summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/README.md2
-rw-r--r--tests/multi_net/asyncio_tls_server_client.py4
-rw-r--r--tests/multi_net/asyncio_tls_server_client_cert_required_error.py4
-rw-r--r--tests/multi_net/asyncio_tls_server_client_readline.py4
-rw-r--r--tests/multi_net/asyncio_tls_server_client_verify_error.py4
-rw-r--r--tests/multi_net/ec_cert.derbin0 -> 471 bytes
-rw-r--r--tests/multi_net/ec_key.derbin0 -> 121 bytes
-rw-r--r--tests/multi_net/expired_cert.derbin1331 -> 471 bytes
-rw-r--r--tests/multi_net/rsa_cert.derbin867 -> 867 bytes
-rw-r--r--tests/multi_net/rsa_key.derbin1217 -> 1193 bytes
-rw-r--r--tests/multi_net/ssl_cert_ec.py56
-rw-r--r--tests/multi_net/ssl_cert_ec.py.exp (renamed from tests/multi_net/ssl_data.py.exp)0
-rw-r--r--tests/multi_net/ssl_data.py67
-rw-r--r--tests/multi_net/sslcontext_check_hostname_error.py4
-rw-r--r--tests/multi_net/sslcontext_getpeercert.py4
-rw-r--r--tests/multi_net/sslcontext_getpeercert.py.exp2
-rw-r--r--tests/multi_net/sslcontext_server_client.py4
-rw-r--r--tests/multi_net/sslcontext_server_client_ciphers.py8
-rw-r--r--tests/multi_net/sslcontext_server_client_files.py4
-rw-r--r--tests/multi_net/sslcontext_verify_error.py4
-rw-r--r--tests/multi_net/sslcontext_verify_time_error.py2
21 files changed, 81 insertions, 92 deletions
diff --git a/tests/README.md b/tests/README.md
index 47fcacf40..3bc626bf9 100644
--- a/tests/README.md
+++ b/tests/README.md
@@ -189,7 +189,7 @@ In this case CN is: micropython.local
Convert them to DER format:
```
-$ openssl rsa -in rsa_key.pem -out rsa_key.der -outform DER
+$ openssl pkey -in rsa_key.pem -out rsa_key.der -outform DER
$ openssl x509 -in rsa_cert.pem -out rsa_cert.der -outform DER
```
diff --git a/tests/multi_net/asyncio_tls_server_client.py b/tests/multi_net/asyncio_tls_server_client.py
index 59e13ec45..98f15c662 100644
--- a/tests/multi_net/asyncio_tls_server_client.py
+++ b/tests/multi_net/asyncio_tls_server_client.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
diff --git a/tests/multi_net/asyncio_tls_server_client_cert_required_error.py b/tests/multi_net/asyncio_tls_server_client_cert_required_error.py
index 8607e4ff1..178ad3927 100644
--- a/tests/multi_net/asyncio_tls_server_client_cert_required_error.py
+++ b/tests/multi_net/asyncio_tls_server_client_cert_required_error.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
diff --git a/tests/multi_net/asyncio_tls_server_client_readline.py b/tests/multi_net/asyncio_tls_server_client_readline.py
index fd8685f5a..da5f1afee 100644
--- a/tests/multi_net/asyncio_tls_server_client_readline.py
+++ b/tests/multi_net/asyncio_tls_server_client_readline.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
diff --git a/tests/multi_net/asyncio_tls_server_client_verify_error.py b/tests/multi_net/asyncio_tls_server_client_verify_error.py
index c600dcc2c..362f0fc8e 100644
--- a/tests/multi_net/asyncio_tls_server_client_verify_error.py
+++ b/tests/multi_net/asyncio_tls_server_client_verify_error.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
diff --git a/tests/multi_net/ec_cert.der b/tests/multi_net/ec_cert.der
new file mode 100644
