From 9b5e5d5c61ac3971fe9c28a80f6ade708d14c87f Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Sun, 17 Jan 2021 16:32:24 -0300 Subject: [PATCH 01/12] Make installCertStore virtual so we can inherit from CertStore and override it --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index dcfcb34653..d6c3199f21 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -40,7 +40,7 @@ class CertStore { int initCertStore(fs::FS &fs, const char *indexFileName, const char *dataFileName); // Installs the cert store into the X509 decoder (normally via static function callbacks) - void installCertStore(br_x509_minimal_context *ctx); + virtual void installCertStore(br_x509_minimal_context *ctx); protected: fs::FS *_fs = nullptr; From b18e05882355809fc1bedf1c26613b6ce569b802 Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Sun, 17 Jan 2021 17:10:07 -0300 Subject: [PATCH 02/12] Make CertStore destructor virtual --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index d6c3199f21..56bb027e1d 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -34,7 +34,7 @@ namespace BearSSL { class CertStore { public: CertStore() { }; - ~CertStore(); + virtual ~CertStore(); // Set the file interface instances, do preprocessing int initCertStore(fs::FS &fs, const char *indexFileName, const char *dataFileName); From e80c1580a98762cf9bfb985c746f8072c08696b1 Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Sun, 17 Jan 2021 23:58:11 -0300 Subject: [PATCH 03/12] Create CertStoreBase to inherit from --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 14 +++++++++++--- .../ESP8266WiFi/src/WiFiClientSecureBearSSL.h | 4 ++-- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index 56bb027e1d..1207cf68d1 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -31,16 +31,24 @@ namespace BearSSL { -class CertStore { +class CertStoreBase { public: - CertStore() { }; virtual ~CertStore(); + // Installs the cert store into the X509 decoder (normally via static function callbacks) + virtual void installCertStore(br_x509_minimal_context *ctx); +}; + +class CertStore: public CertStoreBase { + public: + CertStore() { }; + ~CertStore(); + // Set the file interface instances, do preprocessing int initCertStore(fs::FS &fs, const char *indexFileName, const char *dataFileName); // Installs the cert store into the X509 decoder (normally via static function callbacks) - virtual void installCertStore(br_x509_minimal_context *ctx); + void installCertStore(br_x509_minimal_context *ctx); protected: fs::FS *_fs = nullptr; diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h index 858f573e2a..d3b99af400 100644 --- a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h +++ b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h @@ -110,7 +110,7 @@ class WiFiClientSecureCtx : public WiFiClient { int getLastSSLError(char *dest = NULL, size_t len = 0); // Attach a preconfigured certificate store - void setCertStore(CertStore *certStore) { + void setCertStore(CertStoreBase *certStore) { _certStore = certStore; } @@ -274,7 +274,7 @@ class WiFiClientSecure : public WiFiClient { int getLastSSLError(char *dest = NULL, size_t len = 0) { return _ctx->getLastSSLError(dest, len); } // Attach a preconfigured certificate store - void setCertStore(CertStore *certStore) { _ctx->setCertStore(certStore); } + void setCertStore(CertStoreBase *certStore) { _ctx->setCertStore(certStore); } // Select specific ciphers (i.e. optimize for speed over security) // These may be in PROGMEM or RAM, either will run properly From 58613aebbab6dfbb5cd2ed4803681d6f78c909db Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:00:54 -0300 Subject: [PATCH 04/12] Update _certStorage type --- libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h index d3b99af400..55c366075b 100644 --- a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h +++ b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h @@ -140,7 +140,7 @@ class WiFiClientSecureCtx : public WiFiClient { std::shared_ptr _iobuf_out; time_t _now; const X509List *_ta; - CertStore *_certStore; + CertStoreBase *_certStore; int _iobuf_in_size; int _iobuf_out_size; bool _handshake_done; From 456655e963ddc0d01c20d71ff03bd73f2938142c Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:07:57 -0300 Subject: [PATCH 05/12] Fix typo --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index 1207cf68d1..24f7997e0e 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -33,7 +33,7 @@ namespace BearSSL { class CertStoreBase { public: - virtual ~CertStore(); + virtual ~CertStoreBase(); // Installs the cert store into the X509 decoder (normally via static function callbacks) virtual void installCertStore(br_x509_minimal_context *ctx); From