PolarSSL is now part of ARM Official announcement and rebranded as mbed TLS.

mbedtls_ssl_conf_own_cert


Nov 21, 2017 16:50
Fan

Dear friends,

I need to set the server cert & private key, but mbedtls_ssl_conf_own_cert seems to require a non-const point to pk_key. Is there a reason why the pointer to the private key is not const? Are there functions that work with const pointers. Thanks!

int mbedtls_ssl_conf_own_cert   (   mbedtls_ssl_config *    conf,
mbedtls_x509_crt *  own_cert,
mbedtls_pk_context *    pk_key 
)
 
Nov 22, 2017 12:44
Ron Eldor

Hi Fan,
Thank you for your query!
With a brief look, I believe that it's a mistake that the key is not const. As you can see, there is already an outstanding PR which adds some const notations to the API. However, it requires deeper investigation to understand whether const can be added, as the mbedtls_ssl_key_cert is used in several locations, and the const notation should be added in many locations in the flow, not only the external API. In addition, there should be a good justification for changing API.
Regards,
Mbed TLS Team member
Ron

 
Nov 30, 2017 15:51
Fan

Thanks for the pointer. Would you like to accept a PR for this specific bug? Maybe I can take a look.

Fan

 
Nov 30, 2017 16:19
Ron Eldor

Hi Fan,
As an open source project, we are always grateful for PRs done by the community to our github repository, as long as they follow our coding standards and the contributor signed the CLA as mentioned in the contributing section. Keep in mind that since this is a change in API, it might take time for it to be merged, assuming the PR will be accepted.
Regards,
Mbed TLS Team member
Ron

 
Dec 1, 2017 21:10
Fan

Ok. Please consider https://github.com/ARMmbed/mbedtls/pull/1194. A CLA has been signed.