本文整理匯總了Python中tlslite.HandshakeSettings.minVersion方法的典型用法代碼示例。如果您正苦於以下問題:Python HandshakeSettings.minVersion方法的具體用法?Python HandshakeSettings.minVersion怎麽用?Python HandshakeSettings.minVersion使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類tlslite.HandshakeSettings
的用法示例。
在下文中一共展示了HandshakeSettings.minVersion方法的10個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: clientTestCmd
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
def clientTestCmd(argv):
address = argv[0]
dir = argv[1]
#Split address into hostname/port tuple
address = address.split(":")
address = ( address[0], int(address[1]) )
#open synchronisation FIFO
synchro = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
synchro.settimeout(5)
synchro.connect((address[0], address[1]-1))
def connect():
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
if hasattr(sock, 'settimeout'): #It's a python 2.3 feature
sock.settimeout(5)
sock.connect(address)
c = TLSConnection(sock)
return c
test = 0
badFault = False
print("Test 0 - anonymous handshake")
synchro.recv(1)
connection = connect()
connection.handshakeClientAnonymous()
testConnClient(connection)
connection.close()
print("Test 1 - good X509 (plus SNI)")
synchro.recv(1)
connection = connect()
connection.handshakeClientCert(serverName=address[0])
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
assert(connection.session.serverName == address[0])
connection.close()
print("Test 1.a - good X509, SSLv3")
synchro.recv(1)
connection = connect()
settings = HandshakeSettings()
settings.minVersion = (3,0)
settings.maxVersion = (3,0)
connection.handshakeClientCert(settings=settings)
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
connection.close()
print("Test 1.b - good X509, RC4-MD5")
synchro.recv(1)
connection = connect()
settings = HandshakeSettings()
settings.macNames = ["md5"]
connection.handshakeClientCert(settings=settings)
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
assert(connection.session.cipherSuite == constants.CipherSuite.TLS_RSA_WITH_RC4_128_MD5)
connection.close()
if tackpyLoaded:
settings = HandshakeSettings()
settings.useExperimentalTackExtension = True
print("Test 2.a - good X.509, TACK")
synchro.recv(1)
connection = connect()
connection.handshakeClientCert(settings=settings)
assert(connection.session.tackExt.tacks[0].getTackId() == "5lcbe.eyweo.yxuan.rw6xd.jtoz7")
assert(connection.session.tackExt.activation_flags == 1)
testConnClient(connection)
connection.close()
print("Test 2.b - good X.509, TACK unrelated to cert chain")
synchro.recv(1)
connection = connect()
try:
connection.handshakeClientCert(settings=settings)
assert(False)
except TLSLocalAlert as alert:
if alert.description != AlertDescription.illegal_parameter:
raise
connection.close()
print("Test 3 - good SRP")
synchro.recv(1)
connection = connect()
connection.handshakeClientSRP("test", "password")
testConnClient(connection)
connection.close()
print("Test 4 - SRP faults")
for fault in Fault.clientSrpFaults + Fault.genericFaults:
synchro.recv(1)
connection = connect()
#.........這裏部分代碼省略.........
示例2: clientTestCmd
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
def clientTestCmd(argv):
address = argv[0]
dir = argv[1]
#Split address into hostname/port tuple
address = address.split(":")
address = ( address[0], int(address[1]) )
def connect():
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
if hasattr(sock, 'settimeout'): #It's a python 2.3 feature
sock.settimeout(5)
sock.connect(address)
c = TLSConnection(sock)
return c
test = 0
badFault = False
print "Test 0 - anonymous handshake"
connection = connect()
connection.handshakeClientAnonymous()
testConnClient(connection)
connection.close()
print "Test 1 - good X509 (plus SNI)"
connection = connect()
connection.handshakeClientCert(serverName=address[0])
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
assert(connection.session.serverName == address[0])
connection.close()
print "Test 1.a - good X509, SSLv3"
connection = connect()
settings = HandshakeSettings()
settings.minVersion = (3,0)
settings.maxVersion = (3,0)
connection.handshakeClientCert(settings=settings)
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
connection.close()
if tackpyLoaded:
settings = HandshakeSettings()
settings.useExperimentalTackExtension = True
print "Test 2.a - good X.509, TACK"
connection = connect()
connection.handshakeClientCert(settings=settings)
assert(connection.session.tackExt.tacks[0].getTackId() == "rrted.ptvtl.d2uiq.ox2xe.w4ss3")
assert(connection.session.tackExt.activation_flags == 1)
