tls_client module

class tls_client.ClientTLS13Session(clt_conf, engine_ticket_db=None, cs=None)

Bases: object

defines a TLS 1.3 Session initiated by the TLS client

close()
connect(ip=None, port=443)
key_log(key_log_file='./key_log.txt')

returns the key log file

This helps decrypt the session in wireshark

recv()

returns application data to the application

when an alert is returned by the TLS server, a ServerTLSAlert is raised. when a Handshake message is received, nothing is returned to the application, but it is silently handled.

send(data)
class tls_client.SimpleTLS13Client(conf: dict)

Bases: object

defines the most simple TLS13 Client

The TLS client takes a configuration dictionary as an argument.

The complete configuration file MAY be provided. However, it is expected this configuration dictionary MAY be provided in a reduced form that only carry relevant information leaving other fields to be completed automatically. The pytls13.tls_client_conf.Configuration( ) object is expected to perfom such action.

A typical configuration can be the following one. Note that these templates are only examples. Not all fields are mandatory.

Template with local CS (lib_cs). In this case public and private keys needs to be provided.

{
  'destination': {
     'ip': '127.0.0.1',
     'port': 8402
   },
   'debug': {
     'trace': True
   },
   'tls13': {
     'session_resumption': False,
     'ephemeral_method': 'e_generated'
   },
   'description': "- OpenSSL TLS1.3 Server - authenticated client",
   'lurk_client': {
     'connectivity': {
       'type': 'lib_cs'
      }
   },
   'cs': {
      ('tls13', 'v1'): {
        {'public_key': ['./tls_client_keys/_Ed25519PublicKey-ed25519-X509.der'],
         'private_key': './tls_client_keys/_Ed25519PrivateKey-ed25519-pkcs8.der',
         'sig_scheme': ['ed25519']}
      }
   }
}

Template with remote CS. In this case public and private keys needs to be provided.

{
  'destination': {
    'ip': '127.0.0.1',
    'port': 8402
  },
  'debug': {
    'trace': True
  },
  'tls13': {
    'session_resumption': False,
    'ephemeral_method': 'e_generated'
  },
  'description': "- OpenSSL TLS1.3 Server - authenticated client",
  'lurk_client': {'connectivity': {'type': 'tcp',
                                 'ip': '127.0.0.1',
                                 'port': 9401}},
  'cs': {
    ('tls13', 'v1'): {
      'public_key': ['./tls_client_keys/_Ed25519PublicKey-ed25519-X509.der'],
      'sig_scheme': ['ed25519']
    }
  }
}
new_session()