index 000000000..a503a39df
--- /dev/null
+++ b/tests/multi_net/ec_cert.der
Binary files differ
diff --git a/tests/multi_net/ec_key.der b/tests/multi_net/ec_key.der
new file mode 100644
index 000000000..7d50fe3bc
--- /dev/null
+++ b/tests/multi_net/ec_key.der
Binary files differ
diff --git a/tests/multi_net/expired_cert.der b/tests/multi_net/expired_cert.der
index 8e1db02ae..3801fca17 100644
--- a/tests/multi_net/expired_cert.der
+++ b/tests/multi_net/expired_cert.der
Binary files differ
diff --git a/tests/multi_net/rsa_cert.der b/tests/multi_net/rsa_cert.der
index 8fae71d4b..d0ea34bf4 100644
--- a/tests/multi_net/rsa_cert.der
+++ b/tests/multi_net/rsa_cert.der
Binary files differ
diff --git a/tests/multi_net/rsa_key.der b/tests/multi_net/rsa_key.der
index c2cfb76d2..c9c535ae6 100644
--- a/tests/multi_net/rsa_key.der
+++ b/tests/multi_net/rsa_key.der
Binary files differ
diff --git a/tests/multi_net/ssl_cert_ec.py b/tests/multi_net/ssl_cert_ec.py
new file mode 100644
index 000000000..2c5734e05
--- /dev/null
+++ b/tests/multi_net/ssl_cert_ec.py
@@ -0,0 +1,56 @@
+# Simple test creating an SSL connection and transferring some data
+# This test won't run under CPython because CPython doesn't have key/cert
+
+try:
+ import binascii, os, socket, ssl
+except ImportError:
+ print("SKIP")
+ raise SystemExit
+
+PORT = 8000
+
+# These are test certificates. See tests/README.md for details.
+certfile = "ec_cert.der"
+keyfile = "ec_key.der"
+
+try:
+ os.stat(certfile)
+ os.stat(keyfile)
+except OSError:
+ print("SKIP")
+ raise SystemExit
+
+with open(certfile, "rb") as cf:
+ cert = cadata = cf.read()
+
+with open(keyfile, "rb") as kf:
+ key = kf.read()
+
+
+# Server
+def instance0():
+ multitest.globals(IP=multitest.get_network_ip())
+ s = socket.socket()
+ s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+ s.bind(socket.getaddrinfo("0.0.0.0", PORT)[0][-1])
+ s.listen(1)
+ multitest.next()
+ s2, _ = s.accept()
+ s2 = ssl.wrap_socket(s2, server_side=True, key=key, cert=cert)
+ print(s2.read(16))
+ s2.write(b"server to client")
+ s2.close()
+ s.close()
+
+
+# Client
+def instance1():
+ multitest.next()
+ s = socket.socket()
+ s.connect(socket.getaddrinfo(IP, PORT)[0][-1])
+ s = ssl.wrap_socket(
+ s, cert_reqs=ssl.CERT_REQUIRED, server_hostname="micropython.local", cadata=cadata
+ )
+ s.write(b"client to server")
+ print(s.read(16))
+ s.close()
diff --git a/tests/multi_net/ssl_data.py.exp b/tests/multi_net/ssl_cert_ec.py.exp
index 909c496d0..909c496d0 100644
--- a/tests/multi_net/ssl_data.py.exp
+++ b/tests/multi_net/ssl_cert_ec.py.exp
diff --git a/tests/multi_net/ssl_data.py b/tests/multi_net/ssl_data.py
deleted file mode 100644
index a21c8c658..000000000
--- a/tests/multi_net/ssl_data.py
+++ /dev/null
@@ -1,67 +0,0 @@
-# Simple test creating an SSL connection and transferring some data
-# This test won't run under CPython because it requires key/cert
-
-try:
- import binascii, socket, ssl
-except ImportError:
- print("SKIP")
- raise SystemExit
-
-PORT = 8000
-
-# This self-signed key/cert pair is randomly generated and to be used for
-# testing/demonstration only. You should always generate your own key/cert.
