fluidasserts.helper.ssl module

This module enables connections via SSL.

fluidasserts.helper.ssl.connect(hostname, port=443, check=None, min_version=(3, 0), max_version=(3, 3), cipher_names=None, key_exchange_names=None, anon=False, scsv=False, use_sni=True)

Establish a SSL/TLS connection.

Parameters

• hostname – Host name to connect to.

• port (int) – Port to connect. Defaults to 443.

• check (typing.Optional[str]) – Depending on this, choose padding method.

• min_version (typing.Tuple[int, int]) – Minimum SSL/TLS version acceptable. (Default TLS 1.0)

• max_version (typing.Tuple[int, int]) – Minimum SSL/TLS version acceptable. (Default TLS 1.2)

• cipher_names (typing.Optional[typing.List[str]]) – List of allowed ciphers.

• key_exchange_names (typing.Optional[typing.List[str]]) – List of exchange names.

• anon (bool) – Whether to make the handshake anonymously.

• scsv (bool) – Whether to use TLS_FALLBACK_SCSV.

Return type

typing.Generator[tlslite.tlsconnection.TLSConnection, None, None]

fluidasserts.helper.ssl.connect_legacy(hostname, port=443, ciphers='HIGH:!DH:!aNULL', validate_cert=False)

Establish a legacy SSL/TLS connection.

Parameters

• hostname (str) – Host name to connect to.

• port (int) – Port to connect. Defaults to 443.

• ciphers (str) – Encryption algorithms. Defaults to (as per Python’s SSL) 'DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2'.

Return type

typing.Generator[ssl.SSLSocket, None, None]