Add PSK support to pyOpenSSL.
$ pip install pyopenssl-psk
-
patch_context()
Add PSK related methods to the
OpenSSL.SSL.Context
class.
from openssl_psk import patch_context
patch_context()
-
Context.use_psk_identity_hint(hint: bytes) -> None
(docs)Set the server PSK identity hint.
-
Context.set_psk_server_callback(callback: server_callback) -> None
(docs)Set a callback to populate the server PSK.
server_callback(connection: Connection, client_identity: bytes) -> psk: bytes
User provided callback function to populate the connection PSK.
from OpenSSL.SSL import Context, Connection, TLSv1_2_METHOD
PSK_MAP = {
b'pre_shared_key_identity': b'pre_shared_key',
}
def server_callback(conn, client_identity):
return PSK_MAP[client_identity]
ctx = Context(TLSv1_2_METHOD)
ctx.set_cipher_list(b'PSK')
ctx.use_psk_identity_hint(b'pre_shared_key_identity_hint')
ctx.set_psk_server_callback(server_callback)
server = Connection(ctx)
-
Context.set_psk_client_callback(callback: client_callback) -> None
(docs)Set a callback to populate the client PSK identity and PSK.
client_callback(connection: Connection, identity_hint: bytes) -> tuple(psk_identity: bytes, psk: bytes)
User provided callback function to populate the connection PSK identity and PSK.
from OpenSSL.SSL import Context, Connection, TLSv1_2_METHOD
def client_callback(conn, identity_hint):
return (b'pre_shared_key_identity', b'pre_shared_key')
ctx = Context(TLSv1_2_METHOD)
ctx.set_cipher_list(b'PSK')
ctx.set_psk_client_callback(client_callback)
client = Connection(ctx)
See OpenSSL.SSL
documentation for more information.