-key = binascii.unhexlify(
- b"3082013b020100024100cc20643fd3d9c21a0acba4f48f61aadd675f52175a9dcf07fbef"
- b"610a6a6ba14abb891745cd18a1d4c056580d8ff1a639460f867013c8391cdc9f2e573b0f"
- b"872d0203010001024100bb17a54aeb3dd7ae4edec05e775ca9632cf02d29c2a089b563b0"
- b"d05cdf95aeca507de674553f28b4eadaca82d5549a86058f9996b07768686a5b02cb240d"
- b"d9f1022100f4a63f5549e817547dca97b5c658038e8593cb78c5aba3c4642cc4cd031d86"
- b"8f022100d598d870ffe4a34df8de57047a50b97b71f4d23e323f527837c9edae88c79483"
- b"02210098560c89a70385c36eb07fd7083235c4c1184e525d838aedf7128958bedfdbb102"
- b"2051c0dab7057a8176ca966f3feb81123d4974a733df0f958525f547dfd1c271f9022044"
- b"6c2cafad455a671a8cf398e642e1be3b18a3d3aec2e67a9478f83c964c4f1f"
-)
-cert = binascii.unhexlify(
- b"308201d53082017f020203e8300d06092a864886f70d01010505003075310b3009060355"
- b"0406130258583114301206035504080c0b54686550726f76696e63653110300e06035504"
- b"070c075468654369747931133011060355040a0c0a436f6d70616e7958595a3113301106"
- b"0355040b0c0a436f6d70616e7958595a3114301206035504030c0b546865486f73744e61"
- b"6d65301e170d3139313231383033333935355a170d3239313231353033333935355a3075"
- b"310b30090603550406130258583114301206035504080c0b54686550726f76696e636531"
- b"10300e06035504070c075468654369747931133011060355040a0c0a436f6d70616e7958"
- b"595a31133011060355040b0c0a436f6d70616e7958595a3114301206035504030c0b5468"
- b"65486f73744e616d65305c300d06092a864886f70d0101010500034b003048024100cc20"
- b"643fd3d9c21a0acba4f48f61aadd675f52175a9dcf07fbef610a6a6ba14abb891745cd18"
- b"a1d4c056580d8ff1a639460f867013c8391cdc9f2e573b0f872d0203010001300d06092a"
- b"864886f70d0101050500034100b0513fe2829e9ecbe55b6dd14c0ede7502bde5d46153c8"
- b"e960ae3ebc247371b525caeb41bbcf34686015a44c50d226e66aef0a97a63874ca5944ef"
- b"979b57f0b3"
-)
-
-
-# Server
-def instance0():
- multitest.globals(IP=multitest.get_network_ip())
- s = socket.socket()
- s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
- s.bind(socket.getaddrinfo("0.0.0.0", PORT)[0][-1])
- s.listen(1)
- multitest.next()
- s2, _ = s.accept()
- s2 = ssl.wrap_socket(s2, server_side=True, key=key, cert=cert)
- print(s2.read(16))
- s2.write(b"server to client")
- s2.close()
- s.close()
-
-
-# Client
-def instance1():
- multitest.next()
- s = socket.socket()
- s.connect(socket.getaddrinfo(IP, PORT)[0][-1])
- s = ssl.wrap_socket(s)
- s.write(b"client to server")
- print(s.read(16))
- s.close()
diff --git a/tests/multi_net/sslcontext_check_hostname_error.py b/tests/multi_net/sslcontext_check_hostname_error.py
index ac39211b0..d85363f00 100644
--- a/tests/multi_net/sslcontext_check_hostname_error.py
+++ b/tests/multi_net/sslcontext_check_hostname_error.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
diff --git a/tests/multi_net/sslcontext_getpeercert.py b/tests/multi_net/sslcontext_getpeercert.py
index 8748c1f78..e9d96be24 100644
--- a/tests/multi_net/sslcontext_getpeercert.py
+++ b/tests/multi_net/sslcontext_getpeercert.py
@@ -12,8 +12,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
diff --git a/tests/multi_net/sslcontext_getpeercert.py.exp b/tests/multi_net/sslcontext_getpeercert.py.exp
index 7b0e9d40a..e7a0ab0b4 100644
--- a/tests/multi_net/sslcontext_getpeercert.py.exp
+++ b/tests/multi_net/sslcontext_getpeercert.py.exp
