net.nim: support for TLS-PSK ciphersuites

2026-02-15 23:54:19 +00:00 · 2015-10-24 08:53:18 +02:00
parent 3ebf27ddd2
commit ba61a8d00a
4 changed files with 144 additions and 13 deletions
--- a/examples/ssl/pskclient.nim
+++ b/examples/ssl/pskclient.nim
@@ -0,0 +1,15 @@
+# Create connection encrypted using preshared key (TLS-PSK).
+import net
+
+static: assert defined(ssl)
+
+let sock = newSocket()
+sock.connect("localhost", Port(8800))
+
+proc clientFunc(identityHint: string): tuple[identity: string, psk: string] =
+  echo "identity hint ", identityHint.repr
+  return ("foo", "psk-of-foo")
+
+let context = newContext(cipherList="PSK-AES256-CBC-SHA")
+context.clientGetPskFunc = clientFunc
+context.wrapConnectedSocket(sock, handshakeAsClient)
--- a/examples/ssl/pskserver.nim
+++ b/examples/ssl/pskserver.nim
@@ -0,0 +1,20 @@
+# Accept connection encrypted using preshared key (TLS-PSK).
+import net
+
+static: assert defined(ssl)
+
+let sock = newSocket()
+sock.bindAddr(Port(8800))
+sock.listen()
+
+let context = newContext(cipherList="PSK-AES256-CBC-SHA")
+context.pskIdentityHint = "hello"
+context.serverGetPskFunc = proc(identity: string): string = "psk-of-" & identity
+
+while true:
+  var client = new(Socket)
+  sock.accept(client)
+  sock.setSockOpt(OptReuseAddr, true)
+  echo "accepted connection"
+  context.wrapConnectedSocket(client, handshakeAsServer)
+  echo "got connection with identity ", client.getPskIdentity()