Home | Trees | Indices | Help |
---|
|
object --+ | HandshakeSettings
This class encapsulates various parameters that can be used with a TLS handshake.
|
|||
|
|||
|
|||
|
|||
Inherited from |
|
|||
int |
minKeySize The minimum bit length for asymmetric keys. |
||
int |
maxKeySize The maximum bit length for asymmetric keys. |
||
list |
cipherNames The allowed ciphers, in order of preference. |
||
list |
macNames The allowed MAC algorithms. |
||
list |
certificateTypes The allowed certificate types, in order of preference. |
||
tuple |
minVersion The minimum allowed SSL/TLS version. |
||
tuple |
maxVersion The maximum allowed SSL/TLS version. |
||
bool |
useExperimentalTackExtension Whether to enabled TACK support. |
|
|||
Inherited from |
|
x.__init__(...) initializes x; see help(type(x)) for signature
|
|
minKeySizeThe minimum bit length for asymmetric keys.If the other party tries to use SRP, RSA, or Diffie-Hellman parameters smaller than this length, an alert will be signalled. The default is 1023.
|
maxKeySizeThe maximum bit length for asymmetric keys.If the other party tries to use SRP, RSA, or Diffie-Hellman parameters larger than this length, an alert will be signalled. The default is 8193.
|
cipherNamesThe allowed ciphers, in order of preference.The allowed values in this list are 'aes256', 'aes128', '3des', and 'rc4'. If these settings are used with a client handshake, they determine the order of the ciphersuites offered in the ClientHello message. If these settings are used with a server handshake, the server will choose whichever ciphersuite matches the earliest entry in this list. NOTE: If '3des' is used in this list, but TLS Lite can't find an add-on library that supports 3DES, then '3des' will be silently removed. The default value is ['rc4', 'aes256', 'aes128', '3des'].
|
macNamesThe allowed MAC algorithms.The allowed values in this list are 'sha' and 'md5'. The default value is ['sha'].
|
certificateTypesThe allowed certificate types, in order of preference.The only allowed certificate type is 'x509'. This list is only used with a client handshake. The client will advertise to the server which certificate types are supported, and will check that the server uses one of the appropriate types.
|
minVersionThe minimum allowed SSL/TLS version.This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, (3,2) for TLS 1.1, or (3,3) for TLS 1.2. If the other party wishes to use a lower version, a protocol_version alert will be signalled. The default is (3,1).
|
maxVersionThe maximum allowed SSL/TLS version.This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, (3,2) for TLS 1.1, or (3,3) for TLS 1.2. If the other party wishes to use a higher version, a protocol_version alert will be signalled. The default is (3,3). (WARNING: Some servers may (improperly) reject clients which offer support for TLS 1.1. In this case, try lowering maxVersion to (3,1)).
|
useExperimentalTackExtensionWhether to enabled TACK support.Note that TACK support is not standardized by IETF and uses a temporary TLS Extension number, so should NOT be used in production software.
|
Home | Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 on Wed Nov 12 16:23:49 2014 | http://epydoc.sourceforge.net |