This class wraps a socket and provides TLS handshaking and data
transfer.
To use this class, create a new instance, passing a connected socket
into the constructor. Then call some handshake function. If the
handshake completes without raising an exception, then a TLS connection
has been negotiated. You can transfer data over this connection as if it
were a socket.
This class provides both synchronous and asynchronous versions of its
key functions. The synchronous versions should be used when writing
single-or multi-threaded code using blocking sockets. The asynchronous
versions should be used when performing asynchronous, event-based I/O
with non-blocking sockets.
Asynchronous I/O is a complicated subject; typically, you should not
use the asynchronous functions directly, but should use some framework
like asyncore or Twisted which TLS Lite integrates with (see tlslite.integration.tlsasyncdispatchermixin.TLSAsyncDispatcherMixIn).
|
|
|
|
|
| _calcFinished(self,
masterSecret,
send=True) |
source code
|
|
|
|
| _clientAnonKeyExchange(self,
settings,
cipherSuite,
clientRandom,
serverRandom) |
source code
|
|
|
|
| _clientFinished(self,
premasterSecret,
clientRandom,
serverRandom,
cipherSuite,
cipherImplementations,
nextProto) |
source code
|
|
|
|
| _clientGetKeyFromChain(self,
certificate,
settings,
tackExt=None) |
source code
|
|
|
|
| _clientGetServerHello(self,
settings,
clientHello) |
source code
|
|
|
|
| _clientRSAKeyExchange(self,
settings,
cipherSuite,
clientCertChain,
privateKey,
certificateType,
clientRandom,
serverRandom,
tackExt) |
source code
|
|
|
|
| _clientResume(self,
session,
serverHello,
clientRandom,
cipherImplementations,
nextProto) |
source code
|
|
|
|
| _clientSRPKeyExchange(self,
settings,
cipherSuite,
certificateType,
srpUsername,
password,
clientRandom,
serverRandom,
tackExt) |
source code
|
|
|
|
| _clientSelectNextProto(self,
nextProtos,
serverHello) |
source code
|
|
|
|
| _clientSendClientHello(self,
settings,
session,
srpUsername,
srpParams,
certParams,
anonParams,
serverName,
nextProtos,
reqTack) |
source code
|
|
|
|
| _getFinished(self,
masterSecret,
expect_next_protocol=False,
nextProto=None) |
source code
|
|
|
|
_handshakeClientAsync(self,
srpParams=(),
certParams=(),
anonParams=(),
session=None,
settings=None,
checker=None,
nextProtos=None,
serverName='',
reqTack=True) |
source code
|
|
|
|
| _handshakeClientAsyncHelper(self,
srpParams,
certParams,
anonParams,
session,
settings,
serverName,
nextProtos,
reqTack) |
source code
|
|
|
|
| _handshakeServerAsyncHelper(self,
verifierDB,
certChain,
privateKey,
reqCert,
sessionCache,
settings,
reqCAs,
tacks,
activationFlags,
nextProtos,
anon) |
source code
|
|
|
|
| _handshakeWrapperAsync(self,
handshaker,
checker) |
source code
|
|
|
|
| _sendFinished(self,
masterSecret,
nextProto=None) |
source code
|
|
|
|
| _serverAnonKeyExchange(self,
clientHello,
serverHello,
cipherSuite,
settings) |
source code
|
|
|
|
| _serverCertKeyExchange(self,
clientHello,
serverHello,
serverCertChain,
privateKey,
reqCert,
reqCAs,
cipherSuite,
settings) |
source code
|
|
|
|
| _serverFinished(self,
premasterSecret,
clientRandom,
serverRandom,
cipherSuite,
cipherImplementations,
nextProtos) |
source code
|
|
|
|
| _serverGetClientHello(self,
settings,
certChain,
verifierDB,
sessionCache,
anon) |
source code
|
|
|
|
| _serverSRPKeyExchange(self,
clientHello,
serverHello,
verifierDB,
cipherSuite,
privateKey,
serverCertChain) |
source code
|
|
|
None or an iterable
|
|
|
None or an iterable
|
handshakeClientCert(self,
certChain=None,
privateKey=None,
session=None,
settings=None,
checker=None,
nextProtos=None,
reqTack=True,
serverName='',
async=False)
Perform a certificate-based handshake in the role of client. |
source code
|
|
|
None or an iterable
|
handshakeClientSRP(self,
username,
password,
session=None,
settings=None,
checker=None,
reqTack=True,
serverName='',
async=False)
Perform an SRP handshake in the role of client. |
source code
|
|
|
|
handshakeServer(self,
verifierDB=None,
certChain=None,
privateKey=None,
reqCert=False,
sessionCache=None,
settings=None,
checker=None,
reqCAs=None,
tacks=None,
activationFlags=0,
nextProtos=None,
anon=False)
Perform a handshake in the role of server. |
source code
|
|
|
iterable
|
handshakeServerAsync(self,
verifierDB=None,
certChain=None,
privateKey=None,
reqCert=False,
sessionCache=None,
settings=None,
checker=None,
reqCAs=None,
tacks=None,
activationFlags=0,
nextProtos=None,
anon=False)
Start a server handshake operation on the TLS connection. |
source code
|
|
|
Inherited from tlsrecordlayer.TLSRecordLayer:
clearReadBuffer,
clearWriteBuffer,
close,
closeAsync,
fileno,
getCipherImplementation,
getCipherName,
getVersionName,
getpeername,
getsockname,
gettimeout,
makefile,
read,
readAsync,
recv,
recv_into,
send,
sendall,
setsockopt,
settimeout,
shutdown,
unread,
write,
writeAsync
Inherited from tlsrecordlayer.TLSRecordLayer (private):
_calcPendingStates,
_calcSSLHandshakeHash,
_changeReadState,
_changeWriteState,
_decrefAsync,
_decref_socketios,
_decryptRecord,
_getMsg,
_getNextRecord,
_handshakeDone,
_handshakeStart,
_sendError,
_sendMsg,
_sendMsgs,
_shutdown
Inherited from object:
__delattr__,
__format__,
__getattribute__,
__hash__,
__new__,
__reduce__,
__reduce_ex__,
__repr__,
__setattr__,
__sizeof__,
__str__,
__subclasshook__
|