mqtt: i)fix version check for secure_element

ii) fix secure_element error return The feature allows use of secure element for TLS connections, which makes use of hardware security for storage of client private keys(only keys with ECC algorithm) Applicable IDF versions: >= 4.2
espressif · Aug 3, 2020 · db4bce0 · db4bce0
1 parent 702da6d
commit db4bce0
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 8 deletions.
diff --git a/include/mqtt_supported_features.h b/include/mqtt_supported_features.h
@@ -46,8 +46,12 @@
 #define MQTT_SUPPORTED_FEATURE_DER_CERTIFICATES
 #define MQTT_SUPPORTED_FEATURE_ALPN
 #define MQTT_SUPPORTED_FEATURE_CLIENT_KEY_PASSWORD
-#define MQTT_SUPPORTED_FEATURE_SECURE_ELEMENT
 #endif
+
+#if ESP_IDF_VERSION >= ESP_IDF_VERSION_VAL(4, 2, 0)
+// Features supported in 4.2
+#define MQTT_SUPPORTED_FEATURE_SECURE_ELEMENT
 #endif
 
+#endif /* ESP_IDF_VERSION */
 #endif // _MQTT_SUPPORTED_FEATURES_H_
diff --git a/mqtt_client.c b/mqtt_client.c
@@ -208,15 +208,17 @@ static esp_err_t esp_mqtt_set_ssl_transport_properties(esp_transport_list_handle
     }
 
     if (cfg->use_secure_element) {
-#if defined(MQTT_SUPPORTED_FEATURE_SECURE_ELEMENT) && (CONFIG_ESP_TLS_USE_SECURE_ELEMENT)
+#ifdef MQTT_SUPPORTED_FEATURE_SECURE_ELEMENT
+#ifdef CONFIG_ESP_TLS_USE_SECURE_ELEMENT
         esp_transport_ssl_use_secure_element(ssl);
-#ifdef CONFIG_ATECC608A_TCUSTOM
-        ESP_OK_CHECK(TAG, esp_mqtt_set_cert_key_data(ssl, MQTT_SSL_DATA_API_CLIENT_CERT, cfg->clientcert_buf, cfg->clientcert_bytes),
-                    goto esp_mqtt_set_transport_failed);
-#endif
 #else
-        ESP_LOGE(TAG, "secure element not enabled for esp-tls in menuconfig");
-#endif
+        ESP_LOGE(TAG, "Secure element not enabled for esp-tls in menuconfig");
+        goto esp_mqtt_set_transport_failed;
+#endif /* CONFIG_ESP_TLS_USE_SECURE_ELEMENT */
+#else
+        ESP_LOGE(TAG, "Secure element feature is not available in IDF version %s", IDF_VER);
+        goto esp_mqtt_set_transport_failed;
+#endif /* MQTT_SUPPORTED_FEATURE_SECURE_ELEMENT */
     }
     ESP_OK_CHECK(TAG, esp_mqtt_set_cert_key_data(ssl, MQTT_SSL_DATA_API_CLIENT_CERT, cfg->clientcert_buf, cfg->clientcert_bytes),
                  goto esp_mqtt_set_transport_failed);