Skip to content
This repository was archived by the owner on Oct 28, 2023. It is now read-only.

Commit d5191ed

Browse files
MrSurlydpgeorge
authored andcommitted
extmod/modussl_mbedtls.c: Add ussl.getpeercert() method.
Behaviour is as per CPython but only the binary form is implemented here. A test is included.
1 parent ace9fb5 commit d5191ed

File tree

3 files changed

+34
-0
lines changed

3 files changed

+34
-0
lines changed

extmod/modussl_mbedtls.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@
3434
#include "py/nlr.h"
3535
#include "py/runtime.h"
3636
#include "py/stream.h"
37+
#include "py/obj.h"
3738

3839
// mbedtls_time_t
3940
#include "mbedtls/platform.h"
@@ -189,6 +190,16 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
189190
return o;
190191
}
191192

193+
STATIC mp_obj_t mod_ssl_getpeercert(mp_obj_t o_in, mp_obj_t binary_form) {
194+
mp_obj_ssl_socket_t *o = MP_OBJ_TO_PTR(o_in);
195+
if (!mp_obj_is_true(binary_form)) {
196+
mp_raise_NotImplementedError(NULL);
197+
}
198+
const mbedtls_x509_crt* peer_cert = mbedtls_ssl_get_peer_cert(&o->ssl);
199+
return mp_obj_new_bytes(peer_cert->raw.p, peer_cert->raw.len);
200+
}
201+
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_ssl_getpeercert_obj, mod_ssl_getpeercert);
202+
192203
STATIC void socket_print(const mp_print_t *print, mp_obj_t self_in, mp_print_kind_t kind) {
193204
(void)kind;
194205
mp_obj_ssl_socket_t *self = MP_OBJ_TO_PTR(self_in);
@@ -259,6 +270,7 @@ STATIC const mp_rom_map_elem_t ussl_socket_locals_dict_table[] = {
259270
{ MP_ROM_QSTR(MP_QSTR_write), MP_ROM_PTR(&mp_stream_write_obj) },
260271
{ MP_ROM_QSTR(MP_QSTR_setblocking), MP_ROM_PTR(&socket_setblocking_obj) },
261272
{ MP_ROM_QSTR(MP_QSTR_close), MP_ROM_PTR(&socket_close_obj) },
273+
{ MP_ROM_QSTR(MP_QSTR_getpeercert), MP_ROM_PTR(&mod_ssl_getpeercert_obj) },
262274
};
263275

264276
STATIC MP_DEFINE_CONST_DICT(ussl_socket_locals_dict, ussl_socket_locals_dict_table);

tests/net_hosted/ssl_getpeercert.py

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
# test ssl.getpeercert() method
2+
3+
try:
4+
import usocket as socket
5+
import ussl as ssl
6+
except:
7+
import socket
8+
import ssl
9+
10+
11+
def test(peer_addr):
12+
s = socket.socket()
13+
s.connect(peer_addr)
14+
s = ssl.wrap_socket(s)
15+
cert = s.getpeercert(True)
16+
print(type(cert), len(cert) > 100)
17+
s.close()
18+
19+
20+
if __name__ == "__main__":
21+
test(socket.getaddrinfo('micropython.org', 443)[0][-1])
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
<class 'bytes'> True

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy