tlslite.session module

Class representing a TLS session.

class tlslite.session.Session

Bases: object

This class represents a TLS session.

TLS distinguishes between connections and sessions. A new handshake creates both a connection and a session. Data is transmitted over the connection.

The session contains a more permanent record of the handshake. The session can be inspected to determine handshake results. The session can also be used to create a new connection through “session resumption”. If the client and server both support this, they can create a new connection based on an old session without the overhead of a full handshake.

The session for a TLSConnection can be retrieved from the connection’s ‘session’ attribute.

Variables:
  • srpUsername (str) – The client’s SRP username (or None).
  • clientCertChain (X509CertChain) – The client’s certificate chain (or None).
  • serverCertChain (X509CertChain) – The server’s certificate chain (or None).
  • tackExt (tack.structures.TackExtension.TackExtension) – The server’s TackExtension (or None).
  • tackInHelloExt (bool) – True if a TACK was presented via TLS Extension.
  • encryptThenMAC (bool) – True if connection uses CBC cipher in encrypt-then-MAC mode
  • appProto (bytearray) – name of the negotiated application level protocol, None if not negotiated
__init__()

Initialize self. See help(type(self)) for accurate signature.

create(masterSecret, sessionID, cipherSuite, srpUsername, clientCertChain, serverCertChain, tackExt, tackInHelloExt, serverName, resumable=True, encryptThenMAC=False, extendedMasterSecret=False, appProto=bytearray(b''))
getBreakSigs()
getCipherName()

Get the name of the cipher used with this connection.

Return type:str
Returns:The name of the cipher used with this connection.
getMacName()

Get the name of the HMAC hash algo used with this connection.

Return type:str
Returns:The name of the HMAC hash algo used with this connection.
getTackId()
valid()

If this session can be used for session resumption.

Return type:bool
Returns:If this session can be used for session resumption.