set user-provided buffer

main/CommandHandler.cpp

@@ -30,32 +30,12 @@
 
 const char FIRMWARE_VERSION[6] = "1.4.0";
 
-// AWS Device Certificate
+// Optional, user-defined X.509 certificate
-// NOTE: I'm aware this certificate is here :)
+char CERT_BUF[1300];
-char AWS_CERT_CRT[1300] = "-----BEGIN CERTIFICATE-----\n"\
-"MIIDWTCCAkGgAwIBAgIUHi7YIHwvdKnUKTKE4MzqaVvVW7QwDQYJKoZIhvcNAQEL\n"\
-"BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g\n"\
-"SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTE5MDkyNTE2NDA1\n"\
-"NVoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0\n"\
-"ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMygEW9cO1ZXQY4Fo3PY\n"\
-"vBGV6WHwJYKIOd5iTZ4MQmkYNqn9q2YnuXEwYJ+sw6QxSYyZ9O8yniZfviggJ2Dg\n"\
-"GdTGKIbSK7B/C3w6cLnwPNsKbA2xsxnQU3yoQ99noaue4kG+WL7a5SHJHwzcFpT4\n"\
-"tVffsUlFtI9fTyGg75+0X4OJiKtzPhpVrCDesKDl0wLewqqgfxasgXWk3bLGCcBy\n"\
-"7YPEM2x0lp6644xz0jkJ/3KO09+AuFG54K+zv7UZOi4Tph8eiKnI2/2sM58yC233\n"\
-"pCnB8gtxCegvJJ1ByM5SR3Zw5C1hq6cgN5ePv1fQ7QqOnIHygc0gDp8/nw5gnH8P\n"\
-"3LcCAwEAAaNgMF4wHwYDVR0jBBgwFoAU1YI5dEJDKJgyKP6e/lSezmki1tUwHQYD\n"\
-"VR0OBBYEFDTH23PCBu1Pw4xdOR3rY3Pcueh4MAwGA1UdEwEB/wQCMAAwDgYDVR0P\n"\
-"AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQA1p78t3Tk+6V5h0SlokRaC5bVm\n"\
-"RoXwXRmmCsZJlwvIG25buBdUAWC/2odreV4anM9HmRnECxZMIV7Q0NiuVcl3Kiok\n"\
-"xtWsdsCyZkH0OMcBuiTEu+o3osTtxAp8dkzcBlh768htDXZCsAzRjFTwtZ78BqFk\n"\
-"rzduv1FDtpbxoD95X8B3MOc+ZrsZ5TTA+dpepeid6K3jmG9LPmFnahCkK31Hp5dv\n"\
-"WKKDKZn51PvOVAvti1QeAYcFabgeXFWb8OuCJcqWEKFJuvQRvKrpyLfpSR4NNq7M\n"\
-"nM12jsbhjrGYVCmQjczqOMqF+LMnXYUSY+o6gsBCM5XRAwOLY4S7Gv53K4+l\n"\
-"-----END CERTIFICATE-----\n";
 
 // AWS Device Private Key
 // NOTE: I'm aware this certificate is here :)
-char AWS_CERT_PRIVATE[1700] =
+char PRIVATE_KEY[1700] =
 "-----BEGIN RSA PRIVATE KEY-----\n" \
 "MIIEowIBAAKCAQEAzKARb1w7VldBjgWjc9i8EZXpYfAlgog53mJNngxCaRg2qf2r\n" \
 "Zie5cTBgn6zDpDFJjJn07zKeJl++KCAnYOAZ1MYohtIrsH8LfDpwufA82wpsDbGz\n" \
@@ -1107,18 +1087,15 @@ int wpa2EntEnable(const uint8_t command[], uint8_t response[]) {
 int setClientCert(const uint8_t command[], uint8_t response[]){
   ets_printf("*** Called setClientCert\n");
   ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
-  //size_t ca_cert_buf_size = (command[3] << 8 | command[4]);
-  //char* ca_cert_buf = (char*)malloc(ca_cert_buf_size+1);
 
-  
+  memset(CERT_BUF, 0x00, sizeof(CERT_BUF));
-  //ets_printf("\nCert Sz: %d\n", sizeof(AWS_CERT_CRT));
+  memcpy(CERT_BUF, &command[4], sizeof(CERT_BUF));
-  //memset(cert_buf, 0x00, sizeof(cert_buf));
-  //memcpy(cert_buf, &command[4], sizeof(cert_buf));
-  //ets_printf("\nCert: \n %s", cert_buf);
-  // todo: add statement for allocation failing.
 
+  ets_printf("\nCertificate Data (from CircuitPython): \n %s", CERT_BUF);
+  // TODO: add statement for allocation failing.
   ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
-  tlsClients[0].setCertificate(AWS_CERT_CRT);
+
+  tlsClients[0].setCertificate(CERT_BUF);
   ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
 
   
@@ -1131,10 +1108,11 @@ int setClientCert(const uint8_t command[], uint8_t response[]){
 
 
 int setCertKey(const uint8_t command[], uint8_t response[]){
+  // TODO: pull PSK data from command[] instead of global
   ets_printf("*** Called setCertKey\n");
 
   ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
-  tlsClients[0].setPrivateKey(AWS_CERT_PRIVATE);
+  tlsClients[0].setPrivateKey(PRIVATE_KEY);
   ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
 
   response[2] = 1; // number of parameters