def setUp(self): """ Create a L{PantheonHTTPChecker} pointed at a mock authentication service with some simple site and user information. """ self.site = 'example.com' self.cwd = '/some/path' self.uid = 1542 self.username = '******' self.password = '******' keyString = FilePath(__file__).sibling('id_rsa').getContent() self.privateKey = Key.fromString(keyString) caKeyString = FilePath(__file__).sibling('cakey.pem').getContent() self.caKey = KeyPair.load(caKeyString, FILETYPE_PEM) caCertString = FilePath(__file__).sibling('cacert.pem').getContent() self.caCert = PrivateCertificate.load( caCertString, self.caKey, FILETYPE_PEM) self.resource = MockPantheonAuthResource( sites={self.site: [self.username]}, authorizations={self.site: dict(cwd=self.cwd, uid=self.uid)}, passwords={self.username: self.password}, keys={self.username: self.privateKey}, ) self.server = MockPantheonAuthServer( reactor, self.resource, self.caCert) self.server.startService() self.addCleanup(self.server.stopService)
def getServerContext(self): """ Generate a new L{OpenSSL.SSL.Context} object configured to use a certificate signed by C{self.ca} and only accept connections from peers which are also using a certificate signed by C{self.ca}. """ # Generate a new key for the server and have the CA sign a certificate # for it. key = KeyPair.generate(size=512) req = key.certificateRequest(DN(commonName='localhost')) certData = self.ca.signCertificateRequest(req, lambda dn: True, 1) cert = PrivateCertificate.load(certData, key) # Use the new key/certificate context = Context(TLSv1_METHOD) context.use_privatekey(key.original) context.use_certificate(cert.original) context.check_privatekey() # Allow peer certificates signed by the CA store = context.get_cert_store() store.add_cert(self.ca.original) # Verify the peer certificate and require that they have one. def verify(conn, cert, errno, depth, preverify_ok): return preverify_ok context.set_verify(VERIFY_PEER | VERIFY_FAIL_IF_NO_PEER_CERT, verify) return context
def getServerContext(self): """ Return a new SSL context suitable for use in a test server. """ cert = PrivateCertificate.load( self._certificateText, KeyPair.load(self._privateKeyText, FILETYPE_PEM), FILETYPE_PEM) return cert.options()
def getServerContext(self): """ Return a new SSL context suitable for use in a test server. """ pem = self._pem.getContent() cert = PrivateCertificate.load( pem, KeyPair.load(pem, FILETYPE_PEM), FILETYPE_PEM) return cert.options()
""" from twisted.internet.protocol import ServerFactory from twisted.internet.endpoints import SSL4ClientEndpoint from twisted.internet.ssl import ( DN, KeyPair, PrivateCertificate, CertificateOptions) from twisted.protocols.wire import Echo from tcp_throughput import Client, driver # Generate a new self-signed certificate key = KeyPair.generate(size=2048) req = key.certificateRequest(DN(commonName='localhost'), digestAlgorithm='sha1') cert = PrivateCertificate.load( key.signCertificateRequest( DN(commonName='localhost'), req, lambda dn: True, 1, digestAlgorithm='sha1'), key) def main(reactor, duration): chunkSize = 16384 server = ServerFactory() server.protocol = Echo port = reactor.listenSSL(0, server, cert.options()) client = Client( reactor, SSL4ClientEndpoint( reactor, '127.0.0.1', port.getHost().port, CertificateOptions(