TLS-SRP in Python

From Trusted HTTP

Jump to: navigation, search

There is a Python 3.3 patch that provides TLS-SRP support to ssl.SSLSocket, http, and urllib. Check it out from my (Quinn Slack's) Mercurial repository:

Contents

[edit] Examples

[edit] urllib 

import urllib.request
res = urllib.request.urlopen("https://tls-srp.test.trustedhttp.org/"
                             tls_username='jsmith', tls_password='abc')
print(res.read())
# => "user: jsmith"

[edit] http 

import ssl, http
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context.set_tls_username_password('jsmith', 'abc')
h = http.client.HTTPSConnection('tls-srp.test.trustedhttp.org', 443, context=context)
h.request('GET', '/')
resp = h.getresponse()
print(resp.status)
# => 200
print(resp.read())
# => "user: jsmith"

[edit] ssl.SSLSocket

Client example: 

import socket, ssl
with socket.socket() as sock:
    s = ssl.wrap_socket(sock,
                        ssl_version=ssl.PROTOCOL_TLSv1,
                        ciphers='SRP',
                        tls_username='jsmith',
                        tls_password='abc')
    s.connect(('tls-srp.test.trustedhttp.org', 443))
    s.write(b"GET / HTTP/1.0\n\n")
    print(s.read())
# => "HTTP 200 OK ... user: jsmith"

Server example (using the passwd.srpv as created at TLS-SRP_in_OpenSSL#Create_an_SRP_passwd_file): 

import ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context.set_srp_vbase('passwd.srpv')
sock = socket.socket()
sslconn = context.wrap_socket(sock, server_side=True)
# ...

See Lib/test/test_ssl.py and Lib/test/ssl_servers.py for more server examples.

Retrieved from "http://trustedhttp.org/wiki/TLS-SRP_in_Python"
Personal tools