Both mbedTLS and axTLS have support for producing more detailed error
strings. However, these are not used if the error is raised in stream
protocol functions (read/write/ioctl).
This commit adds support for more detailed error messages from streams.
Under the hood it's using a new MP_STREAM_RAISE_ERROR ioctl request to pass
the error code back to the stream implementation which can raise a more
detailed error. If the ioctl is not implemented, we fall back to the old
behaviour and raise an OSError with the error code.
Currently the detailed messages are only implemented for TLS sockets since
those already had helper functions for raising detailed exceptions, but can
be easily implemented in any other stream.
Signed-off-by: Daniël van de Giessen <daniel@dvdgiessen.nl>
With the aim of getting consistency, and removing the need to learn an
additional term, replace uses of uPy/uPython with MPy/MicroPython.
Rule of thumb was to use "MPy" abbreviation where "CPy" is used nearby, but
the full word MicroPython otherwise.
This work was funded through GitHub Sponsors.
Signed-off-by: Angus Gratton <angus@redyak.com.au>
Contrary to the docs, mbedtls can return more than just
MBEDTLS_ERR_SSL_ALLOC_FAILED when `mbedtls_ssl_setup()` fails. At least
MBEDTLS_ERR_MD_ALLOC_FAILED was also seen on ESP32_GENERIC, but there
could possibly be other error codes.
To cover all these codes, just check if `ret` is non-0, and in that case
do a `gc_collect()` and retry the init.
Signed-off-by: Damien George <damien@micropython.org>
- DTLS spec recommends HelloVerify and Anti Replay protection be enabled,
and these are enabled in the default mbedTLS config. Implement them here.
- To help compensate for the possible increase in code size, add a
MICROPY_PY_SSL_DTLS build config macro that's enabled for EXTRA and
above by default.
This allows bare metal mbedTLS ports to use DTLS with HelloVerify support.
This work was funded through GitHub Sponsors.
Signed-off-by: Angus Gratton <angus@redyak.com.au>
This is already enabled in the ESP-IDF mbedTLS config, so provide an
implementation of the cookie store functions. This allows DTLS connections
between two esp32 boards.
The session cookie store is a very simple dictionary associated with the
SSLContext. To work, the server needs to reuse the same SSLContext (but
cookies are never cleaned up, so a server with a high number of clients
should recycle the context periodically.)
Server code still needs to handle the MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
error by waiting for the next UDP packet from the client.
Signed-off-by: Angus Gratton <angus@redyak.com.au>
This commit renames the NORETURN macro, indicating to the compiler
that a function does not return, into MP_NORETURN to maintain the same
naming convention of other similar macros.
To maintain compaitiblity with existing code NORETURN is aliased to
MP_NORETURN, but it is also deprecated for MicroPython v2.
This changeset was created using a similar process to
decf8e6a8b ("all: Remove the "STATIC"
macro and just use "static" instead."), with no documentation or python
scripts to change to reflect the new macro name.
Signed-off-by: Alessandro Gatti <a.gatti@frob.it>
This commit enables support for DTLS, i.e. TLS over datagram transport
protocols like UDP. While support for DTLS is absent in CPython, it is
worth supporting it in MicroPython because it is the basis of the
ubiquitous CoAP protocol, used in many IoT projects.
To select DTLS, a new set of "protocols" are added to SSLContext:
- ssl.PROTOCOL_DTLS_CLIENT
- ssl.PROTOCOL_DTLS_SERVER
If one of these is set, the library assumes that the underlying socket is a
datagram-like socket (i.e. UDP or similar).
Our own timer callbacks are implemented because the out of the box
implementation relies on `gettimeofday()`.
This new DTLS feature is enabled on all ports that use mbedTLS.
This commit is an update to a previous PR #10062.
Addresses issue #5270 which requested DTLS support.
Signed-off-by: Keenan Johnson <keenan.johnson@gmail.com>
On mbedTLS ports with non-baremetal configs (mostly esp32, technically also
unix port), mbedTLS memory is allocated from the libc heap. This means an
old SSL socket may be holding large SSL buffers and preventing a new SSL
socket from being allocated.
