Skip to content

extmod/modssl_mbedtls: Add SSLContext methods. #11888

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Carglglz wants to merge 1 commit into from
Closed

extmod/modssl_mbedtls: Add SSLContext methods. #11888

Carglglz wants to merge 1 commit into from

Conversation

@Carglglz
Copy link
Contributor

@Carglglz Carglglz commented Jun 27, 2023
edited
Loading

This commit adds a # MICROPY_SSL_MBEDTLS_EXTRAS macro that enables:

  1. Methods to SSLContext class that match CPython signature:
  • SSLContext.load_cert_chain(certfile, keyfile=)
  • SSLContext.load_verify_locations(cadata=)
  • SSLContext.get_ciphers() --> ["CIPHERSUITE"]
  • SSLContext.set_ciphers(["CIPHERSUITE"])

  1. sslsocket.cipher() to get current ciphersuite and protocol
    version.

  2. ssl.MBEDTLS_VERSION string constant

  3. Tests in net_inet and multi_net

@github-actions
Copy link

github-actions bot commented Jun 27, 2023
edited
Loading

Code size report:

   bare-arm:    +0 +0.000% 
minimal x86:    +0 +0.000% 
   unix x64: +18520 +2.319% standard[incl +672(data)]
      stm32:    +0 +0.000% PYBV10
     mimxrt:    +0 +0.000% TEENSY40
        rp2:    +0 +0.000% PICO
       samd:    +0 +0.000% ADAFRUIT_ITSYBITSY_M4_EXPRESS

@codecov
Copy link

codecov bot commented Jun 27, 2023
edited
Loading

Codecov Report

Merging #11888 (5c2a1f2) into master (8851800) will increase coverage by 0.02%.
The diff coverage is 98.48%.

❗ Current head 5c2a1f2 differs from pull request most recent head 606b0ba. Consider uploading reports for the commit 606b0ba to get more accurate results

@@            Coverage Diff             @@
##           master   #11888      +/-   ##
==========================================
+ Coverage   98.38%   98.41%   +0.02%     
==========================================
  Files         158      158              
  Lines       20898    20962      +64     
==========================================
+ Hits        20561    20629      +68     
+ Misses        337      333       -4
Files Changed Coverage Δ
ports/unix/mpconfigport.h 100.00% <ø> (ø)
extmod/modssl_mbedtls.c 95.13% <98.48%> (+3.24%) ⬆️

... and 2 files with indirect coverage changes

@Carglglz Carglglz force-pushed the sslcontext branch 3 times, most recently from c550e8f to a336bd1 Compare June 28, 2023 00:47
@Carglglz Carglglz mentioned this pull request Jun 28, 2023
Merged
@Carglglz Carglglz force-pushed the sslcontext branch 4 times, most recently from 87613bb to f6b8d50 Compare July 4, 2023 04:14
This was referenced Jul 4, 2023
Closed
Merged
Closed
Closed
@Carglglz Carglglz force-pushed the sslcontext branch 2 times, most recently from e614752 to 17fac67 Compare July 7, 2023 14:54
@dpgeorge dpgeorge added the extmod Relates to extmod/ directory in source label Jul 11, 2023
@Carglglz
Copy link
Contributor Author

Carglglz commented Jul 13, 2023
edited
Loading

Note that I've only enabled the extra methods in unix port, and I use the macro # MICROPY_SSL_MBEDTLS_EXTRAS so one can choose to enable these methods at port or board level adding the macro at mpconfigport.h or mpconfigboard.h

Also note that AFAIK without these extra methods, the implementation of SSLContext at #11862 is incomplete, i.e. only allows client mode and without server verification.

@Carglglz Carglglz mentioned this pull request Jul 17, 2023
Merged
@Carglglz Carglglz force-pushed the sslcontext branch 3 times, most recently from 37a1ffc to 5c2a1f2 Compare August 14, 2023 13:31
@Carglglz
extmod/modssl_mbedtls: Add SSLContext methods.
606b0ba 
This commit adds a `# MICROPY_SSL_MBEDTLS_EXTRAS` macro that enables:

1) Methods to SSLContext class that match CPython signature:

	- `SSLContext.load_cert_chain(certfile, keyfile=)`
	- `SSLContext.load_verify_locations(cadata=)`
	- `SSLContext.get_ciphers()` --> ["CIPHERSUITE"]
	- `SSLContext.set_ciphers(["CIPHERSUITE"])`

2) `sslsocket.cipher()` to get current ciphersuite and protocol
   version.

3) `ssl.MBEDTLS_VERSION` string constant

4) Tests in `net_inet` and `multi_net`

Signed-off-by: Carlos Gil <[email protected]>
@DvdGiessen DvdGiessen mentioned this pull request Oct 23, 2023
Open
@Carglglz
Copy link
Contributor Author

Carglglz commented Nov 30, 2023

Follow in #13098

@Carglglz Carglglz closed this Nov 30, 2023
@Carglglz Carglglz deleted the sslcontext branch January 21, 2024 17:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

extmod Relates to extmod/ directory in source

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Carglglz @dpgeorge