__init__(self,
cryptoID=None,
protocol=None,
x509Fingerprint=None,
x509TrustList=None,
x509CommonName=None,
checkResumedSession=False)
(Constructor)
Create a new Checker instance.
You must pass in one of these argument combinations:
-
cryptoID[, protocol] (requires cryptoIDlib)
-
x509Fingerprint
-
x509TrustList[, x509CommonName] (requires cryptlib_py)
-
- Parameters:
cryptoID -
A cryptoID which the other party's certificate chain must
match. The cryptoIDlib module must be installed. Mutually
exclusive with all of the 'x509...' arguments.
(type=str)
protocol -
A cryptoID protocol URI which the other party's certificate
chain must match. Requires the 'cryptoID' argument.
(type=str)
x509Fingerprint -
A hex-encoded X.509 end-entity fingerprint which the other
party's end-entity certificate must match. Mutually exclusive
with the 'cryptoID' and 'x509TrustList' arguments.
(type=str)
x509TrustList -
A list of trusted root certificates. The other party must
present a certificate chain which extends to one of these root
certificates. The cryptlib_py module must be installed. Mutually
exclusive with the 'cryptoID' and 'x509Fingerprint'
arguments.
(type=list of tlslite.X509.X509 )
x509CommonName -
The end-entity certificate's 'CN' field must match this value.
For a web server, this is typically a server name such as
'www.amazon.com'. Mutually exclusive with the 'cryptoID' and
'x509Fingerprint' arguments. Requires the 'x509TrustList'
argument.
(type=str)
checkResumedSession -
If resumed sessions should be checked. This defaults to False,
on the theory that if the session was checked once, we don't need
to bother re-checking it.
(type=bool)
|