https://github.com/gesslerpd/pyopenssl-psk

Add PSK support to pyOpenSSL
https://github.com/gesslerpd/pyopenssl-psk

psk pyopenssl

Last synced: 5 months ago
JSON representation

Add PSK support to pyOpenSSL

• Host: GitHub
• URL: https://github.com/gesslerpd/pyopenssl-psk
• Owner: gesslerpd
• License: apache-2.0
• Created: 2019-11-08T03:28:22.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2025-02-07T01:18:10.000Z (over 1 year ago)
• Last Synced: 2025-09-20T13:43:03.397Z (9 months ago)
• Topics: psk, pyopenssl
• Language: Python
• Homepage: https://pypi.org/project/pyopenssl-psk/
• Size: 18.6 KB
• Stars: 3
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# pyopenssl-psk

Add PSK support to pyOpenSSL.

**Note:** PSK support is available in Python 3.13+. For more information, refer to the [official Python documentation](https://docs.python.org/3/library/ssl.html).

## Installation

```

$ pip install pyopenssl-psk

```

## API

### Patch Method

- `patch_context()`

  Add PSK related methods to the `OpenSSL.SSL.Context` class.

```python

from openssl_psk import patch_context

patch_context()

```

### Server Methods

- `Context.use_psk_identity_hint(hint: bytes) -> None` ([docs](https://www.openssl.org/docs/manmaster/man3/SSL_CTX_use_psk_identity_hint.html)) ([stdlib ssl](https://docs.python.org/3/library/ssl.html#ssl.SSLContext.use_psk_identity_hint))

  Set the server PSK identity hint.

- `Context.set_psk_server_callback(callback: server_callback) -> None` ([docs](https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_psk_server_callback.html)) ([stdlib ssl](https://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_psk_server_callback))

  

  Set a callback to populate the server PSK.

  `server_callback(connection: Connection, client_identity: bytes) -> psk: bytes`

  User provided callback function to populate the connection PSK.

```python

from OpenSSL.SSL import Context, Connection, TLSv1_2_METHOD

PSK_MAP = {

    b'pre_shared_key_identity': b'pre_shared_key',

}

def server_callback(conn, client_identity):

    return PSK_MAP[client_identity]

ctx = Context(TLSv1_2_METHOD)

ctx.set_cipher_list(b'PSK')

ctx.use_psk_identity_hint(b'pre_shared_key_identity_hint')

ctx.set_psk_server_callback(server_callback)

server = Connection(ctx)

```

### Client Methods

- `Context.set_psk_client_callback(callback: client_callback) -> None` ([docs](https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_psk_client_callback.html)) ([stdlib ssl](https://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_psk_client_callback))

  Set a callback to populate the client PSK identity and PSK.

  

  `client_callback(connection: Connection, identity_hint: bytes) -> tuple(psk_identity: bytes, psk: bytes)`

  User provided callback function to populate the connection PSK identity and PSK.

```python

from OpenSSL.SSL import Context, Connection, TLSv1_2_METHOD

def client_callback(conn, identity_hint):

    return (b'pre_shared_key_identity', b'pre_shared_key')

ctx = Context(TLSv1_2_METHOD)

ctx.set_cipher_list(b'PSK')

ctx.set_psk_client_callback(client_callback)

client = Connection(ctx)

```

See `OpenSSL.SSL` [documentation](https://www.pyopenssl.org/en/stable/api/ssl.html) for more information.