W3SLAV/micropython
1
Fork 0
mirror of https://github.com/W3SLAV/micropython.git synced 2025-06-20 12:35:34 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
nds
micropython/tests/net_hosted/ssl_verify_callback.py
Felix Dörre aaba1d8a6c extmod/modtls_mbedtls: Implement cert verification callback for mbedtls. 
This is a useful alternative to .getpeercert() when the certificate is not
stored to reduce RAM usage.

Signed-off-by: Felix Dörre <felix@dogcraft.de>
2024-02-07 13:00:57 +11:00

38 lines
848 B
Python
Raw Permalink Blame History

# test ssl verify_callback
import io
import socket
import tls
def verify_callback(cert, depth):
print("verify_callback:", type(cert), len(cert) > 100, depth)
return 0
def verify_callback_fail(cert, depth):
print("verify_callback_fail:", type(cert), len(cert) > 100, depth)
return 1
def test(peer_addr):
context = tls.SSLContext(tls.PROTOCOL_TLS_CLIENT)
context.verify_mode = tls.CERT_OPTIONAL
context.verify_callback = verify_callback
s = socket.socket()
s.connect(peer_addr)
s = context.wrap_socket(s)
s.close()
context.verify_callback = verify_callback_fail
s = socket.socket()
s.connect(peer_addr)
try:
s = context.wrap_socket(s)
except OSError as e:
print(e.args[1])
if __name__ == "__main__":
test(socket.getaddrinfo("micropython.org", 443)[0][-1])
Reference in New Issue View Git Blame Copy Permalink