Home | Trees | Indices | Help |
---|
|
object --+ | HandshakeSettings
This class encapsulates various parameters that can be used with a TLS handshake.
|
|||
|
|||
|
|||
|
|||
Inherited from |
|
|||
int |
minKeySize The minimum bit length for asymmetric keys. |
||
int |
maxKeySize The maximum bit length for asymmetric keys. |
||
list |
cipherNames The allowed ciphers, in order of preference. |
||
list |
macNames The allowed MAC algorithms. |
||
list |
certificateTypes The allowed certificate types, in order of preference. |
||
tuple |
minVersion The minimum allowed SSL/TLS version. |
||
tuple |
maxVersion The maximum allowed SSL/TLS version. |
||
bool |
useExperimentalTackExtension Whether to enabled TACK support. |
|
|||
Inherited from |
|
x.__init__(...) initializes x; see help(type(x)) for signature
|
|
minKeySizeThe minimum bit length for asymmetric keys.If the other party tries to use SRP, RSA, or Diffie-Hellman parameters smaller than this length, an alert will be signalled. The default is 1023.
|
maxKeySizeThe maximum bit length for asymmetric keys.If the other party tries to use SRP, RSA, or Diffie-Hellman parameters larger than this length, an alert will be signalled. The default is 8193.
|
cipherNamesThe allowed ciphers, in order of preference.The allowed values in this list are 'aes256', 'aes128', '3des', and 'rc4'. If these settings are used with a client handshake, they determine the order of the ciphersuites offered in the ClientHello message. If these settings are used with a server handshake, the server will choose whichever ciphersuite matches the earliest entry in this list. NOTE: If '3des' is used in this list, but TLS Lite can't find an add-on library that supports 3DES, then '3des' will be silently removed. The default value is ['rc4', 'aes256', 'aes128', '3des'].
|
macNamesThe allowed MAC algorithms.The allowed values in this list are 'sha' and 'md5'. The default value is ['sha'].
|
certificateTypesThe allowed certificate types, in order of preference.The only allowed certificate type is 'x509'. This list is only used with a client handshake. The client will advertise to the server which certificate types are supported, and will check that the server uses one of the appropriate types.
|
minVersionThe minimum allowed SSL/TLS version.This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, or (3,2) for TLS 1.1. If the other party wishes to use a lower version, a protocol_version alert will be signalled. The default is (3,0).
|
maxVersionThe maximum allowed SSL/TLS version.This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, or (3,2) for TLS 1.1. If the other party wishes to use a higher version, a protocol_version alert will be signalled. The default is (3,2). (WARNING: Some servers may (improperly) reject clients which offer support for TLS 1.1. In this case, try lowering maxVersion to (3,1)).
|
useExperimentalTackExtensionWhether to enabled TACK support.Note that TACK support is not standardized by IETF and uses a temporary TLS Extension number, so should NOT be used in production software.
|
Home | Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 on Wed Mar 20 20:43:09 2013 | http://epydoc.sourceforge.net |