是否有一个模块来控制python中的SSL握手,客户端和服务器? python默认SSL模块很棒但是会自动进行握手。我想知道是否有一个模块允许我这样做手册:
import SSLManuel
import socket
s = socket.socket()
s.connect(("server.com",9999))
ClientHello = SSLManuel.generateClientHelloMessage(ssl=TLSv1_2, cipher="ECDHE-RSA-AES128-GCM-SHA256", server="www.server.com")
s.send(ClientHello)
ServerHello = s.recv()#this would receive the server hello
#This would verify the certificate of the server
if SSLManuel.check_cert(ServerHello) == true:
Pre-Master-Key = SSLManuel.generatePreMasterKey()
ClientKeyExchange = SSLManuel.generateClientKeyExchange(Pre-Master-Key)
ChangeCiherSpec = SSLManuel.generateChangeCipherSpec()
ClientFinished = SSLManuel.generateClientFinished()
Sessionkey = SSLManuel.generateMasterKey(Pre-Master-Key)
s.send(ClientKeyExchange)
s.send(ChangeCiherSpec)
s.send(ClientFinished)
ServerFinished = s.recv()
#This will check if the server is ready to communicate securely.
if SSLManuel.checkServerFinshed(ServerFinished) == true:
#I can now use the SessionKey to encrypt data to and from the server
s.send(SSLManuel.encrypt(SessionKey, "GET / HTTP/1.0\n\n"))
response = s.recv()
print(SSLManuel.decrypt(SessionKey, response))
我希望本例中使用的命名约定可以帮助您理解我想要完成的任务。我对SSL的大部分知识来自This Article。我试着写自己的但是失败了,我似乎无法找到任何允许我这样做的模块。
答案 0 :(得分:1)
SSL / TLS有几种纯python实现。其中任何一个都可以让你这样做:
据我了解您的问题,您的目标是提高您对协议的理解。我个人会将后者用于此目的,因为它具有广泛的内联文档。 tlslite.tlsconnection.handshakeClientAnonymous是您调查的良好起点,该函数最终会调用_handshakeClientAsyncHelper来执行实际握手。