|
| 1 | +try: |
| 2 | + import uselect |
| 3 | + import ussl |
| 4 | + import io |
| 5 | + import ubinascii as binascii |
| 6 | +except ImportError: |
| 7 | + print("SKIP") |
| 8 | + raise SystemExit |
| 9 | + |
| 10 | +from micropython import const |
| 11 | + |
| 12 | +_MP_STREAM_POLL_RD = const(0x0001) |
| 13 | +_MP_STREAM_POLL_WR = const(0x0004) |
| 14 | +_MP_STREAM_POLL_NVAL = const(0x0020) |
| 15 | +_MP_STREAM_POLL = const(3) |
| 16 | +_MP_STREAM_CLOSE = const(4) |
| 17 | + |
| 18 | + |
| 19 | +# This self-signed key/cert pair is randomly generated and to be used for |
| 20 | +# testing/demonstration only. You should always generate your own key/cert. |
| 21 | +key = binascii.unhexlify( |
| 22 | + b"3082013b020100024100cc20643fd3d9c21a0acba4f48f61aadd675f52175a9dcf07fbef" |
| 23 | + b"610a6a6ba14abb891745cd18a1d4c056580d8ff1a639460f867013c8391cdc9f2e573b0f" |
| 24 | + b"872d0203010001024100bb17a54aeb3dd7ae4edec05e775ca9632cf02d29c2a089b563b0" |
| 25 | + b"d05cdf95aeca507de674553f28b4eadaca82d5549a86058f9996b07768686a5b02cb240d" |
| 26 | + b"d9f1022100f4a63f5549e817547dca97b5c658038e8593cb78c5aba3c4642cc4cd031d86" |
| 27 | + b"8f022100d598d870ffe4a34df8de57047a50b97b71f4d23e323f527837c9edae88c79483" |
| 28 | + b"02210098560c89a70385c36eb07fd7083235c4c1184e525d838aedf7128958bedfdbb102" |
| 29 | + b"2051c0dab7057a8176ca966f3feb81123d4974a733df0f958525f547dfd1c271f9022044" |
| 30 | + b"6c2cafad455a671a8cf398e642e1be3b18a3d3aec2e67a9478f83c964c4f1f" |
| 31 | +) |
| 32 | +cert = binascii.unhexlify( |
| 33 | + b"308201d53082017f020203e8300d06092a864886f70d01010505003075310b3009060355" |
| 34 | + b"0406130258583114301206035504080c0b54686550726f76696e63653110300e06035504" |
| 35 | + b"070c075468654369747931133011060355040a0c0a436f6d70616e7958595a3113301106" |
| 36 | + b"0355040b0c0a436f6d70616e7958595a3114301206035504030c0b546865486f73744e61" |
| 37 | + b"6d65301e170d3139313231383033333935355a170d3239313231353033333935355a3075" |
| 38 | + b"310b30090603550406130258583114301206035504080c0b54686550726f76696e636531" |
| 39 | + b"10300e06035504070c075468654369747931133011060355040a0c0a436f6d70616e7958" |
| 40 | + b"595a31133011060355040b0c0a436f6d70616e7958595a3114301206035504030c0b5468" |
| 41 | + b"65486f73744e616d65305c300d06092a864886f70d0101010500034b003048024100cc20" |
| 42 | + b"643fd3d9c21a0acba4f48f61aadd675f52175a9dcf07fbef610a6a6ba14abb891745cd18" |
| 43 | + b"a1d4c056580d8ff1a639460f867013c8391cdc9f2e573b0f872d0203010001300d06092a" |
| 44 | + b"864886f70d0101050500034100b0513fe2829e9ecbe55b6dd14c0ede7502bde5d46153c8" |
| 45 | + b"e960ae3ebc247371b525caeb41bbcf34686015a44c50d226e66aef0a97a63874ca5944ef" |
| 46 | + b"979b57f0b3" |
| 47 | +) |
| 48 | + |
| 49 | + |
| 50 | +class _Pipe(io.IOBase): |
| 51 | + def __init__(self): |
| 52 | + self._other = None |
| 53 | + self.block_reads = False |
