micropython - MicroPython - a lean and efficient Python implementation for microcontrollers and constrained systems

	Commit message (Collapse)	Author	Age
*	tests/multi_net: Update TLS test certificates and keys.	Damien George	2025-01-14
\| \| \| \| \| \|	They expired in early January 2025. Signed-off-by: Damien George <damien@micropython.org>
*	all: Update bindings, ports and tests for mbedtls v3.5.1.	Carlosgg	2024-01-30
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Changes include: - Some mbedtls source files renamed or deprecated. - Our `mbedtls_config.h` files are renamed to `mbedtls_config_port.h`, so they don't clash with mbedtls's new default configuration file named `mbedtls_config.h`. - MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE is deprecated. - MBEDTLS_HAVE_TIME now requires an `mbedtls_ms_time` function to be defined but it's only used for TLSv1.3 (currently not enabled in MicroPython so there is a lazy implementation, i.e. seconds * 1000). - `tests/multi_net/ssl_data.py` is removed (due to deprecation of MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE), there are the existing `ssl_cert_rsa.py` and `sslcontext_server_client.py` tests which do very similar, simple SSL data transfer. - Tests now use an EC key by default (they are smaller and faster), and the RSA key has been regenerated due to the old PKCS encoding used by openssl rsa command, see https://stackoverflow.com/questions/40822328/openssl-rsa-key-pem-and-der-conversion-does-not-match (and `tests/README.md` has been updated accordingly). Signed-off-by: Carlos Gil <carlosgilglez@gmail.com>
*	extmod/modssl_mbedtls: Make SSLSocket.getpeercert() optional.	Damien George	2023-12-12
\| \| \| \| \| \| \| \| \| \|	And only enable this method when the relevant feature is available in mbedtls. Otherwise, if mbedtls doesn't support getting the peer certificate, this method always returns None and it's confusing why it does that. It's better to remove the method altogether, so the error trying to use it is more obvious. Signed-off-by: Damien George <damien@micropython.org>
*	extmod/modssl_mbedtls: Add SSLContext certificate methods.	Carlosgg	2023-12-12
	This commit adds: 1) Methods to SSLContext class that match CPython signature: - `SSLContext.load_cert_chain(certfile, keyfile)` - `SSLContext.load_verify_locations(cafile=, cadata=)` - `SSLContext.get_ciphers()` --> ["CIPHERSUITE"] - `SSLContext.set_ciphers(["CIPHERSUITE"])` 2) `sslsocket.cipher()` to get current ciphersuite and protocol version. 3) `ssl.MBEDTLS_VERSION` string constant. 4) Certificate verification errors info instead of `MBEDTLS_ERR_X509_CERT_VERIFY_FAILED`. 5) Tests in `net_inet` and `multi_net` to test these new methods. `SSLContext.load_cert_chain` method allows loading key and cert from disk passing a filepath in `certfile` or `keyfile` options. `SSLContext.load_verify_locations`'s `cafile` option enables the same functionality for ca files. Signed-off-by: Carlos Gil <carlosgilglez@gmail.com>