Tls Client Module

class mtf.network_port.tls.tls_client.TLSClient

A class representing a TLS/DTLS client for secure communication.

This class provides methods to create, start, and manage a TLS/DTLS client connection using the specified configuration. It supports both DTLS (UDP) and TLS (TCP) protocols.

__init__(config: TLSConfigurator)
classmethod create(config: TLSConfigurator)

Creates a new instance of the TLSClient class with the provided configuration.

Args:

config (TLSConfigurator): The configuration for the client.

Returns:

TLSClient: A new instance of the TLSClient class.

psk_client_callback(ssl_conn, hint)
log_key_material_dict()

Log the contents of the key material dictionary.

This function prints each label and the associated key material stored in the key_material_dict. It helps in debugging and verifying the key material collected during the TLS sessions.

Returns:

None

start_client(session: Session | None = None)

Starts the client and initiates the connection.

This method sets up the socket, initiates the SSL/TLS handshake, and sends a “Client Hello” message to the server. It handles both DTLS (UDP) and TLS (TCP) connections.

Args:

session (Optional[Session]): A session defines certain connection parameters which may be re-used to speed up the setup of subsequent connections.

generate_client_hello(with_extensions=True)

This method constructs a TLS ClientHello message, which is the initial message sent by the client during the TLS handshake.

generate_client_key_exchange(identity: bytes | None = None)

Generates a Client Key Exchange message for the TLS/DTLS handshake.

This method creates a key exchange message based on the specified parameters, which are used during the TLS handshake to establish shared secrets between the client and server.

Parameters:

identity (Optional[bytes], optional): The identity or keying material for the ServerKeyExchange message. Defaults to None

expect_server_key_exchange()

Configures the expectation for a Server Key Exchange message in the TLS/DTLS handshake.

expect_alert()

Configures the expectation for a specific TLS alert.

expect_server_hello()

Configures the expectation for a ServerHello message

expect_server_hello_done()

Configures the expectation for a ServerHelloDone message.

generate_alert(level: AlertLevel, description: AlertDescription)

Generates a TLS/DTLS alert with the specified level and description.

Parameters:

level (AlertLevel): The severity level of the alert, such as ‘warning’ or ‘fatal’. description (AlertDescription): The specific description of the alert, such as ‘close_notify’ or ‘unexpected_message’.

expect_change_cipher_spec()

Configures the expectation for a ChangeCipherSpec message.

This method configures the current node to expect a ChangeCipherSpec message during the TLS handshake. It sets up the expectation for this specific message type.

generate_change_cipher_spec()

Generates a TLS/DTLS ChangeCipherSpec message

This method configures the current node to generate a ChangeCipherSpec message during the TLS handshake.

generate_finished(verify_data: bytes | None = None) None

Generates a TLS/DTLS Finished message with options to corrupt the verify_data.

This method configures the current node to generate a Finished message during the TLS handshake and allows optional corruption of the verify_data.

Args:

verify_data (bytes, optional): Data to set in the Finished message’s verifyData field.

expect_finished()

Configures the expectation for a Finished message.

expect_hello_verify_request()

Configures the expectation for a HelloVerifyRequest message.

This method sets up the DTLS manager to expect a HelloVerifyRequest message during the DTLS handshake process. This method is only relevant for DTLS connections and does not modify the behavior for non-DTLS protocols.

Returns:

None: The DTLS manager is configured to expect the HelloVerifyRequest message.

expect_message_sequence(messages: List[TlsMessage]) None

Receives a sequence of TLS messages specifically for TLS/DTLS.

This method is used in TLS/DTLS to expect a sequence of TlsMessage objects.

Args:

messages (List[TlsMessage]): A list of TlsMessage objects to be expected sequentially.

Returns:

None

generate_application_data()

Configures the expectation for an Application Data message.

This method generate an Application Data message during the TLS/DTLS connection.

expect_application_data()

Configures the expectation for an Application Data message.

This method expect an Application Data message during the TLS/DTLS connection.

log_handshake_progress(conn)

Log the current state of the SSL handshake.

Parameters:

conn – The SSL connection object.

is_running()

Checks if the client is currently running.

Returns:

bool: True if the client is running, False otherwise.

stop_client()

Stops the client and closes the connection.

This method shuts down the socket, if connected, and cleans up resources.

cleanup()
send_message(message)

Sends a message to the server.

Args:

message (bytes): The message to be sent.

send_hello_message()

Sends Hello from client! message to the server.

check_message(expected_message)

Checks if the received message matches the expected message.

Args:

expected_message (bytes): The expected message to be received.

set_expected_message(message)

Sets the expected message to be received.

Args:

message (bytes): The expected message.

get_session()

Retrieves the current TLS session.

This method returns the current TLS session object, which can be used for session resumption or other purposes.

Returns:

SSL.Session: The current TLS session object.