def load_cert_chain(self,
certchainfile,
keyfile=None,
callback=util.passphrase_callback):
"""Load certificate chain and private key into the context.
@param certchainfile: File object containing the PEM-encoded
certificate chain.
@type certchainfile: str
@param keyfile: File object containing the PEM-encoded private
key. Default value of None indicates that the
private key is to be found in 'certchainfile'.
@type keyfile: str
@param callback: Callable object to be invoked if the private key
is passphrase-protected. Default callback
provides a simple terminal-style input for the
passphrase.
"""
m2.ssl_ctx_passphrase_callback(self.ctx, callback)
m2.ssl_ctx_use_cert_chain(self.ctx, certchainfile)
if not keyfile:
keyfile = certchainfile
m2.ssl_ctx_use_privkey(self.ctx, keyfile)
if not m2.ssl_ctx_check_privkey(self.ctx):
raise ValueError('public/private key mismatch')
def load_cert(self, certfile, keyfile=None,
callback=util.passphrase_callback):
# type: (AnyStr, Optional[AnyStr], Callable) -> None
"""Load certificate and private key into the context.
@param certfile: File that contains the PEM-encoded certificate.
@param keyfile: File that contains the PEM-encoded private key.
Default value of None indicates that the private key
is to be found in 'certfile'.
@param callback: Callable object to be invoked if the private key is
passphrase-protected. Default callback provides a
simple terminal-style input for the passphrase.
"""
m2.ssl_ctx_passphrase_callback(self.ctx, callback)
m2.ssl_ctx_use_cert(self.ctx, certfile)
if not keyfile:
keyfile = certfile
m2.ssl_ctx_use_privkey(self.ctx, keyfile)
if not m2.ssl_ctx_check_privkey(self.ctx):
raise ValueError('public/private key mismatch')
def c_style(HOST, PORT, req):
# Set up SSL context.
ctx = m2.ssl_ctx_new(m2.sslv3_method())
m2.ssl_ctx_use_cert(ctx, 'client.pem')
m2.ssl_ctx_use_privkey(ctx, 'client.pem')
# Make the socket connection.
s = socket(AF_INET, SOCK_STREAM)
s.connect((HOST, PORT))
# Set up the SSL connection.
sbio = m2.bio_new_socket(s.fileno(), 0)
ssl = m2.ssl_new(ctx)
m2.ssl_set_bio(ssl, sbio, sbio)
m2.ssl_connect(ssl)
sslbio = m2.bio_new(m2.bio_f_ssl())
m2.bio_set_ssl(sslbio, ssl, 0)
# Push a buffering BIO over the SSL BIO.
iobuf = m2.bio_new(m2.bio_f_buffer())
topbio = m2.bio_push(iobuf, sslbio)
# Send the request.
m2.bio_write(sslbio, req)
# Receive the response.
while 1:
data = m2.bio_gets(topbio, 4096)
if not data: break
sys.stdout.write(data)
# Cleanup. May be missing some necessary steps. ;-|
m2.bio_pop(topbio)
m2.bio_free(iobuf)
m2.ssl_shutdown(ssl)
m2.ssl_free(ssl)
m2.ssl_ctx_free(ctx)
s.close()
def c_style(HOST, PORT, req):
# Set up SSL context.
ctx = m2.ssl_ctx_new(m2.sslv3_method())
m2.ssl_ctx_use_cert(ctx, 'client.pem')
m2.ssl_ctx_use_privkey(ctx, 'client.pem')
# Make the socket connection.
s = socket(AF_INET, SOCK_STREAM)
s.connect((HOST, PORT))
# Set up the SSL connection.
sbio = m2.bio_new_socket(s.fileno(), 0)
ssl = m2.ssl_new(ctx)
m2.ssl_set_bio(ssl, sbio, sbio)
m2.ssl_connect(ssl)
sslbio = m2.bio_new(m2.bio_f_ssl())
m2.bio_set_ssl(sslbio, ssl, 0)
# Push a buffering BIO over the SSL BIO.
iobuf = m2.bio_new(m2.bio_f_buffer())
topbio = m2.bio_push(iobuf, sslbio)
# Send the request.
m2.bio_write(sslbio, req)
# Receive the response.
while 1:
data = m2.bio_gets(topbio, 4096)
if not data: break
sys.stdout.write(data)
# Cleanup. May be missing some necessary steps. ;-|
m2.bio_pop(topbio)
m2.bio_free(iobuf)
m2.ssl_shutdown(ssl)
m2.ssl_free(ssl)
m2.ssl_ctx_free(ctx)
s.close()