| 54 | + self.block_writes = False |
| 55 | + |
| 56 | + self.write_buffers = [] |
| 57 | + self.last_poll_arg = None |
| 58 | + |
| 59 | + def readinto(self, buf): |
| 60 | + if self.block_reads or len(self._other.write_buffers) == 0: |
| 61 | + return None |
| 62 | + |
| 63 | + read_buf = self._other.write_buffers[0] |
| 64 | + l = min(len(buf), len(read_buf)) |
| 65 | + buf[:l] = read_buf[:l] |
| 66 | + if l == len(read_buf): |
| 67 | + self._other.write_buffers.pop(0) |
| 68 | + else: |
| 69 | + self._other.write_buffers[0] = read_buf[l:] |
| 70 | + return l |
| 71 | + |
| 72 | + def write(self, buf): |
| 73 | + if self.block_writes: |
| 74 | + return None |
| 75 | + |
| 76 | + self.write_buffers.append(memoryview(bytes(buf))) |
| 77 | + return len(buf) |
| 78 | + |
| 79 | + def ioctl(self, request, arg): |
| 80 | + if request == _MP_STREAM_POLL: |
| 81 | + self.last_poll_arg = arg |
| 82 | + ret = 0 |
| 83 | + if arg & _MP_STREAM_POLL_RD: |
| 84 | + if not self.block_reads and self._other.write_buffers: |
| 85 | + ret |= _MP_STREAM_POLL_RD |
| 86 | + if arg & _MP_STREAM_POLL_WR: |
| 87 | + if not self.block_writes: |
| 88 | + ret |= _MP_STREAM_POLL_WR |
| 89 | + return ret |
| 90 | + |
| 91 | + elif request == _MP_STREAM_CLOSE: |
| 92 | + return 0 |
| 93 | + |
| 94 | + raise NotImplementedError() |
| 95 | + |
| 96 | + @classmethod |
| 97 | + def new_pair(cls): |
| 98 | + p1 = cls() |
| 99 | + p2 = cls() |
| 100 | + p1._other = p2 |
| 101 | + p2._other = p1 |
| 102 | + return p1, p2 |
| 103 | + |
| 104 | + |
| 105 | +def assert_poll(s, i, arg, expected_arg, expected_ret): |
| 106 | + ret = s.ioctl(_MP_STREAM_POLL, arg) |
| 107 | + assert i.last_poll_arg == expected_arg |
| 108 | + i.last_poll_arg = None |
| 109 | + assert ret == expected_ret |
| 110 | + |
| 111 | + |
| 112 | +def assert_raises(cb, *args, **kwargs): |
| 113 | + try: |
| 114 | + cb(*args, **kwargs) |
| 115 | + raise AssertionError("should have raised") |
| 116 | + except Exception as exc: |
| 117 | + pass |
| 118 | + |
| 119 | + |
| 120 | +client_io, server_io = _Pipe.new_pair() |
| 121 | + |
| 122 | +client_io.block_reads = True |
| 123 | +client_io.block_writes = True |
| 124 | +client_sock = ussl.wrap_socket(client_io, do_handshake=False) |
| 125 | + |
| 126 | +server_sock = ussl.wrap_socket(server_io, key=key, cert=cert, server_side=True, do_handshake=False) |
| 127 | + |
| 128 | +# Do a test read, at this point the TLS handshake wants to write, |
| 129 | +# so it returns None: |
| 130 | +assert client_sock.read(128) is None |
| 131 | + |
| 132 | +# Polling for either read or write actually check if the underlying socket can write: |
| 133 | +assert_poll(client_sock, client_io, _MP_STREAM_POLL_RD, _MP_STREAM_POLL_WR, 0) |
| 134 | +assert_poll(client_sock, client_io, _MP_STREAM_POLL_WR, _MP_STREAM_POLL_WR, 0) |