testConnClient(connection)
connection.close()
print "Test 2.b - good X.509, TACK unrelated to cert chain"
connection = connect()
try:
connection.handshakeClientCert(settings=settings)
assert(False)
except TLSLocalAlert, alert:
if alert.description != AlertDescription.illegal_parameter:
raise
connection.close()
示例3: serverTestCmd
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
def serverTestCmd(argv):
address = argv[0]
dir = argv[1]
#Split address into hostname/port tuple
address = address.split(":")
address = ( address[0], int(address[1]) )
#Create synchronisation FIFO
synchroSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
synchroSocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
synchroSocket.bind((address[0], address[1]-1))
synchroSocket.listen(2)
#Connect to server
lsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
lsock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
lsock.bind(address)
lsock.listen(5)
# following is blocking until the other side doesn't open
synchro = synchroSocket.accept()[0]
def connect():
return TLSConnection(lsock.accept()[0])
x509Cert = X509().parse(open(os.path.join(dir, "serverX509Cert.pem")).read())
x509Chain = X509CertChain([x509Cert])
s = open(os.path.join(dir, "serverX509Key.pem")).read()
x509Key = parsePEMKey(s, private=True)
print("Test 0 - Anonymous server handshake")
synchro.send(b'R')
connection = connect()
connection.handshakeServer(anon=True)
testConnServer(connection)
connection.close()
print("Test 1 - good X.509")
synchro.send(b'R')
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key)
assert(connection.session.serverName == address[0])
testConnServer(connection)
connection.close()
print("Test 1.a - good X.509, SSL v3")
synchro.send(b'R')
connection = connect()
settings = HandshakeSettings()
settings.minVersion = (3,0)
settings.maxVersion = (3,0)
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, settings=settings)
testConnServer(connection)
connection.close()
print("Test 1.b - good X.509, RC4-MD5")
synchro.send(b'R')
connection = connect()
settings = HandshakeSettings()
settings.macNames = ["sha", "md5"]
settings.cipherNames = ["rc4"]
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, settings=settings)
testConnServer(connection)
connection.close()
if tackpyLoaded:
tack = Tack.createFromPem(open("./TACK1.pem", "rU").read())
tackUnrelated = Tack.createFromPem(open("./TACKunrelated.pem", "rU").read())
settings = HandshakeSettings()
settings.useExperimentalTackExtension = True
print("Test 2.a - good X.509, TACK")
synchro.send(b'R')
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tacks=[tack], activationFlags=1, settings=settings)
testConnServer(connection)
connection.close()
print("Test 2.b - good X.509, TACK unrelated to cert chain")
synchro.send(b'R')
connection = connect()
try:
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tacks=[tackUnrelated], settings=settings)
assert(False)
except TLSRemoteAlert as alert:
if alert.description != AlertDescription.illegal_parameter:
raise
print("Test 3 - good SRP")
verifierDB = VerifierDB()
verifierDB.create()
entry = VerifierDB.makeVerifier("test", "password", 1536)
verifierDB["test"] = entry
synchro.send(b'R')
#.........這裏部分代碼省略.........
示例4: connect
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
connection.close()
print "Test 4 - SRP faults"
for fault in Fault.clientSrpFaults + Fault.genericFaults:
connection = connect()
connection.fault = fault
try:
connection.handshakeClientSRP("test", "password")
print " Good Fault %s" % (Fault.faultNames[fault])
except TLSFaultError, e:
print " BAD FAULT %s: %s" % (Fault.faultNames[fault], str(e))
badFault = True
print "Test 6 - good SRP: with X.509 certificate, TLSv1.0"
settings = HandshakeSettings()
settings.minVersion = (3,1)
settings.maxVersion = (3,1)
connection = connect()
connection.handshakeClientSRP("test", "password", settings=settings)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
testConnClient(connection)
connection.close()
print "Test 7 - X.509 with SRP faults"
for fault in Fault.clientSrpFaults + Fault.genericFaults:
connection = connect()
connection.fault = fault
try:
connection.handshakeClientSRP("test", "password")
print " Good Fault %s" % (Fault.faultNames[fault])
except TLSFaultError, e:
示例5: serverTestCmd
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
def serverTestCmd(argv):
address = argv[0]
dir = argv[1]
#Split address into hostname/port tuple
address = address.split(":")
