ESP32 can't get ssl working

All ESP32 boards running MicroPython.
Target audience: MicroPython users with an ESP32 board.
Post Reply
kruthers
Posts: 1
Joined: Wed Mar 25, 2020 10:02 pm

ESP32 can't get ssl working

Post by kruthers » Wed Mar 25, 2020 11:05 pm

I'm using the latest release version of micropython (1.12), am trying to write an ssl client and can't seem to get ssl to even start. I've done this on other builds of micropython (ie. pycom, and yes I know there are differences), but am having trouble using generic micropython on a generic esp32 wroom 32 dev board:

Code: Select all

MicroPython v1.12 on 2019-12-20; ESP32 module with ESP32
Type "help()" for more information.
>>> import network
>>> wlan = network.WLAN()
>>> wlan.isconnected()
True
>>> import socket
>>> import ussl
>>> s = socket.socket()
>>> ss = ussl.wrap_socket(s)
mbedtls_ssl_handshake error: -80
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
OSError: [Errno 5] EIO
>>> 
Any idea what I'm doing wrong? There are no other args to wrap_socket() that I can seem to use on the esp32; it looks like it doesn't support any kind of certificate validation. I get this with all the keyword args I try:

Code: Select all

>>> ussl.wrap_socket(s, ca_certs='something')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
TypeError: extra keyword arguments given
Note that I can get a non-ssl socket connection to work fine so the network connection is good.

Thanks.

cgglzpy
Posts: 34
Joined: Thu Jul 18, 2019 4:20 pm

Re: ESP32 can't get ssl working

Post by cgglzpy » Fri Mar 27, 2020 5:42 pm

Hi kruthers,

I think the socket needs to connect or accept a connection before wrapping in SSL, see examples at Micropython repo micropython-examples-network

Also for the keywords:
# CPython uses key keyfile/certfile arguments, but MicroPython uses key/cert
client_s = ssl.wrap_socket(client_s, server_side=True, key=key, cert=cert)

Tialm
Posts: 1
Joined: Fri May 15, 2020 3:12 pm

Re: ESP32 can't get ssl working

Post by Tialm » Fri May 15, 2020 3:14 pm

Hi! Were you able to solve this problem? Also, were you able to use certs? Thanks!

User avatar
tve
Posts: 192
Joined: Wed Jan 01, 2020 10:12 pm
Location: Santa Barbara, CA
Contact:

Re: ESP32 can't get ssl working

Post by tve » Fri May 15, 2020 7:07 pm

A mentioned by cgglzpy you need to connect before you wrap.

There are a number of SSL fixes in the PR queue, you can try my fork which has them all: github.com/tve/micropython, default branch (tve).

Certificate validation isn't in yet. I believe client side certs do work, but I haven't tried them.

Post Reply