ArduinoIoTCloudCertClass: reduce RAM usage

Author: pennam

src/tls/utility/Cert.cpp

@@ -96,8 +96,9 @@ static String base64Encode(const byte in[], unsigned int length, const char* pre
  ******************************************************************************/
 
 ArduinoIoTCloudCertClass::ArduinoIoTCloudCertClass()
-: _certBuffer(NULL)
+: _certBuffer(nullptr)
 , _certBufferLen(0)
+, _publicKey(nullptr)
 {
 
 }
@@ -106,7 +107,7 @@ ArduinoIoTCloudCertClass::~ArduinoIoTCloudCertClass()
 {
   if (_certBuffer) {
     free(_certBuffer);
-    _certBuffer = NULL;
+    _certBuffer = nullptr;
   }
 }
 
@@ -117,7 +118,6 @@ ArduinoIoTCloudCertClass::~ArduinoIoTCloudCertClass()
 int ArduinoIoTCloudCertClass::begin()
 {
   memset(_compressedCert.data, 0x00, CERT_COMPRESSED_CERT_LENGTH);
-  memset(_publicKey, 0x00, CERT_PUBLIC_KEY_LENGTH);
   return 1;
 }
 
@@ -146,6 +146,9 @@ int ArduinoIoTCloudCertClass::buildCSR()
   out += appendIssuerOrSubject(_subjectData, out);
 
   // public key
+  if (_publicKey == nullptr) {
+    return 0;
+  }
   out += appendPublicKey(_publicKey, out);
 
   // terminator
@@ -243,6 +246,9 @@ int ArduinoIoTCloudCertClass::buildCert()
   out += appendIssuerOrSubject(_subjectData, out);
 
   // public key
+  if (_publicKey == nullptr) {
+    return 0;
+  }
   out += appendPublicKey(_publicKey, out);
 
   int authorityKeyIdLen = authorityKeyIdLength(_compressedCert.slot.two.values.authorityKeyId, CERT_AUTHORITY_KEY_ID_LENGTH);
@@ -377,7 +383,7 @@ int ArduinoIoTCloudCertClass::setAuthorityKeyId(const uint8_t authorityKeyId[],
 
 int ArduinoIoTCloudCertClass::setPublicKey(const byte* publicKey, int publicKeyLen) {
   if (publicKeyLen == CERT_PUBLIC_KEY_LENGTH) {
-    memcpy(_publicKey, publicKey, CERT_PUBLIC_KEY_LENGTH);
+    _publicKey = publicKey;
     return 1;
   }
   return 0;

src/tls/utility/Cert.h

@@ -35,8 +35,8 @@
 #define CERT_PUBLIC_KEY_LENGTH               64
 #define CERT_SIGNATURE_LENGTH                64
 #define CERT_DATES_LENGTH                     3
-#define CERT_COMPRESSED_CERT_LENGTH         144
 #define CERT_COMPRESSED_CERT_SLOT_LENGTH     72
+#define CERT_COMPRESSED_CERT_LENGTH         CERT_COMPRESSED_CERT_SLOT_LENGTH + CERT_SERIAL_NUMBER_LENGTH + CERT_AUTHORITY_KEY_ID_LENGTH
 
 #include <Arduino.h>
 
@@ -86,7 +86,7 @@ class ArduinoIoTCloudCertClass {
   inline byte* compressedCertSignatureAndDatesBytes() { return _compressedCert.slot.one.data; }
   inline int compressedCertSignatureAndDatesLength() {return CERT_COMPRESSED_CERT_SLOT_LENGTH; }
   inline byte* compressedCertSerialAndAuthorityKeyIdBytes() { return _compressedCert.slot.two.data; }
-  inline int compressedCertSerialAndAuthorityKeyIdLenght() {return CERT_COMPRESSED_CERT_SLOT_LENGTH; }
+  inline int compressedCertSerialAndAuthorityKeyIdLenght() {return CERT_SERIAL_NUMBER_LENGTH + CERT_AUTHORITY_KEY_ID_LENGTH; }
 #endif
 
   /* Build CSR */
@@ -135,22 +135,20 @@ class ArduinoIoTCloudCertClass {
     struct __attribute__((__packed__)) SerialNumberAndAuthorityKeyIdType {
       byte serialNumber[CERT_SERIAL_NUMBER_LENGTH];
       byte authorityKeyId[CERT_AUTHORITY_KEY_ID_LENGTH];
-      byte unused[36];
     } values;
-    byte data[CERT_COMPRESSED_CERT_SLOT_LENGTH];
+    byte data[CERT_SERIAL_NUMBER_LENGTH + CERT_AUTHORITY_KEY_ID_LENGTH];
   };
 
   union CompressedCertDataUType {
     struct __attribute__((__packed__)) CompressedCertDataType {
       SignatureAndDateUType one;
       SerialNumberAndAuthorityKeyIdUType two;
     }slot;
-    byte data[CERT_COMPRESSED_CERT_LENGTH];
+    byte data[CERT_COMPRESSED_CERT_SLOT_LENGTH + CERT_SERIAL_NUMBER_LENGTH + CERT_AUTHORITY_KEY_ID_LENGTH];
   } _compressedCert;
 
   /* only raw EC X Y values 64 byte */
-  byte  _publicKey[CERT_PUBLIC_KEY_LENGTH];
-  int   _publicKeyLen;
+  const byte * _publicKey;
 
   byte * _certBuffer;
   int    _certBufferLen;