Package tlslite :: Module session
[hide private]
[frames] | no frames]

Source Code for Module tlslite.session

  1  # Author: Trevor Perrin 
  2  # See the LICENSE file for legal information regarding use of this file. 
  3   
  4  """Class representing a TLS session.""" 
  5   
  6  from .utils.compat import * 
  7  from .mathtls import * 
  8  from .constants import * 
  9   
10 -class Session:
11 """ 12 This class represents a TLS session. 13 14 TLS distinguishes between connections and sessions. A new 15 handshake creates both a connection and a session. Data is 16 transmitted over the connection. 17 18 The session contains a more permanent record of the handshake. The 19 session can be inspected to determine handshake results. The 20 session can also be used to create a new connection through 21 "session resumption". If the client and server both support this, 22 they can create a new connection based on an old session without 23 the overhead of a full handshake. 24 25 The session for a L{tlslite.TLSConnection.TLSConnection} can be 26 retrieved from the connection's 'session' attribute. 27 28 @type srpUsername: str 29 @ivar srpUsername: The client's SRP username (or None). 30 31 @type clientCertChain: L{tlslite.x509certchain.X509CertChain} 32 @ivar clientCertChain: The client's certificate chain (or None). 33 34 @type serverCertChain: L{tlslite.x509certchain.X509CertChain} 35 @ivar serverCertChain: The server's certificate chain (or None). 36 37 @type tackExt: L{tack.structures.TackExtension.TackExtension} 38 @ivar tackExt: The server's TackExtension (or None). 39 40 @type tackInHelloExt: L{bool} 41 @ivar tackInHelloExt: True if a TACK was presented via TLS Extension. 42 """ 43
44 - def __init__(self):
45 self.masterSecret = createByteArraySequence([]) 46 self.sessionID = createByteArraySequence([]) 47 self.cipherSuite = 0 48 self.srpUsername = None 49 self.clientCertChain = None 50 self.serverCertChain = None 51 self.tackExt = None 52 self.tackInHelloExt = False 53 self.serverName = "" 54 self.resumable = False
55
56 - def create(self, masterSecret, sessionID, cipherSuite, 57 srpUsername, clientCertChain, serverCertChain, 58 tackExt, tackInHelloExt, serverName, resumable=True):
59 self.masterSecret = masterSecret 60 self.sessionID = sessionID 61 self.cipherSuite = cipherSuite 62 self.srpUsername = srpUsername 63 self.clientCertChain = clientCertChain 64 self.serverCertChain = serverCertChain 65 self.tackExt = tackExt 66 self.tackInHelloExt = tackInHelloExt 67 self.serverName = serverName 68 self.resumable = resumable
69
70 - def _clone(self):
71 other = Session() 72 other.masterSecret = self.masterSecret 73 other.sessionID = self.sessionID 74 other.cipherSuite = self.cipherSuite 75 other.srpUsername = self.srpUsername 76 other.clientCertChain = self.clientCertChain 77 other.serverCertChain = self.serverCertChain 78 other.tackExt = self.tackExt 79 other.tackInHelloExt = self.tackInHelloExt 80 other.serverName = self.serverName 81 other.resumable = self.resumable 82 return other
83
84 - def valid(self):
85 """If this session can be used for session resumption. 86 87 @rtype: bool 88 @return: If this session can be used for session resumption. 89 """ 90 return self.resumable and self.sessionID
91
92 - def _setResumable(self, boolean):
93 #Only let it be set to True if the sessionID is non-null 94 if (not boolean) or (boolean and self.sessionID): 95 self.resumable = boolean
96
97 - def getTackId(self):
98 if self.tackExt and self.tackExt.tack: 99 return self.tackExt.tack.getTackId() 100 else: 101 return None
102
103 - def getBreakSigs(self):
104 if self.tackExt and self.tackExt.break_sigs: 105 return self.tackExt.break_sigs 106 else: 107 return None
108
109 - def getCipherName(self):
110 """Get the name of the cipher used with this connection. 111 112 @rtype: str 113 @return: The name of the cipher used with this connection. 114 Either 'aes128', 'aes256', 'rc4', or '3des'. 115 """ 116 if self.cipherSuite in CipherSuite.aes128Suites: 117 return "aes128" 118 elif self.cipherSuite in CipherSuite.aes256Suites: 119 return "aes256" 120 elif self.cipherSuite in CipherSuite.rc4Suites: 121 return "rc4" 122 elif self.cipherSuite in CipherSuite.tripleDESSuites: 123 return "3des" 124 else: 125 return None
126