Home

LuaSec is a binding for OpenSSL library to provide TLS/SSL communication. It takes an already established TCP connection and creates a secure session between the peers.

This is a simple example of a client and server communication using LuaSec:

Client code

require("socket")
require("ssl")
-- TLS/SSL client parameters (omitted)
local params
 
local conn = socket.tcp()
conn:connect("127.0.0.1", 8888)
 
-- TLS/SSL initialization
conn = ssl.wrap(conn, params)
conn:dohandshake()
--
print(conn:receive("*l"))
conn:close()

Server code

require("socket")
require("ssl")
-- TLS/SSL server parameters (omitted)
local params 
 
local server = socket.tcp()
server:bind("127.0.0.1", 8888)
server:listen()
local conn = server:accept()
-- TLS/SSL initialization
conn = ssl.wrap(conn, params)
conn:dohandshake()
--
conn:send("one line\n")
conn:close()

LuaSec needs a set of information (such as protocol, key, certificate, etc.) to wrap the TCP connection. For instance, we can use the following parameters in the example above:

Client parameters

local params = {
  mode = "client",
  protocol = "any",
  key = "/etc/certs/clientkey.pem",
  certificate = "/etc/certs/client.pem",
  cafile = "/etc/certs/CA.pem",
  verify = "peer",
  options = {"all", "no_sslv3"}
}

Server parameters

local params = {
  mode = "server",
  protocol = "tlsv1_2",
  key = "/etc/certs/serverkey.pem",
  certificate = "/etc/certs/server.pem",
  cafile = "/etc/certs/CA.pem",
  verify = {"peer", "fail_if_no_peer_cert"},
  options = "all"
}

License

LuaSec is available under the same terms and conditions as the Lua language — the MIT license.

Contact

bruno . silvestre at gmail . com
brunoos at inf . ufg . br

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Home

License

Contact

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally