cancel
Showing results for 
Search instead for 
Did you mean: 

NetxDuo - STSAFE A110 TLS

I_C
Associate

Hello.

I'm working with STM32H573.

I have a question related with the use of STSAFE-A110 for TLS. I have to authenticate also the client.

I've succeded stablishing TLS mutual authentication with HTTPS server and TCP server  (different applications, not related) using this type of functions from NetxDuo with the correct data and test certificates:

/* TCP Server */
nx_secure_tls_session_create();
nx_secure_tls_ecc_initialize();

memset(&certificate, 0, sizeof(certificate)); // Server Local certificate
nx_secure_x509_certificate_initialize();
memset(&certificate_, 0, sizeof(certificate_)); // Client certificate
nx_secure_x509_certificate_initialize();

nx_secure_tls_local_certificate_add();
nx_secure_tls_trusted_certificate_add();

nx_secure_tls_session_start();

/* HTTPS */
memset(&certificate, 0, sizeof(certificate)); // Server Local certificate
nx_secure_x509_certificate_initialize();
memset(&certificate_, 0, sizeof(certificate_)); // Client certificate
nx_secure_x509_certificate_initialize();
nx_web_http_server_secure_configure(&HTTPServer, &nx_crypto_tls_ciphers,
                                               crypto_metadata_server, sizeof(crypto_metadata_server), tls_packet_buffer, sizeof(tls_packet_buffer),
                                               &certificate, &ca_list[0], 1,&remote_issuer[0], 1,remote_cert_buffer, sizeof(remote_cert_buffer));
nx_web_http_server_start(&HTTPServer);

What I want to achieve is the same functionality but instead of using my own certificate for local, use the one that STSAFE-A110 has that I cannot access. 

I understand that I have use the option: NX_SECURE_X509_KEY_TYPE_HARDWARE when adding the certs, but I don't know if there is a 'direct' way of using the STSAFE-A110 API to achieve it.

 

Note: I have tested the STSAFE-A110 with the examples and it works fine.

Thank you.

0 REPLIES 0