From 774710c18cd9662d0f981cdf856a5690f7552d9f Mon Sep 17 00:00:00 2001
From: brentru <robots199Wme.com>
Date: Mon, 30 Sep 2019 14:51:02 -0400
Subject: [PATCH 1/6] added handlers to setup certificate and private key, need
 to add command address

---
 adafruit_esp32spi/adafruit_esp32spi.py | 35 ++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/adafruit_esp32spi/adafruit_esp32spi.py b/adafruit_esp32spi/adafruit_esp32spi.py
index ba11601..1e96b80 100644
--- a/adafruit_esp32spi/adafruit_esp32spi.py
+++ b/adafruit_esp32spi/adafruit_esp32spi.py
@@ -94,6 +94,8 @@
 _SET_ENT_UNAME_CMD     = const(0x4B)
 _SET_ENT_PASSWD_CMD    = const(0x4C)
 _SET_ENT_ENABLE_CMD    = const(0x4F)
+_SET_CLI_CERT          = const(0x00) # TODO: Decl in nina-fw handler.
+_SET_PK                = const(0x00) # TODO: Decl in nina-fw handler.
 
 _SET_PIN_MODE_CMD      = const(0x50)
 _SET_DIGITAL_WRITE_CMD = const(0x51)
@@ -786,3 +788,36 @@ def get_time(self):
         if self.status in (WL_AP_LISTENING, WL_AP_CONNECTED):
             raise RuntimeError("Cannot obtain NTP while in AP mode, must be connected to internet")
         raise RuntimeError("Must be connected to WiFi before obtaining NTP.")
+
+    def set_certificate(self, client_certificate):
+        """Sets client certificate. Must be called and set
+        BEFORE a network connection is established.
+        Begins with -----BEGIN CERTIFICATE-----.
+        :param str client_certificate: User-provided client certificate.
+        """
+        if self._debug:
+            print("** Setting client certificate")
+        if self.status == WL_CONNECTED:
+            raise RuntimeError("set_certificate must be called BEFORE a connection is established.")
+        if isinstance(client_certificate, str):
+            client_certificate = bytes(client_certificate, 'utf-8')
+        resp = self._send_command_get_response(_SET_CLI_CERT, (client_certificate,))
+        if resp[0][0] != 1:
+            raise RuntimeError("Failed to set client certificate")
+        return resp[0]
+
+    def set_private_key(self, private_key):
+        """Sets client certificate. Must be called and set
+        BEFORE a network connection is established.
+        :param str private_key: User-provided private key.
+        """
+        if self._debug:
+            print("** Setting client's private key.")
+        if self.status == WL_CONNECTED:
+            raise RuntimeError("set_private_key must be called BEFORE a connection is established.")
+        if isinstance(private_key, str):
+            private_key = bytes(private_key, 'utf-8')
+        resp = self._send_command_get_response(_SET_PK, (private_key,))
+        if resp[0][0] != 1:
+            raise RuntimeError("Failed to set private key.")
+        return resp[0]
\ No newline at end of file

From c32ac2283625e728d3fc13402ba01158ad4f4058 Mon Sep 17 00:00:00 2001
From: brentru <robots199Wme.com>
Date: Mon, 30 Sep 2019 15:00:33 -0400
Subject: [PATCH 2/6] add memory addreses for client cert/pk methods

---
 adafruit_esp32spi/adafruit_esp32spi.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/adafruit_esp32spi/adafruit_esp32spi.py b/adafruit_esp32spi/adafruit_esp32spi.py
index 1e96b80..448556d 100644
--- a/adafruit_esp32spi/adafruit_esp32spi.py
+++ b/adafruit_esp32spi/adafruit_esp32spi.py
@@ -94,8 +94,8 @@
 _SET_ENT_UNAME_CMD     = const(0x4B)
 _SET_ENT_PASSWD_CMD    = const(0x4C)
 _SET_ENT_ENABLE_CMD    = const(0x4F)
-_SET_CLI_CERT          = const(0x00) # TODO: Decl in nina-fw handler.
-_SET_PK                = const(0x00) # TODO: Decl in nina-fw handler.
+_SET_CLI_CERT          = const(0x40)
+_SET_PK                = const(0x41)
 
 _SET_PIN_MODE_CMD      = const(0x50)
 _SET_DIGITAL_WRITE_CMD = const(0x51)
@@ -790,7 +790,7 @@ def get_time(self):
         raise RuntimeError("Must be connected to WiFi before obtaining NTP.")
 
     def set_certificate(self, client_certificate):
-        """Sets client certificate. Must be called and set
+        """Sets client certificate. Must be called
         BEFORE a network connection is established.
         Begins with -----BEGIN CERTIFICATE-----.
         :param str client_certificate: User-provided client certificate.
@@ -807,7 +807,7 @@ def set_certificate(self, client_certificate):
         return resp[0]
 
     def set_private_key(self, private_key):
-        """Sets client certificate. Must be called and set
+        """Sets private key. Must be called
         BEFORE a network connection is established.
         :param str private_key: User-provided private key.
         """

From 7a40f6ba73ce48178d3ad8c8f8ce56ba5b8dcbbf Mon Sep 17 00:00:00 2001
From: brentru <robots199Wme.com>
Date: Mon, 30 Sep 2019 15:20:04 -0400
Subject: [PATCH 3/6] add test code to allow debugging over UART

---
 examples/esp32spi_cert.py | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 examples/esp32spi_cert.py

diff --git a/examples/esp32spi_cert.py b/examples/esp32spi_cert.py
new file mode 100644
index 0000000..79bc9c7
--- /dev/null
+++ b/examples/esp32spi_cert.py
@@ -0,0 +1,24 @@
+import board
+import busio
+from digitalio import DigitalInOut
+import adafruit_esp32spi.adafruit_esp32spi_socket as socket
+from adafruit_esp32spi import adafruit_esp32spi
+import adafruit_requests as requests
+
+print("ESP32 SPI- User-provided SSL Certificate Test")
+
+# If you are using a board with pre-defined ESP32 Pins:
+esp32_cs = DigitalInOut(board.ESP_CS)
+esp32_ready = DigitalInOut(board.ESP_BUSY)
+esp32_reset = DigitalInOut(board.ESP_RESET)
+
+# If you have an externally connected ESP32:
+# esp32_cs = DigitalInOut(board.D9)
+# esp32_ready = DigitalInOut(board.D10)
+# esp32_reset = DigitalInOut(board.D5)
+
+spi = busio.SPI(board.SCK, board.MOSI, board.MISO)
+esp = adafruit_esp32spi.ESP_SPIcontrol(spi, esp32_cs, esp32_ready, esp32_reset)
+
+# Allow debugging
+esp.set_esp_debug(True)
\ No newline at end of file

From 4060e441bcd23b78a57ae4d82f472b10d97ac085 Mon Sep 17 00:00:00 2001
From: brentru <robots199@me.com>
Date: Tue, 8 Oct 2019 13:04:54 -0400
Subject: [PATCH 4/6] assert buffer lengths

