drbild
commented
6 years ago What operating system?
Also, can you post your code that is trying to set the cipher?
Closed mprt closed 5 years ago
drbild
commented
6 years ago What operating system?
Also, can you post your code that is trying to set the cipher?
mprt
commented
6 years ago Kali Linux (4.16.0-kali2-amd64)
import socket, ssl, sslpsk
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect( ("localhost", 7654) )
tls = sslpsk.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1_2, psk=(b'0000', 'Client_identity'), ciphers='PSK-NULL-SHA256')Using Cipher "PSK-AES128-GCM-SHA256" works perfectly with my OpenSSL s_server (openssl s_server -accept 7654 -psk 30303030 -nocert -debug)
mprt
commented
5 years ago The cipherlist string was incomplete. The SECLEVEL has to be set to zero:
ciphers='PSK-NULL-SHA256:@SECLEVEL=0'
This then enables the NULL ciphers in OpenSSL.
drbild
commented
5 years ago Thanks for the follow-up.
Hi,
I'm trying to use PSK with the NULL Cipher. While "PSK-NULL-SHA256" is supported in ssl.py, I can't use it as cipher suite in sslpsk. I tried to mess around with the ssl.SSCLContext() and .set_ciphers() methods, but I couldn't get it to work. Do you have any ideas?