From 0cdee37630533f45ca611aa38477fc7db0cb768b Mon Sep 17 00:00:00 2001 From: Li Jingyi Date: Wed, 11 May 2022 17:18:12 +0800 Subject: [PATCH] https_server: add mbedtls dynamic buffer function test --- .../https_server/simple/example_test.py | 57 +++++++++++++++++++ .../simple/sdkconfig.ci.dynamic_buffer | 5 ++ 2 files changed, 62 insertions(+) create mode 100644 examples/protocols/https_server/simple/sdkconfig.ci.dynamic_buffer diff --git a/examples/protocols/https_server/simple/example_test.py b/examples/protocols/https_server/simple/example_test.py index 9b7c0e049b..1f4b509dda 100644 --- a/examples/protocols/https_server/simple/example_test.py +++ b/examples/protocols/https_server/simple/example_test.py @@ -132,6 +132,60 @@ def test_examples_protocol_https_server_simple(env, extra_data): # type: (tiny_ ssl_context.load_cert_chain(certfile=CLIENT_CERT_FILE, keyfile=CLIENT_KEY_FILE) + conn = http.client.HTTPSConnection(got_ip, got_port, context=ssl_context) + Utility.console_log('Performing SSL handshake with the server') + conn.request('GET','/') + resp = conn.getresponse() + dut1.expect('performing session handshake') + got_resp = resp.read().decode('utf-8') + if got_resp != success_response: + Utility.console_log('Response obtained does not match with correct response') + raise RuntimeError('Failed to test SSL connection') + + current_cipher = dut1.expect(re.compile(r'Current Ciphersuite(.*)'), timeout=5)[0] + Utility.console_log('Current Ciphersuite' + current_cipher) + + # Close the connection + conn.close() + + Utility.console_log('Checking user callback: Obtaining client certificate...') + + serial_number = dut1.expect(re.compile(r'serial number(.*)'), timeout=5)[0] + issuer_name = dut1.expect(re.compile(r'issuer name(.*)'), timeout=5)[0] + expiry = dut1.expect(re.compile(r'expires on(.*)'), timeout=5)[0] + + Utility.console_log('Serial No.' + serial_number) + Utility.console_log('Issuer Name' + issuer_name) + Utility.console_log('Expires on' + expiry) + + Utility.console_log('Correct response obtained') + Utility.console_log('SSL connection test successful\nClosing the connection') + + # Test with mbedTLS dynamic buffer feature + dut1 = env.get_dut('https_server_simple', 'examples/protocols/https_server/simple', dut_class=ttfw_idf.ESP32DUT, app_config_name='dynamic_buffer') + + # start test + dut1.start_app() + # Parse IP address and port of the server + dut1.expect(re.compile(r'Starting server')) + got_port = dut1.expect(re.compile(r'Server listening on port (\d+)'), timeout=30)[0] + Utility.console_log('Waiting to connect with AP') + + got_ip = dut1.expect(re.compile(r'IPv4 address: (\d+\.\d+\.\d+\.\d+)'), timeout=30)[0] + # Expected logs + + Utility.console_log('Got IP : ' + got_ip) + Utility.console_log('Got Port : ' + got_port) + + Utility.console_log('Performing GET request over an SSL connection with the server') + + ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2) + ssl_context.verify_mode = ssl.CERT_REQUIRED + ssl_context.check_hostname = False + ssl_context.load_verify_locations(cadata=server_cert_pem) + + ssl_context.load_cert_chain(certfile=CLIENT_CERT_FILE, keyfile=CLIENT_KEY_FILE) + os.remove(CLIENT_CERT_FILE) os.remove(CLIENT_KEY_FILE) @@ -145,6 +199,9 @@ def test_examples_protocol_https_server_simple(env, extra_data): # type: (tiny_ Utility.console_log('Response obtained does not match with correct response') raise RuntimeError('Failed to test SSL connection') + current_cipher = dut1.expect(re.compile(r'Current Ciphersuite(.*)'), timeout=5)[0] + Utility.console_log('Current Ciphersuite' + current_cipher) + # Close the connection conn.close() diff --git a/examples/protocols/https_server/simple/sdkconfig.ci.dynamic_buffer b/examples/protocols/https_server/simple/sdkconfig.ci.dynamic_buffer new file mode 100644 index 0000000000..506d118f8e --- /dev/null +++ b/examples/protocols/https_server/simple/sdkconfig.ci.dynamic_buffer @@ -0,0 +1,5 @@ +CONFIG_ESP_HTTPS_SERVER_ENABLE=y +CONFIG_EXAMPLE_ENABLE_HTTPS_USER_CALLBACK=y +CONFIG_MBEDTLS_DYNAMIC_BUFFER=y +CONFIG_MBEDTLS_DYNAMIC_FREE_CONFIG_DATA=y +CONFIG_MBEDTLS_DYNAMIC_FREE_CA_CERT=y