TLS1.3 protocol wrapper
Project description
tinytls is a pure python TLS1.3 protocol wrapper.
As a result of learning TLS1.3, I wrote this as a sample implementation of TLS1.3 client.
Builtin ssl module (CPython3.7+, OpenSSL1.1.1+) can use as TLS1.3 client, so there is no advantage to use it especially in Python 3.
Restriction
Available TLS1.3 only, not TLS1.2 or under.
Support TLS_CHACHA20_POLY1305_SHA256 cipher suite only.
Support X25519 key exchange only.
It does not verify TLS certificate.
Not support 0-RTT
Client certificate authentication is not available.
Supported Python
Python3.7+
MicroPython
Example
CPython
import socket
import tinytls
hostname = "enabled.tls13.com"
sock = socket.create_connection((hostname, 443))
with tinytls.wrap_socket(sock) as ssock:
ssock.send("GET / HTTP/1.1\r\nHost:{}\r\n\r\n".format(hostname).encode())
print(ssock.recv(4096).decode())
MicroPython
import usocket
import tinytls
hostname = "enabled.tls13.com"
sock = usocket.socket()
sock.connect(usocket.getaddrinfo(hostname, 443)[0][-1])
with tinytls.wrap_socket(sock) as ssock:
ssock.send("GET / HTTP/1.1\r\nHost:{}\r\n\r\n".format(hostname).encode())
print(ssock.recv(4096).decode())
Reference
Check the server
If you cannot connect to the server with tinytls, use a command like the following to check if the server can be connected
openssl s_client -tls1_3 -ciphersuites 'TLS_CHACHA20_POLY1305_SHA256' \
-state -debug -connect enabled.tls13.com:443
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