---
 adafruit_esp32spi/adafruit_esp32spi.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/adafruit_esp32spi/adafruit_esp32spi.py b/adafruit_esp32spi/adafruit_esp32spi.py
index 448556d..9fe8768 100644
--- a/adafruit_esp32spi/adafruit_esp32spi.py
+++ b/adafruit_esp32spi/adafruit_esp32spi.py
@@ -793,7 +793,7 @@ def set_certificate(self, client_certificate):
         """Sets client certificate. Must be called
         BEFORE a network connection is established.
         Begins with -----BEGIN CERTIFICATE-----.
-        :param str client_certificate: User-provided client certificate.
+        :param str client_certificate: User-provided X.509 certificate up to 1300 bytes.
         """
         if self._debug:
             print("** Setting client certificate")
@@ -801,6 +801,7 @@ def set_certificate(self, client_certificate):
             raise RuntimeError("set_certificate must be called BEFORE a connection is established.")
         if isinstance(client_certificate, str):
             client_certificate = bytes(client_certificate, 'utf-8')
+        assert len(client_certificate) < 1300, "X.509 certificate must be less than 1300 bytes."
         resp = self._send_command_get_response(_SET_CLI_CERT, (client_certificate,))
         if resp[0][0] != 1:
             raise RuntimeError("Failed to set client certificate")
@@ -809,7 +810,7 @@ def set_certificate(self, client_certificate):
     def set_private_key(self, private_key):
         """Sets private key. Must be called
         BEFORE a network connection is established.
-        :param str private_key: User-provided private key.
+        :param str private_key: User-provided private key up to 1700 bytes.
         """
         if self._debug:
             print("** Setting client's private key.")
@@ -817,6 +818,7 @@ def set_private_key(self, private_key):
             raise RuntimeError("set_private_key must be called BEFORE a connection is established.")
         if isinstance(private_key, str):
             private_key = bytes(private_key, 'utf-8')
+        assert len(private_key) < 1700, "Private key must be less than 1700 bytes."
         resp = self._send_command_get_response(_SET_PK, (private_key,))
         if resp[0][0] != 1:
             raise RuntimeError("Failed to set private key.")

From 1cdbadbcf518732db649bc3e17e0a456fc158644 Mon Sep 17 00:00:00 2001
From: brentru <robots199@me.com>
Date: Tue, 8 Oct 2019 13:53:39 -0400
Subject: [PATCH 5/6] moving example to mmqtt

---
 examples/esp32spi_cert.py | 24 ------------------------
 1 file changed, 24 deletions(-)
 delete mode 100644 examples/esp32spi_cert.py

diff --git a/examples/esp32spi_cert.py b/examples/esp32spi_cert.py
deleted file mode 100644
index 79bc9c7..0000000
--- a/examples/esp32spi_cert.py
+++ /dev/null
@@ -1,24 +0,0 @@
-import board
-import busio
-from digitalio import DigitalInOut
-import adafruit_esp32spi.adafruit_esp32spi_socket as socket
-from adafruit_esp32spi import adafruit_esp32spi
-import adafruit_requests as requests
-
-print("ESP32 SPI- User-provided SSL Certificate Test")
-
-# If you are using a board with pre-defined ESP32 Pins:
-esp32_cs = DigitalInOut(board.ESP_CS)
-esp32_ready = DigitalInOut(board.ESP_BUSY)
-esp32_reset = DigitalInOut(board.ESP_RESET)
-
-# If you have an externally connected ESP32:
-# esp32_cs = DigitalInOut(board.D9)
-# esp32_ready = DigitalInOut(board.D10)
-# esp32_reset = DigitalInOut(board.D5)
-
-spi = busio.SPI(board.SCK, board.MOSI, board.MISO)
-esp = adafruit_esp32spi.ESP_SPIcontrol(spi, esp32_cs, esp32_ready, esp32_reset)
-
-# Allow debugging
-esp.set_esp_debug(True)
\ No newline at end of file

From e14f3ef0ccec2e755af637751bc0d456ae6561cc Mon Sep 17 00:00:00 2001
From: brentru <robots199@me.com>
Date: Tue, 8 Oct 2019 17:08:40 -0400
Subject: [PATCH 6/6] fix CRLF/LF

---
 adafruit_esp32spi/adafruit_esp32spi.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/adafruit_esp32spi/adafruit_esp32spi.py b/adafruit_esp32spi/adafruit_esp32spi.py
index 9fe8768..0926c4d 100644
--- a/adafruit_esp32spi/adafruit_esp32spi.py
+++ b/adafruit_esp32spi/adafruit_esp32spi.py
@@ -822,4 +822,4 @@ def set_private_key(self, private_key):
         resp = self._send_command_get_response(_SET_PK, (private_key,))
         if resp[0][0] != 1:
             raise RuntimeError("Failed to set private key.")
-        return resp[0]
\ No newline at end of file
+        return resp[0]