Certificate verification

svn path=/scripts/tls-client.py; revision=2476
author: Rob Austein <sra@hactrn.net> 2009-05-30 03:15:05 +0000
committer: Rob Austein <sra@hactrn.net> 2009-05-30 03:15:05 +0000
commit: 4448460b779c6e138b4c8e37e02bac0bd41fc1d0 (patch)
tree: 9b489cb20b9407e2837b35924441c6340c4f66a8 /scripts/tls-client.py
parent: 197a4c0d4279904afa14884bf9860c287de7e386 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/scripts/tls-client.py b/scripts/tls-client.py
index 552501ff..d0c59f3e 100644
--- a/scripts/tls-client.py
+++ b/scripts/tls-client.py
@@ -2,10 +2,20 @@
 
 import socket, POW, time
 
+key = POW.pemRead(POW.RSA_PRIVATE_KEY, open("Carol.key", "r").read())
+cer = POW.pemRead(POW.X509_CERTIFICATE, open("Carol.cer", "r").read())
+ta  = POW.pemRead(POW.X509_CERTIFICATE, open("Alice-TA.cer", "r").read())
+
 s = socket.socket()
 s.connect(('',6666))
 
 ssl = POW.Ssl(POW.TLSV1_CLIENT_METHOD)
+
+ssl.useCertificate(cer)
+ssl.useKey(key)
+ssl.setVerifyMode(POW.SSL_VERIFY_PEER | POW.SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
+ssl.trustCertificate(ta)
+
 ssl.setFd(s.fileno())
 ssl.connect()
author	Rob Austein <sra@hactrn.net>	2009-05-30 03:15:05 +0000
committer	Rob Austein <sra@hactrn.net>	2009-05-30 03:15:05 +0000
commit	4448460b779c6e138b4c8e37e02bac0bd41fc1d0 (patch)
tree	9b489cb20b9407e2837b35924441c6340c4f66a8 /scripts/tls-client.py
parent	197a4c0d4279904afa14884bf9860c287de7e386 (diff)