"Python Immplementation of TLS 1.3"
Project description
Welcome to pytls13 !
pytls13 implements a TLS 1.3 client and relies on pylurk for all cryptographic operations related to the client authentication.
pytl13 can be used as follows:
$ cd examples/cli/
$ ./tls_client --connectivity 'lib_cs' https://www.google.com
pytls13 leverages the Limited Use of Remote Keys (LURK) framework as well as it extension for TLS 1.3. draft-mglt-lurk-lurk draft-mglt-lurk-tls13.
LURK is a generic protocol whose purpose is to support specific interactions with a given cryptographic material, which is also known as Cryptographic Service (CS). In our case pytls13 implements the TLS Engine (E) while pylurk implements the CS as depicted below:
+----------------------------+
| TLS Engine (E) |
+------------^---------------+
| (LURK/TLS 1.3)
+------------v---------------+
| Cryptographic Service (CS) |
| private_keys |
+----------------------------+
TLS being split into a CS and an Engine
pytls13 documentation provides Examples of TLS 1.3 client and Using pytls13 and pylurk sections with detailed examples on how to combine the TLS engine (E) and the Crypto Service (CS) with. The LURK-T TLS 1.3 client section providing a complete example where the CS runs into a Trusted Execution Enclave (TEE) - SGX in our case.
Installation
Currently the cli scripts are not installed via pip3 package, so one need to install it manually from the git repo.
The simple installation is as follows:
- Install
pytls13andpylurkfrom the git repo.
`git clone https://github.com/mglt/pytls13.git`
`git clone https://github.com/mglt/pylurk.git tls13`. Note that for a very limited usage pip3 pylurk maybe sufficient.
3. Update in `tls_client`, in pytls13.git/example/cli`
* `CS_GRAMINE_DIR`: the location of the `pylurk.git/example/cli` directory
* `GRAMINE_DIR` the directory of the Gramine directory
* The path of the `pylurk` and `pytls13` modules indicated by the `sys.path.insert` directive.
For a more advamce usage - that is the CS please follow the `pylurk` installation steps.
For a more advance us involving to use of TEE please install Gramine.
## TODO:
* Include the cli in the pip3 package.
* Implement a tls server
* Re-organize classes and move TLS generic classes from tls_client_handler to tls_hanlder.
* Implement the post handshake authentication as well as 0-rtt
* Provide more standard TLS client API / server.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pytls13-0.0.1.tar.gz.
File metadata
- Download URL: pytls13-0.0.1.tar.gz
- Upload date:
- Size: 2.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 5940f9370f53acb3f2a04ea854b0779254b92e66353845fbfcd0a2b57f7f8e12 |
|
| MD5 | 7dc4093e709ad487b803aaf9102bedfd |
|
| BLAKE2b-256 | 09e7048795a386b4a7a68169d3ac58647b6ba64186fb28a04ebb36734e7698eb |
File details
Details for the file pytls13-0.0.1-py3-none-any.whl.
File metadata
- Download URL: pytls13-0.0.1-py3-none-any.whl
- Upload date:
- Size: 2.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 5a58d6008dea27643b741c74e197f3671974e8131981eb7e2d90e84ea36a729a |
|
| MD5 | d008bd5fd382ac965ead8df2e5a24938 |
|
| BLAKE2b-256 | 673a4cdd1a59770356c7f8b3e3d143b7927ebfdf9e50c2e80d074e7f3c81a2be |
