Tls Client Module
- class mtf.network_port.tls.tls_client.TLSClient
A class representing a TLS/DTLS client for secure communication.
This class provides methods to create, start, and manage a TLS/DTLS client connection using the specified configuration. It supports both DTLS (UDP) and TLS (TCP) protocols.
- __init__(config: TLSConfigurator)
- classmethod create(config: TLSConfigurator)
Creates a new instance of the TLSClient class with the provided configuration.
- Args:
config (TLSConfigurator): The configuration for the client.
- Returns:
TLSClient: A new instance of the TLSClient class.
- psk_client_callback(ssl_conn, hint)
- log_key_material_dict()
Log the contents of the key material dictionary.
This function prints each label and the associated key material stored in the key_material_dict. It helps in debugging and verifying the key material collected during the TLS sessions.
- Returns:
None
- start_client(session: Session | None = None)
Starts the client and initiates the connection.
This method sets up the socket, initiates the SSL/TLS handshake, and sends a “Client Hello” message to the server. It handles both DTLS (UDP) and TLS (TCP) connections.
- Args:
session (Optional[Session]): A session defines certain connection parameters which may be re-used to speed up the setup of subsequent connections.
- generate_client_hello(with_extensions=True)
This method constructs a TLS ClientHello message, which is the initial message sent by the client during the TLS handshake.
- generate_client_key_exchange(identity: bytes | None = None)
Generates a Client Key Exchange message for the TLS/DTLS handshake.
This method creates a key exchange message based on the specified parameters, which are used during the TLS handshake to establish shared secrets between the client and server.
- Parameters:
identity (Optional[bytes], optional): The identity or keying material for the ServerKeyExchange message. Defaults to None
- expect_server_key_exchange()
Configures the expectation for a Server Key Exchange message in the TLS/DTLS handshake.
- expect_alert()
Configures the expectation for a specific TLS alert.
- expect_server_hello()
Configures the expectation for a ServerHello message
- expect_server_hello_done()
Configures the expectation for a ServerHelloDone message.
- generate_alert(level: AlertLevel, description: AlertDescription)
Generates a TLS/DTLS alert with the specified level and description.
- Parameters:
level (AlertLevel): The severity level of the alert, such as ‘warning’ or ‘fatal’. description (AlertDescription): The specific description of the alert, such as ‘close_notify’ or ‘unexpected_message’.
- expect_change_cipher_spec()
Configures the expectation for a ChangeCipherSpec message.
This method configures the current node to expect a ChangeCipherSpec message during the TLS handshake. It sets up the expectation for this specific message type.
- generate_change_cipher_spec()
Generates a TLS/DTLS ChangeCipherSpec message
This method configures the current node to generate a ChangeCipherSpec message during the TLS handshake.
- generate_finished(verify_data: bytes | None = None) None
Generates a TLS/DTLS Finished message with options to corrupt the verify_data.
This method configures the current node to generate a Finished message during the TLS handshake and allows optional corruption of the verify_data.
- Args:
verify_data (bytes, optional): Data to set in the Finished message’s verifyData field.
- expect_finished()
Configures the expectation for a Finished message.
- expect_hello_verify_request()
Configures the expectation for a HelloVerifyRequest message.
This method sets up the DTLS manager to expect a HelloVerifyRequest message during the DTLS handshake process. This method is only relevant for DTLS connections and does not modify the behavior for non-DTLS protocols.
- Returns:
None: The DTLS manager is configured to expect the HelloVerifyRequest message.
- expect_message_sequence(messages: List[TlsMessage]) None
Receives a sequence of TLS messages specifically for TLS/DTLS.
This method is used in TLS/DTLS to expect a sequence of TlsMessage objects.
- Args:
messages (List[TlsMessage]): A list of TlsMessage objects to be expected sequentially.
- Returns:
None
- generate_application_data()
Configures the expectation for an Application Data message.
This method generate an Application Data message during the TLS/DTLS connection.
- expect_application_data()
Configures the expectation for an Application Data message.
This method expect an Application Data message during the TLS/DTLS connection.
- log_handshake_progress(conn)
Log the current state of the SSL handshake.
- Parameters:
conn – The SSL connection object.
- is_running()
Checks if the client is currently running.
- Returns:
bool: True if the client is running, False otherwise.
- stop_client()
Stops the client and closes the connection.
This method shuts down the socket, if connected, and cleans up resources.
- cleanup()
- send_message(message)
Sends a message to the server.
- Args:
message (bytes): The message to be sent.
- send_hello_message()
Sends Hello from client! message to the server.
- check_message(expected_message)
Checks if the received message matches the expected message.
- Args:
expected_message (bytes): The expected message to be received.
- set_expected_message(message)
Sets the expected message to be received.
- Args:
message (bytes): The expected message.
- get_session()
Retrieves the current TLS session.
This method returns the current TLS session object, which can be used for session resumption or other purposes.
- Returns:
SSL.Session: The current TLS session object.