EnviroDIY · floBik · Apr 1, 2025 · Apr 1, 2025 · Apr 3, 2025 · Apr 4, 2025
diff --git a/src/TinyGsmClientSIM7600.h b/src/TinyGsmClientSIM7600.h
@@ -768,9 +768,9 @@ class TinyGsmSim7600 : public TinyGsmModem<TinyGsmSim7600>,
    */
  public:
   bool configureSSLContext(uint8_t context_id, SSLAuthMode sslAuthMode,
-                           SSLVersion sslVersion, const char* CAcertName,
-                           const char* clientCertName,
-                           const char* clientKeyName) {
+                           SSLVersion sslVersion, const String& CAcertName,
+                           const String& clientCertName,
+                           const String& clientKeyName) {
     bool success = true;
 
     // List the certs available
@@ -803,25 +803,27 @@ class TinyGsmSim7600 : public TinyGsmModem<TinyGsmSim7600>,
     success &= waitResponse(5000L) == 1;
 
     // apply the correct certificates to the connection
-    if (CAcertName != nullptr &&
+    if (CAcertName.length() &&
         (sslAuthMode == SSLAuthMode::CA_VALIDATION ||
          sslAuthMode == SSLAuthMode::MUTUAL_AUTHENTICATION)) {
       /* Configure the server root CA of the specified SSL context
       AT + CSSLCFG = "cacert", <ssl_ctx_index>,<ca_file> */
-      sendAT(GF("+CSSLCFG=\"cacert\","), context_id, GF(","), CAcertName);
+      sendAT(GF("+CSSLCFG=\"cacert\","), context_id, GF(",\""),
+              CAcertName, GF("\""));
       success &= waitResponse(5000L) == 1;
     }
-    if (clientCertName != nullptr &&
+    if (clientCertName.length()  &&
         (sslAuthMode == SSLAuthMode::MUTUAL_AUTHENTICATION ||
          sslAuthMode == SSLAuthMode::CLIENT_VALIDATION)) {
-      sendAT(GF("+CSSLCFG=\"clientcert\","), context_id, GF(","),
-             clientCertName);
+      sendAT(GF("+CSSLCFG=\"clientcert\","), context_id, GF(",\""),
+             clientCertName, GF("\""));
       success &= waitResponse(5000L) == 1;
     }
-    if (clientKeyName != nullptr &&
+    if (clientKeyName.length() &&
         (sslAuthMode == SSLAuthMode::MUTUAL_AUTHENTICATION ||
          sslAuthMode == SSLAuthMode::CLIENT_VALIDATION)) {
-      sendAT(GF("+CSSLCFG=\"clientkey\","), context_id, GF(","), clientKeyName);
+      sendAT(GF("+CSSLCFG=\"clientkey\","), context_id, GF(",\""),
+              clientKeyName, GF("\""));
       success &= waitResponse(5000L) == 1;
     }
 

diff --git a/src/TinyGsmEnums.h b/src/TinyGsmEnums.h
@@ -47,9 +47,9 @@ enum class CertificateType : int8_t {
 //     4: pre-shared key encryption
 enum class SSLAuthMode : int8_t {
   NO_VALIDATION         = 0,
-  CLIENT_VALIDATION     = 1,
-  CA_VALIDATION         = 2,
-  MUTUAL_AUTHENTICATION = 3,
+  CA_VALIDATION         = 1,
+  MUTUAL_AUTHENTICATION = 2,
+  CLIENT_VALIDATION     = 3,
   PRE_SHARED_KEYS       = 4,
 };
 

diff --git a/src/TinyGsmSSL.tpp b/src/TinyGsmSSL.tpp
@@ -164,12 +164,6 @@ class GsmSecureClient {
     sslCtxConfigured = false;
     sslAuthMode      = SSLAuthMode::NO_VALIDATION;
     sslVersion       = SSLVersion::TLS1_2;
-    CAcertName       = nullptr;
-    clientCertName   = nullptr;
-    clientKeyName    = nullptr;
-    pskIdent         = nullptr;
-    psKey            = nullptr;
-    pskTableName     = nullptr;
   }
 
   virtual void setSSLContextIndex(uint8_t sslCtxIndex) {
@@ -187,48 +181,48 @@ class GsmSecureClient {
     sslCtxConfigured = false;
   }
 
