tests/extmod: Adjust ssl/tls tests to run on targets with axTLS.
Signed-off-by: Damien George <damien@micropython.org>
This commit is contained in:
parent
7d442373af
commit
1e3b24238e
@ -10,7 +10,7 @@ except ImportError:
|
|||||||
# Invalid cadata.
|
# Invalid cadata.
|
||||||
try:
|
try:
|
||||||
ssl.wrap_socket(io.BytesIO(), cadata=b"!")
|
ssl.wrap_socket(io.BytesIO(), cadata=b"!")
|
||||||
except TypeError:
|
except AttributeError:
|
||||||
# "cadata" keyword argument is not supported by axtls.
|
# "cadata" keyword argument is not supported by axtls.
|
||||||
print("SKIP")
|
print("SKIP")
|
||||||
raise SystemExit
|
raise SystemExit
|
||||||
|
@ -9,11 +9,6 @@ except ImportError:
|
|||||||
|
|
||||||
key = b"0\x82\x019\x02\x01\x00\x02A\x00\xf9\xe0}\xbd\xd7\x9cI\x18\x06\xc3\xcb\xb5\xec@r\xfbD\x18\x80\xaaWoZ{\xcc\xa3\xeb!\"\x0fY\x9e]-\xee\xe4\t!BY\x9f{7\xf3\xf2\x8f}}\r|.\xa8<\ta\xb2\xd7W\xb3\xc9\x19A\xc39\x02\x03\x01\x00\x01\x02@\x07:\x9fh\xa6\x9c6\xe1#\x10\xf7\x0b\xc4Q\xf9\x01\x9b\xee\xb9\x8a4\r\\\xa8\xc8:\xd5\xca\x97\x99\xaa\x16\x04)\xa8\xf9\x13\xdeq\x0ev`\xa7\x83\xc5\x8b`\xdb\xef \x9d\x93\xe8g\x84\x96\xfaV\\\xf4R\xda\xd0\xa1\x02!\x00\xfeR\xbf\n\x91Su\x87L\x98{\xeb%\xed\xfb\x06u)@\xfe\x1b\xde\xa0\xc6@\xab\xc5\xedg\x8e\x10[\x02!\x00\xfb\x86=\x85\xa4'\xde\x85\xb5L\xe0)\x99\xfaL\x8c3A\x02\xa8<\xdew\xad\x00\xe3\x1d\x05\xd8\xb4N\xfb\x02 \x08\xb0M\x04\x90hx\x88q\xcew\xd5U\xcbf\x9b\x16\xdf\x9c\xef\xd1\x85\xee\x9a7Ug\x02\xb0Z\x03'\x02 9\xa0D\xe2$|\xf9\xefz]5\x92rs\xb5+\xfd\xe6,\x1c\xadmn\xcf\xd5?3|\x0em)\x17\x02 5Z\xcc/\xa5?\n\x04%\x9b{N\x9dX\xddI\xbe\xd2\xb0\xa0\x03BQ\x02\x82\xc2\xe0u)\xbd\xb8\xaf"
|
key = b"0\x82\x019\x02\x01\x00\x02A\x00\xf9\xe0}\xbd\xd7\x9cI\x18\x06\xc3\xcb\xb5\xec@r\xfbD\x18\x80\xaaWoZ{\xcc\xa3\xeb!\"\x0fY\x9e]-\xee\xe4\t!BY\x9f{7\xf3\xf2\x8f}}\r|.\xa8<\ta\xb2\xd7W\xb3\xc9\x19A\xc39\x02\x03\x01\x00\x01\x02@\x07:\x9fh\xa6\x9c6\xe1#\x10\xf7\x0b\xc4Q\xf9\x01\x9b\xee\xb9\x8a4\r\\\xa8\xc8:\xd5\xca\x97\x99\xaa\x16\x04)\xa8\xf9\x13\xdeq\x0ev`\xa7\x83\xc5\x8b`\xdb\xef \x9d\x93\xe8g\x84\x96\xfaV\\\xf4R\xda\xd0\xa1\x02!