fix(modem): TLS example: Added restore session support in mbedtls-wrap

Reusable component in modem_tcp_client example implements a simple
mbedtls wrapper. This update add support for mbedtls deinit() and for
saving and restoring TLS session.

Author: david-cermak

components/esp_modem/examples/modem_tcp_client/components/extra_tcp_transports/include/mbedtls_wrap.hpp

@@ -6,6 +6,7 @@
 #pragma once
 
 #include <utility>
+#include <memory>
 #include <span>
 #include "mbedtls/ssl.h"
 #include "mbedtls/entropy.h"
@@ -22,6 +23,7 @@ class Tls {
     Tls();
     virtual ~Tls();
     bool init(is_server server, do_verify verify);
+    bool deinit();
     int handshake();
     int write(const unsigned char *buf, size_t len);
     int read(unsigned char *buf, size_t len);
@@ -41,12 +43,33 @@ class Tls {
     mbedtls_entropy_context entropy_{};
     virtual void delay() {}
 
+    bool set_session();
+    bool get_session();
+    void reset_session();
+    bool is_session_loaded();
+
 private:
     static void print_error(const char *function, int error_code);
     static int bio_write(void *ctx, const unsigned char *buf, size_t len);
     static int bio_read(void *ctx, unsigned char *buf, size_t len);
     int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
                               const unsigned char *key, size_t keylen,
                               const unsigned char *pwd, size_t pwdlen);
+    struct unique_session {
+        unique_session()
+        {
+            ::mbedtls_ssl_session_init(&s);
+        }
+        ~unique_session()
+        {
+            ::mbedtls_ssl_session_free(&s);
+        }
+        mbedtls_ssl_session *ptr()
+        {
+            return &s;
+        }
+        mbedtls_ssl_session s;
+    };
+    std::unique_ptr<unique_session> session_;
 
 };

components/esp_modem/examples/modem_tcp_client/components/extra_tcp_transports/mbedtls_wrap.cpp

@@ -35,6 +35,16 @@ bool Tls::init(is_server server, do_verify verify)
     return true;
 }
 
+bool Tls::deinit()
+{
+    ::mbedtls_ssl_config_free(&conf_);
+    ::mbedtls_ssl_free(&ssl_);
+    ::mbedtls_pk_free(&pk_key_);
+    ::mbedtls_x509_crt_free(&public_cert_);
+    ::mbedtls_x509_crt_free(&ca_cert_);
+    return true;
+}
+
 void Tls::print_error(const char *function, int error_code)
 {
     static char error_buf[100];
@@ -132,3 +142,39 @@ Tls::~Tls()
     ::mbedtls_x509_crt_free(&public_cert_);
     ::mbedtls_x509_crt_free(&ca_cert_);
 }
+
+bool Tls::get_session()
+{
+    if (session_ == nullptr) {
+        session_ = std::make_unique<unique_session>();
+    }
+    int ret = ::mbedtls_ssl_get_session(&ssl_, session_->ptr());
+    if (ret != 0) {
+        print_error("mbedtls_ssl_get_session() failed", ret);
+        return false;
+    }
+    return true;
+}
+
+bool Tls::set_session()
+{
+    if (session_ == nullptr) {
+        printf("session hasn't been initialized");
+        return false;
+    }
+    int ret = mbedtls_ssl_set_session(&ssl_, session_->ptr());
+    if (ret != 0) {
+        print_error("mbedtls_ssl_set_session() failed", ret);
+        return false;
+    }
+    return true;
+}
+
+void Tls::reset_session()
+{
+    session_.reset(nullptr);
+}
+bool Tls::is_session_loaded()
+{
+    return session_ != nullptr;
+}