tlslite.session module¶
Class representing a TLS session.
-
class
tlslite.session.
Session
¶ Bases:
object
This class represents a TLS session.
TLS distinguishes between connections and sessions. A new handshake creates both a connection and a session. Data is transmitted over the connection.
The session contains a more permanent record of the handshake. The session can be inspected to determine handshake results. The session can also be used to create a new connection through “session resumption”. If the client and server both support this, they can create a new connection based on an old session without the overhead of a full handshake.
The session for a
TLSConnection
can be retrieved from the connection’s ‘session’ attribute.- Variables
srpUsername (str) – The client’s SRP username (or None).
clientCertChain (X509CertChain) – The client’s certificate chain (or None).
serverCertChain (X509CertChain) – The server’s certificate chain (or None).
tackExt (tack.structures.TackExtension.TackExtension) – The server’s TackExtension (or None).
tackInHelloExt (bool) – True if a TACK was presented via TLS Extension.
encryptThenMAC (bool) – True if connection uses CBC cipher in encrypt-then-MAC mode
appProto (bytearray) – name of the negotiated application level protocol, None if not negotiated
cl_app_secret (bytearray) – key used for deriving keys used by client to encrypt and protect data in TLS 1.3
sr_app_secret (bytearray) – key used for deriving keys used by server to encrypt and protect data in TLS 1.3
exporterMasterSecret (bytearray) – master secret used for TLS Exporter in TLS1.3
resumptionMasterSecret (bytearray) – master secret used for session resumption in TLS 1.3
tickets (list) – list of tickets received from the server
-
__init__
()¶ Initialize self. See help(type(self)) for accurate signature.
-
create
(masterSecret, sessionID, cipherSuite, srpUsername, clientCertChain, serverCertChain, tackExt, tackInHelloExt, serverName, resumable=True, encryptThenMAC=False, extendedMasterSecret=False, appProto=bytearray(b''), cl_app_secret=bytearray(b''), sr_app_secret=bytearray(b''), exporterMasterSecret=bytearray(b''), resumptionMasterSecret=bytearray(b''), tickets=None)¶
-
getBreakSigs
()¶
-
getCipherName
()¶ Get the name of the cipher used with this connection.
- Return type
- Returns
The name of the cipher used with this connection.
-
getMacName
()¶ Get the name of the HMAC hash algo used with this connection.
- Return type
- Returns
The name of the HMAC hash algo used with this connection.
-
getTackId
()¶
-
tlslite.session.
bytes_to_int
(bytes, byteorder, *, signed=False)¶ Return the integer represented by the given array of bytes.
- bytes
Holds the array of bytes to convert. The argument must either support the buffer protocol or be an iterable object producing bytes. Bytes and bytearray are examples of built-in objects that support the buffer protocol.
- byteorder
The byte order used to represent the integer. If byteorder is ‘big’, the most significant byte is at the beginning of the byte array. If byteorder is ‘little’, the most significant byte is at the end of the byte array. To request the native byte order of the host system, use `sys.byteorder’ as the byte order value.
- signed
Indicates whether two’s complement is used to represent the integer.