TlsServerManager

class mtf.network_port.tls.tls_helpers.TlsServerManager

The TlsServerManager class extends BaseTlsManager, providing the server-side logic necessary for responding to client-initiated TLS handshakes. It manages the reception and processing of TLS messages, coordinates server-side state transitions, and maintains server-specific session information.

__init__(**kwargs)

set_extension_property(property_name: str, value: Any) → None

Sets a property for the TLS server.

get_config(message_type: TlsMessage)

Provides the server-specific configuration.

start_server()

Starts the TLS-Attacker server.

get_session_list() → Any

Retrieves the list of active TLS sessions from the server.

Returns:

Any: The list of active TLS sessions.

get_messages() → Any

Retrieves all messages exchanged with the TLS client, including both received and sent messages.

Returns:

A combined list of messages, where the first part contains the received messages and the second part contains the sent messages.

activate_encryption() → None

Activates the encryption in the handshake

deactivate_encryption() → None

Deactivates the encryption in the handshake

add_extension(extension_type: TlsExtensionType, value: Any | None = None, status: bool | None = True) → None

Adds or configures a TLS extension for the client or server.

This method enables a specified TLS extension and optionally assigns a value to its associated property. If the extension is not supported or an error occurs, it logs an appropriate error message.

Args:

extension_type (TlsExtensionType): The type of the TLS extension to be added.

value (Optional[Any]): The value to set for the extension, if applicable. Defaults to None.

status (Optional[bool]): The status indicating whether the extension should be enabled or disabled. Defaults to True.

Returns:

None

add_wait_action(delay_ms: int) → None

Adds a wait action to pause for the specified duration.

Args:

delay_ms (int): The delay in milliseconds to wait.

check_message_class(message) → Any

Maps a specific TLS message type to its corresponding class and initializes it with the provided message data.

Args:

message: The raw message object containing the data to be mapped and processed.

Returns:

An instance of the corresponding message class initialized with the relevant attributes.

get_message_class(msg_type) → Any

Identifies and retrieves the class of a specific message type from the list of exchanged messages.

Args:

msg_type: The type of the message to be matched.

Returns:

The message class that matches the specified message type.

prepare_ciphers_for_argument(ciphers: str | List[str]) → str

Prepares a string representation of the cipher(s) to be passed as an argument to the TLS-Attacker client.

Args:

ciphers (Union[str, List[str]]): A single cipher (as a string) or a list of ciphers.

Returns:

str: A comma-separated string of cipher names in IANA format.

receive_action(message_types: list[TlsMessage]) → None

Dynamically receives a series of TLS/DTLS messages from/to the server/client during a handshake.

Args:

message_types (list[TlsMessage]): A list of TlsMessage enum members

representing the message types to receive.

send_action(message_types: list[TlsMessage], message_properties: dict | None = None, with_extensions=True) → None

Dynamically sends a series of TLS messages from/to the server/client during a handshake, with optional properties for each message type.

Args:

message_types (list[TlsMessage]): A list of TlsMessage enum members representing the

message types to send.

message_properties (dict, optional): A dictionary where keys are TlsMessage types and values are

dictionaries of properties to set (e.g., {‘verify_data’: b’…’}).

with_extensions (bool, optional): A flag indicating whether to include extensions

in the TLS messages. Defaults to True.

set_default_psk_sets_in_java(psk_sets_data: list) → JClass

Creates a Java ArrayList containing multiple PskSet objects configured with the given PSK data. If ticket_age is not provided, it defaults to 1.

Args:

psk_sets_data (list): A list of tuples, where each tuple contains (pre_shared_key_identity,

pre_shared_key, ticket_age). Each value should be a string. If ticket_age is not provided, it will default to 1.

Returns:

jpype.JClass: A Java ArrayList containing the configured PskSet objects.

Raises:

ValueError: If the psk_sets_data list is empty or any of the required PSK set data elements are missing or invalid.

set_server_name_in_java(server_name_str: str, server_name_type: int = 0)

Creates a Java ArrayList containing a ServerNamePair object configured with the given server name and server name type.

Args:

server_name_str (str): The server name to set in the ServerNamePair. server_name_type (int): The server name type, provided as a byte value (default is 0).

Returns:

jpype.JClass: A Java ArrayList containing the configured ServerNamePair.

Raises:

ValueError: If the server name string is empty or the server name type is not within byte range.

shutdown() → None

Shuts down the JVM if it is currently running.