PyOpenSSL是否有可能将私钥的一方连接到没有私钥的一方?

时间:2017-12-05 19:37:50

标签: python ssl pyopenssl

我希望有这样的东西:

def host():
    ctx = SSL.Context(SSL.TLSv1_2_METHOD)
    ctx.use_certificate_file(CERT_FILE)
    server = SSL.Connection(ctx, socket(AF_INET, SOCK_STREAM))
    server.bind(('127.0.0.1', PORT))
    server.listen(1) 
    print "listening"
    conn,_ = server.accept()

def controller():
    ctx = SSL.Context(SSL.TLSv1_2_METHOD)
    ctx.use_privatekey_file(KEY_FILE)
    ctx.use_certificate_file(CERT_FILE)
    controller = SSL.Connection(ctx, socket(AF_INET, SOCK_STREAM))
    print "connecting"
    controller.connect(('127.0.0.1', PORT))

然而,这导致了'ssl握手失败' 同时,在主机端使用本机ssl库时,这种行为对我来说很好:conn = ssl.wrap_socket(sock=conn, ca_certs=CERT_FILE, cert_reqs=ssl.CERT_REQUIRED)

这在控制器端:ssl.wrap_socket(sock=conn, certfile=CERT_FILE, keyfile=KEY_FILE, server_side=True)

那么,是否可以使用PyOpenSSL复制此行为(因为我需要内存证书选项,所以不能删除模块)?

编辑:错误追溯

Exception in thread Thread-74:
Traceback (most recent call last):
  File "C:\ProgramData\Miniconda2\lib\threading.py", line 801, in __bootstrap_inner
    self.run()
  File "C:\ProgramData\Miniconda2\lib\threading.py", line 754, in run
    self.__target(*self.__args, **self.__kwargs)
  File "<ipython-input-109-6bfd034a8592>", line 9, in host
    print conn.recv(1024)
  File "C:\ProgramData\Miniconda2\lib\site-packages\OpenSSL\SSL.py", line 1594, in recv
    self._raise_ssl_error(self._ssl, result)
  File "C:\ProgramData\Miniconda2\lib\site-packages\OpenSSL\SSL.py", line 1456, in _raise_ssl_error
    _raise_current_error()
  File "C:\ProgramData\Miniconda2\lib\site-packages\OpenSSL\_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
Error: [('SSL routines', 'ssl3_get_client_hello', 'no shared cipher')]
Exception in thread Thread-75:
Traceback (most recent call last):
  File "C:\ProgramData\Miniconda2\lib\threading.py", line 801, in __bootstrap_inner
    self.run()
  File "C:\ProgramData\Miniconda2\lib\threading.py", line 754, in run
    self.__target(*self.__args, **self.__kwargs)
  File "<ipython-input-110-ec8e11869121>", line 10, in controller
    controller.sendall("yo")
  File "C:\ProgramData\Miniconda2\lib\site-packages\OpenSSL\SSL.py", line 1576, in sendall
    self._raise_ssl_error(self._ssl, result)
  File "C:\ProgramData\Miniconda2\lib\site-packages\OpenSSL\SSL.py", line 1456, in _raise_ssl_error
    _raise_current_error()
  File "C:\ProgramData\Miniconda2\lib\site-packages\OpenSSL\_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure'), ('SSL routines', 'ssl3_write_bytes', 'ssl handshake failure')]

0 个答案:

没有答案