Package tlslite :: Module recordlayer :: Class RecordLayer
[hide private]
[frames] | no frames]

type RecordLayer

source code

Known Subclasses:

Implementation of TLS record layer protocol

Instance Methods [hide private]
 
__init__(self, sock) source code
 
_calcKeyBlock(self, cipherSuite, masterSecret, clientRandom, serverRandom, outputLength)
Calculate the overall key to slice up
source code
 
_decryptAndUnseal(self, recordType, buf)
Decrypt AEAD encrypted data
source code
 
_decryptSSL2(self, data, padding)
Decrypt SSL2 encrypted data
source code
 
_decryptStreamThenMAC(self, recordType, data)
Decrypt a stream cipher and check MAC
source code
 
_decryptThenMAC(self, recordType, data)
Decrypt data, check padding and MAC
source code
 
_encryptThenMAC(self, buf, contentType)
Pad, encrypt and then MAC the data
source code
 
_encryptThenSeal(self, buf, contentType)
Encrypt with AEAD cipher
source code
 
_macThenDecrypt(self, recordType, buf)
Check MAC of data, then decrypt and remove padding
source code
 
_macThenEncrypt(self, data, contentType)
MAC, pad then encrypt data
source code
 
_ssl2Encrypt(self, data)
Encrypt in SSL2 mode
source code
 
addPadding(self, data)
Add padding to data so that it is multiple of block size
source code
 
calcPendingStates(self, cipherSuite, masterSecret, clientRandom, serverRandom, implementations)
Create pending states for encryption and decryption.
source code
 
calcSSL2PendingStates(self, cipherSuite, masterSecret, clientRandom, serverRandom, implementations)
Create the keys for encryption and decryption in SSLv2
source code
 
calculateMAC(self, mac, seqnumBytes, contentType, data)
Calculate the SSL/TLS version of a MAC
source code
 
changeReadState(self)
Change the cipher state to the pending one for read operations.
source code
 
changeWriteState(self)
Change the cipher state to the pending one for write operations.
source code
str
getCipherImplementation(self)
Return the name of the implementation used for the connection
source code
str
getCipherName(self)
Return the name of the bulk cipher used by this connection
source code
 
isCBCMode(self)
Returns true if cipher uses CBC mode
source code
tuple
recvRecord(self)
Read, decrypt and check integrity of a single record
source code
 
sendRecord(self, msg)
Encrypt, MAC and send arbitrary message as-is through socket.
source code
 
shutdown(self)
Clear read and write states
source code
Static Methods [hide private]
 
_getCipherSettings(cipherSuite)
Get the settings for cipher suite used
source code
 
_getHMACMethod(version)
Get the HMAC method
source code
 
_getMacSettings(cipherSuite)
Get settings for HMAC used
source code
 
_getNonce(state, seqnum)
Calculate a nonce for a given enc/dec context
source code
Instance Variables [hide private]
  client
whether the connection should use encryption
  encryptThenMAC
use the encrypt-then-MAC mechanism for record integrity
  handshake_finished
used in SSL2, True if handshake protocol is over
  sock
underlying socket
  version
the TLS version to use (tuple encoded as on the wire)
Properties [hide private]
  blockSize
Return the size of block used by current symmetric cipher (R/O)
Method Details [hide private]

__init__(self, sock)
(Constructor)

source code 
Overrides: object.__init__
(inherited documentation)

_macThenDecrypt(self, recordType, buf)

source code 

Check MAC of data, then decrypt and remove padding

Raises:

calcSSL2PendingStates(self, cipherSuite, masterSecret, clientRandom, serverRandom, implementations)

source code 

Create the keys for encryption and decryption in SSLv2

While we could reuse calcPendingStates(), we need to provide the key-arg data for the server that needs to be passed up to handshake protocol.

changeReadState(self)

source code 

Change the cipher state to the pending one for read operations.

This should be done only once after a call to calcPendingStates was performed and directly after receiving a ChangeCipherSpec message.

changeWriteState(self)

source code 

Change the cipher state to the pending one for write operations.

This should be done only once after a call to calcPendingStates was performed and directly after sending a ChangeCipherSpec message.

getCipherImplementation(self)

source code 

Return the name of the implementation used for the connection

'python' for tlslite internal implementation, 'openssl' for M2crypto and 'pycrypto' for pycrypto

Returns: str
Name of cipher implementation used, None if not initialised

getCipherName(self)

source code 

Return the name of the bulk cipher used by this connection

Returns: str
The name of the cipher, like 'aes128', 'rc4', etc.

recvRecord(self)

source code 

Read, decrypt and check integrity of a single record

Returns: tuple
message header and decrypted message payload
Raises:

sendRecord(self, msg)

source code 

Encrypt, MAC and send arbitrary message as-is through socket.

Note that if the message was not fragmented to below 2**14 bytes it will be rejected by the other connection side.

Parameters:
  • msg (ApplicationData, HandshakeMessage, etc.) - TLS message to send

Instance Variable Details [hide private]

version

the TLS version to use (tuple encoded as on the wire)

Property Details [hide private]

blockSize

Return the size of block used by current symmetric cipher (R/O)