diff --git a/src/TinyGsmClientSIM7600.h b/src/TinyGsmClientSIM7600.h index 64654f4e..d261f0c8 100644 --- a/src/TinyGsmClientSIM7600.h +++ b/src/TinyGsmClientSIM7600.h @@ -768,9 +768,9 @@ class TinyGsmSim7600 : public TinyGsmModem, */ public: bool configureSSLContext(uint8_t context_id, SSLAuthMode sslAuthMode, - SSLVersion sslVersion, const char* CAcertName, - const char* clientCertName, - const char* clientKeyName) { + SSLVersion sslVersion, const String& CAcertName, + const String& clientCertName, + const String& clientKeyName) { bool success = true; // List the certs available @@ -803,25 +803,27 @@ class TinyGsmSim7600 : public TinyGsmModem, success &= waitResponse(5000L) == 1; // apply the correct certificates to the connection - if (CAcertName != nullptr && + if (CAcertName.length() && (sslAuthMode == SSLAuthMode::CA_VALIDATION || sslAuthMode == SSLAuthMode::MUTUAL_AUTHENTICATION)) { /* Configure the server root CA of the specified SSL context AT + CSSLCFG = "cacert", , */ - sendAT(GF("+CSSLCFG=\"cacert\","), context_id, GF(","), CAcertName); + sendAT(GF("+CSSLCFG=\"cacert\","), context_id, GF(",\""), + CAcertName, GF("\"")); success &= waitResponse(5000L) == 1; } - if (clientCertName != nullptr && + if (clientCertName.length() && (sslAuthMode == SSLAuthMode::MUTUAL_AUTHENTICATION || sslAuthMode == SSLAuthMode::CLIENT_VALIDATION)) { - sendAT(GF("+CSSLCFG=\"clientcert\","), context_id, GF(","), - clientCertName); + sendAT(GF("+CSSLCFG=\"clientcert\","), context_id, GF(",\""), + clientCertName, GF("\"")); success &= waitResponse(5000L) == 1; } - if (clientKeyName != nullptr && + if (clientKeyName.length() && (sslAuthMode == SSLAuthMode::MUTUAL_AUTHENTICATION || sslAuthMode == SSLAuthMode::CLIENT_VALIDATION)) { - sendAT(GF("+CSSLCFG=\"clientkey\","), context_id, GF(","), clientKeyName); + sendAT(GF("+CSSLCFG=\"clientkey\","), context_id, GF(",\""), + clientKeyName, GF("\"")); success &= waitResponse(5000L) == 1; } diff --git a/src/TinyGsmEnums.h b/src/TinyGsmEnums.h index d342c436..c5e565e4 100644 --- a/src/TinyGsmEnums.h +++ b/src/TinyGsmEnums.h @@ -47,9 +47,9 @@ enum class CertificateType : int8_t { // 4: pre-shared key encryption enum class SSLAuthMode : int8_t { NO_VALIDATION = 0, - CLIENT_VALIDATION = 1, - CA_VALIDATION = 2, - MUTUAL_AUTHENTICATION = 3, + CA_VALIDATION = 1, + MUTUAL_AUTHENTICATION = 2, + CLIENT_VALIDATION = 3, PRE_SHARED_KEYS = 4, }; diff --git a/src/TinyGsmSSL.tpp b/src/TinyGsmSSL.tpp index d1b7adc1..037bcf5a 100644 --- a/src/TinyGsmSSL.tpp +++ b/src/TinyGsmSSL.tpp @@ -164,12 +164,6 @@ class GsmSecureClient { sslCtxConfigured = false; sslAuthMode = SSLAuthMode::NO_VALIDATION; sslVersion = SSLVersion::TLS1_2; - CAcertName = nullptr; - clientCertName = nullptr; - clientKeyName = nullptr; - pskIdent = nullptr; - psKey = nullptr; - pskTableName = nullptr; } virtual void setSSLContextIndex(uint8_t sslCtxIndex) { @@ -187,48 +181,48 @@ class GsmSecureClient { sslCtxConfigured = false; } - virtual void setCACertName(const char* CAcertName) { - this->CAcertName = CAcertName; + virtual void setCACertName(String CAcertName) { + this->CAcertName = std::move(CAcertName); sslCtxConfigured = false; } - virtual void setCACertName(String CAcertName) { - setCACertName(CAcertName.c_str()); + virtual void setCACertName(const char* CAcertName) { + setCACertName(String{CAcertName}); } - virtual void setClientCertName(const char* clientCertName) { - this->clientCertName = clientCertName; + virtual void setClientCertName(String clientCertName) { + this->clientCertName = std::move(clientCertName); sslCtxConfigured = false; } - virtual void setClientCertName(String clientCertName) { - setClientCertName(clientCertName.c_str()); + virtual void setClientCertName(const char* clientCertName) { + setClientCertName(String{clientCertName}); } - virtual void setPrivateKeyName(const char* clientKeyName) { + virtual void setPrivateKeyName(String clientKeyName) { this->clientKeyName = clientKeyName; sslCtxConfigured = false; } - virtual void setPrivateKeyName(String clientKeyName) { - setPrivateKeyName(clientKeyName.c_str()); + virtual void setPrivateKeyName(const char* clientKeyName) { + setPrivateKeyName(String{clientKeyName}); } - virtual void setPSKTableName(const char* pskTableName) { + virtual void setPSKTableName(String pskTableName) { this->pskTableName = pskTableName; sslCtxConfigured = false; } - virtual void setPSKTableName(String pskTableName) { - setPSKTableName(pskTableName.c_str()); + virtual void setPSKTableName(const char* pskTableName) { + setPSKTableName(String{pskTableName}); } - virtual void setPreSharedKey(const char* pskIdent, const char* psKey) { + virtual void setPreSharedKey(String pskIdent, String psKey) { this->pskIdent = pskIdent; this->psKey = psKey; sslCtxConfigured = false; } - virtual void setPreSharedKey(String pskIdent, String psKey) { - setPreSharedKey(pskIdent.c_str(), psKey.c_str()); + virtual void setPreSharedKey(const char* pskIdent, const char* psKey) { + setPreSharedKey(String{pskIdent}, String{psKey}); } // destructor - virtual ~GsmSecureClient() {} + virtual ~GsmSecureClient() = default; protected: /// The SSL context index to use for this connection @@ -241,17 +235,17 @@ class GsmSecureClient { SSLVersion sslVersion; /// The FILE NAME of the certificate authority certificate loaded onto the /// module - const char* CAcertName; + String CAcertName; /// The FILE NAME of the client certificate loaded onto the module - const char* clientCertName; + String clientCertName; /// The FILE NAME of the client private key loaded onto the module - const char* clientKeyName; + String clientKeyName; /// The FILE NAME of an identity for PSK cipher suites - const char* pskTableName; + String pskTableName; /// The identity VALUE for PSK cipher suites - const char* pskIdent; + String pskIdent; /// The VALUE of the key in hex for PSK cipher suites - const char* psKey; + String psKey; };