mbedtls: allow storing certificates in filesystem

facchinm · facchinm · commit c3fff6e17cec · 2020-11-04T16:26:27.000+01:00
diff --git a/connectivity/mbedtls/source/x509_crt.c b/connectivity/mbedtls/source/x509_crt.c
@@ -80,7 +80,11 @@
 #if !defined(_WIN32) || defined(EFIX64) || defined(EFI32)
 #include <sys/types.h>
 #include <sys/stat.h>
+#if defined(__MBED__)
+#include <platform/mbed_retarget.h>
+#else
 #include <dirent.h>
+#endif /* __MBED__ */
 #endif /* !_WIN32 || EFIX64 || EFI32 */
 #endif
 
diff --git a/connectivity/netsocket/source/TLSSocketWrapper.cpp b/connectivity/netsocket/source/TLSSocketWrapper.cpp
@@ -103,8 +103,17 @@ nsapi_error_t TLSSocketWrapper::set_root_ca_cert(const void *root_ca, size_t len
 
     /* Parse CA certification */
     int ret;
-    if ((ret = mbedtls_x509_crt_parse(crt, static_cast<const unsigned char *>(root_ca),
-                                      len)) != 0) {
+    switch (len) {
+#if defined(MBEDTLS_FS_IO)
+    case 0:
+        ret = mbedtls_x509_crt_parse_path(crt, static_cast<const char *>(root_ca));
+        break;
+#endif
+    default:
+        ret = mbedtls_x509_crt_parse(crt, static_cast<const unsigned char *>(root_ca), len);
+        break;
+    }
+    if (ret < 0) {
         print_mbedtls_error("mbedtls_x509_crt_parse", ret);
         mbedtls_x509_crt_free(crt);
         delete crt;
