search

eduardsui / tlse

Single C file TLS 1.2/1.3 implementation, using tomcrypt as crypto library
Other
535 stars 87 forks source link

How to use client certificate? I can't find proper interfaces to load client certificate and key. #49

Closed starrysec closed 3 years ago

starrysec commented 5 years ago

I use SSL_CTX_use_certificate_file to load client certificate and SSL_CTX_use_PrivateKey_file to load key file.

starrysec commented 5 years ago

SSL_CTX_use_certificate_file doesn't support load client certificate. Now, I have extended the tls_load_certificates function, added the client certificate parsing code, and can use the client certificate.

if (dummy == SSL_SERVER_RSA_CERT) {
    context->certificates = (struct TLSCertificate **)TLS_REALLOC(context->certificates, (context->certificates_count + 1) * sizeof(struct TLSCertificate *));
    context->certificates[context->certificates_count] = cert;
    context->certificates_count++;
    DEBUG_PRINT("Loaded certificate: %i\n", (int)context->certificates_count);
} else {
    context->client_certificates = (struct TLSCertificate **)TLS_REALLOC(context->client_certificates, (context->client_certificates_count + 1) * sizeof(struct TLSCertificate *));
    context->client_certificates[context->client_certificates_count] = cert;
    context->client_certificates_count++;
    DEBUG_PRINT("Loaded certificate: %i\n", (int)context->client_certificates_count);
}