Copyright © https://mongoose-os.com

Mongoose OS Forum

frame

Accessing Client Certificate Attributes

Enviroment: embedded C / C++

I have a secure server-client setup (https / wss) which works great, but the client cert has some additional custom attributes embedded within it (OIDS) which in this case, contains a user access level for certain functions. I've been searching docs and web, but can't seem to find a way to access this additional information. I'm guessing I would want to do this during the MG_EV_WEBSOCKET_HANDSHAKE_DONE event and that the client cert data is contained in mg_connection. To that end I'm using the follwing rountine to retrieve the peer (i.e. client) cert - but combing through it in debug session I just don't see these custom attributes (OIDS).

struct mbedtls_x509_crt* webServer::getPeerCertificate(struct mg_connection* nc)
{
    mbedtls_ssl_context* ctx = (mbedtls_ssl_context*) mg_ssl_if_context(nc);
    if (ctx) {
        mbedtls_ssl_session* session_in = ctx->session_in;
        if (session_in && session_in->peer_cert) {
            return session_in->peer_cert;
        }
    }
    return NULL;
}

Any clues here would be very much appreciated :)

Comments

Sign In or Register to comment.