scapy.layers.tls.automaton_cli

TLS client automaton. This makes for a primitive TLS stack. Obviously you need rights for network access.

We support versions SSLv2 to TLS 1.3, along with many features.

In order to run a client to tcp/50000 with one cipher suite of your choice:

from scapy.layers.tls import *
ch = TLSClientHello(ciphers=<int code of the cipher suite>)
t = TLSClientAutomaton(dport=50000, client_hello=ch)
t.run()

You can also use it as a SuperSocket using the tlslink io:

from scapy.layers.tls import *
a = TLSClientAutomaton.tlslink(Raw, server="scapy.net", dport=443)
a.send(HTTP()/HTTPRequest())
while True:
    a.recv()

You can also use the io with a TCPSession, e.g. to get an HTTPS answer:

from scapy.all import *
from scapy.layers.http import *
from scapy.layers.tls import *
a = TLSClientAutomaton.tlslink(HTTP, server="www.google.com", dport=443)
pkt = a.sr1(HTTP()/HTTPRequest(), session=TCPSession(app=True),
            timeout=2)

class scapy.layers.tls.automaton_cli.TLSClientAutomaton(self, server='127.0.0.1', dport=4433, server_name=None, mycert=None, mykey=None, client_hello=None, version=None, resumption_master_secret=None, session_ticket_file_in=None, session_ticket_file_out=None, psk=None, psk_mode=None, data=None, ciphersuite=None, curve=None, **kargs)

基类：_TLSAutomaton

A simple TLS test client automaton. Try to overload some states or conditions and see what happens on the other side.

Rather than with an interruption, the best way to stop this client is by typing 'quit'. This won't be a message sent to the server.

参数:

• server -- the server IP or hostname. defaults to 127.0.0.1

• dport -- the server port. defaults to 4433

• server_name -- the SNI to use. It does not need to be set

• mycert --

• mykey -- may be provided as filenames. They will be used in the handshake, should the server ask for client authentication.

• client_hello -- may hold a TLSClientHello or SSLv2ClientHello to be sent to the server. This is particularly useful for extensions tweaking. If not set, a default is populated accordingly.

• version -- is a quicker way to advertise a protocol version ("sslv2", "tls1", "tls12", etc.) It may be overridden by the previous 'client_hello'.

• data -- is a list of raw data to be sent to the server once the handshake has been completed. Both 'stop_server' and 'quit' will work this way.

