSLClient: add setCACert, setCertificate, setPrivateKey

Author: pennam

Diff for: libraries/SocketWrapper/src/AClient.cpp

@@ -143,3 +143,24 @@ void arduino::ASslClient::appendCustomCACert(const char* ca_cert) {
   }
   static_cast<MbedSSLClient*>(client.get())->appendCustomCACert(ca_cert);
 }
+
+void arduino::ASslClient::setCACert(const char* rootCA) {
+  if (!client) {
+    newMbedClient();
+  }
+  static_cast<MbedSSLClient*>(client.get())->setCACert(rootCA);
+}
+
+void arduino::ASslClient::setCertificate(const char* clientCert) {
+  if (!client) {
+    newMbedClient();
+  }
+  static_cast<MbedSSLClient*>(client.get())->setCertificate(clientCert);
+}
+
+void arduino::ASslClient::setPrivateKey(const char* privateKey) {
+  if (!client) {
+    newMbedClient();
+  }
+  static_cast<MbedSSLClient*>(client.get())->setPrivateKey(privateKey);
+}

Diff for: libraries/SocketWrapper/src/AClient.h

@@ -74,6 +74,9 @@ class ASslClient : public AClient {
   void disableSNI(bool statusSNI);
 
   void appendCustomCACert(const char* ca_cert);
+  void setCACert(const char* rootCA);
+  void setCertificate(const char* clientCert);
+  void setPrivateKey(const char* privateKey);
 
 protected:
   virtual void newMbedClient();

Diff for: libraries/SocketWrapper/src/MbedSSLClient.cpp

@@ -3,7 +3,10 @@
 arduino::MbedSSLClient::MbedSSLClient()
   : _ca_cert_custom(nullptr),
     _hostname(nullptr),
-    _disableSNI(false) {
+    _clientCert(nullptr),
+    _privateKey(nullptr),
+    _disableSNI(false),
+    _appendCA(true) {
 
   onBeforeConnect(mbed::callback(this, &MbedSSLClient::setRootCA));
 };

Diff for: libraries/SocketWrapper/src/MbedSSLClient.h

@@ -50,17 +50,46 @@ class MbedSSLClient : public arduino::MbedClient {
 
   void appendCustomCACert(const char* ca_cert) {
     _ca_cert_custom = ca_cert;
+    _appendCA = true;
+  }
+  void setCACert(const char* rootCA) {
+    _ca_cert_custom = rootCA;
+    _appendCA = false;
+  }
+  void setCertificate(const char* clientCert) {
+    _clientCert = clientCert;
+  }
+  void setPrivateKey(const char* privateKey) {
+    _privateKey = privateKey;
   }
 
 protected:
   const char* _ca_cert_custom;
   const char* _hostname;
+  const char* _clientCert;
+  const char* _privateKey;
   bool _disableSNI;
+  bool _appendCA;
 
 private:
   int setRootCA() {
     int err = 0;
 
+    if(_hostname && !_disableSNI) {
+      ((TLSSocket*)sock)->set_hostname(_hostname);
+    }
+
+    if(_clientCert && _privateKey) {
+      err = ((TLSSocket*)sock)->set_client_cert_key(_clientCert, _privateKey);
+      if( err != NSAPI_ERROR_OK) {
+        return err;
+      }
+    }
+
+    if(!_appendCA && _ca_cert_custom) {
+      return ((TLSSocket*)sock)->set_root_ca_cert(_ca_cert_custom);
+    }
+
 #if defined(MBEDTLS_FS_IO)
     mbed::BlockDevice* root = mbed::BlockDevice::get_default_instance();
     err = root->init();
@@ -82,10 +111,6 @@ class MbedSSLClient : public arduino::MbedClient {
     }
 #endif
 
-    if(_hostname && !_disableSNI) {
-      ((TLSSocket*)sock)->set_hostname(_hostname);
-    }
-
     if(_ca_cert_custom != NULL) {
       err = ((TLSSocket*)sock)->append_root_ca_cert(_ca_cert_custom);
     }