TlsServerManager

class mtf.network_port.tls.managers.server_manager.TlsServerManager

The TlsServerManager class extends BaseTlsManager, providing the server-side logic necessary for responding to client-initiated TLS handshakes. It manages the reception and processing of TLS messages, coordinates server-side state transitions, and maintains server-specific session information.

__init__(**kwargs)

set_extension_property(property_name: str, value: Any) → None

Sets a property for the TLS server.

get_config(message_type: TlsMessage)

Provides the server-specific configuration.

renegotiation() → None

Messages that are going to be sent are meant to be treated as a Renegotiation

start_server()

Starts the TLS-Attacker server.

get_session_list() → Any

Retrieves the list of active TLS sessions from the server.

Returns:

Any: The list of active TLS sessions.

get_messages() → Any

Retrieves all messages exchanged with the TLS client, including both received and sent messages.

Returns:

A list of handshake messages

activate_encryption() → None

Activates the encryption in the handshake

deactivate_encryption() → None

Deactivates the encryption in the handshake

reset_connection()

Resets the connection of the TLS-Attacker server.

add_extension(extension_type: TlsExtensionType, value: Any | None = None, status: bool | None = True) → None

Adds a specific TLS extension for the client or server and optionally configures by setting its value and its status.

Args:

extension_type (TlsExtensionType): The type of the TLS extension to add. value (Optional[Any]): The value to set for the extension. Defaults to None. status (Optional[bool]): Enable or disable the extension. Defaults to True.

Note:

Note

If the extension is not supported or an error occurs, it logs an appropriate error message.

add_wait_action(delay_ms: int) → None

Adds a wait action to pause execution for a defined period of time. Args:

delay_ms (int): The delay (in ms) to wait.

check_message_class(message) → Any

Maps a specific TLS message type to its corresponding class and initializes it with the provided message data.

Args:

message: The raw message object containing the data to be mapped and processed.

Returns:

TlsMessage: The initialized message class.

get_message_class(msg_type) → Any

Identifies and retrieves the class of a specific message type from the list of exchanged messages.

Args:

msg_type: The type of the message to be matched.

Returns:

list: The matching message classes.

get_supported_cipher_suites() → list[str]

Gets the supported cipher suites.

Returns:

list[str]: All supported cipher suite names.

is_cipher_suite_supported(cipher: str | int | bytes) → bool

Checks whether the given cipher suite is supported.

Args:

cipher (Union[str, int, bytes]): The cipher to check.

Returns:

bool: True on success, False otherwise.

Note:

Note

cipher accepts the following:

• a Java enum name (“TLS_RSA_WITH_AES_128_GCM_SHA256”)

• an integer code (0x1301)

• a 2‐byte big‐endian bytes object (b’
  ’)

prepare_ciphers_for_argument(ciphers: str | List[str]) → str

Prepares a string representation of the cipher(s) to be passed as an argument to the TLS-Attacker client.

Args:

ciphers (Union[str, List[str]]): One or a list of ciphers.

Returns:

str: A comma-separated string of cipher names in IANA format.

receive_action(message_types: list[TlsMessage]) → None

Dynamically receives a series of TLS/DTLS messages from/to the server/client during a handshake.

Args:

message_types (list[TlsMessage]): A list of TlsMessage enum members

representing the message types to receive.

send_action(message_types: list[TlsMessage], message_properties: dict = None, with_extensions=True) → None

Dynamically sends a series of TLS messages from/to the server/client during a handshake, with optional properties for each message type.

Args:

message_types (list[TlsMessage]): A list of TlsMessage Enum representing message types to send. message_properties (dict, optional): A dictionary where keys are TlsMessage types

and values are dictionaries of properties to set. Defaults to None.

with_extensions (bool, optional): Whether or not to include extensions. Defaults to True.

Note:

Note

The keys of the property dictionaries are TlsMessage types and the values are dictionaries themselves with property names as keys and their respective values as values.

set_default_psk_sets_in_java(psk_sets_data: list) → JClass

Creates a Java ArrayList from the given PSK data.

Args:

psk_sets_data (list): A list of tuples, where each tuple contains

(pre_shared_key_identity,pre_shared_key, ticket_age). Each value should be a string. If ticket_age is not provided, it will default to 1.

Returns:

jpype.JClass: A Java ArrayList containing the configured PskSet objects.

Raises:

ValueError: If the psk_sets_data list is empty or any of the

required PSK set data elements are missing or invalid.

shutdown() → None

Shuts down the JVM if it is currently running.

xor_finish(xor_position: PositionXorValue, xor_string: str)

Converts a hex string to a signed byte array, applies an XOR position, and stores both as extension properties.

Args:

xor_position (PositionXorValue): The XOR position value. xor_string (str): Hexadecimal string where each byte is two hex characters.