tlslite.session module

Class representing a TLS session.

class tlslite.session.Session

Bases: object

This class represents a TLS session.

TLS distinguishes between connections and sessions. A new handshake creates both a connection and a session. Data is transmitted over the connection.

The session contains a more permanent record of the handshake. The session can be inspected to determine handshake results. The session can also be used to create a new connection through “session resumption”. If the client and server both support this, they can create a new connection based on an old session without the overhead of a full handshake.

The session for a TLSConnection can be retrieved from the connection’s ‘session’ attribute.

Variables
  • srpUsername (str) – The client’s SRP username (or None).

  • clientCertChain (X509CertChain) – The client’s certificate chain (or None).

  • serverCertChain (X509CertChain) – The server’s certificate chain (or None).

  • tackExt (tack.structures.TackExtension.TackExtension) – The server’s TackExtension (or None).

  • tackInHelloExt (bool) – True if a TACK was presented via TLS Extension.

  • encryptThenMAC (bool) – True if connection uses CBC cipher in encrypt-then-MAC mode

  • appProto (bytearray) – name of the negotiated application level protocol, None if not negotiated

__init__()

Initialize self. See help(type(self)) for accurate signature.

create(masterSecret, sessionID, cipherSuite, srpUsername, clientCertChain, serverCertChain, tackExt, tackInHelloExt, serverName, resumable=True, encryptThenMAC=False, extendedMasterSecret=False, appProto=bytearray(b''))
getBreakSigs()
getCipherName()

Get the name of the cipher used with this connection.

Return type

str

Returns

The name of the cipher used with this connection.

getMacName()

Get the name of the HMAC hash algo used with this connection.

Return type

str

Returns

The name of the HMAC hash algo used with this connection.

getTackId()
valid()

If this session can be used for session resumption.

Return type

bool

Returns

If this session can be used for session resumption.