tlslite.session module¶
Class representing a TLS session.
- class tlslite.session.Session¶
Bases:
object
This class represents a TLS session.
TLS distinguishes between connections and sessions. A new handshake creates both a connection and a session. Data is transmitted over the connection.
The session contains a more permanent record of the handshake. The session can be inspected to determine handshake results. The session can also be used to create a new connection through “session resumption”. If the client and server both support this, they can create a new connection based on an old session without the overhead of a full handshake.
The session for a
TLSConnection
can be retrieved from the connection’s ‘session’ attribute.- Variables:
srpUsername (str) – The client’s SRP username (or None).
clientCertChain (X509CertChain) – The client’s certificate chain (or None).
serverCertChain (X509CertChain) – The server’s certificate chain (or None).
tackExt (tack.structures.TackExtension.TackExtension) – The server’s TackExtension (or None).
tackInHelloExt (bool) – True if a TACK was presented via TLS Extension.
encryptThenMAC (bool) – True if connection uses CBC cipher in encrypt-then-MAC mode
appProto (bytearray) – name of the negotiated application level protocol, None if not negotiated
- __init__()¶
- create(masterSecret, sessionID, cipherSuite, srpUsername, clientCertChain, serverCertChain, tackExt, tackInHelloExt, serverName, resumable=True, encryptThenMAC=False, extendedMasterSecret=False, appProto=bytearray(b''))¶
- getBreakSigs()¶
- getCipherName()¶
Get the name of the cipher used with this connection.
- Return type:
str
- Returns:
The name of the cipher used with this connection.
- getMacName()¶
Get the name of the HMAC hash algo used with this connection.
- Return type:
str
- Returns:
The name of the HMAC hash algo used with this connection.
- getTackId()¶
- valid()¶
If this session can be used for session resumption.
- Return type:
bool
- Returns:
If this session can be used for session resumption.