[lwip-devel] [bug #54601] altcp_tls_create_config

lwip-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #54601] altcp_tls_create_config_client does not suppor

From:	Richmond Umagat
Subject:	[lwip-devel] [bug #54601] altcp_tls_create_config_client does not support sending of device certificate and private key
Date:	Thu, 30 Aug 2018 23:01:06 -0400 (EDT)
User-agent:	Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36

URL:
  <http://savannah.nongnu.org/bugs/?54601>

                 Summary: altcp_tls_create_config_client does not support
sending of device certificate and private key
                 Project: lwIP - A Lightweight TCP/IP stack
            Submitted by: richmond_umagat
            Submitted on: Fri 31 Aug 2018 03:01:04 AM UTC
                Category: TCP
                Severity: 3 - Normal
              Item Group: Feature Request
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None
            lwIP version: git head

    _______________________________________________________

Details:

Secure MQTT brokers such as AWS IoT cloud requires MQTT clients to send device
certificate and private key, in addition to the CA certificate (which is
optional).

But the current implementation of altcp_tls_create_config_client() only allows
user to include CA certificate. As such, it is impossible to connect to AWS
cloud with such limitation.

To fix this issue, the following function has been modified:
OLD: 
struct altcp_tls_config *altcp_tls_create_config_client(const u8_t *cert,
size_t cert_len);
NEW:
altcp_tls_create_config_client(const u8_t *ca, size_t ca_len, const u8_t
*cert, size_t cert_len, const u8_t *pkey, size_t pkey_len)

I have attached my proposed modifications in altcp_tls_mbedtls.c and
altcp_tls.h. This has been tested to work with MQTT protocol to connect to AWS
IoT cloud and AWS Greengrass.




    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Fri 31 Aug 2018 03:01:04 AM UTC  Name: altcp_tls.h  Size: 4KiB   By:
richmond_umagat
Proposed changes
<http://savannah.nongnu.org/bugs/download.php?file_id=44901>
-------------------------------------------------------
Date: Fri 31 Aug 2018 03:01:04 AM UTC  Name: altcp_tls_mbedtls.c  Size: 37KiB 
 By: richmond_umagat
Proposed changes
<http://savannah.nongnu.org/bugs/download.php?file_id=44902>

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?54601>

_______________________________________________
  Message sent via Savannah
  https://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-devel] [bug #54601] altcp_tls_create_config_client does not support sending of device certificate and private key, Richmond Umagat <=
- [lwip-devel] [bug #54601] altcp_tls_create_config_client does not support sending of device certificate and private key, Simon Goldschmidt, 2018/08/31

Prev by Date: [lwip-devel] [bug #54593] Can't compile unix port with GCC 8
Next by Date: [lwip-devel] [bug #54253] same LCP magic number after power-up.
Previous by thread: [lwip-devel] [bug #54593] Can't compile unix port with GCC 8
Next by thread: [lwip-devel] [bug #54601] altcp_tls_create_config_client does not support sending of device certificate and private key
Index(es):
- Date
- Thread