pydocs/gdata.tlslite.integration.ClientHelper.html - chromiumos/third_party/gdata - Git at Google


 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
 <html><head><title>Python: module gdata.tlslite.integration.ClientHelper</title>
 </head><body bgcolor="#f0f0f8">

 <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="heading">
 <tr bgcolor="#7799ee">
 <td valign=bottom>&nbsp;<br>
 <font color="#ffffff" face="helvetica, arial">&nbsp;<br><big><big><strong><a href="gdata.html"><font color="#ffffff">gdata</font></a>.<a href="gdata.tlslite.html"><font color="#ffffff">tlslite</font></a>.<a href="gdata.tlslite.integration.html"><font color="#ffffff">integration</font></a>.ClientHelper</strong></big></big></font></td
 ><td align=right valign=bottom
 ><font color="#ffffff" face="helvetica, arial"><a href=".">index</a><br><a href="file:/usr/local/google/home/afshar/src/external-gdata-release/google3/src/gdata/tlslite/integration/ClientHelper.py">/usr/local/google/home/afshar/src/external-gdata-release/google3/src/gdata/tlslite/integration/ClientHelper.py</a></font></td></tr></table>
     <p><tt>A&nbsp;helper&nbsp;class&nbsp;for&nbsp;using&nbsp;TLS&nbsp;Lite&nbsp;with&nbsp;stdlib&nbsp;clients<br>
 (httplib,&nbsp;xmlrpclib,&nbsp;imaplib,&nbsp;poplib).</tt></p>
 <p>
 <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section">
 <tr bgcolor="#ee77aa">
 <td colspan=3 valign=bottom>&nbsp;<br>
 <font color="#ffffff" face="helvetica, arial"><big><strong>Classes</strong></big></font></td></tr>

 <tr><td bgcolor="#ee77aa"><tt>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</tt></td><td>&nbsp;</td>
 <td width="100%"><dl>
 <dt><font face="helvetica, arial"><a href="gdata.tlslite.integration.ClientHelper.html#ClientHelper">ClientHelper</a>
 </font></dt></dl>
  <p>
 <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section">
 <tr bgcolor="#ffc8d8">
 <td colspan=3 valign=bottom>&nbsp;<br>
 <font color="#000000" face="helvetica, arial"><a name="ClientHelper">class <strong>ClientHelper</strong></a></font></td></tr>

 <tr bgcolor="#ffc8d8"><td rowspan=2><tt>&nbsp;&nbsp;&nbsp;</tt></td>
 <td colspan=2><tt>This&nbsp;is&nbsp;a&nbsp;helper&nbsp;class&nbsp;used&nbsp;to&nbsp;integrate&nbsp;TLS&nbsp;Lite&nbsp;with&nbsp;various<br>
 TLS&nbsp;clients&nbsp;(e.g.&nbsp;poplib,&nbsp;smtplib,&nbsp;httplib,&nbsp;etc.)<br>&nbsp;</tt></td></tr>
 <tr><td>&nbsp;</td>
 <td width="100%">Methods defined here:<br>
 <dl><dt><a name="ClientHelper-__init__"><strong>__init__</strong></a>(self, username<font color="#909090">=None</font>, password<font color="#909090">=None</font>, sharedKey<font color="#909090">=None</font>, certChain<font color="#909090">=None</font>, privateKey<font color="#909090">=None</font>, cryptoID<font color="#909090">=None</font>, protocol<font color="#909090">=None</font>, x509Fingerprint<font color="#909090">=None</font>, x509TrustList<font color="#909090">=None</font>, x509CommonName<font color="#909090">=None</font>, settings<font color="#909090">=None</font>)</dt><dd><tt>For&nbsp;client&nbsp;authentication,&nbsp;use&nbsp;one&nbsp;of&nbsp;these&nbsp;argument<br>
 combinations:<br>
 &nbsp;-&nbsp;username,&nbsp;password&nbsp;(SRP)<br>
 &nbsp;-&nbsp;username,&nbsp;sharedKey&nbsp;(shared-key)<br>
 &nbsp;-&nbsp;certChain,&nbsp;privateKey&nbsp;(certificate)<br>
 &nbsp;<br>
 For&nbsp;server&nbsp;authentication,&nbsp;you&nbsp;can&nbsp;either&nbsp;rely&nbsp;on&nbsp;the<br>
 implicit&nbsp;mutual&nbsp;authentication&nbsp;performed&nbsp;by&nbsp;SRP&nbsp;or<br>
 shared-keys,&nbsp;or&nbsp;you&nbsp;can&nbsp;do&nbsp;certificate-based&nbsp;server<br>
 authentication&nbsp;with&nbsp;one&nbsp;of&nbsp;these&nbsp;argument&nbsp;combinations:<br>
 &nbsp;-&nbsp;cryptoID[,&nbsp;protocol]&nbsp;(requires&nbsp;cryptoIDlib)<br>
 &nbsp;-&nbsp;x509Fingerprint<br>
 &nbsp;-&nbsp;x509TrustList[,&nbsp;x509CommonName]&nbsp;(requires&nbsp;cryptlib_py)<br>
 &nbsp;<br>
 Certificate-based&nbsp;server&nbsp;authentication&nbsp;is&nbsp;compatible&nbsp;with<br>
 SRP&nbsp;or&nbsp;certificate-based&nbsp;client&nbsp;authentication.&nbsp;&nbsp;It&nbsp;is<br>
 not&nbsp;compatible&nbsp;with&nbsp;shared-keys.<br>
 &nbsp;<br>
 The&nbsp;constructor&nbsp;does&nbsp;not&nbsp;perform&nbsp;the&nbsp;TLS&nbsp;handshake&nbsp;itself,&nbsp;but<br>
 simply&nbsp;stores&nbsp;these&nbsp;arguments&nbsp;for&nbsp;later.&nbsp;&nbsp;The&nbsp;handshake&nbsp;is<br>
 performed&nbsp;only&nbsp;when&nbsp;this&nbsp;class&nbsp;needs&nbsp;to&nbsp;connect&nbsp;with&nbsp;the<br>
 server.&nbsp;&nbsp;Then&nbsp;you&nbsp;should&nbsp;be&nbsp;prepared&nbsp;to&nbsp;handle&nbsp;TLS-specific<br>
 exceptions.&nbsp;&nbsp;See&nbsp;the&nbsp;client&nbsp;handshake&nbsp;functions&nbsp;in<br>
 L{tlslite.TLSConnection.TLSConnection}&nbsp;for&nbsp;details&nbsp;on&nbsp;which<br>
 exceptions&nbsp;might&nbsp;be&nbsp;raised.<br>
 &nbsp;<br>
 @type&nbsp;username:&nbsp;str<br>
 @param&nbsp;username:&nbsp;SRP&nbsp;or&nbsp;shared-key&nbsp;username.&nbsp;&nbsp;Requires&nbsp;the<br>
 'password'&nbsp;or&nbsp;'sharedKey'&nbsp;argument.<br>
 &nbsp;<br>
 @type&nbsp;password:&nbsp;str<br>
 @param&nbsp;password:&nbsp;SRP&nbsp;password&nbsp;for&nbsp;mutual&nbsp;authentication.<br>
 Requires&nbsp;the&nbsp;'username'&nbsp;argument.<br>
 &nbsp;<br>
 @type&nbsp;sharedKey:&nbsp;str<br>
 @param&nbsp;sharedKey:&nbsp;Shared&nbsp;key&nbsp;for&nbsp;mutual&nbsp;authentication.<br>
 Requires&nbsp;the&nbsp;'username'&nbsp;argument.<br>
 &nbsp;<br>
 @type&nbsp;certChain:&nbsp;L{tlslite.X509CertChain.X509CertChain}&nbsp;or<br>
 L{cryptoIDlib.CertChain.CertChain}<br>
 @param&nbsp;certChain:&nbsp;Certificate&nbsp;chain&nbsp;for&nbsp;client&nbsp;authentication.<br>
 Requires&nbsp;the&nbsp;'privateKey'&nbsp;argument.&nbsp;&nbsp;Excludes&nbsp;the&nbsp;SRP&nbsp;or<br>
 shared-key&nbsp;related&nbsp;arguments.<br>
 &nbsp;<br>
 @type&nbsp;privateKey:&nbsp;L{tlslite.utils.RSAKey.RSAKey}<br>
 @param&nbsp;privateKey:&nbsp;Private&nbsp;key&nbsp;for&nbsp;client&nbsp;authentication.<br>
 Requires&nbsp;the&nbsp;'certChain'&nbsp;argument.&nbsp;&nbsp;Excludes&nbsp;the&nbsp;SRP&nbsp;or<br>
 shared-key&nbsp;related&nbsp;arguments.<br>
 &nbsp;<br>
 @type&nbsp;cryptoID:&nbsp;str<br>
 @param&nbsp;cryptoID:&nbsp;cryptoID&nbsp;for&nbsp;server&nbsp;authentication.&nbsp;&nbsp;Mutually<br>
 exclusive&nbsp;with&nbsp;the&nbsp;'x509...'&nbsp;arguments.<br>
 &nbsp;<br>
 @type&nbsp;protocol:&nbsp;str<br>
 @param&nbsp;protocol:&nbsp;cryptoID&nbsp;protocol&nbsp;URI&nbsp;for&nbsp;server<br>
 authentication.&nbsp;&nbsp;Requires&nbsp;the&nbsp;'cryptoID'&nbsp;argument.<br>
 &nbsp;<br>
 @type&nbsp;x509Fingerprint:&nbsp;str<br>
 @param&nbsp;x509Fingerprint:&nbsp;Hex-encoded&nbsp;X.509&nbsp;fingerprint&nbsp;for<br>
 server&nbsp;authentication.&nbsp;&nbsp;Mutually&nbsp;exclusive&nbsp;with&nbsp;the&nbsp;'cryptoID'<br>
 and&nbsp;'x509TrustList'&nbsp;arguments.<br>
 &nbsp;<br>
 @type&nbsp;x509TrustList:&nbsp;list&nbsp;of&nbsp;L{tlslite.X509.X509}<br>
 @param&nbsp;x509TrustList:&nbsp;A&nbsp;list&nbsp;of&nbsp;trusted&nbsp;root&nbsp;certificates.&nbsp;&nbsp;The<br>
 other&nbsp;party&nbsp;must&nbsp;present&nbsp;a&nbsp;certificate&nbsp;chain&nbsp;which&nbsp;extends&nbsp;to<br>
 one&nbsp;of&nbsp;these&nbsp;root&nbsp;certificates.&nbsp;&nbsp;The&nbsp;cryptlib_py&nbsp;module&nbsp;must&nbsp;be<br>
 installed&nbsp;to&nbsp;use&nbsp;this&nbsp;parameter.&nbsp;&nbsp;Mutually&nbsp;exclusive&nbsp;with&nbsp;the<br>
 'cryptoID'&nbsp;and&nbsp;'x509Fingerprint'&nbsp;arguments.<br>
 &nbsp;<br>
 @type&nbsp;x509CommonName:&nbsp;str<br>
 @param&nbsp;x509CommonName:&nbsp;The&nbsp;end-entity&nbsp;certificate's&nbsp;'CN'&nbsp;field<br>
 must&nbsp;match&nbsp;this&nbsp;value.&nbsp;&nbsp;For&nbsp;a&nbsp;web&nbsp;server,&nbsp;this&nbsp;is&nbsp;typically&nbsp;a<br>
 server&nbsp;name&nbsp;such&nbsp;as&nbsp;'www.amazon.com'.&nbsp;&nbsp;Mutually&nbsp;exclusive&nbsp;with<br>
 the&nbsp;'cryptoID'&nbsp;and&nbsp;'x509Fingerprint'&nbsp;arguments.&nbsp;&nbsp;Requires&nbsp;the<br>
 'x509TrustList'&nbsp;argument.<br>
 &nbsp;<br>
 @type&nbsp;settings:&nbsp;L{tlslite.HandshakeSettings.HandshakeSettings}<br>
 @param&nbsp;settings:&nbsp;Various&nbsp;settings&nbsp;which&nbsp;can&nbsp;be&nbsp;used&nbsp;to&nbsp;control<br>
 the&nbsp;ciphersuites,&nbsp;certificate&nbsp;types,&nbsp;and&nbsp;SSL/TLS&nbsp;versions<br>
 offered&nbsp;by&nbsp;the&nbsp;client.</tt></dd></dl>

 </td></tr></table></td></tr></table>
 </body></html>

	<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
	<html><head><title>Python: module gdata.tlslite.integration.ClientHelper</title>
	</head><body bgcolor="#f0f0f8">

	<table width="100%" cellspacing=0 cellpadding=2 border=0 summary="heading">
	<tr bgcolor="#7799ee">
	<td valign=bottom> <br>
	<font color="#ffffff" face="helvetica, arial"> <br><big><big><strong><a href="gdata.html"><font color="#ffffff">gdata</font></a>.<a href="gdata.tlslite.html"><font color="#ffffff">tlslite</font></a>.<a href="gdata.tlslite.integration.html"><font color="#ffffff">integration</font></a>.ClientHelper</strong></big></big></font></td
	><td align=right valign=bottom
	><font color="#ffffff" face="helvetica, arial"><a href=".">index</a><br><a href="file:/usr/local/google/home/afshar/src/external-gdata-release/google3/src/gdata/tlslite/integration/ClientHelper.py">/usr/local/google/home/afshar/src/external-gdata-release/google3/src/gdata/tlslite/integration/ClientHelper.py</a></font></td></tr></table>
	<p><tt>A helper class for using TLS Lite with stdlib clients<br>
	(httplib, xmlrpclib, imaplib, poplib).</tt></p>
	<p>
	<table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section">
	<tr bgcolor="#ee77aa">
	<td colspan=3 valign=bottom> <br>
	<font color="#ffffff" face="helvetica, arial"><big><strong>Classes</strong></big></font></td></tr>

	<tr><td bgcolor="#ee77aa"><tt>      </tt></td><td> </td>
	<td width="100%"><dl>
	<dt><font face="helvetica, arial"><a href="gdata.tlslite.integration.ClientHelper.html#ClientHelper">ClientHelper</a>
	</font></dt></dl>
	<p>
	<table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section">
	<tr bgcolor="#ffc8d8">
	<td colspan=3 valign=bottom> <br>
	<font color="#000000" face="helvetica, arial"><a name="ClientHelper">class <strong>ClientHelper</strong></a></font></td></tr>

