Added unit test to setup Mqtt Connect through EC-based certificate and key (#403)

* add ecc unit test

* fix format

* set key to utf-8

* revert local test changes

* test with aws-c-io

* make CI only run xos for testing

* update c-io for mac ecc key

* update io changes

* update io changes

* update c-io, not release key data too early

* update c-io, fix key error

* update c io, remove print error

* update io: remove key chain

* io: update commits

* io: error test

* io: add back default key_chain

* io: test with log

* io test

* io: ignore failure of key creation

* io: update error code

* test secitemadd

* cleanup memory leak

* cleanup memory leak

* update the builder script to get ecc test key in binary

* fix ecckey file ext

* Updated common/io for ecc support. And now we use PEM for ecc keys for macos.

* crt/aws-c-io

* revert github ci config

* update aws-c-io

* c-io test

* update c-io

* update c-io for ecc test

* update io lib

* c-common

* update crt_python format

* remove binary options for get_secret

Author: xiazhvera

.builder/actions/aws_crt_python.py

@@ -48,6 +48,9 @@ def run(self, env):
         self._setenv_tmpfile_from_secret('AWS_TEST_TLS_CERT_PATH', 'unit-test/certificate', 'certificate.pem')
         self._setenv_tmpfile_from_secret('AWS_TEST_TLS_KEY_PATH', 'unit-test/privatekey', 'privatekey.pem')
 
+        self._setenv_tmpfile_from_secret('AWS_TEST_ECC_CERT_PATH', 'ecc-test/certificate', 'ECCcertificate.pem')
+        self._setenv_tmpfile_from_secret('AWS_TEST_ECC_KEY_PATH', 'ecc-test/privatekey', 'ECCprivatekey.pem')
+
         # enable S3 tests
         env.shell.setenv('AWS_TEST_S3', '1')
 

crt/aws-c-common

@@ -23,7 +23,7 @@ def test_lifetime(self):
         client = Client(bootstrap)
 
 
-AuthType = enum.Enum('AuthType', ['CERT_AND_KEY', 'PKCS11'])
+AuthType = enum.Enum('AuthType', ['CERT_AND_KEY', 'PKCS11', 'ECC_CERT_AND_KEY'])
 
 
 class Config:
@@ -32,6 +32,12 @@ def __init__(self, auth_type):
         self.cert_path = self._get_env('AWS_TEST_TLS_CERT_PATH')
         self.cert = pathlib.Path(self.cert_path).read_text().encode('utf-8')
 
+        if auth_type == AuthType.ECC_CERT_AND_KEY:
+            self.key_path = self._get_env('AWS_TEST_ECC_KEY_PATH')
+            self.key = pathlib.Path(self.key_path).read_text().encode('utf-8')
+            self.cert_path = self._get_env('AWS_TEST_ECC_CERT_PATH')
+            self.cert = pathlib.Path(self.cert_path).read_text().encode('utf-8')
+
         if auth_type == AuthType.CERT_AND_KEY:
             self.key_path = self._get_env('AWS_TEST_TLS_KEY_PATH')
             self.key = pathlib.Path(self.key_path).read_text().encode('utf-8')
@@ -60,7 +66,7 @@ class MqttConnectionTest(NativeResourceTest):
     def _create_connection(self, auth_type=AuthType.CERT_AND_KEY, use_static_singletons=False):
         config = Config(auth_type)
 
-        if auth_type == AuthType.CERT_AND_KEY:
+        if auth_type == AuthType.CERT_AND_KEY or auth_type == AuthType.ECC_CERT_AND_KEY:
             tls_opts = TlsContextOptions.create_client_with_mtls_from_path(config.cert_path, config.key_path)
             tls = ClientTlsContext(tls_opts)
 
@@ -106,6 +112,11 @@ def test_connect_disconnect(self):
         connection.connect().result(TIMEOUT)
         connection.disconnect().result(TIMEOUT)
 
+    def test_ecc_connect_disconnect(self):
+        connection = self._create_connection(AuthType.ECC_CERT_AND_KEY)
+        connection.connect().result(TIMEOUT)
+        connection.disconnect().result(TIMEOUT)
+
     def test_pkcs11(self):
         connection = self._create_connection(AuthType.PKCS11)
         connection.connect().result(TIMEOUT)