MCPcopy Index your code
hub / github.com/python/cpython / test_dual_rsa_ecc

Method test_dual_rsa_ecc

Lib/test/test_ssl.py:3387–3411  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

3385 self.assertTrue(cert, "Can't get peer certificate.")
3386
3387 def test_dual_rsa_ecc(self):
3388 client_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
3389 client_context.load_verify_locations(SIGNING_CA)
3390 # TODO: fix TLSv1.3 once SSLContext can restrict signature
3391 # algorithms.
3392 client_context.maximum_version = ssl.TLSVersion.TLSv1_2
3393 # only ECDSA certs
3394 client_context.set_ciphers('ECDHE:ECDSA:!NULL:!aRSA')
3395 hostname = SIGNED_CERTFILE_ECC_HOSTNAME
3396
3397 server_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
3398 # load ECC and RSA key/cert pairs
3399 server_context.load_cert_chain(SIGNED_CERTFILE_ECC)
3400 server_context.load_cert_chain(SIGNED_CERTFILE)
3401
3402 # correct hostname should verify
3403 server = ThreadedEchoServer(context=server_context, chatty=True)
3404 with server:
3405 with client_context.wrap_socket(socket.socket(),
3406 server_hostname=hostname) as s:
3407 s.connect((HOST, server.port))
3408 cert = s.getpeercert()
3409 self.assertTrue(cert, "Can't get peer certificate.")
3410 cipher = s.cipher()[0].split('-')
3411 self.assertTrue(cipher[:2], ('ECDHE', 'ECDSA'))
3412
3413 def test_check_hostname_idn(self, warnings_filters=True):
3414 if support.verbose:

Callers

nothing calls this directly

Calls 8

wrap_socketMethod · 0.95
ThreadedEchoServerClass · 0.85
socketMethod · 0.80
assertTrueMethod · 0.80
connectMethod · 0.45
getpeercertMethod · 0.45
splitMethod · 0.45
cipherMethod · 0.45

Tested by

no test coverage detected