address = ( address[0], int(address[1]) )
#Connect to server
lsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
lsock.bind(address)
lsock.listen(5)
def connect():
return TLSConnection(lsock.accept()[0])
print "Test 0 - Anonymous server handshake"
connection = connect()
connection.handshakeServer(anon=True)
testConnServer(connection)
connection.close()
print "Test 1 - good X.509"
x509Cert = X509().parse(open(os.path.join(dir, "serverX509Cert.pem")).read())
x509Chain = X509CertChain([x509Cert])
s = open(os.path.join(dir, "serverX509Key.pem")).read()
x509Key = parsePEMKey(s, private=True)
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key)
assert(connection.session.serverName == address[0])
testConnServer(connection)
connection.close()
print "Test 1.a - good X.509, SSL v3"
connection = connect()
settings = HandshakeSettings()
settings.minVersion = (3,0)
settings.maxVersion = (3,0)
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, settings=settings)
testConnServer(connection)
connection.close()
if tackpyLoaded:
tack = Tack.createFromPem(open("./TACK1.pem", "rU").read())
tackUnrelated = Tack.createFromPem(open("./TACKunrelated.pem", "rU").read())
settings = HandshakeSettings()
settings.useExperimentalTackExtension = True
print "Test 2.a - good X.509, TACK"
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tacks=[tack], activationFlags=1, settings=settings)
testConnServer(connection)
connection.close()
print "Test 2.b - good X.509, TACK unrelated to cert chain"
connection = connect()
try:
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tacks=[tackUnrelated], settings=settings)
assert(False)
except TLSRemoteAlert, alert:
if alert.description != AlertDescription.illegal_parameter:
raise
示例6: serverTestCmd
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
def serverTestCmd(argv):
address = argv[0]
dir = argv[1]
#Split address into hostname/port tuple
address = address.split(":")
address = ( address[0], int(address[1]) )
#Create synchronisation FIFO
synchroSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
synchroSocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
synchroSocket.bind((address[0], address[1]-1))
synchroSocket.listen(2)
#Connect to server
lsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
lsock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
lsock.bind(address)
lsock.listen(5)
# following is blocking until the other side doesn't open
synchro = synchroSocket.accept()[0]
def connect():
return TLSConnection(lsock.accept()[0])
x509Cert = X509().parse(open(os.path.join(dir, "serverX509Cert.pem")).read())
x509Chain = X509CertChain([x509Cert])
s = open(os.path.join(dir, "serverX509Key.pem")).read()
x509Key = parsePEMKey(s, private=True)
test_no = 0
print("Test {0} - Anonymous server handshake".format(test_no))
synchro.send(b'R')
connection = connect()
connection.handshakeServer(anon=True)
testConnServer(connection)
connection.close()
test_no += 1
print("Test {0} - good X.509".format(test_no))
synchro.send(b'R')
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key)
assert(connection.session.serverName == address[0])
assert(connection.extendedMasterSecret)
testConnServer(connection)
connection.close()
test_no += 1
print("Test {0} - good X.509, SSL v3".format(test_no))
synchro.send(b'R')
connection = connect()
settings = HandshakeSettings()
settings.minVersion = (3,0)
settings.maxVersion = (3,0)
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, settings=settings)
assert(not connection.extendedMasterSecret)
testConnServer(connection)
connection.close()
test_no += 1
print("Test {0} - good X.509, RC4-MD5".format(test_no))
synchro.send(b'R')
connection = connect()
settings = HandshakeSettings()
settings.macNames = ["sha", "md5"]
settings.cipherNames = ["rc4"]
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, settings=settings)
testConnServer(connection)
connection.close()
if tackpyLoaded:
tack = Tack.createFromPem(open("./TACK1.pem", "rU").read())
tackUnrelated = Tack.createFromPem(open("./TACKunrelated.pem", "rU").read())
settings = HandshakeSettings()
settings.useExperimentalTackExtension = True
test_no += 1
print("Test {0} - good X.509, TACK".format(test_no))
synchro.send(b'R')
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tacks=[tack], activationFlags=1, settings=settings)
testConnServer(connection)
connection.close()
test_no += 1
print("Test {0} - good X.509, TACK unrelated to cert chain".\
format(test_no))
synchro.send(b'R')
connection = connect()
#.........這裏部分代碼省略.........