@@ -1,5 +1,5 @@
--- instance0 ---
b'client to server'
--- instance1 ---
-3082058930820371a00302010202141b3da08b15005eea265d0b57b8ba99812ab274cb300d06092a864886f70d01010b05003054310b30090603550406130241553113301106035504080c0a536f6d652d537461746531143012060355040a0c0b4d6963726f507974686f6e311a301806035504030c116d6963726f707974686f6e2e6c6f63616c301e170d3233313131393032323932375a170d3238313131373032323932375a3054310b30090603550406130241553113301106035504080c0a536f6d652d537461746531143012060355040a0c0b4d6963726f507974686f6e311a301806035504030c116d6963726f707974686f6e2e6c6f63616c30820222300d06092a864886f70d01010105000382020f003082020a0282020100deee37780ebca47e0f414ba033ebe692d2bc374a0eb1f42556bf266ad704208116ee0d8b2fd0b518074ad0981c4fd1322de81696ccea838884b06f56d3ebe49cf0561050f6f8ced5f7f4f13d086b28779a9647bbfae6c3f3ad68a5b28ee8a1ceb260d87ea300316599c4dd9f6082f89164b590df8695add518339f6730dec4f05b1ef63548329b0a48823035b23737f3303b56aa251dd8dcf0c20e6c1d291374c185ae657b349c20721c7c01a1b393c96d4c5f2bc8e2dfca7dab896e2fa84dee53d2bb6dbd1056970fa1812315e8ee9d92b3cb93e0b563d274bf07dd79600ef403b91d4ce814418b28cfaeb2b7d8401e64f6d4f39283df3204f2fe01f2fd289f5d2078d9ee2f96b6de1fd4284d9274fa38b0ad9ffcce8ffe66673be2cf304ee1b27c7cacaaf4ca76f1e84419e6e80f540add3e91cd469903e9ceb6bd2b1c33caa59acb5516ce8ac00e73d7a551bb65d39bd6af04411e81c20e6bd474d797a0bcd498e26720bd60ae4f900bb1afa59c7ac7a336273c7734ca5874ea63fb8ec787ab702041442da11a922baf5fbeb9eeea4f9f49cb1f659b561806d2169dbed07c43558c908c94e16491fe1a22cd92b8f33c1184353bdc985c88722f65e48024910f723035c0d33b789928296fb193cec6350884243b00bf51422ad09fb7012bd9cad4716803422be0d111deace913fac8cb2be1e96fa8449068430e5424bd0bd10203010001a3533051301d0603551d0e041604147d392a82ab464936fd7d74226694556a2945fd8d301f0603551d230418301680147d392a82ab464936fd7d74226694556a2945fd8d300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382020100ae40c015e3eade8dabc84ee357ac9d694e7cd69ce4a1b265880273d16257119aa72fb2aa8b841e2899bea3e8690146f24d963a37825c93bf745447dc6ab09b5f2947671dca13b1e71f5c3e43011d74cdc688ed1215b3016071ae7235d77f79d7bb81f097bb04a08ccf400717721b29e2ea913eb23614610597deee477ed716db7e8ebe11aed39c7035f48259dfa54d88871c1f67159d52ce11eb111fa00708a7d7081c07fd92d54abbaec7ff1b50ce2f6f358857d2f55d1c7b5aa6dd66b9c3c2e654397e2d5330aca9834ff8fd749ce968c706fe3bb1b8510a379ec1910d7ece0212c34d56a2073fb7f25c88fe298568e448d03ec30b348f7d9a8836390216a6da7a8efed50dfb8c21a8531efc158e7f4398f87af18d1bd2926d08d34364bf5d85e88040dff3d3f1da6268dbc0cafa64f544c065380fa695a8d015b385aed0a1fd9ff1d7c2b28a549e04c1132b421f85a85640acac11c69416859fb9b461eeddffa92ae303b35c7233537077068de558dd02715e25aee976a97879038d2952be0d327892ab2fc78716b0d7aab4b923d5d79905f7f8b6a18c42e466fec62f84b6e5957deae0964dab8436b0e0cd4e08012661bafb9588fbfd7068fd6c08ab79101a4bdfe21d95cd0ee0aad7dd8a3ed128071c0ec2d063dc6dfa63189e51bf5d9259e776d7623f745a73f4e12e5c2b90493de1c6436b339e1400891e3e35c31057
