Hi,
The MQTT over SSL API provides two fields clientkey_password and clientkey_password_len that allow connections to MQTT to be supplied with password protected keys. Is there a way to create HTTPS connections and OTA over HTTPS with password protected keys?
I can't seem to find a field for this directly in the HTTPS client API. Is there a known workaround? Possibly removing password protection from the key file before creating the HTTPS connection. Or is there a way to directly override the esp_tls_cfg for the HTTPS connection?
Thanks in advance for your response.
HTTPS + HTTPS OTA - client key password
-
- Posts: 4
- Joined: Thu Sep 07, 2017 12:05 pm
Re: HTTPS + HTTPS OTA - client key password
Hi All,
I've found a work around for anyone else that might have the same problem.
Assuming you are using mbedtls as the ssl library. The below function will remove password protection from a private key file.
**Note i've only tested this using keys in PEM file format that are using RSA.
I've found a work around for anyone else that might have the same problem.
Assuming you are using mbedtls as the ssl library. The below function will remove password protection from a private key file.
**Note i've only tested this using keys in PEM file format that are using RSA.
Code: Select all
#include "mbedtls/pk.h"
int remove_password_protection( char *out_new_key, size_t *new_key_len, char *key, size_t *key_len, char *key_password, size_t key_password_len )
{
if( key == NULL || key_password == NULL ) return -1;
mbedtls_pk_context ctx;
/* Initialize a mbedtls_pk_context (as NONE) */
mbedtls_pk_init( &ctx );
/* Parse a private key in PEM or DER format. */
int ret = mbedtls_pk_parse_key( &ctx, key, *key_len, key_password, key_password_len );
if( ret != 0 ) return -2;
/* Write the key into PEM string */
ret = mbedtls_pk_write_key_pem( &ctx, out_new_key, *new_key_len );
if( ret != 0 ) return -3;
/* update the key length */
*new_key_len = strlen( out_new_key );
return 0;
}
Who is online
Users browsing this forum: Gaston1980 and 117 guests