| 135 | + |
| 136 | +# Mark the socket as writable, and do another test read: |
| 137 | +client_io.block_writes = False |
| 138 | +assert client_sock.read(128) is None |
| 139 | + |
| 140 | +# The client wrote the CLIENT_HELLO message |
| 141 | +assert len(client_io.write_buffers) == 1 |
| 142 | + |
| 143 | +# At this point the TLS handshake wants to read, but we don't know that yet: |
| 144 | +assert_poll(client_sock, client_io, _MP_STREAM_POLL_RD, _MP_STREAM_POLL_RD, 0) |
| 145 | +assert_poll(client_sock, client_io, _MP_STREAM_POLL_WR, _MP_STREAM_POLL_WR, _MP_STREAM_POLL_WR) |
| 146 | + |
| 147 | +# Do a test write |
| 148 | +client_sock.write(b"foo") |
| 149 | + |
| 150 | +# Now we know that we want to read: |
| 151 | +assert_poll(client_sock, client_io, _MP_STREAM_POLL_RD, _MP_STREAM_POLL_RD, 0) |
| 152 | +assert_poll(client_sock, client_io, _MP_STREAM_POLL_WR, _MP_STREAM_POLL_RD, 0) |
| 153 | + |
| 154 | +# Unblock reads and nudge the two sockets: |
| 155 | +client_io.block_reads = False |
| 156 | +while server_io.write_buffers or client_io.write_buffers: |
| 157 | + if server_io.write_buffers: |
| 158 | + assert client_sock.read(128) is None |
| 159 | + if client_io.write_buffers: |
| 160 | + assert server_sock.read(128) is None |
| 161 | + |
| 162 | +# At this point, the handshake is done, try writing data: |
| 163 | +client_sock.write(b"foo") |
| 164 | +assert server_sock.read(3) == b"foo" |
| 165 | + |
| 166 | +# Test reading partial data: |
| 167 | +client_sock.write(b"foobar") |
| 168 | +assert server_sock.read(3) == b"foo" |
| 169 | +server_io.block_reads = True |
| 170 | +assert_poll( |
| 171 | + server_sock, server_io, _MP_STREAM_POLL_RD, None, _MP_STREAM_POLL_RD |
| 172 | +) # Did not go to the socket, just consumed buffered data |
| 173 | +assert server_sock.read(3) == b"bar" |
| 174 | + |
| 175 | + |
| 176 | +# Polling on a closed socket errors out: |
| 177 | +client_io, _ = _Pipe.new_pair() |
| 178 | +client_sock = ussl.wrap_socket(client_io, do_handshake=False) |
| 179 | +client_sock.close() |
| 180 | +assert_poll( |
| 181 | + client_sock, client_io, _MP_STREAM_POLL_RD, None, _MP_STREAM_POLL_NVAL |
| 182 | +) # Did not go to the socket |
| 183 | + |
| 184 | + |
| 185 | +# Errors propagates to poll: |
| 186 | +client_io, server_io = _Pipe.new_pair() |
| 187 | +client_sock = ussl.wrap_socket(client_io, do_handshake=False) |
| 188 | + |
| 189 | +# The server returns garbage: |
| 190 | +server_io.write(b"fooba") # Needs to be exactly 5 bytes |
| 191 | + |
| 192 | +assert_poll(client_sock, client_io, _MP_STREAM_POLL_RD, _MP_STREAM_POLL_RD, _MP_STREAM_POLL_RD) |
| 193 | +assert_raises(client_sock.read, 128) |
| 194 | +assert_poll( |
| 195 | + client_sock, client_io, _MP_STREAM_POLL_RD, None, _MP_STREAM_POLL_NVAL |
| 196 | +) # Did not go to the socket |
0 commit comments