Skip to content
This repository was archived by the owner on Sep 6, 2023. It is now read-only.

Commit d5191ed

Browse files
MrSurlydpgeorge
MrSurly
authored and
dpgeorge
committed
extmod/modussl_mbedtls.c: Add ussl.getpeercert() method.
Behaviour is as per CPython but only the binary form is implemented here. A test is included.
1 parent ace9fb5 commit d5191ed

File tree

3 files changed

+34
-0
lines changed

3 files changed

+34
-0
lines changed

extmod/modussl_mbedtls.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@
3434
#include "py/nlr.h"
3535
#include "py/runtime.h"
3636
#include "py/stream.h"
37+
#include "py/obj.h"
3738

3839
// mbedtls_time_t
3940
#include "mbedtls/platform.h"
@@ -189,6 +190,16 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
189190
return o;
190191
}
191192

193+
STATIC mp_obj_t mod_ssl_getpeercert(mp_obj_t o_in, mp_obj_t binary_form) {
194+
mp_obj_ssl_socket_t *o = MP_OBJ_TO_PTR(o_in);
195+
if (!mp_obj_is_true(binary_form)) {
196+
mp_raise_NotImplementedError(NULL);
197+
}
198+
const mbedtls_x509_crt* peer_cert = mbedtls_ssl_get_peer_cert(&o->ssl);
199+
return mp_obj_new_bytes(peer_cert->raw.p, peer_cert->raw.len);
200+
}
201+
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_ssl_getpeercert_obj, mod_ssl_getpeercert);
202+
192203
STATIC void socket_print(const mp_print_t *print, mp_obj_t self_in, mp_print_kind_t kind) {
193204
(void)kind;
194205
mp_obj_ssl_socket_t *self = MP_OBJ_TO_PTR(self_in);
@@ -259,6 +270,7 @@ STATIC const mp_rom_map_elem_t ussl_socket_locals_dict_table[] = {
259270
{ MP_ROM_QSTR(MP_QSTR_write), MP_ROM_PTR(&mp_stream_write_obj) },
260271
{ MP_ROM_QSTR(MP_QSTR_setblocking), MP_ROM_PTR(&socket_setblocking_obj) },
261272
{ MP_ROM_QSTR(MP_QSTR_close), MP_ROM_PTR(&socket_close_obj) },
273+
{ MP_ROM_QSTR(MP_QSTR_getpeercert), MP_ROM_PTR(&mod_ssl_getpeercert_obj) },
262274
};
263275

264276
STATIC MP_DEFINE_CONST_DICT(ussl_socket_locals_dict, ussl_socket_locals_dict_table);

tests/net_hosted/ssl_getpeercert.py

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
# test ssl.getpeercert() method
2+
3+
try:
4+
import usocket as socket
5+
import ussl as ssl
6+
except:
7+
import socket
8+
import ssl
9+
10+
11+
def test(peer_addr):
12+
s = socket.socket()
13+
s.connect(peer_addr)
14+
s = ssl.wrap_socket(s)
15+
cert = s.getpeercert(True)
16+
print(type(cert), len(cert) > 100)
17+
s.close()
18+
19+
20+
if __name__ == "__main__":
21+
test(socket.getaddrinfo('micropython.org', 443)[0][-1])

tests/net_hosted/ssl_getpeercert.py.exp

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
<class 'bytes'> True

0 commit comments

Comments
 (0)