setting specific PSK cipher to use on client side.

drbild / sslpsk

Adds TLS-PSK support to the Python ssl package

Apache License 2.0

24 stars 32 forks source link

setting specific PSK cipher to use on client side. #3

Closed il023109 closed 5 years ago

il023109 commented 6 years ago

How could I set a specific cipher suite to use in client side.

It seems by default, the Cipher list in clientHello message are all cert based. so the connection will be refused by server side which expect PSK cipher suite.

drbild commented 6 years ago

Just specify the cipher string, same as the standard ssl lib:

sslpsk.wrap_socket(sock, psk="mypsk",
                   ciphers="PSK-AES256-GCM-SHA384:PSK-AES256-CBC-SHA")

drbild commented 6 years ago

Only cipher suites supported by the underlying installation of openssl will be supported though.

il023109 commented 6 years ago

Thanks.

What version of openssl came with the two DLLs from sslpsk? Or maybe openssl is part of Python 3.6 that I am using?

drbild commented 6 years ago

It is openssl-1.0.2k. You can see all the versions in appveyor.yml.