def send_request(self, ssl_client: SslClient) -> str: try: ssl_client.write(b"NOOP\r\n") result = ssl_client.read(2048).strip().decode("utf-8") except socket.timeout: result = "Timeout on SMTP NOOP" return result
def send_request(self, ssl_client: SslClient) -> str: try: ssl_client.write(b'NOOP\r\n') result = ssl_client.read(2048).strip().decode('utf-8') except socket.timeout: result = 'Timeout on SMTP NOOP' return result
def _create_tls_1_3_session(server_host: str, server_port: int) -> _nassl.SSL_SESSION: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(5) sock.connect((server_host, server_port)) ssl_client = SslClient(ssl_version=OpenSslVersionEnum.TLSV1_3, underlying_socket=sock, ssl_verify=OpenSslVerifyEnum.NONE) try: ssl_client.do_handshake() ssl_client.write(ModernOpenSslServer.HELLO_MSG) ssl_client.read(2048) session = ssl_client.get_session() finally: ssl_client.shutdown() return session
def _create_tls_1_3_session(server_host: str, server_port: int) -> _nassl.SSL_SESSION: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(5) sock.connect((server_host, server_port)) ssl_client = SslClient( ssl_version=OpenSslVersionEnum.TLSV1_3, underlying_socket=sock, ssl_verify=OpenSslVerifyEnum.NONE ) try: ssl_client.do_handshake() ssl_client.write(ModernOpenSslServer.HELLO_MSG) ssl_client.read(2048) session = ssl_client.get_session() finally: ssl_client.shutdown() return session
ssl_client = SslClient( ssl_version=OpenSslVersionEnum.TLSV1_2, underlying_socket=sock, ssl_verify=OpenSslVerifyEnum.PEER, ssl_verify_locations=mozilla_store, ) ssl_client.set_tlsext_status_ocsp() ssl_client.do_handshake() print("Received certificate chain") for pem_cert in ssl_client.get_received_chain(): print(pem_cert) print("Verified certificate chain") for pem_cert in ssl_client.get_verified_chain(): print(pem_cert) print("OCSP Stapling") ocsp_resp = ssl_client.get_tlsext_status_ocsp_resp() if ocsp_resp: ocsp_resp.verify(Path(mozilla_store)) print(ocsp_resp.status) print("\nCipher suite") print(ssl_client.get_current_cipher_name()) print("\nHTTP response") ssl_client.write( b"GET / HTTP/1.0\r\nUser-Agent: Test\r\nHost: www.google.com\r\n\r\n") print(ssl_client.read(2048))
class EarlyDataClient(): def __init__(self, **kw): self.socket = None self.session = None self.client = None self.dest = kw.get('dest', 'localhost') self.port = kw.get('port', 443) self.socket_timeout = kw.get('socket_timeout', 5) self.regular_data = kw.get('regular_data', b'XXX-REGULAR-DATA-XXX') self.early_data = kw.get('early_data', b'XXX-EARLY-DATA-XXX') self.read_size = kw.get('read_size', 2048) def _init(self, dest='localhost', port=443, timeout=5): self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.socket.settimeout(timeout) self.socket.connect((dest, port)) self.client = SslClient(ssl_version=OpenSslVersionEnum.TLSV1_3, underlying_socket=self.socket, ssl_verify_locations=u'mozilla.pem') def _finish_handshake(self): if not self.client.is_handshake_completed(): self.client.do_handshake() print('\tCipher suite:', self.client.get_current_cipher_name()) def _close(self): self.client.shutdown() self.socket.close() print('\n') def _write_read_close(self, data_to_send=b'XXX-REGULAR-DATA-XXX', read_size=2048): try: self.client.write(data_to_send) self.client.read(2048) self.session = self.client.get_session() except socket.timeout as e: print('\n\tSocket was timed out. Closing...') finally: self._close() def _send_early_data(self, early_data_to_send=b'XXX-EARLY-DATA-XXX'): self.client.set_session(self.session) self.client.write_early_data(early_data_to_send) self._finish_handshake() print('\t', self.client.get_early_data_status()) self._close() def test_early(self, early_data_to_send=b'XXX-EARLY-DATA-XXX'): print('First Session:') self._init(dest=self.dest, port=self.port) self._finish_handshake() self._write_read_close(data_to_send=self.regular_data) if self.session: print('Reused Session:') self._init(dest=self.dest, port=self.port) if self.session.get_max_early_data() > 0: self._send_early_data() else: print('\n\tServer does not support Early-Data. Closing...') self._close else: print('\nPrevious session failed, can`t send early data. Closing...') print('='*80, '\n')
ssl_client = SslClient( ssl_version=OpenSslVersionEnum.TLSV1_2, underlying_socket=sock, ssl_verify=OpenSslVerifyEnum.PEER, ssl_verify_locations=mozilla_store, ) ssl_client.set_tlsext_status_ocsp() ssl_client.do_handshake() print('Received certificate chain') for pem_cert in ssl_client.get_received_chain(): print(pem_cert) print('Verified certificate chain') for pem_cert in ssl_client.get_verified_chain(): print(pem_cert) print('OCSP Stapling') ocsp_resp = ssl_client.get_tlsext_status_ocsp_resp() if ocsp_resp: ocsp_resp.verify(mozilla_store) print(ocsp_resp.as_dict()) print('\nCipher suite') print(ssl_client.get_current_cipher_name()) print('\nHTTP response') ssl_client.write(b'GET / HTTP/1.0\r\nUser-Agent: Test\r\nHost: www.google.com\r\n\r\n') print(ssl_client.read(2048))