TLSServer

class mtf.network_port.tls.tls_server.TLSServer

TLSServer is responsible for setting up and managing a TLS/DTLS server instance.

This class allows for the creation, configuration, and management of secure server connections using either TLS (TCP) or DTLS (UDP) protocols. It also supports handling client connections and processing received messages with optional callback functions.

__init__(config: TLSConfigurator, callback=None)

classmethod create(config: TLSConfigurator, callback=None)

Creates a TLSServer instance with the provided configuration and optional callback.

Args:: config (TLSConfigurator): Configuration for the server. callback (function, optional): Callback function for handling received messages.
Returns:: TLSServer: Instance of the created TLSServer.

psk_server_callback(ssl_conn, identity)

log_key_material_dict()

Log the contents of the key material dictionary.

This function prints each label and the associated key material stored in the key_material_dict. It helps in debugging and verifying the key material collected during the TLS sessions.

Returns:: None

start_server(): Starts the server and listens for client connections.

is_running()

Checks if the server is currently running.

Returns:: bool: True if the server is running, False otherwise.

generate_server_hello(with_extensions=True): This method allows you to configure and generate a ServerHello message, which is sent by the server in response to the ClientHello message.

expect_client_hello()

Set up the expectation for a ClientHello message from the server.

This method configures the expectation of receiving a ClientHello message.

generate_server_hello_done()

Generates a TLS ServerHelloDone message.

This method generates a ServerHelloDone message, which is sent by the server to indicate the end of the server’s hello message.

generate_server_key_exchange(identity: bytes | None = None)

Generates a TLS/DTLS ServerKeyExchange message with the specified parameter.

This method allows you to configure and generate a ServerKeyExchange message, which is sent by the server to exchange keying material or parameters with the client.

Args:: identity (Optional[bytes], optional): The identity or keying material for the ServerKeyExchange message. Defaults to None.

expect_client_key_exchange(): Set up the expectation for a ClientKeyExchange message from the server.

generate_alert(level: AlertLevel, description: AlertDescription)

Generates a TLS/DTLS alert with the specified level and description.

Parameters:: level (AlertLevel): The severity level of the alert, such as ‘warning’ or ‘fatal’. description (AlertDescription): The specific description of the alert, such as ‘close_notify’ or ‘unexpected_message’.

expect_alert(): Set up the expectation for a specific TLS/DTLS alert.

expect_change_cipher_spec(): Set up the expectation for a ChangeCipherSpec message.

generate_change_cipher_spec(): Set up the expectation for a ChangeCipherSpec message.

expect_finished(): Set up the expectation for a Finished message.

generate_finished(verify_data: bytes | None = None) → None

Generates a TLS/DTLS Finished message with options to corrupt the verify_data.

This method configures the current node to generate a Finished message during the TLS handshake and allows optional corruption of the verify_data.

Args:: verify_data (bytes, optional): Data to set in the Finished message’s verifyData field.

generate_hello_verify_request(protocol_version=None, cookie=None)

Configures the DTLS manager to generate a HelloVerifyRequest message.

This method sets up the DTLS manager to generate a HelloVerifyRequest message during the DTLS handshake process. This method is only relevant for DTLS connections and does not modify the behavior for non-DTLS protocols.

Args:: protocol_version (Optional): The protocol version to set for the HelloVerifyRequest message. cookie (Optional[bytes]): The cookie to set in the HelloVerifyRequest message.
Returns:: None: The DTLS manager is configured to generate the HelloVerifyRequest message.

expect_message_sequence(messages: List[TlsMessage]) → None

Receives a sequence of TLS/DTLS messages specifically for DTLS.

This method is used in TLS/DTLS to expect a sequence of TlsMessage objects.

Args:: messages (List[TlsMessage]): A list of TlsMessage objects to be expected sequentially.
Returns:: None

generate_application_data()

Generates a TLS/DTLS an Application Data message.

This method generate an Application Data message during the TLS/DTLS connection.

expect_application_data(): Set up the expectation for an Application Data message.

log_handshake_progress(conn)

Log the current state of the SSL handshake.

Parameters:: conn – The SSL connection object.

handle_message(data)

Handles received messages.

Args:: data (bytes): The received message data.

handle_client_hello(data)

Processes a “Client Hello” message.

Args:: data (bytes): The “Client Hello” message data.

check_message(data)

Validates if the received message matches the expected message.

Args:: data (bytes): The received message data.

set_expected_message(message)

Sets the expected message for validation.

Args:: message (bytes): The expected message data.

send_message(message)

Send a hello message to the client.

Parameters:: message – The message to send.

stop_server(): Stops the server and closes the socket.