[RTOP-24] Created credentials.py and added in instalation the required cryptography python library

background_installer.sh

@@ -92,9 +92,9 @@ function install_py_deps {
     python3 -m venv "$VENV_DIR"
     "$VENV_DIR/bin/python3" -m pip install --upgrade pip
     if [ "$1" == "neuron" ]; then
-        "$VENV_DIR/bin/python3" -m pip install flask==2.2.5 werkzeug==2.2.2 flask-login==0.6.2 pyserial pymodbus==2.5.3
+        "$VENV_DIR/bin/python3" -m pip install flask==2.2.5 werkzeug==2.2.2 flask-login==0.6.2 pyserial pymodbus==2.5.3 cryptography
     else
-        "$VENV_DIR/bin/python3" -m pip install flask==2.3.3 werkzeug==2.3.7 flask-login==0.6.2 pyserial pymodbus==2.5.3
+        "$VENV_DIR/bin/python3" -m pip install flask==2.3.3 werkzeug==2.3.7 flask-login==0.6.2 pyserial pymodbus==2.5.3 cryptography
     fi
     python3 -m pip install pymodbus==2.5.3
 }
@@ -278,7 +278,7 @@ if [ "$1" == "win" ]; then
     #Setting up venv
     python3 -m venv "$VENV_DIR"
     "$VENV_DIR/bin/python3" get-pip3.py
-    "$VENV_DIR/bin/python3" -m pip install flask==2.3.3 werkzeug==2.3.7 flask-login==0.6.2 pyserial pymodbus==2.5.3
+    "$VENV_DIR/bin/python3" -m pip install flask==2.3.3 werkzeug==2.3.7 flask-login==0.6.2 pyserial pymodbus==2.5.3 cryptography
     
     echo ""
     echo "[MATIEC COMPILER]"

requirements.txt

@@ -2,3 +2,4 @@ Flask==1.0.2
 Flask-Login==0.4.1
 pyserial==3.4
 pymodbus==2.2.0
+cryptography

webserver/credentials.py

@@ -0,0 +1,39 @@
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography import x509
+from cryptography.x509.oid import NameOID
+from cryptography.hazmat.primitives import hashes
+
+key = rsa.generate_private_key(
+     public_exponent=65537,
+     key_size=2048,
+)
+
+with open("/home/lucas/Documents/secrets/key.pem", "wb") as f:
+     f.write(key.private_bytes(
+         encoding=serialization.Encoding.PEM,
+         format=serialization.PrivateFormat.TraditionalOpenSSL,
+         encryption_algorithm=serialization.BestAvailableEncryption(b"passphrase"),
+     ))
+
+csr = x509.CertificateSigningRequestBuilder().subject_name(x509.Name([
+     # Provide various details about who we are.
+     x509.NameAttribute(NameOID.COUNTRY_NAME, "US"),
+     x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "California"),
+     x509.NameAttribute(NameOID.LOCALITY_NAME, "San Francisco"),
+     x509.NameAttribute(NameOID.ORGANIZATION_NAME, "My Company"),
+     x509.NameAttribute(NameOID.COMMON_NAME, "mysite.com"),
+     ])).add_extension(
+     x509.SubjectAlternativeName([
+         # Describe what sites we want this certificate for.
+         x509.DNSName("mysite.com"),
+         x509.DNSName("www.mysite.com"),
+         x509.DNSName("subdomain.mysite.com"),
+     ]),
+     critical=False,
+     # Sign the CSR with our private key.
+).sign(key, hashes.SHA256())
+
+# Write our CSR out to disk.
+with open("/home/lucas/Documents/secrets/csr.pem", "wb") as f:
+    f.write(csr.public_bytes(serialization.Encoding.PEM))

webserver/webserver.py

@@ -14,6 +14,7 @@ import sys
 import ctypes
 import socket
 import mimetypes
+import ssl
 
 import flask 
 import flask_login
@@ -2527,7 +2528,15 @@ if __name__ == '__main__':
                 configure_runtime()
                 monitor.parse_st(openplc_runtime.project_file)
             
-            app.run(debug=False, host='0.0.0.0', threaded=True, port=8080)
+            try:
+                context = ('/home/lucas/Documents/secrets/csr.pem', '/home/lucas/Documents/secrets/key.pem')
+                app.run(debug=False, host='0.0.0.0', threaded=True, port=8080, ssl_context=context)
+            # TODO handle file error
+            except FileNotFoundError:
+                print("Could not find SSL credintails!")
+            except ssl.SSLError:
+                print("SSL credentials FAIL!")
+
         
         except Error as e:
             print("error connecting to the database" + str(e))