{ "info": { "author": "Trevor Perrin", "author_email": "tlslite@trevp.net", "bugtrack_url": null, "classifiers": [], "description": "\ntlslite version 0.4.9 Aug 11 2015\nTrevor Perrin \nhttp://trevp.net/tlslite/\n============================================================================\n\n\nTable of Contents\n==================\n1 Introduction\n2 License/Acknowledgements\n3 Installation\n4 Getting Started with the Command-Line Tools\n5 Getting Started with the Library\n6 Using TLS Lite with httplib\n7 Using TLS Lite with poplib or imaplib\n8 Using TLS Lite with smtplib\n9 Using TLS Lite with SocketServer\n10 Using TLS Lite with asyncore\n11 SECURITY CONSIDERATIONS\n12 History\n\n\n1 Introduction \n=============== \nTLS Lite is an open source python library that implements SSL and TLS. TLS\nLite supports RSA and SRP ciphersuites. TLS Lite is pure python, however it\ncan use other libraries for faster crypto operations. TLS Lite integrates with\nseveral stdlib neworking libraries.\n\nAPI documentation is available in the 'docs' directory.\n\nIf you have questions or feedback, feel free to contact me. For discussing\nimprovements to tlslite, also see 'tlslite-dev@googlegroups.com'.\n\n\n2 Licenses/Acknowledgements\n============================\nTLS Lite is written (mostly) by Trevor Perrin. It includes code from Bram\nCohen, Google, Kees Bos, Sam Rushing, Dimitris Moraitis, Marcelo Fernandez,\nMartin von Loewis, Dave Baggett, Yngve N. Pettersen (ported by Paul \nSokolovsky), Mirko Dziadzka, David Benjamin, and Hubert Kario.\n\nAll code in TLS Lite has either been dedicated to the public domain by its\nauthors, or placed under a BSD-style license. See the LICENSE file for\ndetails.\n\nThanks to Edward Loper for Epydoc, which generated the API docs.\n\n3 Installation\n===============\nRequirements:\n Python 2.6 or higher is required. Python 3 is supported.\n\nOptions:\n - If you have the M2Crypto interface to OpenSSL, this will be used for fast\n RSA operations and fast ciphers.\n\n - If you have pycrypto this will be used for fast RSA operations and fast\n ciphers.\n\n - If you have the GMPY interface to GMP, this will be used for fast RSA and\n SRP operations.\n\n - These modules don't need to be present at installation - you can install\n them any time.\n\nRun 'python setup.py install'\n\nTest the Installation:\n - From the distribution's ./tests subdirectory, run:\n ./tlstest.py server localhost:4443 .\n - While the test server is waiting, run:\n ./tlstest.py client localhost:4443 .\n\n If both say \"Test succeeded\" at the end, you're ready to go.\n\n\n4 Getting Started with the Command-Line Tools\n==============================================\ntlslite installs two command-line scripts: 'tlsdb.py' and 'tls.py'.\n\n'tls.py' lets you run test clients and servers. It can be used for testing\nother TLS implementations, or as example code. Note that 'tls.py server' runs\nan HTTPS server which will serve files rooted at the current directory by\ndefault, so be careful.\n\n'tlsdb.py' lets you manage SRP verifier databases. These databases are used by\na TLS server when authenticating clients with SRP.\n\nX.509\n------\nTo run an X.509 server, go to the ./tests directory and do:\n\n tls.py server -k serverX509Key.pem -c serverX509Cert.pem localhost:4443\n\nTry connecting to the server with a web browser, or with:\n\n tls.py client localhost:4443\n\nX.509 with TACK\n----------------\nTo run an X.509 server using a TACK, install TACKpy, then run the same server\ncommand as above with added arguments:\n\n ... -t TACK1.pem localhost:4443\n\nSRP\n----\nTo run an SRP server, try something like:\n\n tlsdb.py createsrp verifierDB\n tlsdb.py add verifierDB alice abra123cadabra 1024\n tlsdb.py add verifierDB bob swordfish 2048\n\n tls.py server -v verifierDB localhost:4443\n\nThen try connecting to the server with:\n\n tls.py client localhost:4443 alice abra123cadabra\n\nHTTPS\n------\nTo run an HTTPS server with less typing, run ./tests/httpsserver.sh.\n\nTo run an HTTPS client, run ./tests/httpsclient.py.\n\n\n5 Getting Started with the Library\n===================================\nWhether you're writing a client or server, there are six steps:\n\n1) Create a socket and connect it to the other party.\n2) Construct a TLSConnection instance with the socket.\n3) Call a handshake function on TLSConnection to perform the TLS handshake.\n4) Check the results to make sure you're talking to the right party.\n5) Use the TLSConnection to exchange data.\n6) Call close() on the TLSConnection when you're done.\n\nTLS Lite also integrates with several stdlib python libraries. See the\nsections following this one for details.\n\n5 Step 1 - create a socket\n---------------------------\nBelow demonstrates a socket connection to Amazon's secure site.\n\n from socket import *\n sock = socket(AF_INET, SOCK_STREAM)\n sock.connect( (\"www.amazon.com\", 443) )\n\n5 Step 2 - construct a TLSConnection\n-------------------------------------\nYou can import tlslite objects individually, such as:\n from tlslite import TLSConnection\n\nOr import the most useful objects through:\n from tlslite.api import *\n\nThen do:\n connection = TLSConnection(sock)\n\n5 Step 3 - call a handshake function (client)\n----------------------------------------------\nIf you're a client, there's two different handshake functions you can call,\ndepending on how you want to authenticate:\n\n connection.handshakeClientCert()\n connection.handshakeClientCert(certChain, privateKey)\n\n connection.handshakeClientSRP(\"alice\", \"abra123cadabra\")\n\nThe ClientCert function without arguments is used when connecting to a site\nlike Amazon, which doesn't require client authentication, but which will\nauthenticate itself using an X.509 certificate chain.\n\nThe ClientCert function can also be used to do client authentication with an\nX.509 certificate chain and corresponding private key. To use X.509 chains,\nyou'll need some way of creating these, such as OpenSSL (see\nhttp://www.openssl.org/docs/HOWTO/ for details).\n\nBelow is an example of loading an X.509 chain and private key:\n \n from tlslite import X509, X509CertChain, parsePEMKey\n s = open(\"./test/clientX509Cert.pem\").read()\n x509 = X509()\n x509.parse(s)\n certChain = X509CertChain([x509])\n s = open(\"./test/clientX509Key.pem\").read()\n privateKey = parsePEMKey(s, private=True)\n\nThe SRP function does mutual authentication with a username and password - see\nRFC 5054 for details.\n\nIf you want more control over the handshake, you can pass in a\nHandshakeSettings instance. For example, if you're performing SRP, but you\nonly want to use SRP parameters of at least 2048 bits, and you only want to\nuse the AES-256 cipher, and you only want to allow TLS (version 3.1), not SSL\n(version 3.0), you can do:\n\n settings = HandshakeSettings()\n settings.minKeySize = 2048\n settings.cipherNames = [\"aes256\"]\n settings.minVersion = (3,1)\n settings.useExperimentalTACKExtension = True # Needed for TACK support\n\n connection.handshakeClientSRP(\"alice\", \"abra123cadabra\", settings=settings)\n\nIf you want to check the server's certificate using TACK, you should set the\n\"useExperiementalTACKExtension\" value in HandshakeSettings. (Eventually, TACK\nsupport will be enabled by default, but for now it is an experimental feature\nwhich relies on a temporary TLS Extension number, and should not be used for\nproduction software.) This will cause the client to request the server to send\nyou a TACK (and/or any TACK Break Signatures):\n\nFinally, every TLSConnection has a session object. You can try to resume a\nprevious session by passing in the session object from the old session. If the\nserver remembers this old session and supports resumption, the handshake will\nfinish more quickly. Otherwise, the full handshake will be done. For example:\n\n connection.handshakeClientSRP(\"alice\", \"abra123cadabra\")\n .\n .\n oldSession = connection.session\n connection2.handshakeClientSRP(\"alice\", \"abra123cadabra\", session=\n oldSession)\n\n5 Step 3 - call a handshake function (server)\n----------------------------------------------\nIf you're a server, there's only one handshake function, but you can pass it\nseveral different parameters, depending on which types of authentication\nyou're willing to perform.\n\nTo perform SRP authentication, you have to pass in a database of password\nverifiers. The VerifierDB class manages an in-memory or on-disk verifier\ndatabase.\n\n verifierDB = VerifierDB(\"./test/verifierDB\")\n verifierDB.open()\n connection.handshakeServer(verifierDB=verifierDB)\n\nTo perform authentication with a certificate and private key, the server must\nload these as described in the previous section, then pass them in. If the\nserver sets the reqCert boolean to True, a certificate chain will be requested\nfrom the client.\n\n connection.handshakeServer(certChain=certChain, privateKey=privateKey,\n reqCert=True)\n\nYou can pass in a verifier database and/or a certificate chain+private key.\nThe client will use one or both to authenticate the server.\n\nYou can also pass in a HandshakeSettings object, as described in the last\nsection, for finer control over handshaking details.\n\nIf you are passing in a certificate chain+private key, you may additionally\nprovide a TACK to assist the client in authenticating your certificate chain.\nThis requires the TACKpy library. Load a TACKpy.TACK object, then do:\n\n settings = HandshakeSettings()\n settings.useExperimentalTACKExtension = True # Needed for TACK support\n\n connection.handshakeServer(certChain=certChain, privateKey=privateKey,\n tack=tack, settings=settings)\n\nFinally, the server can maintain a SessionCache, which will allow clients to\nuse session resumption:\n\n sessionCache = SessionCache()\n connection.handshakeServer(verifierDB=verifierDB, sessionCache=sessionCache)\n\nIt should be noted that the session cache, and the verifier databases, are all\nthread-safe.\n\n5 Step 4 - check the results\n-----------------------------\nIf the handshake completes without raising an exception, authentication\nresults will be stored in the connection's session object. The following\nvariables will be populated if applicable, or else set to None:\n\n connection.session.srpUsername # string\n connection.session.clientCertChain # X509CertChain\n connection.session.serverCertChain # X509CertChain\n connection.session.tackExt # TACKpy.TACK_Extension\n\nX.509 chain objects return the end-entity fingerprint via getFingerprint(),\nand ignore the other certificates.\n\nTACK objects return the (validated) TACK ID via getTACKID().\n\nTo save yourself the trouble of inspecting certificates after the handshake,\nyou can pass a Checker object into the handshake function. The checker will be\ncalled if the handshake completes successfully. If the other party isn't\napproved by the checker, a subclass of TLSAuthenticationError will be raised.\n\nIf the handshake fails for any reason, including a Checker error, an exception\nwill be raised and the socket will be closed. If the socket timed out or was\nunexpectedly closed, a socket.error or TLSAbruptCloseError will be raised.\n\nOtherwise, either a TLSLocalAlert or TLSRemoteAlert will be raised, depending\non whether the local or remote implementation signalled the error. The\nexception object has a 'description' member which identifies the error based\non the codes in RFC 2246. A TLSLocalAlert also has a 'message' string that may\nhave more details.\n\nExample of handling a remote alert:\n\n try:\n [...]\n except TLSRemoteAlert as alert:\n if alert.description == AlertDescription.unknown_psk_identity:\n print \"Unknown user.\"\n [...]\n\nBelow are some common alerts and their probable causes, and whether they are\nsignalled by the client or server.\n\nClient handshake_failure:\n - SRP parameters are not recognized by client\n - Server's TACK was unrelated to its certificate chain\n\nClient insufficient_security:\n - SRP parameters are too small\n\nClient protocol_version:\n - Client doesn't support the server's protocol version\n\nServer protocol_version:\n - Server doesn't support the client's protocol version\n\nServer bad_record_mac:\n - bad SRP username or password\n\nServer unknown_psk_identity\n - bad SRP username (bad_record_mac could be used for the same thing)\n\nServer handshake_failure:\n - no matching cipher suites\n\n5 Step 5 - exchange data\n-------------------------\nNow that you have a connection, you can call read() and write() as if it were\na socket.SSL object. You can also call send(), sendall(), recv(), and\nmakefile() as if it were a socket. These calls may raise TLSLocalAlert,\nTLSRemoteAlert, socket.error, or TLSAbruptCloseError, just like the handshake\nfunctions.\n\nOnce the TLS connection is closed by the other side, calls to read() or recv()\nwill return an empty string. If the socket is closed by the other side without\nfirst closing the TLS connection, calls to read() or recv() will return a\nTLSAbruptCloseError, and calls to write() or send() will return a\nsocket.error.\n\n5 Step 6 - close the connection\n--------------------------------\nWhen you're finished sending data, you should call close() to close the\nconnection and socket. When the connection is closed properly, the session\nobject can be used for session resumption.\n\nIf an exception is raised the connection will be automatically closed; you\ndon't need to call close(). Furthermore, you will probably not be able to\nre-use the socket, the connection object, or the session object, and you\nshouldn't even try.\n\nBy default, calling close() will close the underlying socket. If you set the\nconnection's closeSocket flag to False, the socket will remain open after\nclose. (NOTE: some TLS implementations will not respond properly to the\nclose_notify alert that close() generates, so the connection will hang if\ncloseSocket is set to True.)\n\n\n6 Using TLS Lite with httplib\n==============================\nTLS Lite comes with an HTTPTLSConnection class that extends httplib to work\nover SSL/TLS connections. Depending on how you construct it, it will do\ndifferent types of authentication.\n\n #No authentication whatsoever\n h = HTTPTLSConnection(\"www.amazon.com\", 443)\n h.request(\"GET\", \"\")\n r = h.getresponse()\n [...]\n\n #Authenticate server based on its TACK ID\n h = HTTPTLSConnection(\"localhost\", 4443,\n tackID=\"B3ARS.EQ61B.F34EL.9KKLN.3WEW5\", hardTack=False)\n [...]\n\n #Mutually authenticate with SRP\n h = HTTPTLSConnection(\"localhost\", 443,\n username=\"alice\", password=\"abra123cadabra\")\n [...]\n\n\n7 Using TLS Lite with poplib or imaplib\n========================================\nTLS Lite comes with POP3_TLS and IMAP4_TLS classes that extend poplib and\nimaplib to work over SSL/TLS connections. These classes can be constructed\nwith the same parameters as HTTPTLSConnection (see previous section), and \nbehave similarly.\n\n #To connect to a POP3 server over SSL and display its fingerprint:\n from tlslite.api import *\n p = POP3_TLS(\"---------.net\", port=995)\n print p.sock.session.serverCertChain.getFingerprint()\n [...]\n\n #To connect to an IMAP server once you know its fingerprint:\n from tlslite.api import *\n i = IMAP4_TLS(\"cyrus.andrew.cmu.edu\",\n x509Fingerprint=\"00c14371227b3b677ddb9c4901e6f2aee18d3e45\")\n [...] \n \n\n8 Using TLS Lite with smtplib\n==============================\nTLS Lite comes with an SMTP_TLS class that extends smtplib to work\nover SSL/TLS connections. This class accepts the same parameters as\nHTTPTLSConnection (see previous section), and behaves similarly. Depending \non how you call starttls(), it will do different types of authentication.\n\n #To connect to an SMTP server once you know its fingerprint:\n from tlslite.api import *\n s = SMTP_TLS(\"----------.net\", port=587)\n s.ehlo()\n s.starttls(x509Fingerprint=\"7e39be84a2e3a7ad071752e3001d931bf82c32dc\")\n [...]\n\n\n9 Using TLS Lite with SocketServer\n====================================\nYou can use TLS Lite to implement servers using Python's SocketServer\nframework. TLS Lite comes with a TLSSocketServerMixIn class. You can combine\nthis with a TCPServer such as HTTPServer. To combine them, define a new class\nthat inherits from both of them (with the mix-in first). Then implement the\nhandshake() method, doing some sort of server handshake on the connection\nargument. If the handshake method returns True, the RequestHandler will be\ntriggered. See the tests/httpsserver.py example.\n\n\n10 Using TLS Lite with asyncore\n================================\nTLS Lite can be used with subclasses of asyncore.dispatcher. See the comments\nin TLSAsyncDispatcherMixIn.py for details. This is still experimental, and\nmay not work with all asyncore.dispatcher subclasses.\n\n\n11 Security Considerations\n===========================\nTLS Lite is beta-quality code. It hasn't received much security analysis. Use\nat your own risk.\n\nTLS Lite does NOT verify certificates by default.\n\nTLS Lite's pure-python ciphers are probably vulnerable to timing attacks.\n\nTLS Lite is probably vulnerable to the \"Lucky 13\" timing attack if AES or 3DES\nare used, or the weak cipher RC4 otherwise. This unhappy situation will remain\nuntil TLS Lite implements authenticated-encryption ciphersuites (like GCM), or\nRFC 7366.\n\n\n12 History\n===========\n0.4.9 - 08/11/2015\n - Fixed denial of service (runtime exception) on malformed packet (Hubert Kario)\n - Fixed session caching bug (Mirko Dziadzka)\n - Fixed SRP spec non-compliance\n - Added FALLBACK_SCSV (David Benjamin)\n - Unit testing (Hubert Kario)\n - \"make test\" and \"make test-dev\" targets (Hubert Kario)\n0.4.8 - 11/12/2014\n - Added more acknowledgements and security considerations\n0.4.7 - 11/12/2014\n - Added TLS 1.2 support (Yngve Pettersen and Paul Sokolovsky)\n - Don't offer SSLv3 by default (e.g. POODLE)\n - Fixed bug with PyCrypto_RSA integration\n - Fixed harmless bug that added non-prime into sieves list\n - Added \"make test\" and \"make test-dev\" targets (Hubert Kario)\n0.4.5 - 3/20/2013\n - **API CHANGE**: TLSClosedConnectionError instead of ValueError when writing\n to a closed connection. This inherits from socket.error, so should \n interact better with SocketServer (see http://bugs.python.org/issue14574)\n and other things expecting a socket.error in this situation.\n - Added support for RC4-MD5 ciphersuite (if enabled in settings)\n - This is allegedly necessary to connect to some Internet servers.\n - Added TLSConnection.unread() function \n - Switched to New-style classes (inherit from 'object')\n - Minor cleanups\n0.4.4 - 2/25/2013\n - Added Python 3 support (Martin von Loewis)\n - Added NPN client support (Marcelo Fernandez)\n - Switched to RC4 as preferred cipher\n - faster in Python, avoids \"Lucky 13\" timing attacks\n - Fixed bug when specifying ciphers for anon ciphersuites\n - Made RSA hashAndVerify() tolerant of sigs w/o encoded NULL AlgorithmParam\n - (this function is not used for TLS currently, and this tolerance may\n not even be necessary)\n0.4.3 - 9/27/2012\n - Minor bugfix (0.4.2 doesn't load tackpy)\n0.4.2 - 9/25/2012\n - Updated TACK (compatible with tackpy 0.9.9)\n0.4.1 - 5/22/2012\n - Fixed RSA padding bugs (w/help from John Randolph)\n - Updated TACK (compatible with tackpy 0.9.7)\n - Added SNI\n - Added NPN server support (Sam Rushing/Google)\n - Added AnonDH (Dimitris Moraitis)\n - Added X509CertChain.parsePemList\n - Improved XML-RPC (Kees Bos)\n\n0.4.0 - 2/11/2012\n - Fixed pycrypto support\n - Fixed python 2.6 problems\n \n0.3.9.x - 2/7/2012\n\nMuch code cleanup, in particular decomposing the handshake functions so they\nare readable. The main new feature is support for TACK, an experimental\nauthentication method that provides a new way to pin server certificates (See\nhttps://github.com/moxie0/Convergence/wiki/TACK ).\n\nAlso:\n\n - Security Fixes\n - Sends SCSV ciphersuite as per RFC 5746, to signal non-renegotiated\n Client Hello. Does not support renegotiation (never has).\n - Change from e=3 to e=65537 for generated RSA keys, not strictly \n necessary but mitigates risk of sloppy verifier.\n - 1/(n-1) countermeasure for BEAST.\n\n - Behavior changes:\n - Split cmdline into tls.py and tlstest.py, improved options.\n - Formalized LICENSE.\n - Defaults to closing socket after sending close_notify, fixes hanging.\n problem that would occur sometime when waiting for other party's \n close_notify.\n - Update SRP to RFC 5054 compliance.\n - Removed client handshake \"callbacks\", no longer support the SRP \n re-handshake idiom within a single handshake function.\n\n - Bugfixes\n - Added hashlib support, removes Deprecation Warning due to sha and md5.\n - Handled GeneratorExit exceptions that are a new Python feature, and\n interfere with the async code if not handled.\n \n - Removed:\n - Shared keys (it was based on an ancient I-D, not TLS-PSK).\n - cryptlib support, it wasn't used much, we have enough other options.\n - cryptoIDs (TACK is better).\n - win32prng extension module, as os.urandom is now available.\n - Twisted integration (unused?, slowed down loading).\n - Jython code (ancient, didn't work).\n - Compat support for python versions < 2.7.\n\n - Additions\n - Support for TACK via TACKpy.\n - Support for CertificateRequest.certificate_authorities (\"reqCAs\")\n - Added TLSConnection.shutdown() to better mimic socket.\n - Enabled Session resumption for XMLRPCTransport.\n\n0.3.8 - 2/21/2005\n - Added support for poplib, imaplib, and smtplib\n - Added python 2.4 windows installer\n - Fixed occassional timing problems with test suite\n0.3.7 - 10/05/2004\n - Added support for Python 2.2\n - Cleaned up compatibility code, and docs, a bit\n0.3.6 - 9/28/2004\n - Fixed script installation on UNIX\n - Give better error message on old Python versions\n0.3.5 - 9/16/2004\n - TLS 1.1 support\n - os.urandom() support\n - Fixed win32prng on some systems\n0.3.4 - 9/12/2004\n - Updated for TLS/SRP draft 8\n - Bugfix: was setting _versioncheck on SRP 1st hello, causing problems\n with GnuTLS (which was offering TLS 1.1)\n - Removed _versioncheck checking, since it could cause interop problems\n - Minor bugfix: when cryptlib_py and and cryptoIDlib present, cryptlib\n was complaining about being initialized twice\n0.3.3 - 6/10/2004\n - Updated for TLS/SRP draft 7\n - Updated test cryptoID cert chains for cryptoIDlib 0.3.1\n0.3.2 - 5/21/2004\n - fixed bug when handling multiple handshake messages per record (e.g. IIS)\n0.3.1 - 4/21/2004\n - added xmlrpclib integration\n - fixed hanging bug in Twisted integration\n - fixed win32prng to work on a wider range of win32 sytems\n - fixed import problem with cryptoIDlib\n - fixed port allocation problem when test scripts are run on some UNIXes\n - made tolerant of buggy IE sending wrong version in premaster secret\n0.3.0 - 3/20/2004\n - added API docs thanks to epydoc\n - added X.509 path validation via cryptlib\n - much cleaning/tweaking/re-factoring/minor fixes\n0.2.7 - 3/12/2004\n - changed Twisted error handling to use connectionLost()\n - added ignoreAbruptClose\n0.2.6 - 3/11/2004\n - added Twisted errorHandler\n - added TLSAbruptCloseError\n - added 'integration' subdirectory\n0.2.5 - 3/10/2004\n - improved asynchronous support a bit\n - added first-draft of Twisted support\n0.2.4 - 3/5/2004\n - cleaned up asyncore support\n - added proof-of-concept for Twisted\n0.2.3 - 3/4/2004\n - added pycrypto RSA support\n - added asyncore support\n0.2.2 - 3/1/2004\n - added GMPY support\n - added pycrypto support\n - added support for PEM-encoded private keys, in pure python\n0.2.1 - 2/23/2004\n - improved PRNG use (cryptlib, or /dev/random, or CryptoAPI)\n - added RSA blinding, to avoid timing attacks\n - don't install local copy of M2Crypto, too problematic\n0.2.0 - 2/19/2004\n - changed VerifierDB to take per-user parameters\n - renamed tls_lite -> tlslite\n0.1.9 - 2/16/2004\n - added post-handshake 'Checker'\n - made compatible with Python 2.2\n - made more forgiving of abrupt closure, since everyone does it:\n if the socket is closed while sending/recv'ing close_notify,\n just ignore it.\n0.1.8 - 2/12/2004\n - TLSConnections now emulate sockets, including makefile()\n - HTTPTLSConnection and TLSMixIn simplified as a result\n0.1.7 - 2/11/2004\n - fixed httplib.HTTPTLSConnection with multiple requests\n - fixed SocketServer to handle close_notify\n - changed handshakeClientNoAuth() to ignore CertificateRequests\n - changed handshakeClient() to ignore non-resumable session arguments\n0.1.6 - 2/10/2004\n - fixed httplib support\n0.1.5 - 2/09/2004\n - added support for httplib and SocketServer\n - added support for SSLv3\n - added support for 3DES\n - cleaned up read()/write() behavior\n - improved HMAC speed\n0.1.4 - 2/06/2004\n - fixed dumb bug in tls.py\n0.1.3 - 2/05/2004\n - change read() to only return requested number of bytes\n - added support for shared-key and in-memory databases\n - added support for PEM-encoded X.509 certificates\n - added support for SSLv2 ClientHello\n - fixed shutdown/re-handshaking behavior\n - cleaned up handling of missing_srp_username\n - renamed readString()/writeString() -> read()/write()\n - added documentation\n0.1.2 - 2/04/2004\n - added clienttest/servertest functions\n - improved OpenSSL cipher wrappers speed\n - fixed server when it has a key, but client selects plain SRP\n - fixed server to postpone errors until it has read client's messages\n - fixed ServerHello to only include extension data if necessary\n0.1.1 - 2/02/2004\n - fixed close_notify behavior\n - fixed handling of empty application data packets\n - fixed socket reads to not consume extra bytes\n - added testing functions to tls.py\n0.1.0 - 2/01/2004\n - first release\n", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "http://trevp.net/tlslite/", "keywords": null, "license": "public domain and BSD", "maintainer": null, "maintainer_email": null, "name": "tlslite", "package_url": "https://pypi.org/project/tlslite/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/tlslite/", "project_urls": { "Download": "UNKNOWN", "Homepage": "http://trevp.net/tlslite/" }, "release_url": "https://pypi.org/project/tlslite/0.4.9/", "requires_dist": null, "requires_python": null, "summary": "tlslite implements SSL and TLS.", "version": "0.4.9" }, "last_serial": 1674022, "releases": { "0.3.8": [ { "comment_text": "", "digests": { "md5": "52d878a952b0ea483d2af9e481970212", "sha256": "c298bdcac0d6b576b599bf894bc14cca44182fc484b185ef25c1e14a2a2b3be2" }, "downloads": -1, "filename": "tlslite-0.3.8-py2.5-win32.egg", "has_sig": false, "md5_digest": "52d878a952b0ea483d2af9e481970212", "packagetype": "bdist_egg", "python_version": "2.5", "requires_python": null, "size": 244551, "upload_time": "2008-04-21T18:29:51", "url": "https://files.pythonhosted.org/packages/06/47/c61fb1808f43fb1ac7054098e13dfa80501024bf144040e5fcabf9647907/tlslite-0.3.8-py2.5-win32.egg" }, { "comment_text": "", "digests": { "md5": "5e1c19500e30fc7580939c18b435f937", "sha256": "3d79170d8c3a662fa717b6401e8004208df113aaf3b18689bbeb704a23bf5b9f" }, "downloads": -1, "filename": "tlslite-0.3.8.tar.gz", "has_sig": false, "md5_digest": "5e1c19500e30fc7580939c18b435f937", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 637558, "upload_time": "2012-02-29T05:39:05", "url": "https://files.pythonhosted.org/packages/6c/80/1be1931fa99e8caaff2a935a1da30c6385fb4217989322ede6ec622e39fb/tlslite-0.3.8.tar.gz" }, { "comment_text": "", "digests": { "md5": "be024200a199afe87d0a53a57ead41c3", "sha256": "e6b2800dfcedcaae481fb570ed2049c5f71dac761a18ba8faa7c038deda3c79b" }, "downloads": -1, "filename": "tlslite-0.3.8.win32-py2.5.exe", "has_sig": false, "md5_digest": "be024200a199afe87d0a53a57ead41c3", "packagetype": "bdist_wininst", "python_version": "2.5", "requires_python": null, "size": 171853, "upload_time": "2008-04-21T18:30:10", "url": "https://files.pythonhosted.org/packages/47/9b/a44de22c2ac4ab501c0e109d0112eec2ef94dd7e8d5fb47baf1f9a34a28d/tlslite-0.3.8.win32-py2.5.exe" } ], "0.4.0": [ { "comment_text": "", "digests": { "md5": "02889f0a46675a9bd4593ba081c1e57b", "sha256": "41054733c971695aa8ac5cdd22e259f4108f30403161bdace7ef23e6b2badeac" }, "downloads": -1, "filename": "tlslite-0.4.0.tar.gz", "has_sig": false, "md5_digest": "02889f0a46675a9bd4593ba081c1e57b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 532344, "upload_time": "2012-02-13T02:01:43", "url": "https://files.pythonhosted.org/packages/3b/e2/b74e1e4e83484e67c986bd0d30844ae6efcae4746663fd839cb580f85d4a/tlslite-0.4.0.tar.gz" } ], "0.4.1": [ { "comment_text": "", "digests": { "md5": "6b220730c34955cf709acf5fb96d3224", "sha256": "ae01fd74140cb00ca550304e41f5fe1a935cde1f1f4f351aed8861355bcd2047" }, "downloads": -1, "filename": "tlslite-0.4.1.tar.gz", "has_sig": false, "md5_digest": "6b220730c34955cf709acf5fb96d3224", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 562540, "upload_time": "2012-05-22T19:37:19", "url": "https://files.pythonhosted.org/packages/6b/84/c6bdd1db62917292a4fd33bfa1fd77b7c5613d20b28f567ee41bde661c93/tlslite-0.4.1.tar.gz" } ], "0.4.2": [ { "comment_text": "", "digests": { "md5": "5b3038634b1838a1c307a336bff3364b", "sha256": "f0cadcddc70bd796db64285cd0c13f52a99f692ff81d902e65e4b9e307e3a907" }, "downloads": -1, "filename": "tlslite-0.4.2.tar.gz", "has_sig": false, "md5_digest": "5b3038634b1838a1c307a336bff3364b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 87552, "upload_time": "2012-09-25T22:43:57", "url": "https://files.pythonhosted.org/packages/0f/6c/5942652746c5f662fa9eb539eeefd1aa62bf472903f29777198345c66abe/tlslite-0.4.2.tar.gz" } ], "0.4.3": [ { "comment_text": "", "digests": { "md5": "7a8305dcb66aef4f7a5180e3dcd5eaf3", "sha256": "6a67d8a0bec66183719c19c91f383bc1555545055aae4498af2e91fe9d79f813" }, "downloads": -1, "filename": "tlslite-0.4.3.tar.gz", "has_sig": false, "md5_digest": "7a8305dcb66aef4f7a5180e3dcd5eaf3", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 562090, "upload_time": "2012-09-27T20:50:32", "url": "https://files.pythonhosted.org/packages/41/d2/5838424cd57b259ef39a441cf691d4a70de6b7b9c6d7f2da679aa44f6599/tlslite-0.4.3.tar.gz" } ], "0.4.4": [ { "comment_text": "", "digests": { "md5": "1f8c4d37ed911b0b8d42703be0374618", "sha256": "6fd5252e873882919feecb999556872c2fcf5b8f57458b2423880d9872e30d91" }, "downloads": -1, "filename": "tlslite-0.4.4.tar.gz", "has_sig": false, "md5_digest": "1f8c4d37ed911b0b8d42703be0374618", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 564989, "upload_time": "2013-02-26T06:46:35", "url": "https://files.pythonhosted.org/packages/e0/2c/265de17b8d5049873f9e30d5437d8c47f7efd2e0ae7d826a28319a4cbc7b/tlslite-0.4.4.tar.gz" } ], "0.4.5": [ { "comment_text": "", "digests": { "md5": "c21f894312ac82608a9e9695fb3786b4", "sha256": "011a2cf666e3b3ae06a9ec0648ef595b23c2dccd22e180c61f68507997f27d0f" }, "downloads": -1, "filename": "tlslite-0.4.5.tar.gz", "has_sig": false, "md5_digest": "c21f894312ac82608a9e9695fb3786b4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 91689, "upload_time": "2013-03-21T03:29:30", "url": "https://files.pythonhosted.org/packages/7b/c8/c14d4d9ada5dee5a59f6a97ae9e89c48a47f81e8ee472d9e625972200a14/tlslite-0.4.5.tar.gz" } ], "0.4.6": [ { "comment_text": "", "digests": { "md5": "2f92ebea557802969653f29c7faafbc2", "sha256": "5a707af9afbd27cf99c87697ce2f7e87752cf160f20384212bc2d1d42ea7dd08" }, "downloads": -1, "filename": "tlslite-0.4.6.tar.gz", "has_sig": false, "md5_digest": "2f92ebea557802969653f29c7faafbc2", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 583268, "upload_time": "2013-03-21T03:44:14", "url": "https://files.pythonhosted.org/packages/29/cf/22c98d36af1f38150e2c0a79589fee799b72eeb91e49ce184e6f3ccb3991/tlslite-0.4.6.tar.gz" } ], "0.4.7": [ { "comment_text": "", "digests": { "md5": "0c35322980afb245d1975cb163c583ec", "sha256": "90a032864eb54ca77e56d768053935dedc603f1c82596b61901dae54871860c8" }, "downloads": -1, "filename": "tlslite-0.4.7.tar.gz", "has_sig": false, "md5_digest": "0c35322980afb245d1975cb163c583ec", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 562374, "upload_time": "2014-11-13T00:33:48", "url": "https://files.pythonhosted.org/packages/9e/67/36680c6d2ab3237a595af76aeec6c337b349be9a4adaa537fe1c416643d1/tlslite-0.4.7.tar.gz" } ], "0.4.8": [ { "comment_text": "", "digests": { "md5": "36c13858ea63f262c4e4291c2f9ae38f", "sha256": "d9b447048a322c70df800f540ab577c93ecf20de52c0a02c8621176e4733bdbb" }, "downloads": -1, "filename": "tlslite-0.4.8.tar.gz", "has_sig": false, "md5_digest": "36c13858ea63f262c4e4291c2f9ae38f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 563048, "upload_time": "2014-11-13T02:26:01", "url": "https://files.pythonhosted.org/packages/d4/d8/3a41b506ebc16ddccff743aa5fc24037befbef265079e90d40406064f2a4/tlslite-0.4.8.tar.gz" } ], "0.4.9": [ { "comment_text": "", "digests": { "md5": "9f3b3797f595dd66cd36a65c83a87869", "sha256": "9b9a487694c239efea8cec4454a99a56ee1ae1a5f3af0858ccf8029e2ac2d42d" }, "downloads": -1, "filename": "tlslite-0.4.9.tar.gz", "has_sig": false, "md5_digest": "9f3b3797f595dd66cd36a65c83a87869", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 105402, "upload_time": "2015-08-12T06:02:56", "url": "https://files.pythonhosted.org/packages/92/2b/7904cf913d9bf150b3e408a92c9cb5ce0b97a9ec19f998af48bf4c607f0e/tlslite-0.4.9.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "9f3b3797f595dd66cd36a65c83a87869", "sha256": "9b9a487694c239efea8cec4454a99a56ee1ae1a5f3af0858ccf8029e2ac2d42d" }, "downloads": -1, "filename": "tlslite-0.4.9.tar.gz", "has_sig": false, "md5_digest": "9f3b3797f595dd66cd36a65c83a87869", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 105402, "upload_time": "2015-08-12T06:02:56", "url": "https://files.pythonhosted.org/packages/92/2b/7904cf913d9bf150b3e408a92c9cb5ce0b97a9ec19f998af48bf4c607f0e/tlslite-0.4.9.tar.gz" } ] }