Merge pull request #638 from tomato42/hello-world

How to write a hello world project

.codeclimate.yml

@@ -49,3 +49,4 @@ plugins:
 exclude_patterns:
  - "tests/*"
  - "scripts/*"
+ - "docs/source/hello-world.py"

.github/styles/vocab.txt

@@ -4,6 +4,7 @@ ecdsa
 fuzzer
 fuzzers
 GnuTLS
+hostname
 http
 kario
 khaitovich

docs/source/glossary.rst

@@ -12,7 +12,11 @@ Glossary
 
    RFC
      Request For Comments are standards published by Internet Engineering Task
-     Force (IETF), an open standards organisation.
+     Force, an open standards organisation.
+
+   IETF
+     Internet Engineering Task Force is an organisation responsible for
+     providing specifications of protocols used over the Internet.
 
    SSL
      Secure Sockets Layer is an old cryptographic network protocol. It has
@@ -37,6 +41,9 @@ Glossary
      Implementation of Diffie-Hellman key exchange algorithm over elliptic
      curves.
 
+   AES
+     Advanced Encryption Standard is a symmetric block cipher.
+
    AES-GCM
      Advanced Encryption Standard in Galois Counter Mode is an :term:`AEAD`
      cipher, it encrypts and authenticates data with one operation.
@@ -50,4 +57,8 @@ Glossary
 
    PKIX
      Public Key Infrastructure for the Internet, described use of X.509
-     certificates in Internet protocols
+     certificates in Internet protocols.
+
+   TCP
+     Transport Control Protocol is a stream protocol that provides reliable
+     delivery over the Internet Protocol.

docs/source/hello-world.py

@@ -0,0 +1,104 @@
+from tlsfuzzer.messages import Connect
+root_node = Connect("localhost", 4433)
+node = root_node
+
+from tlslite.constants import CipherSuite
+ciphers = [
+    CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+    CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+    CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+    CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+]
+
+extensions = {}
+
+from tlslite.constants import GroupName
+groups = [
+    GroupName.secp256r1,
+    GroupName.x25519
+]
+
+from tlslite.extensions import SupportedGroupsExtension
+from tlslite.constants import ExtensionType
+groups_ext = SupportedGroupsExtension().create(groups)
+extensions[ExtensionType.supported_groups] = groups_ext
+
+from tlslite.constants import (
+    SignatureScheme,
+    HashAlgorithm,
+    SignatureAlgorithm
+)
+sig_algs = [
+    SignatureScheme.ecdsa_secp521r1_sha512,
+    SignatureScheme.ecdsa_secp384r1_sha384,
+    SignatureScheme.ecdsa_secp256r1_sha256,
+    SignatureScheme.rsa_pss_pss_sha512,
+    SignatureScheme.rsa_pss_pss_sha384,
+    SignatureScheme.rsa_pss_pss_sha256,
+    SignatureScheme.rsa_pss_rsae_sha512,
+    SignatureScheme.rsa_pss_rsae_sha384,
+    SignatureScheme.rsa_pss_rsae_sha256,
+    SignatureScheme.rsa_pkcs1_sha512,
+    SignatureScheme.rsa_pkcs1_sha384,
+    SignatureScheme.rsa_pkcs1_sha256,
+    (HashAlgorithm.sha1, SignatureAlgorithm.ecdsa),
+    SignatureScheme.rsa_pkcs1_sha1
+]
+
+from tlslite.extensions import SignatureAlgorithmsExtension
+sig_algs_ext = SignatureAlgorithmsExtension().create(sig_algs)
+extensions[ExtensionType.signature_algorithms] = sig_algs_ext
+
+from tlslite.extensions import RenegotiationInfoExtension
+renego_ext = RenegotiationInfoExtension().create(b'')
+extensions[ExtensionType.renegotiation_info] = renego_ext
+
+from tlsfuzzer.messages import ClientHelloGenerator
+node = node.add_child(ClientHelloGenerator(ciphers, extensions=extensions))
+
+from tlsfuzzer.expect import (
+    ExpectServerHello, ExpectCertificate, ExpectServerKeyExchange,
+    ExpectServerHelloDone
+)
+node = node.add_child(ExpectServerHello())
+node = node.add_child(ExpectCertificate())
+node = node.add_child(ExpectServerKeyExchange())
+node = node.add_child(ExpectServerHelloDone())
+
+from tlsfuzzer.messages import (
+    ClientKeyExchangeGenerator,
+    ChangeCipherSpecGenerator,
+    FinishedGenerator
+)
+node = node.add_child(ClientKeyExchangeGenerator())
+node = node.add_child(ChangeCipherSpecGenerator())
+node = node.add_child(FinishedGenerator())
+
+from tlsfuzzer.expect import (
+    ExpectChangeCipherSpec,
+    ExpectFinished
+)
+node = node.add_child(ExpectChangeCipherSpec())
+node = node.add_child(ExpectFinished())
+
+from tlsfuzzer.messages import ApplicationDataGenerator
+from tlsfuzzer.expect import ExpectApplicationData
+request = b"GET / HTTP/1.0\r\n\r\n"
+node = node.add_child(ApplicationDataGenerator(request))
+node = node.add_child(ExpectApplicationData())
+
+from tlsfuzzer.messages import AlertGenerator
+from tlslite.constants import AlertLevel, AlertDescription
+node = node.add_child(AlertGenerator(AlertLevel.warning,
+                                     AlertDescription.close_notify))
+
+from tlsfuzzer.expect import ExpectAlert, ExpectClose
+
+node = node.add_child(ExpectAlert())
+node.next_sibling = ExpectClose()
+node.add_child(ExpectClose())
+
+from tlsfuzzer.runner import Runner
+runner = Runner(root_node)
+
+runner.run()

docs/source/index.rst

@@ -37,6 +37,7 @@ to see wanted, but not yet implemented features.
    quickstart
    installation
    theory
+   writing-tests
    glossary
    modules