Skip to content

enable loading of root-CAs, certificates and keys from byte array... #2877

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 4 commits into from
Closed

enable loading of root-CAs, certificates and keys from byte array... #2877

wants to merge 4 commits into from

Conversation

sauttefk
Copy link
Contributor

@sauttefk sauttefk commented Jan 17, 2017
edited
Loading

instead of SPIFFS-stream

Something like this is now possible:

const size_t DST_Root_CA_X3_len = 846;
const uint8_t DST_Root_CA_X3[] = {0x30, ....., 0xfd}; 
client.loadCACert(DST_Root_CA_X3, DST_Root_CA_X3_len);

@igrr
Copy link
Member

igrr commented Jan 31, 2017

Sorry, isn't this what setCertificate et al currently do? I am probably missing something, how are these new functions different?

@sauttefk
Copy link
Contributor Author

sauttefk commented Feb 6, 2017

@igrr setCertificate sets the certificate the client presents to the server => server can authenticate the client.

loadCACert allows the client (esp8266) to validate the keychain presented by the server, but this is only possible by using a SPIFFS-stream. This little patch allows the usage of byte arrays for the certificates.

    bool loadCACert(Stream& stream, size_t size);
 +  bool loadCACert(const uint8_t* pk, size_t size);

the loadCertificate and loadPrivateKey functions with byte arrays are just for completeness of the API.

@igrr
Copy link
Member

igrr commented Feb 6, 2017

My point was that the new functuon which sets CACert from byte array should be called setCACert, to match the existing setCertificate and setPrivateKey.
Adding loadCertificate and loadPrivateKey isn't necessary because that's what setCertificate and setPrivateKey already do. set* functions take byte arrays as arguments, load* functions take streams as arguments.

@sauttefk
Copy link
Contributor Author

sauttefk commented Feb 10, 2017
edited
Loading

OK, got your point.
I will change the pull request.

@codecov-io
Copy link

Codecov Report

Merging #2877 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master    #2877   +/-   ##
=======================================
  Coverage   27.82%   27.82%           
=======================================
  Files          20       20           
  Lines        3626     3626           
  Branches      656      656           
=======================================
  Hits         1009     1009           
  Misses       2441     2441           
  Partials      176      176

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e9dea9a...e939dc6. Read the comment docs.

@sauttefk
Copy link
Contributor Author

sauttefk commented Feb 15, 2017
edited
Loading

New Pull Request #2968

@sauttefk sauttefk closed this Feb 15, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sauttefk @igrr @codecov-io