def _create_connection(self, auth_type=AuthType.CERT_AND_KEY, use_static_singletons=False): config = Config(auth_type) if auth_type == AuthType.CERT_AND_KEY: tls_opts = TlsContextOptions.create_client_with_mtls_from_path(config.cert_path, config.key_path) tls = ClientTlsContext(tls_opts) elif auth_type == AuthType.PKCS11: try: pkcs11_lib = Pkcs11Lib( file=config.pkcs11_lib_path, behavior=Pkcs11Lib.InitializeFinalizeBehavior.STRICT) tls_opts = TlsContextOptions.create_client_with_mtls_pkcs11( pkcs11_lib=pkcs11_lib, user_pin=config.pkcs11_pin, token_label=config.pkcs11_token_label, private_key_label=config.pkcs11_key_label, cert_file_path=config.cert_path) tls = ClientTlsContext(tls_opts) except Exception as e: if 'AWS_ERROR_UNIMPLEMENTED' in str(e): raise unittest.SkipTest(f'TLS with PKCS#11 not supported on this platform ({sys.platform})') else: # re-raise exception raise if use_static_singletons: client = Client(tls_ctx=tls) else: elg = EventLoopGroup() resolver = DefaultHostResolver(elg) bootstrap = ClientBootstrap(elg, resolver) client = Client(bootstrap, tls) connection = Connection( client=client, client_id=create_client_id(), host_name=config.endpoint, port=8883) return connection
def _establish_mqtt_connection(self, proxy_options): event_loop_group = EventLoopGroup() host_resolver = DefaultHostResolver(event_loop_group) bootstrap = ClientBootstrap(event_loop_group, host_resolver) tls_opts = TlsContextOptions.create_client_with_mtls_from_path( ProxyTestConfiguration.HTTP_PROXY_TLS_CERT_PATH, ProxyTestConfiguration.HTTP_PROXY_TLS_KEY_PATH) tls_opts.override_default_trust_store_from_path( ca_filepath=ProxyTestConfiguration.HTTP_PROXY_TLS_ROOT_CA_PATH) tls = ClientTlsContext(tls_opts) client = Client(bootstrap, tls) connection = Connection( client=client, client_id=create_client_id(), host_name=ProxyTestConfiguration.HTTP_PROXY_MQTT_ENDPOINT, port=8883, proxy_options=proxy_options) connection.connect().result(TIMEOUT) return connection
def test_with_mtls_from_path(self): opt = TlsContextOptions.create_client_with_mtls_from_path( 'test/resources/crt.unittests.crt', 'test/resources/crt.unittests.key') ctx = ClientTlsContext(opt)