Skip to content

Add new API to set private key (and public certificate) for client based authentication #51

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 2, 2021
Merged

Add new API to set private key (and public certificate) for client based authentication #51

merged 2 commits into from
Aug 2, 2021

Conversation

sandeepmistry
Copy link
Contributor

This pull request adds the following:

  • New API to set private key (and public certificate) for client based authentication
  • Adds the DigitCertGlobalRootCA as trust anchor

Some IoT cloud providers do not support either:

  1. Elliptic Curve Cryptography (ECC)
  2. Generating a public certificate from a CSR

This pull request would allow users to specify their own private key (RSA or ECC) and public certification in PEM format using:

const char SECRET_CERTIFICATE[] = R"(
-----BEGIN CERTIFICATE-----
// ...
-----END CERTIFICATE-----
)";

const char SECRET_KEY[] = R"(
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
)";

// ...
sslClient.setKey(SECRET_KEY, SECRET_CERTIFICATE);

They would also still be able leverage the TNG feature of the ECCX08 crypto chip with this library.

Please let me know if you have any questions, or comments regarding the proposed changes.

cc/ @skye0402

@CLAassistant
Copy link

CLAassistant commented Jul 15, 2021
edited
Loading

CLA assistant check
All committers have signed the CLA.

@per1234 per1234 added the type: enhancement Proposed improvement label Jul 15, 2021
@github-actions
Copy link

Memory usage change @ 026f174

Board flash % RAM for global variables %
arduino:megaavr:uno2018 0 - 0 0.0 - 0.0 0 - 0 0.0 - 0.0
arduino:samd:mkr1000 🔺 0 - +2592 0.0 - +0.99 0 - 0 0.0 - 0.0
arduino:samd:mkrgsm1400 🔺 0 - +2592 0.0 - +0.99 0 - 0 0.0 - 0.0
Click for full report table
Board examples/SHA1
flash		 % examples/SHA1
RAM for global variables		 % examples/SHA256
flash		 % examples/SHA256
RAM for global variables		 % examples/WiFiSSLClient
flash		 % examples/WiFiSSLClient
RAM for global variables		 % examples/MKRGSMSSLClient
flash		 % examples/MKRGSMSSLClient
RAM for global variables		 %
arduino:megaavr:uno2018 0 0.0 0 0.0 0 0.0 0 0.0
arduino:samd:mkr1000 0 0.0 0 0.0 0 0.0 0 0.0 2592 0.99 0 0.0
arduino:samd:mkrgsm1400 0 0.0 0 0.0 0 0.0 0 0.0 2592 0.99 0 0.0
Click for full report CSV 
Board,examples/SHA1<br>flash,%,examples/SHA1<br>RAM for global variables,%,examples/SHA256<br>flash,%,examples/SHA256<br>RAM for global variables,%,examples/WiFiSSLClient<br>flash,%,examples/WiFiSSLClient<br>RAM for global variables,%,examples/MKRGSMSSLClient<br>flash,%,examples/MKRGSMSSLClient<br>RAM for global variables,%
arduino:megaavr:uno2018,0,0.0,0,0.0,0,0.0,0,0.0
arduino:samd:mkr1000,0,0.0,0,0.0,0,0.0,0,0.0,2592,0.99,0,0.0
arduino:samd:mkrgsm1400,0,0.0,0,0.0,0,0.0,0,0.0,,,,,2592,0.99,0,0.0

@facchinm
Copy link
Contributor

Hi Sandeep! Glad to see you again on this side of town 😉
Thanks for the PR, I'd merge it immediately but I need you to sign the CLA beforehand (due to the new policies).
Apart from that, everything looks good 👍

@sandeepmistry
Copy link
Contributor Author

@facchinm thank you for reviewing!

Apologies for the delay with the CLA, there was some paperwork I needed to go through that took longer than expected.

@facchinm facchinm merged commit 06e3f0f into arduino-libraries:master Aug 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
type: enhancement Proposed improvement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sandeepmistry @CLAassistant @facchinm @per1234