示例7: HandshakeSettings
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
#!/usr/bin/env python
from __future__ import print_function
from tlslite import HTTPTLSConnection, HandshakeSettings
from optparse import OptionParser
settings = HandshakeSettings()
settings.cipherNames = ['aes128gcm']
settings.keyExchangeNames = ['ecdhe_rsa']
settings.cipherImplementations = ["python"]
#settings.macNames = ['sha256']
settings.minVersion = (3,3)
settings.maxVersion = (3,3)
settings.useExperimentalTackExtension = True
def main():
parser = OptionParser(usage='%prog host filename [options]', description='A Simple https client used with tlslite-ng')
parser.add_option("--port", dest="port", help="port", default = 4443, type="int", metavar="4443")
parser.add_option("--algo", dest="algo", help="algo", default = "speck128")
parser.add_option("--keyEx", dest="keyEx", help="Key Exchange", default="ecdhe_rsa")
(options, arguments) = parser.parse_args()
if len(arguments) < 1:
parser.print_help()
exit(1)
示例8: clientTestCmd
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
def clientTestCmd(argv):
address = argv[0]
dir = argv[1]
#Split address into hostname/port tuple
address = address.split(":")
address = ( address[0], int(address[1]) )
def connect():
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
if hasattr(sock, 'settimeout'): #It's a python 2.3 feature
sock.settimeout(5)
sock.connect(address)
c = TLSConnection(sock)
return c
test = 0
badFault = False
print "Test 0 - anonymous handshake"
connection = connect()
connection.handshakeClientAnonymous()
testConnClient(connection)
connection.close()
print "Test 1 - good X509"
connection = connect()
connection.handshakeClientCert()
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
connection.close()
print "Test 1.a - good X509, SSLv3"
connection = connect()
settings = HandshakeSettings()
settings.minVersion = (3,0)
settings.maxVersion = (3,0)
connection.handshakeClientCert(settings=settings)
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
connection.close()
if tackpyLoaded:
print "Test 2.a - good X.509, good TACK"
connection = connect()
connection.handshakeClientCert(reqTack=True,
checker=Checker(tackID="BE1W1.AHUDE.GQIUT.TF9YC.3XVME", hardTack=True))
testConnClient(connection)
connection.close()
try:
print "Test 2.b - good X.509, \"wrong\" TACK"
connection = connect()
connection.handshakeClientCert(reqTack=True,
checker=Checker(tackID="B4444.EQ61B.F34EL.9KKLN.3WEW5", hardTack=True))
assert(False)
except TLSTackMismatchError:
pass
print "Test 2.c - good X.509, \"wrong\" TACK but break signature (hardTack)"
connection = connect()
try:
connection.handshakeClientCert(reqTack=True,
checker=Checker(tackID="BE1W1.AHUDE.GQIUT.TF9YC.3XVME", hardTack=True))
assert(False)
except TLSTackBreakError:
pass
print "Test 2.d - good X.509, \"wrong\" TACK but break signature (not hardTack)"
connection = connect()
connection.handshakeClientCert(reqTack=True,
checker=Checker(tackID="BE1W1.AHUDE.GQIUT.TF9YC.3XVME", hardTack=False))
testConnClient(connection)
connection.close()
print "Test 2.e - good X.509, TACK unrelated to cert chain"
connection = connect()
try:
connection.handshakeClientCert(reqTack=True)
assert(False)
except TLSLocalAlert as alert:
assert(alert.description == AlertDescription.handshake_failure)
connection.close()
try:
print "Test 2.f - good X.509, no TACK but expected"
connection = connect()
connection.handshakeClientCert(reqTack=True,
checker=Checker(tackID="B4444.EQ61B.F34EL.9KKLN.3WEW5", hardTack=False))
assert(False)
except TLSTackMissingError:
pass
print "Test 3 - good SRP"
connection = connect()
connection.handshakeClientSRP("test", "password")
testConnClient(connection)
connection.close()
#.........這裏部分代碼省略.........
示例9: serverTestCmd
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
def serverTestCmd(argv):
address = argv[0]
dir = argv[1]
#Split address into hostname/port tuple
address = address.split(":")
address = ( address[0], int(address[1]) )
#Connect to server
lsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
lsock.bind(address)
lsock.listen(5)
def connect():
return TLSConnection(lsock.accept()[0])
print "Test 0 - Anonymous server handshake"
connection = connect()
connection.handshakeServer(anon=True)
testConnServer(connection)
connection.close()
print "Test 1 - good X.509"
x509Cert = X509().parse(open(os.path.join(dir, "serverX509Cert.pem")).read())
x509Chain = X509CertChain([x509Cert])
s = open(os.path.join(dir, "serverX509Key.pem")).read()
x509Key = parsePEMKey(s, private=True)
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key)
testConnServer(connection)
connection.close()
print "Test 1.a - good X.509, SSL v3"
connection = connect()
settings = HandshakeSettings()
settings.minVersion = (3,0)
settings.maxVersion = (3,0)