\x00\xfeR\xbf\n\x91Su\x87L\x98{\xeb%\xed\xfb\x06u)@\xfe\x1b\xde\xa0\xc6@\xab\xc5\xedg\x8e\x10[\x02!\x00\xfb\x86=\x85\xa4'\xde\x85\xb5L\xe0)\x99\xfaL\x8c3A\x02\xa8<\xdew\xad\x00\xe3\x1d\x05\xd8\xb4N\xfb\x02 \x08\xb0M\x04\x90hx\x88q\xcew\xd5U\xcbf\x9b\x16\xdf\x9c\xef\xd1\x85\xee\x9a7Ug\x02\xb0Z\x03'\x02 9\xa0D\xe2$|\xf9\xefz]5\x92rs\xb5+\xfd\xe6,\x1c\xadmn\xcf\xd5?3|\x0em)\x17\x02 5Z\xcc/\xa5?\n\x04%\x9b{N\x9dX\xddI\xbe\xd2\xb0\xa0\x03BQ\x02\x82\xc2\xe0u)\xbd\xb8\xaf"
|
||||||
|
|
||||||
# This particular key was generated with:
|
|
||||||
# $ openssl genrsa -out key.pem 512
|
|
||||||
# $ openssl rsa -in key.pem -outform DER -out key.der
|
|
||||||
keypkcs8 = b'0\x82\x01U\x02\x01\x000\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x04\x82\x01?0\x82\x01;\x02\x01\x00\x02A\x00\xae\x07\xbb\xbf \x8eL\\ G\x91\x1b\xc45\x89\x96\x0c\xca\x94\xa5\xc2%F\x84z\xea\xb2Y\xdd\x943\x1a\xe0\x1e\xfe%\xd3\xbc\x85\xf0\x05\x8eI\xca\x83\x8b\x86\xfd\x15P,\xa9t8\xc2s\x11\x7fk*[[w\xdd\x02\x03\x01\x00\x01\x02@?\x02-\xc7\x95Q\xef\xf3\xaa\xfc>]\x7f<\xa3\x03\xe0\xbd\xb7\xf4\x0b\xc6\xd31D\x0f\x95cT\x06D9\xed\xf0X\xa6\x18\xb4\xe7\x96\x8f\x91\xd6\xd7\xbfR\\V\xfd\x0e{\xd3\xa4e\xb4M\x01\xbb\xdf\xf1\xf0\xbcEA\x02!\x00\xd5\xd7f\xcc\x84\xf5Y&\xa7]\x00\x91\xc9\x8e\xb0\xf37\x108D\x7f&!JJ\x836\x83\x9f\n\xf2\x0f\x02!\x00\xd0W\x0ec\xa6\x86C\xf7\x8d\xbe\xf0\xbc2\xe3)|\xbb\xd6\xbb;\xb2\xafG\x05S\x0f-\x14X\n3S\x02 A\xf5\xb20\xcd\xa6<<\x8f\rA\xda\xb68<^\x99\x12x\xb8\xb0\x1b\x9b\xd3%\x8e\xb9\xa6\xf9\xcc\xcf\x83\x02!\x00\xa8.\xee\xdd\xc0\xeb8h\xda\x13^\xb0\xfe\x7fd\xd9]\xa5m\xc66k\xcap`\xe9\xaaav\xe4\xdd#\x02!\x00\xd1\xd0\x93\xe7wZ\xe0p\xd0M\x07\x9e\x13\xa7\xa7\x12\x95\x1e\x13h0O\xc0\x18\x1fa\x10")\x9f&U'
|
|
||||||
|
|
||||||
# Invalid key
|
# Invalid key
|
||||||
try:
|
try:
|
||||||
ssl.wrap_socket(io.BytesIO(), key=b"!")
|
ssl.wrap_socket(io.BytesIO(), key=b"!")
|
||||||
@ -31,9 +26,3 @@ try:
|
|||||||
ssl.wrap_socket(io.BytesIO(), key=key, cert=b"!")
|
ssl.wrap_socket(io.BytesIO(), key=key, cert=b"!")