As a workaround, trigger a GC pass and retry before failing outright.
This was originally implemented as a global mbedTLS calloc function, but
there is complexity around the possibility of C user modules calling into
mbedTLS without holding the GIL. It would be interesting to try making a
generic version for any malloc which fails, but this would require checking
for a Python thread and probably making the GIL recursive.
This work was funded through GitHub Sponsors.
Signed-off-by: Angus Gratton <angus@redyak.com.au>
This commit enables the implementation of alternative mbedTLS cryptography
functions, such as ECDSA sign and verify, in pure Python. Alternative
functions are implemented in Python callbacks, that get invoked from
wrapper functions when needed. The callback can return None to fall back
to the default mbedTLS function.
A common use case for this feature is with secure elements that have
drivers implemented in Python. Currently, only the ECDSA alternate sign
function wrapper is implemented.
Tested signing with a private EC key stored on an NXP SE05x secure element.
Signed-off-by: iabdalkader <i.abdalkader@gmail.com>
This is necessary for mbedTLS callbacks that do not carry any user state,
so those callbacks can be customised per SSL context.
Signed-off-by: iabdalkader <i.abdalkader@gmail.com>
Small code size and binary size optimisation for the fix merged in
4d6d84983f.
This work was funded through GitHub Sponsors.
Signed-off-by: Angus Gratton <angus@redyak.com.au>
`mbedtls_pk_parse_key()` expects `key_len` to include the NULL terminator
for PEM data but not for DER encoded data. This also applies to
`mbedtls_x509_crt_parse()` and `cert_len`.
Since all PEM data contains "-----BEGIN" this is used to check if the data
is PEM (as per mbedtls code).
This can be done for both v2 and v3 of mbedtls since the fundamental
behaviour/expectation did not change. What changed is that in v3 the
PKCS#8 DER parser now checks that the passed key buffer is fully utilized
and no bytes are remaining (all other DER formats still do not check this).
Signed-off-by: Peter Züger <zueger.peter@icloud.com>
Use new function mp_obj_new_str_from_cstr() where appropriate. It
simplifies the code, and makes it smaller too.
Signed-off-by: Jon Foster <jon@jon-foster.co.uk>
The STATIC macro was introduced a very long time ago in commit
d5df6cd44a. The original reason for this was
to have the option to define it to nothing so that all static functions
become global functions and therefore visible to certain debug tools, so
one could do function size comparison and other things.
This STATIC feature is rarely (if ever) used. And with the use of LTO and
heavy inline optimisation, analysing the size of individual functions when
they are not static is not a good representation of the size of code when
fully optimised.
So the macro does not have much use and it's simpler to just remove it.
Then you know exactly what it's doing. For example, newcomers don't have
to learn what the STATIC macro is and why it exists. Reading the code is
also less "loud" with a lowercase static.
One other minor point in favour of removing it, is that it stops bugs with
`STATIC inline`, which should always be `static inline`.
Methodology for this commit was:
1) git ls-files | egrep '\.[ch]$' | \
xargs sed -Ei "s/(^| )STATIC($| )/\1static\2/"
2) Do some manual cleanup in the diff by searching for the word STATIC in
comments and changing those back.
3) "git-grep STATIC docs/", manually fixed those cases.
4) "rg -t python STATIC", manually fixed codegen lines that used STATIC.
This work was funded through GitHub Sponsors.
Signed-off-by: Angus Gratton <angus@redyak.com.au>
The current `ssl` module has quite a few differences to the CPython
implementation. This change moves the MicroPython variant to a new `tls`
module and provides a wrapper module for `ssl` (in micropython-lib).
Users who only rely on implemented comparible behavior can continue to use
`ssl`, while users that rely on non-compatible behavior should switch to
`tls`. Then we can make the facade in `ssl` more strictly adhere to
CPython.
Signed-off-by: Felix Dörre <felix@dogcraft.de>
Daniël van de Giessen
Angus Gratton
Damien George
Alessandro Gatti
Keenan Johnson
iabdalkader
Peter Züger
Jon Foster
Felix Dörre