edouard@3884: #!/usr/bin/env python edouard@3884: # -*- coding: utf-8 -*- edouard@3884: edouard@3884: # This file is part of Beremiz, a Integrated Development Environment for edouard@3884: # programming IEC 61131-3 automates supporting plcopen standard and CanFestival. edouard@3884: # edouard@3884: # Copyright (C) 2019: Edouard TISSERANT edouard@3884: # edouard@3884: # See COPYING file for copyrights details. edouard@3884: # edouard@3884: # This program is free software; you can redistribute it and/or edouard@3884: # modify it under the terms of the GNU General Public License edouard@3884: # as published by the Free Software Foundation; either version 2 edouard@3884: # of the License, or (at your option) any later version. edouard@3884: # edouard@3884: # This program is distributed in the hope that it will be useful, edouard@3884: # but WITHOUT ANY WARRANTY; without even the implied warranty of edouard@3884: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the edouard@3884: # GNU General Public License for more details. edouard@3884: # edouard@3884: # You should have received a copy of the GNU General Public License edouard@3884: # along with this program; if not, write to the Free Software edouard@3884: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. edouard@3884: edouard@3884: edouard@3884: """ edouard@3884: The TLS-PSK adapter that handles SSL connections instead of regular sockets, edouard@3884: but using Pre Shared Keys instead of Certificates edouard@3884: """ edouard@3884: edouard@3884: import socket edouard@3884: import ssl edouard@3884: edouard@3884: try: edouard@3884: import sslpsk edouard@3884: except ImportError as e: edouard@3884: sslpsk = None edouard@3884: edouard@3884: from erpc.transport import TCPTransport edouard@3884: edouard@3884: class SSLPSKClientTransport(TCPTransport): edouard@3884: def __init__(self, host, port, psk): edouard@3884: """ overrides TCPTransport's __init__ to wrap socket in SSl wrapper """ edouard@3884: super(TCPTransport, self).__init__() edouard@3884: self._host = host edouard@3884: self._port = port edouard@3884: self._isServer = isServer edouard@3884: self._sock = None edouard@3884: edouard@3884: if sslpsk is None: edouard@3884: raise ImportError("sslpsk module is not available") edouard@3884: edouard@3884: raw_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) edouard@3884: raw_sock.setsockopt(socket.SOL_TCP, socket.TCP_NODELAY, 1) edouard@3884: raw_sock.connect((self._host, self._port)) edouard@3884: self._sock = sslpsk.wrap_socket( edouard@3884: raw_sock, psk=psk, server_side=False, edouard@3884: ciphers="PSK-AES256-CBC-SHA", # available in openssl 1.0.2 edouard@3884: ssl_version=ssl.PROTOCOL_TLSv1) edouard@3884: edouard@3884: