1# Authors: 2# Trevor Perrin 3# Dave Baggett (Arcode Corporation) - canonicalCipherName 4# 5# See the LICENSE file for legal information regarding use of this file. 6 7"""Class representing a TLS session.""" 8 9from .utils.compat import * 10from .mathtls import * 11from .constants import * 12 13class Session(object): 14 """ 15 This class represents a TLS session. 16 17 TLS distinguishes between connections and sessions. A new 18 handshake creates both a connection and a session. Data is 19 transmitted over the connection. 20 21 The session contains a more permanent record of the handshake. The 22 session can be inspected to determine handshake results. The 23 session can also be used to create a new connection through 24 "session resumption". If the client and server both support this, 25 they can create a new connection based on an old session without 26 the overhead of a full handshake. 27 28 The session for a L{tlslite.TLSConnection.TLSConnection} can be 29 retrieved from the connection's 'session' attribute. 30 31 @type srpUsername: str 32 @ivar srpUsername: The client's SRP username (or None). 33 34 @type clientCertChain: L{tlslite.x509certchain.X509CertChain} 35 @ivar clientCertChain: The client's certificate chain (or None). 36 37 @type serverCertChain: L{tlslite.x509certchain.X509CertChain} 38 @ivar serverCertChain: The server's certificate chain (or None). 39 40 @type tackExt: L{tack.structures.TackExtension.TackExtension} 41 @ivar tackExt: The server's TackExtension (or None). 42 43 @type tackInHelloExt: L{bool} 44 @ivar tackInHelloExt: True if a TACK was presented via TLS Extension. 45 """ 46 47 def __init__(self): 48 self.masterSecret = bytearray(0) 49 self.sessionID = bytearray(0) 50 self.cipherSuite = 0 51 self.srpUsername = "" 52 self.clientCertChain = None 53 self.serverCertChain = None 54 self.tackExt = None 55 self.tackInHelloExt = False 56 self.serverName = "" 57 self.resumable = False 58 59 def create(self, masterSecret, sessionID, cipherSuite, 60 srpUsername, clientCertChain, serverCertChain, 61 tackExt, tackInHelloExt, serverName, resumable=True): 62 self.masterSecret = masterSecret 63 self.sessionID = sessionID 64 self.cipherSuite = cipherSuite 65 self.srpUsername = srpUsername 66 self.clientCertChain = clientCertChain 67 self.serverCertChain = serverCertChain 68 self.tackExt = tackExt 69 self.tackInHelloExt = tackInHelloExt 70 self.serverName = serverName 71 self.resumable = resumable 72 73 def _clone(self): 74 other = Session() 75 other.masterSecret = self.masterSecret 76 other.sessionID = self.sessionID 77 other.cipherSuite = self.cipherSuite 78 other.srpUsername = self.srpUsername 79 other.clientCertChain = self.clientCertChain 80 other.serverCertChain = self.serverCertChain 81 other.tackExt = self.tackExt 82 other.tackInHelloExt = self.tackInHelloExt 83 other.serverName = self.serverName 84 other.resumable = self.resumable 85 return other 86 87 def valid(self): 88 """If this session can be used for session resumption. 89 90 @rtype: bool 91 @return: If this session can be used for session resumption. 92 """ 93 return self.resumable and self.sessionID 94 95 def _setResumable(self, boolean): 96 #Only let it be set to True if the sessionID is non-null 97 if (not boolean) or (boolean and self.sessionID): 98 self.resumable = boolean 99 100 def getTackId(self): 101 if self.tackExt and self.tackExt.tack: 102 return self.tackExt.tack.getTackId() 103 else: 104 return None 105 106 def getBreakSigs(self): 107 if self.tackExt and self.tackExt.break_sigs: 108 return self.tackExt.break_sigs 109 else: 110 return None 111 112 def getCipherName(self): 113 """Get the name of the cipher used with this connection. 114 115 @rtype: str 116 @return: The name of the cipher used with this connection. 117 """ 118 return CipherSuite.canonicalCipherName(self.cipherSuite) 119 120 def getMacName(self): 121 """Get the name of the HMAC hash algo used with this connection. 122 123 @rtype: str 124 @return: The name of the HMAC hash algo used with this connection. 125 """ 126 return CipherSuite.canonicalMacName(self.cipherSuite) 127