	<tr bgcolor="#ffc8d8"><td rowspan=2><tt>   </tt></td>
	<td colspan=2><tt>This is a helper class used to integrate TLS Lite with various<br>
	TLS clients (e.g. poplib, smtplib, httplib, etc.)<br> </tt></td></tr>
	<tr><td> </td>
	<td width="100%">Methods defined here:<br>
	<dl><dt><a name="ClientHelper-__init__"><strong>__init__</strong></a>(self, username<font color="#909090">=None</font>, password<font color="#909090">=None</font>, sharedKey<font color="#909090">=None</font>, certChain<font color="#909090">=None</font>, privateKey<font color="#909090">=None</font>, cryptoID<font color="#909090">=None</font>, protocol<font color="#909090">=None</font>, x509Fingerprint<font color="#909090">=None</font>, x509TrustList<font color="#909090">=None</font>, x509CommonName<font color="#909090">=None</font>, settings<font color="#909090">=None</font>)</dt><dd><tt>For client authentication, use one of these argument<br>
	combinations:<br>
	- username, password (SRP)<br>
	- username, sharedKey (shared-key)<br>
	- certChain, privateKey (certificate)<br>
	<br>
	For server authentication, you can either rely on the<br>
	implicit mutual authentication performed by SRP or<br>
	shared-keys, or you can do certificate-based server<br>
	authentication with one of these argument combinations:<br>
	- cryptoID[, protocol] (requires cryptoIDlib)<br>
	- x509Fingerprint<br>
	- x509TrustList[, x509CommonName] (requires cryptlib_py)<br>
	<br>
	Certificate-based server authentication is compatible with<br>
	SRP or certificate-based client authentication.  It is<br>
	not compatible with shared-keys.<br>
	<br>
	The constructor does not perform the TLS handshake itself, but<br>
	simply stores these arguments for later.  The handshake is<br>
	performed only when this class needs to connect with the<br>
	server.  Then you should be prepared to handle TLS-specific<br>
	exceptions.  See the client handshake functions in<br>
	L{tlslite.TLSConnection.TLSConnection} for details on which<br>
	exceptions might be raised.<br>
	<br>
	@type username: str<br>
	@param username: SRP or shared-key username.  Requires the<br>
	'password' or 'sharedKey' argument.<br>
	<br>
	@type password: str<br>
	@param password: SRP password for mutual authentication.<br>
	Requires the 'username' argument.<br>
	<br>
	@type sharedKey: str<br>
	@param sharedKey: Shared key for mutual authentication.<br>
	Requires the 'username' argument.<br>
	<br>
	@type certChain: L{tlslite.X509CertChain.X509CertChain} or<br>
	L{cryptoIDlib.CertChain.CertChain}<br>
	@param certChain: Certificate chain for client authentication.<br>
	Requires the 'privateKey' argument.  Excludes the SRP or<br>
	shared-key related arguments.<br>
	<br>
	@type privateKey: L{tlslite.utils.RSAKey.RSAKey}<br>
	@param privateKey: Private key for client authentication.<br>
	Requires the 'certChain' argument.  Excludes the SRP or<br>
	shared-key related arguments.<br>
	<br>
	@type cryptoID: str<br>
	@param cryptoID: cryptoID for server authentication.  Mutually<br>
	exclusive with the 'x509...' arguments.<br>
	<br>
	@type protocol: str<br>
	@param protocol: cryptoID protocol URI for server<br>
	authentication.  Requires the 'cryptoID' argument.<br>
	<br>
	@type x509Fingerprint: str<br>
	@param x509Fingerprint: Hex-encoded X.509 fingerprint for<br>
	server authentication.  Mutually exclusive with the 'cryptoID'<br>
	and 'x509TrustList' arguments.<br>
	<br>
	@type x509TrustList: list of L{tlslite.X509.X509}<br>
	@param x509TrustList: A list of trusted root certificates.  The<br>
	other party must present a certificate chain which extends to<br>
	one of these root certificates.  The cryptlib_py module must be<br>
	installed to use this parameter.  Mutually exclusive with the<br>
	'cryptoID' and 'x509Fingerprint' arguments.<br>
	<br>
	@type x509CommonName: str<br>
	@param x509CommonName: The end-entity certificate's 'CN' field<br>
	must match this value.  For a web server, this is typically a<br>
	server name such as 'www.amazon.com'.  Mutually exclusive with<br>
	the 'cryptoID' and 'x509Fingerprint' arguments.  Requires the<br>
	'x509TrustList' argument.<br>
	<br>
	@type settings: L{tlslite.HandshakeSettings.HandshakeSettings}<br>
	@param settings: Various settings which can be used to control<br>
	the ciphersuites, certificate types, and SSL/TLS versions<br>
	offered by the client.</tt></dd></dl>

	</td></tr></table></td></tr></table>
	</body></html>