Python OpenSSL.SSL.TLSv1_2_METHOD() Examples
The following are 4
code examples of OpenSSL.SSL.TLSv1_2_METHOD().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
OpenSSL.SSL
, or try the search function
.
.
Example #1
| Source File: security_testcase.py From Spectrum-Access-System with Apache License 2.0 | 6 votes |
|
def assertTlsHandshakeFailure(self, base_url, client_cert, client_key, ciphers=None, ssl_method=None):
"""
Checks that the TLS handshake failure by varying the given parameters
Args:
base_url: Target host (defaults to port 443) or host:port.
client_cert: client certificate file in PEM format to use.
client_key: associated key file in PEM format to use with the
given |client_cert|.
ciphers: optional cipher method. TODO: Rename to 'cipher'.
ssl_method: optional ssl_method
"""
if ciphers is None:
ciphers = [self._sas._tls_config.ciphers[0]]
self.assertEqual(ciphers, ['AES128-GCM-SHA256'])
else:
ciphers = [ciphers]
if ssl_method is None:
ssl_method = SSL.TLSv1_2_METHOD
self.assertFalse(
self.doTlsHandshake(base_url, client_cert, client_key,
ciphers, ssl_method),
"Handshake succeeded unexpectedly")
Example #2
| Source File: openssl.py From pysslscan with GNU Lesser General Public License v3.0 | 6 votes |
|
def convert_version2method(protocol_version):
"""
Convert internal protocol version ID to OpenSSL method.
:param Integer protocol_version: Version ID
:return: OpenSSL method or None if not found
:rtype: OpenSSL method or None
"""
if protocol_version == flextls.registry.version.SSLv2:
return SSL.SSLv2_METHOD
if protocol_version == flextls.registry.version.SSLv3:
return SSL.SSLv3_METHOD
if protocol_version == flextls.registry.version.TLSv10:
return SSL.TLSv1_METHOD
if protocol_version == flextls.registry.version.TLSv11:
return SSL.TLSv1_1_METHOD
if protocol_version == flextls.registry.version.TLSv12:
return SSL.TLSv1_2_METHOD
return None
Example #3
| Source File: security_testcase.py From Spectrum-Access-System with Apache License 2.0 | 5 votes |
|
def assertTlsHandshakeSucceed(self, base_url, ciphers, client_cert, client_key):
"""Checks that the TLS handshake succeed with the given parameters.
Attempts to establish a TLS session with the given |base_url|, using the
given |ciphers| list and the given certificate key pair.
Checks that he SAS UUT response must satisfy all of the following conditions:
- The SAS UUT agrees to use a cipher specified in the |ciphers| list
- The SAS UUT agrees to use TLS Protocol Version 1.2
- Valid Finished message is returned by the SAS UUT immediately following
the ChangeCipherSpec message
"""
self.assertTrue(
self.doTlsHandshake(base_url, client_cert, client_key, ciphers,
SSL.TLSv1_2_METHOD),
"Handshake failed unexpectedly")
Example #4
| Source File: application.py From pixelated-user-agent with GNU Affero General Public License v3.0 | 5 votes |
|
def _ssl_options(sslkey, sslcert):
with open(sslkey) as keyfile:
pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, keyfile.read())
with open(sslcert) as certfile:
cert = crypto.load_certificate(crypto.FILETYPE_PEM, certfile.read())
acceptable = ssl.AcceptableCiphers.fromOpenSSLCipherString(
u'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:!RC4:HIGH:!MD5:!aNULL:!EDH')
options = ssl.CertificateOptions(privateKey=pkey,
certificate=cert,
method=SSL.TLSv1_2_METHOD,
acceptableCiphers=acceptable)
return options
