ssl 및 소켓을 사용하여 파이썬 클라이언트 인증

Question

인증서를 사용하여 인증하는 데 클라이언트가 필요한 파이썬 서버가 있는데 어떻게 클라이언트 인증을 사용하는 클라이언트 스크립트를 ssl 및 소켓 모듈을 사용하여 파이썬에서 서버로 인증 할 수 있습니까?

예를 들어,이 소켓과 ssl을 사용하는 경우에만 비틀림이 발생합니까?

from OpenSSL import SSL 
from twisted.internet import ssl, reactor 
from twisted.internet.protocol import ClientFactory, Protocol 

class EchoClient(Protocol): 
    def connectionMade(self): 
    "print connected" 

    def dataReceived(self, data): 
     print "Server said:", data 
     self.transport.loseConnection() 

class EchoClientFactory(ClientFactory): 
    protocol = EchoClient 

    def clientConnectionFailed(self, connector, reason): 
     print "Connection failed - goodbye!" 
     reactor.stop() 

    def clientConnectionLost(self, connector, reason): 
     print "Connection lost - goodbye!" 
     reactor.stop() 

class CtxFactory(ssl.ClientContextFactory): 
    def getContext(self): 
     self.method = SSL.TLSv1_METHOD 
     ctx = ssl.ClientContextFactory.getContext(self) 
     ctx.use_certificate_file('client.crt') 
     ctx.use_privatekey_file('client.key') 
     return ctx 

if __name__ == '__main__': 

    factory = EchoClientFactory() 
    reactor.connectSSL('localhost', 8080, factory, CtxFactory()) 
    reactor.run() 

Answer 1

import socket, ssl, pprint 

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 

# require a certificate from the server 
ssl_sock = ssl.wrap_socket(s, 
       keyfile="client.key", 
       certfile="client.crt", 
       ca_certs="ca.crt", 
       cert_reqs=ssl.CERT_REQUIRED) 

ssl_sock.connect(('127.0.0.1', 8080)) 

print repr(ssl_sock.getpeername()) 
print ssl_sock.cipher() 
print pprint.pformat(ssl_sock.getpeercert()) 

ssl_sock.write("testing") 
data = ssl_sock.read() 
print data 

ssl_sock.close()