Skip to content

Commit

Permalink
Add Stream loaders for BearSSL (#7675)
Browse files Browse the repository at this point in the history 
Fixes #7671

Allows for code to do things like read certs from LittleFS or even HTTP
connections with code like:

  File cert = LittleFS.open("/client-crt.pem", "r");
  clientCert = new X509List(cert, cert.size());
  cert.close();
  • Loading branch information
@earlephilhower
earlephilhower committed Oct 28, 2020
1 parent cfdcff1 commit 77bd71e
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 0 deletions.
40 changes: 40 additions & 0 deletions libraries/ESP8266WiFi/src/BearSSLHelpers.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -626,6 +626,17 @@ namespace brssl {
return pk;
}

static uint8_t *loadStream(Stream& stream, size_t size) {
uint8_t *dest = (uint8_t *)malloc(size);
if (!dest) {
return nullptr; // OOM error
}
if (size != stream.readBytes(dest, size)) {
free(dest); // Error during read
return nullptr;
}
return dest;
}
};


Expand All @@ -648,6 +659,15 @@ PublicKey::PublicKey(const uint8_t *derKey, size_t derLen) {
parse(derKey, derLen);
}

PublicKey::PublicKey(Stream &stream, size_t size) {
_key = nullptr;
auto buff = brssl::loadStream(stream, size);
if (buff) {
parse(buff, size);
free(buff);
}
}

PublicKey::~PublicKey() {
if (_key) {
brssl::free_public_key(_key);
Expand Down Expand Up @@ -711,6 +731,15 @@ PrivateKey::PrivateKey(const uint8_t *derKey, size_t derLen) {
parse(derKey, derLen);
}

PrivateKey::PrivateKey(Stream &stream, size_t size) {
_key = nullptr;
auto buff = brssl::loadStream(stream, size);
if (buff) {
parse(buff, size);
free(buff);
}
}

PrivateKey::~PrivateKey() {
if (_key) {
brssl::free_private_key(_key);
Expand Down Expand Up @@ -781,6 +810,17 @@ X509List::X509List(const uint8_t *derCert, size_t derLen) {
append(derCert, derLen);
}

X509List::X509List(Stream &stream, size_t size) {
_count = 0;
_cert = nullptr;
_ta = nullptr;
auto buff = brssl::loadStream(stream, size);
if (buff) {
append(buff, size);
free(buff);
}
}

X509List::~X509List() {
brssl::free_certificates(_cert, _count); // also frees cert
for (size_t i = 0; i < _count; i++) {
Expand Down
6 changes: 6 additions & 0 deletions libraries/ESP8266WiFi/src/BearSSLHelpers.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ class PublicKey {
PublicKey();
PublicKey(const char *pemKey);
PublicKey(const uint8_t *derKey, size_t derLen);
PublicKey(Stream& stream, size_t size);
PublicKey(Stream& stream) : PublicKey(stream, stream.available()) { };
~PublicKey();

bool parse(const char *pemKey);
Expand All @@ -69,6 +71,8 @@ class PrivateKey {
PrivateKey();
PrivateKey(const char *pemKey);
PrivateKey(const uint8_t *derKey, size_t derLen);
PrivateKey(Stream& stream, size_t size);
PrivateKey(Stream& stream) : PrivateKey(stream, stream.available()) { };
~PrivateKey();

bool parse(const char *pemKey);
Expand Down Expand Up @@ -98,6 +102,8 @@ class X509List {
X509List();
X509List(const char *pemCert);
X509List(const uint8_t *derCert, size_t derLen);
X509List(Stream& stream, size_t size);
X509List(Stream& stream) : X509List(stream, stream.available()) { };
~X509List();

bool append(const char *pemCert);
Expand Down

0 comments on commit 77bd71e

Please sign in to comment.