-  virtual void setCACertName(const char* CAcertName) {
-    this->CAcertName = CAcertName;
+  virtual void setCACertName(String CAcertName) {
+    this->CAcertName = std::move(CAcertName);    
     sslCtxConfigured = false;
   }
-  virtual void setCACertName(String CAcertName) {
-    setCACertName(CAcertName.c_str());
+  virtual void setCACertName(const char* CAcertName) {
+    setCACertName(String{CAcertName});
   }
 
-  virtual void setClientCertName(const char* clientCertName) {
-    this->clientCertName = clientCertName;
+  virtual void setClientCertName(String clientCertName) {
+    this->clientCertName = std::move(clientCertName);
     sslCtxConfigured     = false;
   }
-  virtual void setClientCertName(String clientCertName) {
-    setClientCertName(clientCertName.c_str());
+  virtual void setClientCertName(const char* clientCertName) {
+    setClientCertName(String{clientCertName});
   }
 
-  virtual void setPrivateKeyName(const char* clientKeyName) {
+  virtual void setPrivateKeyName(String clientKeyName) {
     this->clientKeyName = clientKeyName;
     sslCtxConfigured    = false;
   }
-  virtual void setPrivateKeyName(String clientKeyName) {
-    setPrivateKeyName(clientKeyName.c_str());
+  virtual void setPrivateKeyName(const char*  clientKeyName) {
+    setPrivateKeyName(String{clientKeyName});
   }
 
-  virtual void setPSKTableName(const char* pskTableName) {
+  virtual void setPSKTableName(String pskTableName) {
     this->pskTableName = pskTableName;
     sslCtxConfigured   = false;
   }
-  virtual void setPSKTableName(String pskTableName) {
-    setPSKTableName(pskTableName.c_str());
+  virtual void setPSKTableName(const char*  pskTableName) {
+    setPSKTableName(String{pskTableName});
   }
-  virtual void setPreSharedKey(const char* pskIdent, const char* psKey) {
+  virtual void setPreSharedKey(String pskIdent, String psKey) {
     this->pskIdent   = pskIdent;
     this->psKey      = psKey;
     sslCtxConfigured = false;
   }
-  virtual void setPreSharedKey(String pskIdent, String psKey) {
-    setPreSharedKey(pskIdent.c_str(), psKey.c_str());
+  virtual void setPreSharedKey(const char*  pskIdent, const char*  psKey) {
+    setPreSharedKey(String{pskIdent}, String{psKey});
   }
 
   // destructor
-  virtual ~GsmSecureClient() {}
+  virtual ~GsmSecureClient() = default;
 
  protected:
   /// The SSL context index to use for this connection
@@ -241,17 +235,17 @@ class GsmSecureClient {
   SSLVersion sslVersion;
   /// The FILE NAME of the certificate authority certificate loaded onto the
   /// module
-  const char* CAcertName;
+  String CAcertName;
   /// The FILE NAME of the client certificate loaded onto the module
-  const char* clientCertName;
+  String clientCertName;
   /// The FILE NAME of the client private key loaded onto the module
-  const char* clientKeyName;
+  String clientKeyName;
   /// The FILE NAME of an identity for PSK cipher suites
-  const char* pskTableName;
+  String pskTableName;
   /// The identity VALUE for PSK cipher suites
-  const char* pskIdent;
+  String pskIdent;
   /// The VALUE of the key in hex for PSK cipher suites
-  const char* psKey;
+  String psKey;
 };