|
||||||
except ValueError as er:
|
except ValueError as er:
|
||||||
print(repr(er))
|
print(repr(er))
|
||||||
|
|
||||||
# Valid key in PKCS8 format, invalid cert
|
|
||||||
try:
|
|
||||||
ssl.wrap_socket(io.BytesIO(), key=keypkcs8, cert=b"!")
|
|
||||||
except ValueError as er:
|
|
||||||
print(repr(er))
|
|
||||||
|
@ -1,4 +1,3 @@
|
|||||||
ValueError('invalid key',)
|
ValueError('invalid key',)
|
||||||
TypeError("can't convert 'NoneType' object to str implicitly",)
|
TypeError("can't convert 'NoneType' object to str implicitly",)
|
||||||
ValueError('invalid cert',)
|
ValueError('invalid cert',)
|
||||||
ValueError('invalid cert',)
|
|
||||||
|
24
tests/extmod/ssl_keycert_pkcs8.py
Normal file
24
tests/extmod/ssl_keycert_pkcs8.py
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
# Test ssl with key/cert passed in
|
||||||
|
|
||||||
|
try:
|
||||||
|
import io
|
||||||
|
import ssl
|
||||||
|
except ImportError:
|
||||||
|
print("SKIP")
|
||||||
|
raise SystemExit
|
||||||
|
|
||||||
|
# Only mbedTLS supports PKCS8 keys.
|
||||||
|
if not hasattr(ssl, "MBEDTLS_VERSION"):
|
||||||
|
print("SKIP")
|
||||||
|
raise SystemExit
|
||||||
|
|
||||||
|
# This particular key was generated with:
|
||||||
|
# $ openssl genrsa -out key.pem 512
|
||||||
|
# $ openssl rsa -in key.pem -outform DER -out key.der
|
||||||
|
keypkcs8 = b'0\x82\x01U\x02\x01\x000\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x04\x82\x01?0\x82\x01;\x02\x01\x00\x02A\x00\xae\x07\xbb\xbf \x8eL\\ G\x91\x1b\xc45\x89\x96\x0c\xca\x94\xa5\xc2%F\x84z\xea\xb2Y\xdd\x943\x1a\xe0\x1e\xfe%\xd3\xbc\x85\xf0\x05\x8eI\xca\x83\x8b\x86\xfd\x15P,\xa9t8\xc2s\x11\x7fk*[[w\xdd\x02\x03\x01\x00\x01\x02@?\x02-\xc7\x95Q\xef\xf3\xaa\xfc>]\x7f<\xa3\x03\xe0\xbd\xb7\xf4\x0b\xc6\xd31D\x0f\x95cT\x06D9\xed\xf0X\xa6\x18\xb4\xe7\x96\x8f\x91\xd6\xd7\xbfR\\V\xfd\x0e{\xd3\xa4e\xb4M\x01\xbb\xdf\xf1\xf0\xbcEA\x02!\x00\xd5\xd7f\xcc\x84\xf5Y&\xa7]\x00\x91\xc9\x8e\xb0\xf37\x108D\x7f&!JJ\x836\x83\x9f\n\xf2\x0f\x02!\x00\xd0W\x0ec\xa6\x86C\xf7\x8d\xbe\xf0\xbc2\xe3)|\xbb\xd6\xbb;\xb2\xafG\x05S\x0f-\x14X\n3S\x02 A\xf5\xb20\xcd\xa6<<\x8f\rA\xda\xb68<^\x99\x12x\xb8\xb0\x1b\x9b\xd3%\x8e\xb9\xa6\xf9\xcc\xcf\x83\x02!\x00\xa8.\xee\xdd\xc0\xeb8h\xda\x13^\xb0\xfe\x7fd\xd9]\xa5m\xc66k\xcap`\xe9\xaaav\xe4\xdd#\x02!\x00\xd1\xd0\x93\xe7wZ\xe0p\xd0M\x07\x9e\x13\xa7\xa7\x12\x95\x1e\x13h0O\xc0\x18\x1fa\x10")\x9f&U'
|
||||||
|
|
||||||
|
# Valid key in PKCS8 format, invalid cert
|
||||||
|
try:
|
||||||
|
ssl.wrap_socket(io.BytesIO(), key=keypkcs8, cert=b"!")
