From 59fc84e8bcc82696f3d5c7a8d7e0d631a0e8917c Mon Sep 17 00:00:00 2001
From: pennam <m.pennasilico@arduino.cc>
Date: Thu, 15 Feb 2024 15:33:37 +0100
Subject: [PATCH] WiFiS3 WiFiSSLClient: avoid duplicated AT message calls using
 setCACert and setEccSlot

  - Also fix setCACert signature to be consistent with other core implementations
---
 libraries/WiFiS3/src/WiFiSSLClient.cpp | 57 +++++++++++++-------------
 libraries/WiFiS3/src/WiFiSSLClient.h   |  2 +-
 2 files changed, 29 insertions(+), 30 deletions(-)

diff --git a/libraries/WiFiS3/src/WiFiSSLClient.cpp b/libraries/WiFiS3/src/WiFiSSLClient.cpp
index 973e5700c..f67c30896 100644
--- a/libraries/WiFiS3/src/WiFiSSLClient.cpp
+++ b/libraries/WiFiS3/src/WiFiSSLClient.cpp
@@ -36,54 +36,53 @@ int WiFiSSLClient::connect(IPAddress ip, uint16_t port) {
 int WiFiSSLClient::connect(const char* host, uint16_t port) {
 /* -------------------------------------------------------------------------- */
    getSocket();
-   if (_root_ca != nullptr) {
-      setCACert(_root_ca);
+
+   /* if _root_ca is NULL it configures default root ca bundle */
+   string res = "";
+   if(_root_ca != nullptr) {
+      size_t size = strlen(_root_ca);
+      modem.write_nowait(string(PROMPT(_SETCAROOT)),res, "%s%d,%d\r\n" , CMD_WRITE(_SETCAROOT), _sock, size);
+      if(!modem.passthrough((uint8_t *)_root_ca, size)) {
+         return 0;
+      }
    } else {
-      setCACert();
+      if(!modem.write(string(PROMPT(_SETCAROOT)),res, "%s%d\r\n" , CMD_WRITE(_SETCAROOT), _sock)) {
+         return 0;
+      }
    }
-   if ((_ecc_slot != -1) && (_ecc_cert != nullptr) && (_ecc_cert_len != 0)) {
-      setEccSlot(_ecc_slot, _ecc_cert, _ecc_cert_len);
+
+   /* if needed configure software SE for mTLS */
+   if((_ecc_cert_len > 0) && (_ecc_cert != nullptr) && (_ecc_slot >= 0)) {
+      modem.write_nowait(string(PROMPT(_SETECCSLOT)),res, "%s%d,%d,%d\r\n" , CMD_WRITE(_SETECCSLOT), _sock, _ecc_slot, _ecc_cert_len);
+      if(!modem.passthrough((uint8_t *)_ecc_cert, _ecc_cert_len)) {
+         return 0;
+      }
    }
-   string res = "";
+
    if (_connectionTimeout) {
       if(modem.write(string(PROMPT(_SSLCLIENTCONNECT)),res, "%s%d,%s,%d,%d\r\n" , CMD_WRITE(_SSLCLIENTCONNECT), _sock, host,port, _connectionTimeout)) {
          return 1;
       }
    } else {
-   if(modem.write(string(PROMPT(_SSLCLIENTCONNECTNAME)),res, "%s%d,%s,%d\r\n" , CMD_WRITE(_SSLCLIENTCONNECTNAME), _sock, host, port)) {
-      return 1;
-   }
+      if(modem.write(string(PROMPT(_SSLCLIENTCONNECTNAME)),res, "%s%d,%s,%d\r\n" , CMD_WRITE(_SSLCLIENTCONNECTNAME), _sock, host, port)) {
+         return 1;
+      }
    }
    return 0;
 }
 
 /* -------------------------------------------------------------------------- */
-void WiFiSSLClient::setCACert(const char* root_ca, size_t size) {
+void WiFiSSLClient::setCACert(const char* root_ca) {
 /* -------------------------------------------------------------------------- */
-   getSocket();
-   string res = "";
-   if(size > 0) {
-      modem.write_nowait(string(PROMPT(_SETCAROOT)),res, "%s%d,%d\r\n" , CMD_WRITE(_SETCAROOT), _sock, size);
-      if(modem.passthrough((uint8_t *)root_ca, size)) {
-         _root_ca = root_ca;
-      }
-   } else {
-      modem.write(string(PROMPT(_SETCAROOT)),res, "%s%d\r\n" , CMD_WRITE(_SETCAROOT), _sock);
-   }
+   _root_ca = root_ca;
 }
 
 /* -------------------------------------------------------------------------- */
 void WiFiSSLClient::setEccSlot(int ecc508KeySlot, const byte cert[], int certLength) {
 /* -------------------------------------------------------------------------- */
-   getSocket();
-   string res = "";
-   if(certLength > 0) {
-      modem.write_nowait(string(PROMPT(_SETECCSLOT)),res, "%s%d,%d,%d\r\n" , CMD_WRITE(_SETECCSLOT), _sock, ecc508KeySlot, certLength);
-      modem.passthrough((uint8_t *)cert, certLength);
-      _ecc_slot = ecc508KeySlot;
-      _ecc_cert = cert;
-      _ecc_cert_len = certLength;
-   }
+   _ecc_slot = ecc508KeySlot;
+   _ecc_cert = cert;
+   _ecc_cert_len = certLength;
 }
 
 /* -------------------------------------------------------------------------- */
diff --git a/libraries/WiFiS3/src/WiFiSSLClient.h b/libraries/WiFiS3/src/WiFiSSLClient.h
index 9f6f5c98e..c021a0a16 100644
--- a/libraries/WiFiS3/src/WiFiSSLClient.h
+++ b/libraries/WiFiS3/src/WiFiSSLClient.h
@@ -33,7 +33,7 @@ class WiFiSSLClient : public WiFiClient {
    ~WiFiSSLClient();
    virtual int connect(IPAddress ip, uint16_t port);
    virtual int connect(const char* host, uint16_t port);
-   void setCACert(const char* root_ca = NULL, size_t size = 0); 
+   void setCACert(const char* root_ca);
    void setEccSlot(int ecc508KeySlot, const byte cert[], int certLength);
    virtual size_t write(uint8_t);
    virtual size_t write(const uint8_t *buf, size_t size);