+308201d330820179a00302010202144315a7cd8f69febe2640314e7c97d60a2523ad15300a06082a8648ce3d040302303f311a301806035504030c116d6963726f707974686f6e2e6c6f63616c31143012060355040a0c0b4d6963726f507974686f6e310b3009060355040613024155301e170d3234303131343034353335335a170d3235303131333034353335335a303f311a301806035504030c116d6963726f707974686f6e2e6c6f63616c31143012060355040a0c0b4d6963726f507974686f6e310b30090603550406130241553059301306072a8648ce3d020106082a8648ce3d0301070342000449b7f5fa687cb25a9464c397508149992f445c860bcf7002958eb4337636c6af840cd4c8cf3b96f2384860d8ae3ee3fa135dba051e8605e62bd871689c6af43ca3533051301d0603551d0e0416041441b3ae171d91e330411d8543ba45e0f2d5b2951b301f0603551d2304183016801441b3ae171d91e330411d8543ba45e0f2d5b2951b300f0603551d130101ff040530030101ff300a06082a8648ce3d04030203480030450220587f61c34739d6fab5802a674dcc54443ae9c87da374078c4ee1cd83f4ad1694022100cfc45dcf264888c6ba2c36e78bd27bb67856d7879a052dd7aa7ecf7215f7b992
b'server to client'
diff --git a/tests/multi_net/sslcontext_server_client.py b/tests/multi_net/sslcontext_server_client.py
index c263ae31b..473c9c376 100644
--- a/tests/multi_net/sslcontext_server_client.py
+++ b/tests/multi_net/sslcontext_server_client.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-certfile = "rsa_cert.der"
-keyfile = "rsa_key.der"
+certfile = "ec_cert.der"
+keyfile = "ec_key.der"
try:
os.stat(certfile)
diff --git a/tests/multi_net/sslcontext_server_client_ciphers.py b/tests/multi_net/sslcontext_server_client_ciphers.py
index be7c332b4..d65d860fb 100644
--- a/tests/multi_net/sslcontext_server_client_ciphers.py
+++ b/tests/multi_net/sslcontext_server_client_ciphers.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
@@ -48,8 +48,8 @@ def instance1():
s.connect(socket.getaddrinfo(IP, PORT)[0][-1])
client_ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
ciphers = client_ctx.get_ciphers()
- assert "TLS-RSA-WITH-AES-256-CBC-SHA256" in ciphers
- client_ctx.set_ciphers(["TLS-RSA-WITH-AES-256-CBC-SHA256"])
+ assert "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" in ciphers
+ client_ctx.set_ciphers(["TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256"])
client_ctx.verify_mode = ssl.CERT_REQUIRED
client_ctx.load_verify_locations(cafile=cafile)
s = client_ctx.wrap_socket(s, server_hostname="micropython.local")
diff --git a/tests/multi_net/sslcontext_server_client_files.py b/tests/multi_net/sslcontext_server_client_files.py
index e1ea1b3aa..64a4215c7 100644
--- a/tests/multi_net/sslcontext_server_client_files.py
+++ b/tests/multi_net/sslcontext_server_client_files.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
diff --git a/tests/multi_net/sslcontext_verify_error.py b/tests/multi_net/sslcontext_verify_error.py
index 4a7a6cfcc..5dc461e77 100644
--- a/tests/multi_net/sslcontext_verify_error.py
+++ b/tests/multi_net/sslcontext_verify_error.py
@@ -11,8 +11,8 @@ except ImportError:
PORT = 8000
# These are test certificates. See tests/README.md for details.
-cert = cafile = "rsa_cert.der"
-key = "rsa_key.der"
+cert = cafile = "ec_cert.der"
+key = "ec_key.der"
try:
os.stat(cafile)
diff --git a/tests/multi_net/sslcontext_verify_time_error.py b/tests/multi_net/sslcontext_verify_time_error.py
index e5dc49645..fbefdecf9 100644
--- a/tests/multi_net/sslcontext_verify_time_error.py
+++ b/tests/multi_net/sslcontext_verify_time_error.py
@@ -12,7 +12,7 @@ PORT = 8000
# These are test certificates. See tests/README.md for details.
cert = cafile = "expired_cert.der"
-key = "rsa_key.der"
+key = "ec_key.der"
try:
os.stat(cafile)
generated by cgit v1.2.3 (git 2.46.0) at 2025-11-17 19:04:12 +0000