esp8266 · earlephilhower · Jan 18, 2021 · Jan 17, 2021 · Jan 17, 2021 · Jan 18, 2021
diff --git a/libraries/ESP8266WiFi/src/CertStoreBearSSL.h b/libraries/ESP8266WiFi/src/CertStoreBearSSL.h
@@ -31,7 +31,15 @@
 
 namespace BearSSL {
 
-class CertStore {
+class CertStoreBase {
+  public:
+    virtual ~CertStoreBase() {}
+
+    // Installs the cert store into the X509 decoder (normally via static function callbacks)
+    virtual void installCertStore(br_x509_minimal_context *ctx) = 0;
+};
+
+class CertStore: public CertStoreBase {
   public:
     CertStore() { };
     ~CertStore();

diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h b/libraries/ESP8266WiFi/src/WiFiClientSecureBearSSL.h
@@ -110,7 +110,7 @@ class WiFiClientSecureCtx : public WiFiClient {
     int getLastSSLError(char *dest = NULL, size_t len = 0);
 
     // Attach a preconfigured certificate store
-    void setCertStore(CertStore *certStore) {
+    void setCertStore(CertStoreBase *certStore) {
       _certStore = certStore;
     }
 
@@ -140,7 +140,7 @@ class WiFiClientSecureCtx : public WiFiClient {
     std::shared_ptr<unsigned char> _iobuf_out;
     time_t _now;
     const X509List *_ta;
-    CertStore *_certStore;
+    CertStoreBase *_certStore;
     int _iobuf_in_size;
     int _iobuf_out_size;
     bool _handshake_done;
@@ -274,7 +274,7 @@ class WiFiClientSecure : public WiFiClient {
     int getLastSSLError(char *dest = NULL, size_t len = 0) { return _ctx->getLastSSLError(dest, len); }
 
     // Attach a preconfigured certificate store
-    void setCertStore(CertStore *certStore) { _ctx->setCertStore(certStore); }
+    void setCertStore(CertStoreBase *certStore) { _ctx->setCertStore(certStore); }
 
     // Select specific ciphers (i.e. optimize for speed over security)
     // These may be in PROGMEM or RAM, either will run properly