小能豆

Ptyhon DTLS v1.2 handshake with PSK

python

Has anyone successfully done the DTLS handshake with Philips Hue Bridge with Python? For those who don’t know these are the requirements for the DTLS handshake:

UDP port 2100 is used for DTLS handshaking and streaming. Only DTLS mode version 1.2 with Pre-Shared Key (PSK) Key exchange method with TLS_PSK_WITH_AES_128_GCM_SHA256 set as Cipher Suite is supported

I plan to make an open-source framework in Python that will make everything easier to develop with Philips Hue but I’m stuck with making the handshake.

I’ve tried using a few libraries that should solve the problem with the DTLS since Python doesn’t have a native solution:

  • python-mbedtls
  • python3-dtls
  • pyopenssl
  • pyopenssl-psk

阅读 82

收藏
2023-12-07

共1个答案

小能豆

Creating a DTLS client for the Philips Hue Bridge in Python requires a few steps, and unfortunately, not all libraries might be well-suited for this task. You may encounter challenges because some libraries might not fully support DTLS or the required cipher suite.

Here’s a basic outline using the python-mbedtls library, which is a Python wrapper around the mbed TLS library.

First, you need to install the mbedtls library. You can do this using:

pip install mbedtls

Now you can create a simple DTLS client:

import mbedtls

def dtls_client():
    # Initialize the SSL context
    context = mbedtls.ssl.SSLContext()

    # Set up PSK parameters
    context.set_psk("your_pre_shared_key", "your_identity")

    # Set up the cipher suite
    context.set_ciphersuites(mbedtls.ssl.CIPHERSUITE_TLS_PSK_WITH_AES_128_GCM_SHA256)

    # Connect to the Philips Hue Bridge
    context.connect("your_hue_bridge_ip", port=2100)

    # Perform the DTLS handshake
    context.handshake()

    # At this point, the DTLS handshake is complete, and you can start sending/receiving data

    # Example: Send a simple request
    context.write(b"GET /api/<username>/lights HTTP/1.1\r\n\r\n")

    # Receive the response
    response = context.read(1024)
    print("Response:", response.decode())

    # Close the connection
    context.close()

if __name__ == "__main__":
    dtls_client()

Replace "your_pre_shared_key", "your_identity", and "your_hue_bridge_ip" with your actual values. Also, make sure to replace "<username>" in the request with your Philips Hue Bridge API username.

This example provides a basic structure for a DTLS client using python-mbedtls. Keep in mind that Philips Hue may have specific requirements or configurations, and you may need to adjust the code accordingly.

Additionally, the library you choose may affect the code structure, and some libraries may not fully support DTLS or the required cipher suite for Philips Hue. It’s essential to check the documentation of the selected library and Philips Hue API for any specific requirements.

2023-12-07