|
||||||
|
except ValueError as er:
|
||||||
|
print(repr(er))
|
1
tests/extmod/ssl_keycert_pkcs8.py.exp
Normal file
1
tests/extmod/ssl_keycert_pkcs8.py.exp
Normal file
@ -0,0 +1 @@
|
|||||||
|
ValueError('invalid cert',)
|
@ -1,5 +1,4 @@
|
|||||||
# Test ssl.SSLContext.verify_mode attribute.
|
# Test ssl.SSLContext.verify_mode attribute.
|
||||||
# It's not available in the axtls implementation, so has an independent test.
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
import ssl
|
import ssl
|
||||||
@ -7,10 +6,6 @@ except ImportError:
|
|||||||
print("SKIP")
|
print("SKIP")
|
||||||
raise SystemExit
|
raise SystemExit
|
||||||
|
|
||||||
if not hasattr(ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT), "verify_mode"):
|
|
||||||
print("SKIP")
|
|
||||||
raise SystemExit
|
|
||||||
|
|
||||||
# Test default verify_mode for server (client default is different in MicroPython).
|
# Test default verify_mode for server (client default is different in MicroPython).
|
||||||
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
|
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
|
||||||
print(ctx.verify_mode == ssl.CERT_NONE)
|
print(ctx.verify_mode == ssl.CERT_NONE)
|
||||||
@ -18,7 +13,3 @@ print(ctx.verify_mode == ssl.CERT_NONE)
|
|||||||
# Test setting and getting verify_mode.
|
# Test setting and getting verify_mode.
|
||||||
ctx.verify_mode = ssl.CERT_NONE
|
ctx.verify_mode = ssl.CERT_NONE
|
||||||
print(ctx.verify_mode == ssl.CERT_NONE)
|
print(ctx.verify_mode == ssl.CERT_NONE)
|
||||||
ctx.verify_mode = ssl.CERT_OPTIONAL
|
|
||||||
print(ctx.verify_mode == ssl.CERT_OPTIONAL)
|
|
||||||
ctx.verify_mode = ssl.CERT_REQUIRED
|
|
||||||
print(ctx.verify_mode == ssl.CERT_REQUIRED)
|
|
||||||
|
20
tests/extmod/ssl_sslcontext_verify_mode2.py
Normal file
20
tests/extmod/ssl_sslcontext_verify_mode2.py
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
# Test ssl.SSLContext.verify_mode attribute, with additional CERT_xxx constants.
|
||||||
|
# These aren't available in the axtls implementation.
|
||||||
|
|
||||||
|
try:
|
||||||
|
import ssl
|
||||||
|
except ImportError:
|
||||||
|
print("SKIP")
|
||||||
|
raise SystemExit
|
||||||
|
|
||||||
|
if not hasattr(ssl, "OPENSSL_VERSION") and not hasattr(ssl, "MBEDTLS_VERSION"):
|
||||||
|
print("SKIP")
|
||||||
|
raise SystemExit
|
||||||
|
|
||||||
|
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
|
||||||
|
|
||||||
|
# Test setting and getting verify_mode.
|
||||||
|
ctx.verify_mode = ssl.CERT_OPTIONAL
|
||||||
|
print(ctx.verify_mode == ssl.CERT_OPTIONAL)
|
||||||
|
ctx.verify_mode = ssl.CERT_REQUIRED
|
||||||
|
print(ctx.verify_mode == ssl.CERT_REQUIRED)
|
@ -2,7 +2,9 @@
|
|||||||
|
|
||||||
try:
|
try:
|
||||||
import tls
|
import tls
|
||||||
except ImportError:
|
|
||||||
|
tls.SSLContext.get_ciphers
|
||||||
|
except (ImportError, AttributeError):
|
||||||
print("SKIP")
|
print("SKIP")
|
||||||
raise SystemExit
|
raise SystemExit
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user