How to use the nassl.TLSV1_2 function in nassl
To help you get started, we’ve selected a few nassl examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
iSECPartners / sslyze / utils / ServersConnectivityTester.py View on Github 
raise InvalidTargetError(targetStr, '{0}: {1}'.format(str(type(e).__name__), e[0]))
finally:
sslCon.close()
# Then try to do SSL handshakes just to figure out the SSL version
# supported by the server; the plugins need to know this in advance.
# If the handshakes fail, we keep going anyway; maybe the server
# only supports exotic cipher suites
sslSupport = SSLV23
# No connection retry when testing connectivity
tweak_shared_settings = shared_settings.copy()
tweak_shared_settings['nb_retries'] = 1
for sslVersion in [TLSV1, SSLV23, SSLV3, TLSV1_2]:
sslCon = create_sslyze_connection((host, ipAddr, port, sslVersion),
tweak_shared_settings)
try:
sslCon.connect()
except:
pass
else:
sslSupport = sslVersion
break
finally:
sslCon.close()
return host, ipAddr, port, sslSupportdef process_task(self, target, command, args):
MAX_THREADS = 15
sslVersionDict = {'sslv2': SSLV2,
'sslv3': SSLV3,
'tlsv1': TLSV1,
'tlsv1_1': TLSV1_1,
'tlsv1_2': TLSV1_2}
try:
sslVersion = sslVersionDict[command]
except KeyError:
raise Exception("PluginOpenSSLCipherSuites: Unknown command.")
# Get the list of available cipher suites for the given ssl version
sslClient = SslClient(sslVersion=sslVersion)
sslClient.set_cipher_list('ALL:COMPLEMENTOFALL')
cipher_list = sslClient.get_cipher_list()
# Create a thread pool
NB_THREADS = min(len(cipher_list), MAX_THREADS) # One thread per cipher
thread_pool = ThreadPool()
# Scan for every available cipher suite
for cipher in cipher_list:def process_task(self, target, command, args):
MAX_THREADS = 30
sslVersionDict = {'sslv2': SSLV2,
'sslv3': SSLV3,
'tlsv1': TLSV1,
'tlsv1_1': TLSV1_1,
'tlsv1_2': TLSV1_2}
try:
sslVersion = sslVersionDict[command]
except KeyError:
raise Exception("PluginOpenSSLCipherSuites: Unknown command.")
# Get the list of available cipher suites for the given ssl version
sslClient = SslClient(sslVersion=sslVersion)
sslClient.set_cipher_list('ALL:COMPLEMENTOFALL')
cipher_list = sslClient.get_cipher_list()
# Create a thread pool
NB_THREADS = min(len(cipher_list), MAX_THREADS) # One thread per cipher
thread_pool = ThreadPool()
# Scan for every available cipher suite
for cipher in cipher_list:def heartbleed_payload(sslVersion):
# This heartbleed payload does not exploit the server
# https://blog.mozilla.org/security/2014/04/12/testing-for-heartbleed-vulnerability-without-exploiting-the-server/
SSL_VERSION_MAPPING = {
SSLV3 : '\x00', # Surprising that it works with SSL 3 which doesn't define TLS extensions
TLSV1 : '\x01',
TLSV1_1: '\x02',
TLSV1_2: '\x03'}
payload = (
'\x18' # Record type - Heartbeat
'\x03{0}' # TLS version
'\x40\x00' # Record length
'\x01' # Heartbeat type - Request
'\x3f\xfd') # Heartbeat length
payload += '\x01'*16381 # Heartbeat data
payload += ( # Second Heartbeat request with no padding
'\x18' # Record type - Heartbeat
'\x03{0}'
'\x00\x03\x01\x00\x00'
)nassl
Experimental OpenSSL wrapper for Python 3.8+ and SSLyze.
Package Health Score
74 / 100Popular nassl functions
- nassl._nassl
- nassl._nassl.OpenSSLError
- nassl._nassl.WantReadError
- nassl.ssl_client.OpenSslVersionEnum
- nassl.ssl_client.OpenSslVersionEnum.SSLV23
- nassl.SSL_FILETYPE_ASN1
- nassl.SSL_FILETYPE_PEM
- nassl.SSL_OP_NO_TICKET
- nassl.SSL_VERIFY_NONE
- nassl.SslClient.ClientCertificateRequested
- nassl.SslClient.SslClient
- nassl.SSLV2
- nassl.SSLV23
- nassl.SSLV3
- nassl.TLSV1
- nassl.TLSV1_1
- nassl.TLSV1_2
- nassl.X509_NAME_MATCHES_CN
- nassl.X509_NAME_MATCHES_SAN
- nassl.X509_NAME_MISMATCH