From a67e571cd1a1b20a9ad9fa8273bfd55423835de1 Mon Sep 17 00:00:00 2001 From: Geza Husi Date: Tue, 25 Feb 2020 07:32:54 +0100 Subject: [PATCH] Add interface to save and resume SSL sessions (PR390) --- content/firmwareapi/micropython/ussl.md | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/content/firmwareapi/micropython/ussl.md b/content/firmwareapi/micropython/ussl.md index 1cdfc872..8b7e9d77 100644 --- a/content/firmwareapi/micropython/ussl.md +++ b/content/firmwareapi/micropython/ussl.md @@ -10,9 +10,9 @@ This module provides access to Transport Layer Security (often known as "Secure ## Methods -#### ssl.wrap\_socket(sock, keyfile=None, certfile=None, server\_side=False, cert\_reqs=CERT\_NONE, ca\_certs=None\, timeout=10sec) +#### ssl.wrap\_socket(sock, keyfile=None, certfile=None, server\_side=False, cert\_reqs=CERT\_NONE, ssl\_version=0, ca\_certs=None, server\_hostname=None, saved_session=None, timeout=10sec) -Takes an instance `sock` of `socket.socket`, and returns an instance of ssl.SSLSocket, a subtype of `socket.socket`, which wraps the underlying socket in an SSL context. Example: +Takes an instance `sock` of `socket.socket`, and returns an instance of `ssl.SSLSocket`, a subtype of `socket.socket`, which wraps the underlying socket in an SSL context. Example: ```python @@ -38,8 +38,27 @@ ss.connect(socket.getaddrinfo('cloud.blynk.cc', 8441)[0][-1]) SSL sockets inherit all methods and from the standard sockets, see the `usocket` module. +`saved_session` : Takes a saved session instance of `ssl.SSLSocket`, and retrieve an already established TLS connection. + `timeout` : specify a Timeout in Seconds for the SSL handshake operation between client and server, default is 10 seconds +#### ssl.save\_session(ssl_sock) + +Takes an instance `ssl_sock` of `ssl.SSLSocket`, and returns an instance of `ssl.SSLSession`. Saved session can be resumed later, thereby reducing mobile data and time required. Example: + +```python + +import socket +import ssl +s = socket.socket() +ss = ssl.wrap_socket(s) +ss.connect(socket.getaddrinfo('www.google.com', 443)[0][-1]) +ses = ssl.save_session(ss) +ss.close() +ss = ssl.wrap_socket(s, saved_session=ses) +ss.connect(socket.getaddrinfo('www.google.com', 443)[0][-1]) +``` + ## Exceptions * `ssl.SSLError` @@ -47,4 +66,3 @@ SSL sockets inherit all methods and from the standard sockets, see the `usocket` ## Constants * `ssl.CERT_NONE`, `ssl.CERT_OPTIONAL`, `ssl.CERT_REQUIRED`: Supported values in `cert_reqs` -