Disable parent certificate functions if chain length is 1

arduino-libraries · Jul 16, 2024 · 504a875 · 504a875
1 parent 04cdddf
commit 504a875
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/src/BearSSLClient.cpp b/src/BearSSLClient.cpp
@@ -411,6 +411,7 @@ void BearSSLClient::setKey(const char key[], const char cert[])
 }
 #endif
 
+#if BEAR_SSL_CLIENT_CHAIN_SIZE > 1
 void BearSSLClient::setEccCertParent(const char cert[])
 {
   // try to decode the cert
@@ -457,6 +458,7 @@ void BearSSLClient::setEccCertParent(const char cert[])
     }
   }
 }
+#endif
 
 int BearSSLClient::errorCode()
 {
@@ -621,11 +623,12 @@ void BearSSLClient::clientAppendKey(void *ctx, const void *data, size_t len)
 }
 #endif
 
+#if BEAR_SSL_CLIENT_CHAIN_SIZE > 1
 void BearSSLClient::parentAppendCert(void *ctx, const void *data, size_t len)
 {
   BearSSLClient* c = (BearSSLClient*)ctx;
 
   memcpy(&c->_ecCert[1].data[c->_ecCert[1].data_len], data, len);
   c->_ecCert[1].data_len += len;
 }
-
+#endif
diff --git a/src/BearSSLClient.h b/src/BearSSLClient.h
@@ -101,7 +101,9 @@ class BearSSLClient : public Client {
 #ifndef ARDUINO_BEARSSL_DISABLE_KEY_DECODER
   void setKey(const char key[], const char cert[]);
 #endif
+#if BEAR_SSL_CLIENT_CHAIN_SIZE > 1
   void setEccCertParent(const char cert[]);
+#endif
 
   int errorCode();
 
@@ -113,7 +115,9 @@ class BearSSLClient : public Client {
 #ifndef ARDUINO_BEARSSL_DISABLE_KEY_DECODER
   static void clientAppendKey(void *ctx, const void *data, size_t len);
 #endif
+#if BEAR_SSL_CLIENT_CHAIN_SIZE > 1
   static void parentAppendCert(void *ctx, const void *data, size_t len);
+#endif
 
 private:
   Client* _client;