From 09b8948b1c76973a86083faa99dbbea7e9e05c5e Mon Sep 17 00:00:00 2001
From: iabdalkader <i.abdalkader@gmail.com>
Date: Tue, 10 Sep 2024 11:59:34 +0200
Subject: [PATCH] tests: Add key-cert test for MicroPython.

---
 .github/workflows/client-test.yml | 12 ++++++++++--
 tests/ci.py                       |  7 ++++---
 tests/ci.sh                       |  5 +++++
 3 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/client-test.yml b/.github/workflows/client-test.yml
index 2e08c61..6d458a4 100644
--- a/.github/workflows/client-test.yml
+++ b/.github/workflows/client-test.yml
@@ -63,7 +63,7 @@ jobs:
         pip install --user dist/arduino_iot_cloud-*.whl
         pip install --target=${HOME}/.micropython/lib dist/arduino_iot_cloud-*.whl
 
-    - name: '🔑 Configure soft crypto device'
+    - name: '🔑 Configure secure element'
       env:
         KEY_PEM: ${{ secrets.KEY_PEM }}
         CERT_PEM: ${{ secrets.CERT_PEM }}
@@ -92,7 +92,6 @@ jobs:
       run: |
         python tests/ci.py --file-auth
 
-
     - name: '☁️  Connect to IoT cloud (CPython / Crypto Auth / Async)'
       env:
         DEVICE_ID: ${{ secrets.DEVICE_ID2 }}
@@ -118,3 +117,12 @@ jobs:
         export PATH="${HOME}/cache/bin:${PATH}"
         micropython -c "import sys; print(sys.path)"
         micropython tests/ci.py --basic-auth --sync
+
+    - name: '☁️  Connect to IoT cloud (MicroPython / Key-Cert Auth / Async)'
+      env:
+        DEVICE_ID: ${{ secrets.DEVICE_ID2 }}
+        SECRET_KEY: ${{ secrets.SECRET_KEY }}
+      run: |
+        export PATH="${HOME}/cache/bin:${PATH}"
+        micropython -c "import sys; print(sys.path)"
+        micropython tests/ci.py --file-auth
diff --git a/tests/ci.py b/tests/ci.py
index 0bb1638..bb090ad 100644
--- a/tests/ci.py
+++ b/tests/ci.py
@@ -75,12 +75,13 @@ def wdt_task(client, args, ts=[None]):
         )
     elif args.file_auth:
         import ssl
+        fmt = "der" if sys.implementation.name == "micropython" else "pem"
         client = ArduinoCloudClient(
             device_id=os.getenv("DEVICE_ID"),
             ssl_params={
-                "keyfile": "key.pem",
-                "certfile": "cert.pem",
-                "ca_certs": "ca-root.pem",
+                "keyfile": f"key.{fmt}",
+                "certfile": f"cert.{fmt}",
+                "ca_certs": f"ca-root.{fmt}",
                 "cert_reqs": ssl.CERT_REQUIRED,
             },
             sync_mode=args.sync,
diff --git a/tests/ci.sh b/tests/ci.sh
index 77793a7..8b2e2c0 100755
--- a/tests/ci.sh
+++ b/tests/ci.sh
@@ -57,4 +57,9 @@ ci_configure_softhsm() {
 	softhsm2-util --init-token --slot 0 --label "arduino" --pin 1234 --so-pin 1234
 	p11tool --provider=${PROVIDER} --login --set-pin=1234 --write ${TOKEN_URI} --load-privkey key.pem --label "mykey"
 	p11tool --provider=${PROVIDER} --login --set-pin=1234 --write ${TOKEN_URI} --load-certificate cert.pem --label "mycert"
+
+    # Convert to DER for MicroPython.
+    openssl ec -in key.pem -out key.der -outform DER
+    openssl x509 -in cert.pem -out cert.der -outform DER
+    openssl x509 -in ca-root.pem -out ca-root.der -outform DER
 }