@@ -46,9 +46,57 @@ AsyncTCP_TLS_Context::AsyncTCP_TLS_Context(void)
4646 handshake_timeout = 120000 ;
4747}
4848
49- int AsyncTCP_TLS_Context::startSSLClient (int sck, const char * host_or_ip, const char *rootCABuff,
50- const char *cli_cert, const char *cli_key, const char *pskIdent,
51- const char *psKey, bool insecure)
49+ int AsyncTCP_TLS_Context::startSSLClientInsecure (int sck, const char * host_or_ip)
50+ {
51+ return _startSSLClient (sck, host_or_ip,
52+ NULL , 0 ,
53+ NULL , 0 ,
54+ NULL , 0 ,
55+ NULL , NULL ,
56+ true );
57+ }
58+
59+ int AsyncTCP_TLS_Context::startSSLClient (int sck, const char * host_or_ip,
60+ const char *pskIdent, const char *psKey)
61+ {
62+ return _startSSLClient (sck, host_or_ip,
63+ NULL , 0 ,
64+ NULL , 0 ,
65+ NULL , 0 ,
66+ pskIdent, psKey,
67+ false );
68+ }
69+
70+ int AsyncTCP_TLS_Context::startSSLClient (int sck, const char * host_or_ip,
71+ const char *rootCABuff,
72+ const char *cli_cert,
73+ const char *cli_key)
74+ {
75+ return startSSLClient (sck, host_or_ip,
76+ (const unsigned char *)rootCABuff, (rootCABuff != NULL ) ? strlen (rootCABuff) + 1 : 0 ,
77+ (const unsigned char *)cli_cert, (cli_cert != NULL ) ? strlen (cli_cert) + 1 : 0 ,
78+ (const unsigned char *)cli_key, (cli_key != NULL ) ? strlen (cli_key) + 1 : 0 );
79+ }
80+
81+ int AsyncTCP_TLS_Context::startSSLClient (int sck, const char * host_or_ip,
82+ const unsigned char *rootCABuff, const size_t rootCABuff_len,
83+ const unsigned char *cli_cert, const size_t cli_cert_len,
84+ const unsigned char *cli_key, const size_t cli_key_len)
85+ {
86+ return _startSSLClient (sck, host_or_ip,
87+ rootCABuff, rootCABuff_len,
88+ cli_cert, cli_cert_len,
89+ cli_key, cli_key_len,
90+ NULL , NULL ,
91+ false );
92+ }
93+
94+ int AsyncTCP_TLS_Context::_startSSLClient (int sck, const char * host_or_ip,
95+ const unsigned char *rootCABuff, const size_t rootCABuff_len,
96+ const unsigned char *cli_cert, const size_t cli_cert_len,
97+ const unsigned char *cli_key, const size_t cli_key_len,
98+ const char *pskIdent, const char *psKey,
99+ bool insecure)
52100{
53101 int ret;
54102 int enable = 1 ;
@@ -91,7 +139,7 @@ int AsyncTCP_TLS_Context::startSSLClient(int sck, const char * host_or_ip, const
91139 log_v (" Loading CA cert"
92140 mbedtls_x509_crt_init (&ca_cert);
93141 mbedtls_ssl_conf_authmode (&ssl_conf, MBEDTLS_SSL_VERIFY_REQUIRED);
94- ret = mbedtls_x509_crt_parse (&ca_cert, ( const unsigned char *) rootCABuff, strlen (rootCABuff) + 1 );
142+ ret = mbedtls_x509_crt_parse (&ca_cert, rootCABuff, rootCABuff_len );
95143 _have_ca_cert = true ;
96144 mbedtls_ssl_conf_ca_chain (&ssl_conf, &ca_cert, NULL );
97145 if (ret < 0 ) {
@@ -139,7 +187,7 @@ int AsyncTCP_TLS_Context::startSSLClient(int sck, const char * host_or_ip, const
139187
140188 log_v (" Loading CRT cert"
141189
142- ret = mbedtls_x509_crt_parse (&client_cert, ( const unsigned char *) cli_cert, strlen (cli_cert) + 1 );
190+ ret = mbedtls_x509_crt_parse (&client_cert, cli_cert, cli_cert_len );
143191 _have_client_cert = true ;
144192 if (ret < 0 ) {
145193 // free the client_cert in the case parse failed, otherwise, the old client_cert still in the heap memory, that lead to "out of memory" crash.
@@ -148,7 +196,7 @@ int AsyncTCP_TLS_Context::startSSLClient(int sck, const char * host_or_ip, const
148196 }
149197
150198 log_v (" Loading private key"
151- ret = mbedtls_pk_parse_key (&client_key, ( const unsigned char *) cli_key, strlen (cli_key) + 1 , NULL , 0 );
199+ ret = mbedtls_pk_parse_key (&client_key, cli_key, cli_key_len , NULL , 0 );
152200 _have_client_key = true ;
153201
154202 if (ret != 0 ) {
0 commit comments