SSL Socket Communication between WiPy 2.0

Innocenzo

Hi to everyone,
I have two WiPy 2.0 with the latest firmware release:

import os
os.uname()
(sysname='WiPy', nodename='WiPy', release='1.6.12.b1', version='v1.8.6-593-g8e4ed0fa on 2017-04-12', machine='WiPy with ESP32')

I want create a secure connection between WiPy using SSL Socket. I genereted a self-signed certificate with openssl:

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365

The code for the client.py is:

import usocket as socket
import ssl
from network import WLAN
import machine

wlan = WLAN(mode=WLAN.STA)

wlan.connect('***********', auth=(WLAN.WPA2,"*************"))
while not wlan.isconnected():
    machine.idle()

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM, socket.IPPROTO_TCP)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

ssl_sock = ssl.wrap_socket(s,cert_reqs=ssl.CERT_REQUIRED,ca_certs='/flash/cert/cert.pem')

ssl_sock.connect(('192.168.1.125', 10023))

ssl_sock.write(b"boo!")

data = ssl_sock.read()
print(data)

ssl_sock.close()

The code for server.py is:

import usocket as socket
import ssl
from network import WLAN
import machine

wlan = WLAN(mode=WLAN.STA)

wlan.connect('***************', auth=(WLAN.WPA2,"************"))
while not wlan.isconnected():
    machine.idle()

bindsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, socket.IPPROTO_TCP)
bindsocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
bindsocket.bind(('', 10023))
bindsocket.listen(5)

def do_something(connstream, data):
    print ("do_something:", data)
    connstream.write(b"FOO!")
    return False

def deal_with_client(connstream):
    data = connstream.read()
    while data:
        if not do_something(connstream, data):
            break
        data = connstream.read()

while True:
    print("WAITING CONNECTION")
    newsocket, fromaddr = bindsocket.accept()
    connstream = ssl.wrap_socket(newsocket, keyfile='/flash/cert/key.pem', certfile='/flash/cert/cert.pem', server_side = True)
    try:
        deal_with_client(connstream)
    finally:
        connstream.shutdown(socket.SHUT_RDWR)
        connstream.close()

But I receive this error:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "sserver1.py", line 35, in <module>
OSError: -15360

line 35 is:

connstream = ssl.wrap_socket(newsocket, keyfile='/flash/cert/key.pem', certfile='/flash/cert/cert.pem', server_side = True)

If the socket attributes are not specified, a critical error occurs and a CORE DUMP message is printed.

No one knows where is the problem? It is a firmware problem (or hardware) or I made something wrong?

Thank you.

this.wiederkehr

if the error code changes it certainly is another error. No clue what -1 means, sorry.

Innocenzo

@this.wiederkehr I am sorry. I don't think that my private key needs a password. I use the first 4 steps of this guide to create my certificates:

https://www.akadia.com/services/ssh_test_certificate.html

and Step 3 is Remove passphrase key from Key.

Innocenzo

@this.wiederkehr Yes my private key needs a password, but I have as result:

OSError: -1

this.wiederkehr

@Innocenzo said in SSL Socket Communication between WiPy 2.0:

OSError: -15360

Does your private key need a password?

-15360 translates to 0x3c00 which is the error code for "MBEDTLS_ERR_PK_PASSWORD_REQUIRED"

https://tls.mbed.org/api/pk_8h.html#a9c1de7ccb4e18a3ea74b35c4e2cb7527

Innocenzo

No one have some info about this problem? I tired also with server.key and server.crt certificate instead of .pem but I had the same result. My WiPy firmware is 1.7.5.b2.