Skip to content

Commit d028d59

Browse files
pennampennam
committed
WiFiSSLClient: configure cusutom root_ca or client credentials on connect
1 parent 1e7fa2f commit d028d59

File tree

2 files changed

+22
-4
lines changed

2 files changed

+22
-4
lines changed

libraries/WiFiS3/src/WiFiSSLClient.cpp

+18-3
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,14 @@ void WiFiSSLClient::getSocket() {
3030
int WiFiSSLClient::connect(IPAddress ip, uint16_t port) {
3131
/* -------------------------------------------------------------------------- */
3232
getSocket();
33-
33+
if (_root_ca != nullptr) {
34+
setCACert(_root_ca);
35+
} else {
36+
setCACert();
37+
}
38+
if ((_ecc_slot != -1) && (_ecc_cert != nullptr) && (_ecc_cert_len != 0)) {
39+
setEccSlot(_ecc_slot, _ecc_cert, _ecc_cert_len);
40+
}
3441
string res = "";
3542
if(modem.write(string(PROMPT(_SSLCLIENTCONNECTIP)),res, "%s%d,%s,%d\r\n" , CMD_WRITE(_SSLCLIENTCONNECTIP), _sock, ip.toString(), port)) {
3643
return 1;
@@ -42,9 +49,14 @@ int WiFiSSLClient::connect(IPAddress ip, uint16_t port) {
4249
int WiFiSSLClient::connect(const char* host, uint16_t port) {
4350
/* -------------------------------------------------------------------------- */
4451
getSocket();
45-
if (!_custom_root) {
52+
if (_root_ca != nullptr) {
53+
setCACert(_root_ca);
54+
} else {
4655
setCACert();
4756
}
57+
if ((_ecc_slot != -1) && (_ecc_cert != nullptr) && (_ecc_cert_len != 0)) {
58+
setEccSlot(_ecc_slot, _ecc_cert, _ecc_cert_len);
59+
}
4860
string res = "";
4961
if(modem.write(string(PROMPT(_SSLCLIENTCONNECTNAME)),res, "%s%d,%s,%d\r\n" , CMD_WRITE(_SSLCLIENTCONNECTNAME), _sock, host, port)) {
5062
return 1;
@@ -60,7 +72,7 @@ void WiFiSSLClient::setCACert(const char* root_ca, size_t size) {
6072
if(size > 0) {
6173
modem.write_nowait(string(PROMPT(_SETCAROOT)),res, "%s%d,%d\r\n" , CMD_WRITE(_SETCAROOT), _sock, size);
6274
if(modem.passthrough((uint8_t *)root_ca, size)) {
63-
_custom_root = true;
75+
_root_ca = root_ca;
6476
}
6577
} else {
6678
modem.write(string(PROMPT(_SETCAROOT)),res, "%s%d\r\n" , CMD_WRITE(_SETCAROOT), _sock);
@@ -75,6 +87,9 @@ void WiFiSSLClient::setEccSlot(int ecc508KeySlot, const byte cert[], int certLen
7587
if(certLength > 0) {
7688
modem.write_nowait(string(PROMPT(_SETECCSLOT)),res, "%s%d,%d,%d\r\n" , CMD_WRITE(_SETECCSLOT), _sock, ecc508KeySlot, certLength);
7789
modem.passthrough((uint8_t *)cert, certLength);
90+
_ecc_slot = ecc508KeySlot;
91+
_ecc_cert = cert;
92+
_ecc_cert_len = certLength;
7893
}
7994
}
8095

libraries/WiFiS3/src/WiFiSSLClient.h

+4-1
Original file line numberDiff line numberDiff line change
@@ -61,10 +61,13 @@ class WiFiSSLClient : public WiFiClient {
6161

6262
private:
6363
int _sock;
64-
bool _custom_root = false;
6564
void getSocket();
6665
int _read();
6766
void read_if_needed(size_t s);
67+
const char* _root_ca = nullptr;
68+
int _ecc_slot = -1;
69+
const byte* _ecc_cert = nullptr;
70+
int _ecc_cert_len = 0;
6871

6972
private:
7073
void upload_default_Cert();

0 commit comments

Comments
 (0)