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, settings=settings)
testConnServer(connection)
connection.close()
if tackpyLoaded:
# TACK1 and TACK2 are both "good" TACKs, one targetting, the key,
# one the hash
tack1 = TACK()
tack1.parsePem(open("./TACK1.pem", "rU").read())
tack2 = TACK()
tack2.parsePem(open("./TACK2.pem", "rU").read())
tackUnrelated = TACK()
tackUnrelated.parsePem(open("./TACKunrelated.pem", "rU").read())
breakSigs = TACK_Break_Sig.parsePemList(
open("./TACK_Break_Sigs.pem").read())
breakSigsActual = TACK_Break_Sig.parsePemList(
open("./TACK_Break_Sigs_TACK1.pem").read())
print "Test 2.a - good X.509, good TACK"
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tack=tack1, breakSigs=breakSigs)
testConnServer(connection)
connection.close()
print "Test 2.b - good X.509, \"wrong\" TACK"
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tack=tack1)
connection.close()
print "Test 2.c - good X.509, \"wrong\" TACK but break signature (hardTack)"
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tack=tack2, breakSigs=breakSigsActual)
print "Test 2.d - good X.509, \"wrong\" TACK but break signature (not hardTack)"
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tack=tack2, breakSigs=breakSigsActual)
testConnServer(connection)
connection.close()
print "Test 2.e - good X.509, TACK unrelated to cert chain"
connection = connect()
try:
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
tack=tackUnrelated)
except TLSRemoteAlert as alert:
assert(alert.description == AlertDescription.handshake_failure)
print "Test 2.f - good X.509, no TACK but expected"
connection = connect()
connection.handshakeServer(certChain=x509Chain, privateKey=x509Key)
connection.close()
print "Test 3 - good SRP"
verifierDB = VerifierDB()
verifierDB.create()
entry = VerifierDB.makeVerifier("test", "password", 1536)
verifierDB["test"] = entry
#.........這裏部分代碼省略.........
示例10: clientTestCmd
# 需要導入模塊: from tlslite import HandshakeSettings [as 別名]
# 或者: from tlslite.HandshakeSettings import minVersion [as 別名]
def clientTestCmd(argv):
address = argv[0]
dir = argv[1]
#Split address into hostname/port tuple
address = address.split(":")
address = ( address[0], int(address[1]) )
def connect():
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
if hasattr(sock, 'settimeout'): #It's a python 2.3 feature
sock.settimeout(5)
sock.connect(address)
c = TLSConnection(sock)
return c
test = 0
badFault = False
print("Test 0 - anonymous handshake")
connection = connect()
connection.handshakeClientAnonymous()
testConnClient(connection)
connection.close()
print("Test 1 - good X509 (plus SNI)")
connection = connect()
connection.handshakeClientCert(serverName=address[0])
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
assert(connection.session.serverName == address[0])
connection.close()
print("Test 1.a - good X509, SSLv3")
connection = connect()
settings = HandshakeSettings()
settings.minVersion = (3,0)
settings.maxVersion = (3,0)
connection.handshakeClientCert(settings=settings)
testConnClient(connection)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
connection.close()
if tackpyLoaded:
settings = HandshakeSettings()
settings.useExperimentalTackExtension = True
print("Test 2.a - good X.509, TACK")
connection = connect()
connection.handshakeClientCert(settings=settings)
assert(connection.session.tackExt.tacks[0].getTackId() == "rrted.ptvtl.d2uiq.ox2xe.w4ss3")
assert(connection.session.tackExt.activation_flags == 1)
testConnClient(connection)
connection.close()
print("Test 2.b - good X.509, TACK unrelated to cert chain")
connection = connect()
try:
connection.handshakeClientCert(settings=settings)
assert(False)
except TLSLocalAlert as alert:
if alert.description != AlertDescription.illegal_parameter:
raise
connection.close()
print("Test 3 - good SRP")
connection = connect()
connection.handshakeClientSRP("test", "password")
testConnClient(connection)
connection.close()
print("Test 4 - SRP faults")
for fault in Fault.clientSrpFaults + Fault.genericFaults:
connection = connect()
connection.fault = fault
try:
connection.handshakeClientSRP("test", "password")
print(" Good Fault %s" % (Fault.faultNames[fault]))
except TLSFaultError as e:
print(" BAD FAULT %s: %s" % (Fault.faultNames[fault], str(e)))
badFault = True
print("Test 6 - good SRP: with X.509 certificate, TLSv1.0")
settings = HandshakeSettings()
settings.minVersion = (3,1)
settings.maxVersion = (3,1)
connection = connect()
connection.handshakeClientSRP("test", "password", settings=settings)
assert(isinstance(connection.session.serverCertChain, X509CertChain))
testConnClient(connection)
connection.close()
print("Test 7 - X.509 with SRP faults")
for fault in Fault.clientSrpFaults + Fault.genericFaults:
connection = connect()
connection.fault = fault
try:
#.........這裏部分代碼省略.........