Server Manager Module

mtf.network_port.tls.managers.server_manager.prepare_server_config(**kwargs) → str: Generates a server XML configuration using Jinja2 templates.

class mtf.network_port.tls.managers.server_manager.TlsServerManager

The TlsServerManager class extends BaseTlsManager, providing the server-side logic necessary for responding to client-initiated TLS handshakes. It manages the reception and processing of TLS messages, coordinates server-side state transitions, and maintains server-specific session information.

__init__(**kwargs)

set_extension_property(property_name: str, value: Any) → None: Sets a property for the TLS server.

get_config(message_type: TlsMessage): Provides the server-specific configuration.

renegotiation() → None: Messages that are going to be sent are meant to be treated as a Renegotiation

start_server(): Starts the TLS-Attacker server.

get_session_list() → Any

Retrieves the list of active TLS sessions from the server.

Returns:: Any: The list of active TLS sessions.

get_messages() → Any

Retrieves all messages exchanged with the TLS client, including both received and sent messages.

Returns:: A list of handshake messages

activate_encryption() → None: Activates the encryption in the handshake

deactivate_encryption() → None: Deactivates the encryption in the handshake

reset_connection(): Resets the connection of the TLS-Attacker server.

add_extension(extension_type: TlsExtensionType, value: Any | None = None, status: bool | None = True) → None

Adds or configures a TLS extension for the client or server.

This method enables a specified TLS extension and optionally assigns a value to its associated property. If the extension is not supported or an error occurs, it logs an appropriate error message.

Args:

extension_type (TlsExtensionType): The type of the TLS extension to be added.

value (Optional[Any]): The value to set for the extension, if applicable. Defaults to None.

status (Optional[bool]): The status indicating whether the extension should be enabled or disabled. Defaults to True.

Returns:

None

add_wait_action(delay_ms: int) → None

Adds a wait action to pause for the specified duration.

Args:: delay_ms (int): The delay in milliseconds to wait.

check_message_class(message) → Any

Maps a specific TLS message type to its corresponding class and initializes it with the provided message data.

Args:: message: The raw message object containing the data to be mapped and processed.
Returns:: An instance of the corresponding message class initialized with the relevant attributes.

get_message_class(msg_type) → Any

Identifies and retrieves the class of a specific message type from the list of exchanged messages.

Args:: msg_type: The type of the message to be matched.
Returns:: The message class that matches the specified message type.

prepare_ciphers_for_argument(ciphers: str | List[str]) → str

Prepares a string representation of the cipher(s) to be passed as an argument to the TLS-Attacker client.

Args:: ciphers (Union[str, List[str]]): A single cipher (as a string) or a list of ciphers.
Returns:: str: A comma-separated string of cipher names in IANA format.

receive_action(message_types: list[TlsMessage]) → None

Dynamically receives a series of TLS/DTLS messages from/to the server/client during a handshake.

Args:

message_types (list[TlsMessage]): A list of TlsMessage enum members: representing the message types to receive.

send_action(message_types: list[TlsMessage], message_properties: dict | None = None, with_extensions=True) → None

Dynamically sends a series of TLS messages from/to the server/client during a handshake, with optional properties for each message type.

Args:

message_types (list[TlsMessage]): A list of TlsMessage enum members representing the

message types to send.

message_properties (dict, optional): A dictionary where keys are TlsMessage types and values are

dictionaries of properties to set (e.g., {‘verify_data’: b’…’}).

with_extensions (bool, optional): A flag indicating whether to include extensions

in the TLS messages. Defaults to True.

set_default_psk_sets_in_java(psk_sets_data: list) → JClass

Creates a Java ArrayList containing multiple PskSet objects configured with the given PSK data. If ticket_age is not provided, it defaults to 1.

Args:: psk_sets_data (list): A list of tuples, where each tuple contains (pre_shared_key_identity,

pre_shared_key, ticket_age). Each value should be a string. If ticket_age is not provided, it will default to 1.
Returns:: jpype.JClass: A Java ArrayList containing the configured PskSet objects.
Raises:: ValueError: If the psk_sets_data list is empty or any of the required PSK set data elements are missing or invalid.

shutdown() → None: Shuts down the JVM if it is currently running.

xor_finish(xor_position: PositionXorValue, xor_string: str)

Converts a hex string to a signed byte array, applies an XOR position, and stores both as extension properties.

Args:

xor_position (PositionXorValue): The XOR position value.

xor_string (str): Hexadecimal string where each byte is two hex characters.