c4a5c0928b06936bf32c7a432b0d84733feb26cb Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:18:15 -0300 Subject: [PATCH 06/12] Provide setCertStore for the default implementation --- libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h index 55c366075b..321086d73c 100644 --- a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h +++ b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h @@ -275,6 +275,9 @@ class WiFiClientSecure : public WiFiClient { // Attach a preconfigured certificate store void setCertStore(CertStoreBase *certStore) { _ctx->setCertStore(certStore); } + void setCertStore(CertStore *certStore) { + _ctx->setCertStore(static_cast(certStore)); + } // Select specific ciphers (i.e. optimize for speed over security) // These may be in PROGMEM or RAM, either will run properly From 51015865c80854a1644a5e8106d099c8eba2d751 Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:21:35 -0300 Subject: [PATCH 07/12] Set virtual method to 0 --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index 24f7997e0e..3ef51f8511 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -36,7 +36,7 @@ class CertStoreBase { virtual ~CertStoreBase(); // Installs the cert store into the X509 decoder (normally via static function callbacks) - virtual void installCertStore(br_x509_minimal_context *ctx); + virtual void installCertStore(br_x509_minimal_context *ctx) = 0 }; class CertStore: public CertStoreBase { From 5697fceed62f967532cfb8bed582e4998a6df49e Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:23:23 -0300 Subject: [PATCH 08/12] Remove useless method --- libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h | 3 --- 1 file changed, 3 deletions(-) diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h index 321086d73c..55c366075b 100644 --- a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h +++ b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h @@ -275,9 +275,6 @@ class WiFiClientSecure : public WiFiClient { // Attach a preconfigured certificate store void setCertStore(CertStoreBase *certStore) { _ctx->setCertStore(certStore); } - void setCertStore(CertStore *certStore) { - _ctx->setCertStore(static_cast(certStore)); - } // Select specific ciphers (i.e. optimize for speed over security) // These may be in PROGMEM or RAM, either will run properly From ad15acf557226ff491846ce2a20d9aa3d8076c31 Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:24:21 -0300 Subject: [PATCH 09/12] Fix missing ; --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index 3ef51f8511..5798b2e254 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -36,7 +36,7 @@ class CertStoreBase { virtual ~CertStoreBase(); // Installs the cert store into the X509 decoder (normally via static function callbacks) - virtual void installCertStore(br_x509_minimal_context *ctx) = 0 + virtual void installCertStore(br_x509_minimal_context *ctx) = 0; }; class CertStore: public CertStoreBase { From 8f5e7e98449f7c838d9f415dd943cc87cd5b0fd4 Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:34:20 -0300 Subject: [PATCH 10/12] Remove virtual destructor --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index 5798b2e254..9c2fc2916e 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -33,8 +33,6 @@ namespace BearSSL { class CertStoreBase { public: - virtual ~CertStoreBase(); - // Installs the cert store into the X509 decoder (normally via static function callbacks) virtual void installCertStore(br_x509_minimal_context *ctx) = 0; }; From c941ace256bd5fb4914704c66214570fd760e844 Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:49:37 -0300 Subject: [PATCH 11/12] Re-add CertStoreBase virtual destructor --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index 9c2fc2916e..55f0c58edf 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -33,6 +33,8 @@ namespace BearSSL { class CertStoreBase { public: + virtual CertStoreBase() {} + // Installs the cert store into the X509 decoder (normally via static function callbacks) virtual void installCertStore(br_x509_minimal_context *ctx) = 0; }; From 77d995bf13a8d998b4a863f95ffd58aafa810a79 Mon Sep 17 00:00:00 2001 From: Paulo Cabral Sanz Date: Mon, 18 Jan 2021 00:51:14 -0300 Subject: [PATCH 12/12] Fix typo --- libraries/ESP8266WiFi/src/CertStoreBearSSL.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h index 55f0c58edf..51dcb07551 100644 --- a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h +++ b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h @@ -33,7 +33,7 @@ namespace BearSSL { class CertStoreBase { public: - virtual CertStoreBase() {} + virtual ~CertStoreBase() {} // Installs the cert store into the X509 decoder (normally via static function callbacks) virtual void installCertStore(br_x509_minimal_context *ctx) = 0;