我有一个 python 服务器,需要客户端使用证书进行身份验证,我如何制作一个客户端脚本,使用客户端证书由 python 中的服务器使用 ssl 和套接字模块进行身份验证。
有没有仅使用套接字和 ssl 而不扭曲的示例?
from OpenSSL import SSL
from twisted.internet import ssl, reactor
from twisted.internet.protocol import ClientFactory, Protocol
class EchoClient(Protocol):
def connectionMade(self):
"print connected"
def dataReceived(self, data):
print "Server said:", data
self.transport.loseConnection()
class EchoClientFactory(ClientFactory):
protocol = EchoClient
def clientConnectionFailed(self, connector, reason):
print "Connection failed - goodbye!"
reactor.stop()
def clientConnectionLost(self, connector, reason):
print "Connection lost - goodbye!"
reactor.stop()
class CtxFactory(ssl.ClientContextFactory):
def getContext(self):
self.method = SSL.TLSv1_METHOD
ctx = ssl.ClientContextFactory.getContext(self)
ctx.use_certificate_file('client.crt')
ctx.use_privatekey_file('client.key')
return ctx
if __name__ == '__main__':
factory = EchoClientFactory()
reactor.connectSSL('localhost', 8080, factory, CtxFactory())
reactor.run()
import socket, ssl, pprint
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# require a certificate from the server
ssl_sock = ssl.wrap_socket(s,
keyfile="client.key",
certfile="client.crt",
ca_certs="ca.crt",
cert_reqs=ssl.CERT_REQUIRED)
ssl_sock.connect(('127.0.0.1', 8080))
print repr(ssl_sock.getpeername())
print ssl_sock.cipher()
print pprint.pformat(ssl_sock.getpeercert())
ssl_sock.write("testing")
data = ssl_sock.read()
print data
ssl_sock.close()
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)