TLS1.3 protocol wrapper
Project description
tinytls is a pure python TLS1.3 protocol wrapper.
As a result of learning TLS1.3, I wrote this as a sample implementation of TLS1.3 client.
Builtin ssl module (CPython3.7+, OpenSSL1.1.1+) can use as TLS1.3 client, so there is no advantage to use it especially in Python 3.
Restriction
Available TLS1.3 only, not TLS1.2 or under.
Support TLS_CHACHA20_POLY1305_SHA256 cipher suite only.
Support X25519 key exchange only.
It does not verify TLS certificate.
Not support 0-RTT
Client certificate authentication is not available.
Supported Python
Python3.7+
MicroPython
Example
CPython
import socket import tinytls hostname = "enabled.tls13.com" sock = socket.create_connection((hostname, 443)) with tinytls.wrap_socket(sock) as ssock: ssock.send("GET / HTTP/1.1\r\nHost:{}\r\n\r\n".format(hostname).encode()) print(ssock.recv(4096).decode())
MicroPython
import usocket import tinytls hostname = "enabled.tls13.com" sock = usocket.socket() sock.connect(usocket.getaddrinfo(hostname, 443)[0][-1]) with tinytls.wrap_socket(sock) as ssock: ssock.send("GET / HTTP/1.1\r\nHost:{}\r\n\r\n".format(hostname).encode()) print(ssock.recv(4096).decode())
Reference
Check the server
If you cannot connect to the server with tinytls, use a command like the following to check if the server can be connected
openssl s_client -tls1_3 -ciphersuites 'TLS_CHACHA20_POLY1305_SHA256' \ -state -debug -connect enabled.tls13.com:443
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.