feedc0de/arduino-esp32
1
0
Fork 0
forked from espressif/arduino-esp32
Code Pull Requests Activity
1,676 Commits 7 Branches 38 Tags
95b8e7e42baf3420f8392b0f79a0d421df8013ff
Commit Graph

14 Commits

Author SHA1 Message Date
esp32wrangler
cbfcfbf970 Add certificate bundle capability to WiFiClientSecure (#6106) 
* Add certificate bundle capability to WiFiClientSecure

Enable usage of the ESP32 IDF's certificate bundle for WiFiClientSecure connections.

Adds the ability to load a bundle or root certificates and use them for authenticating SSL servers.

Based on work from Onno-Dirkzwager, Duckle29, kubo6472, meltdown03, kinafu and others.

See also:
- https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/protocols/esp_crt_bundle.html
- https://github.com/espressif/arduino-esp32/issues/3646
- libraries/WiFiClientSecure/README.md

* Fix build issues

* Clean up old bundle index when NULL bundle is attached
 2022-01-19 15:42:36 +02:00
Anthony Elder
15bbd0a187 Add ALPN support to WiFiClientSecure (#5633) 
This adds a function to WiFiClientSecure to set the ALPN protocol.

This is required for an MQTT client to connect to AWS IoT when using an AWS Custom Authorizer, as described here.

Example code snippet:

...
WiFiClientSecure wiFiClient;

// ALPN protocol, needed with AWS custom authorizer
const char *aws_protos[] = {"mqtt", NULL};

void setup() {
  wiFiClient.setCACert(AWSCAPEM);
  wiFiClient.setAlpnProtocols(aws_protos);
}
...
 2021-10-25 09:20:47 +03:00
Dirk-Willem van Gulik
1706af4656 Add the ability to get the peer certificate of an SSL connection; useful for IoT when the root/cert trust chain has a shorter lifecylce than the device itself. Includes example 2021-10-08 14:20:43 +02:00
me-no-dev
a299ddc99e Change send_ssl_data to use size_t instead of uint16_t 
Fixes: https://github.com/espressif/arduino-esp32/issues/4960
 2021-03-18 15:02:37 +02:00
Me No Dev
ef99cd7fe7 Add WiFiClientSecure::setInsecure() to equalize API with ESP8266 (#4648) 2020-12-21 01:09:37 +02:00
me-no-dev
582e6433e9 Add proper timeout handling to WiFiClientSecure 2019-04-15 17:19:49 +02:00
Thorsten von Eicken
af7e489f01 WiFiClientSecure: add support for PSK (pre-shared key) ciphers (#2133) 
* WiFiClientSecure: add support for PSK (pre-shared key) ciphers

* add example for WiFiClientSecure PSK

* WiFiClientSecure: added README
 2018-12-03 16:17:55 +01:00
A C SREEDHAR REDDY
46257c03b3 handshake in ssl_client.cpp (#2044) 
* issue #2041

* handshake timeout

* seconds to milliseconds
 2018-11-26 23:25:08 +01:00
chemicstry
00f962439a Port SSL fingerprint checking from ESP8266 WiFiClientSecure to ESP32 (#1397) 2018-05-14 13:00:40 +02:00
Craig Leres
c92b617397 Convert the few remaining cr/lf files to use lf for eol. (#1316) 
If you develop on windows and need cr/lf files, see this:

    https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration#_formatting_and_whitespace

    Git can handle this by auto-converting CRLF line endings into LF
    when you add a file to the index, and vice versa when it checks out
    code onto your filesystem. You can turn on this functionality with
    the core.autocrlf setting. If you're on a Windows machine, set it
    to true - this converts LF endings into CRLF when you check out code:

    $ git config --global core.autocrlf true
 2018-04-16 16:34:39 +02:00
copercini
ad179548e4 SNI support (#592) 
Server Name Indication (SNI) support for WiFiClientSecure

Fix https://github.com/espressif/arduino-esp32/issues/571 and https://github.com/espressif/arduino-esp32/issues/550
 2017-08-23 21:33:26 -03:00
copercini
51a4432ca8 HTTPClient Port (#347) 
* Fix possible infinite loop in the example

* Remove workaround of sockets always return -76 

Remove workaround of sockets always return -76 (because it's fixed on IDF now)
Remove delay during handshake (improving stability)

* Remove unusable mbedtls_net of context creation

* Fix bad destructor

* Compatibility with WiFiClient for HTTPClient

* Initial port from ESP8266

Changed SHA1 fingerprint by Root CA verification
Changed log system

* Remove deprecated function
 2017-05-19 10:18:20 +02:00
copercini
e30447449f WiFiSecureClient fixes and improvements (#255) 
* Add CA certificate in example

SHA1 fingerprint is broken now: more info: https://shattered.io

* Best error handling

When occur an error in WiFiClientSecure library just return the error message
and clean the context avoiding crash - fix for https://github.com/espressif/arduino-esp32/issues/211

Translate MbedTLS error codes in messages for best understanding

* Declarate certificates as const

mbedtls_pk_parse_key needs a const unsigned char * certificate. In old implementation the certificate was declarated as char * so first it converts to unsigned and after to const.

When we convert signed to unsigned it may result in a +1 larger output.

Fix issue https://github.com/espressif/arduino-esp32/issues/223
 2017-03-10 15:52:50 +01:00
copercini
8ab3231e31 Add WiFiClient secure lib (#184) 
* Provide SSL/TLS functions to ESP32 with Arduino IDE

* Generate a new random number in case of reconnection
 2017-02-11 00:20:24 +02:00