@@ -44,6 +44,8 @@ typedef struct _mp_obj_ssl_socket_t {
4444} mp_obj_ssl_socket_t ;
4545
4646struct ssl_args {
47+ mp_arg_val_t key ;
48+ mp_arg_val_t cert ;
4749 mp_arg_val_t server_side ;
4850 mp_arg_val_t server_hostname ;
4951};
@@ -62,10 +64,28 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
6264 o -> sock = sock ;
6365
6466 uint32_t options = SSL_SERVER_VERIFY_LATER ;
67+ if (args -> key .u_obj != mp_const_none ) {
68+ options |= SSL_NO_DEFAULT_KEY ;
69+ }
6570 if ((o -> ssl_ctx = ssl_ctx_new (options , SSL_DEFAULT_CLNT_SESS )) == NULL ) {
6671 mp_raise_OSError (MP_EINVAL );
6772 }
6873
74+ if (args -> key .u_obj != mp_const_none ) {
75+ size_t len ;
76+ const byte * data = (const byte * )mp_obj_str_get_data (args -> key .u_obj , & len );
77+ int res = ssl_obj_memory_load (o -> ssl_ctx , SSL_OBJ_RSA_KEY , data , len , NULL );
78+ if (res != SSL_OK ) {
79+ mp_raise_ValueError ("invalid key" );
80+ }
81+
82+ data = (const byte * )mp_obj_str_get_data (args -> cert .u_obj , & len );
83+ res = ssl_obj_memory_load (o -> ssl_ctx , SSL_OBJ_X509_CERT , data , len , NULL );
84+ if (res != SSL_OK ) {
85+ mp_raise_ValueError ("invalid cert" );
86+ }
87+ }
88+
6989 if (args -> server_side .u_bool ) {
7090 o -> ssl_sock = ssl_server_new (o -> ssl_ctx , (long )sock );
7191 } else {
@@ -211,6 +231,8 @@ STATIC const mp_obj_type_t ussl_socket_type = {
211231STATIC mp_obj_t mod_ssl_wrap_socket (size_t n_args , const mp_obj_t * pos_args , mp_map_t * kw_args ) {
212232 // TODO: Implement more args
213233 static const mp_arg_t allowed_args [] = {
234+ { MP_QSTR_key , MP_ARG_KW_ONLY | MP_ARG_OBJ , {.u_obj = mp_const_none } },
235+ { MP_QSTR_cert , MP_ARG_KW_ONLY | MP_ARG_OBJ , {.u_obj = mp_const_none } },
214236 { MP_QSTR_server_side , MP_ARG_KW_ONLY | MP_ARG_BOOL , {.u_bool = false} },
215237 { MP_QSTR_server_hostname , MP_ARG_KW_ONLY | MP_ARG_OBJ , {.u_obj = mp_const_none } },
216238 };
0 commit comments