MCPcopy Index your code
hub / github.com/python/cpython / test_ecc_cert

Method test_ecc_cert

Lib/test/test_ssl.py:3334–3353  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

3332 s.connect((HOST, server.port))
3333
3334 def test_ecc_cert(self):
3335 client_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
3336 client_context.load_verify_locations(SIGNING_CA)
3337 client_context.set_ciphers('ECDHE:ECDSA:!NULL:!aRSA')
3338 hostname = SIGNED_CERTFILE_ECC_HOSTNAME
3339
3340 server_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
3341 # load ECC cert
3342 server_context.load_cert_chain(SIGNED_CERTFILE_ECC)
3343
3344 # correct hostname should verify
3345 server = ThreadedEchoServer(context=server_context, chatty=True)
3346 with server:
3347 with client_context.wrap_socket(socket.socket(),
3348 server_hostname=hostname) as s:
3349 s.connect((HOST, server.port))
3350 cert = s.getpeercert()
3351 self.assertTrue(cert, "Can't get peer certificate.")
3352 cipher = s.cipher()[0].split('-')
3353 self.assertTrue(cipher[:2], ('ECDHE', 'ECDSA'))
3354
3355 @unittest.skipUnless(IS_OPENSSL_3_0_0,
3356 "test requires RFC 5280 check added in OpenSSL 3.0+")

Callers

nothing calls this directly

Calls 8

wrap_socketMethod · 0.95
ThreadedEchoServerClass · 0.85
socketMethod · 0.80
assertTrueMethod · 0.80
connectMethod · 0.45
getpeercertMethod · 0.45
splitMethod · 0.45
cipherMethod · 0.45

Tested by

no test coverage detected