ADDED_CERTIFICATEVERIFY(*args: ATMT, **kargs: Any) → NewStateRequested

ADDED_CHANGECIPHERSPEC(*args: ATMT, **kargs: Any) → NewStateRequested

ADDED_CLIENTCERTIFICATE(*args: ATMT, **kargs: Any) → NewStateRequested

ADDED_CLIENTDATA(*args: ATMT, **kargs: Any) → NewStateRequested

ADDED_CLIENTFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

ADDED_CLIENTHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

ADDED_CLIENTKEYEXCHANGE(*args: ATMT, **kargs: Any) → NewStateRequested

CLOSE_NOTIFY(*args: ATMT, **kargs: Any) → NewStateRequested

CONNECT(*args: ATMT, **kargs: Any) → NewStateRequested

FINAL(*args: ATMT, **kargs: Any) → NewStateRequested

HANDLED_CERTIFICATEREQUEST(*args: ATMT, **kargs: Any) → NewStateRequested

HANDLED_CHANGECIPHERSPEC(*args: ATMT, **kargs: Any) → NewStateRequested

HANDLED_SERVERCERTIFICATE(*args: ATMT, **kargs: Any) → NewStateRequested

HANDLED_SERVERDATA(*args: ATMT, **kargs: Any) → NewStateRequested

HANDLED_SERVERFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

HANDLED_SERVERHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

HANDLED_SERVERHELLODONE(*args: ATMT, **kargs: Any) → NewStateRequested

HANDLED_SERVERKEYEXCHANGE(*args: ATMT, **kargs: Any) → NewStateRequested

INITIAL(*args: ATMT, **kargs: Any) → NewStateRequested

INIT_TLS_SESSION(*args: ATMT, **kargs: Any) → NewStateRequested

MISSING_SERVERCERTIFICATE(*args: ATMT, **kargs: Any) → NewStateRequested

MISSING_SERVERHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

MISSING_SERVERKEYEXCHANGE(*args: ATMT, **kargs: Any) → NewStateRequested

PREPARE_CLIENTFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

PREPARE_CLIENTFLIGHT2(*args: ATMT, **kargs: Any) → NewStateRequested

RECEIVED_SERVERDATA(*args: ATMT, **kargs: Any) → NewStateRequested

RECEIVED_SERVERFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

RECEIVED_SERVERFLIGHT2(*args: ATMT, **kargs: Any) → NewStateRequested

SENT_CLIENTDATA(*args: ATMT, **kargs: Any) → NewStateRequested

SENT_CLIENTFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

SENT_CLIENTFLIGHT2(*args: ATMT, **kargs: Any) → NewStateRequested

SOCKET_CLOSED(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_ADDED_CLIENTCERTIFICATE(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_ADDED_CLIENTDATA(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_ADDED_CLIENTFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_ADDED_CLIENTHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_ADDED_CLIENTMASTERKEY(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_CLOSE_NOTIFY(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_HANDLED_REQUESTCERTIFICATE(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_HANDLED_SERVERDATA(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_HANDLED_SERVERFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_HANDLED_SERVERHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_HANDLED_SERVERVERIFY(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_MISSING_SERVERFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_MISSING_SERVERHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_MISSING_SERVERVERIFY(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_PREPARE_CLIENTHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_RECEIVED_SERVERDATA(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_RECEIVED_SERVERFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_RECEIVED_SERVERHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_RECEIVED_SERVERVERIFY(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_SENT_CLIENTCERTIFICATE(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_SENT_CLIENTDATA(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_SENT_CLIENTFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_SENT_CLIENTHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_SENT_CLIENTMASTERKEY(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_WAITING_CLIENTDATA(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_WAITING_SERVERDATA(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_WAITING_SERVERFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_WAITING_SERVERHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

SSLv2_WAITING_SERVERVERIFY(*args: ATMT, **kargs: Any) → NewStateRequested

STOP(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_ADDED_CERTIFICATEVERIFY(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_ADDED_CLIENTCERTIFICATE(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_ADDED_CLIENTFINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_ADDED_CLIENTHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HANDLED_ALERT_FROM_SERVERFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HANDLED_CERTIFICATE(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HANDLED_CERTIFICATEREQUEST(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HANDLED_CERTIFICATE_VERIFY(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HANDLED_CHANGE_CIPHER_SPEC(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HANDLED_ENCRYPTEDEXTENSIONS(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HANDLED_FINISHED(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HANDLED_SERVERHELLO(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_HELLO_RETRY_REQUESTED(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_PREPARE_CLIENTFLIGHT2(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_RECEIVED_SERVERFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_SENDING_CLIENTFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_SENT_CLIENTFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_SENT_CLIENTFLIGHT2(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_START(*args: ATMT, **kargs: Any) → NewStateRequested

TLS13_WAITING_SERVERFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

WAITING_SERVERDATA(*args: ATMT, **kargs: Any) → NewStateRequested

WAITING_SERVERFLIGHT1(*args: ATMT, **kargs: Any) → NewStateRequested

WAITING_SERVERFLIGHT2(*args: ATMT, **kargs: Any) → NewStateRequested

WAIT_CLIENTDATA(*args: ATMT, **kargs: Any) → NewStateRequested

actions: Dict[str, List[_StateWrapper]] = {'_socket': [], 'add_ClientData': [], 'close_session': [], 'missing_ServerCertificate': [], 'missing_ServerHello': [], 'missing_ServerKeyExchange': [], 'no_more_ClientData': [], 'should_add_ChangeCipherSpec_from_CertificateVerify': [], 'should_add_ChangeCipherSpec_from_ClientKeyExchange': [], 'should_add_ClientCertificate': [], 'should_add_ClientFinished': [], 'should_add_ClientHello': [], 'should_add_ClientKeyExchange_from_ClientCertificate': [], 'should_add_ClientKeyExchange_from_ClientFlight2': [], 'should_add_ClientVerify': [], 'should_handle_CertificateRequest_from_ServerCertificate': [], 'should_handle_CertificateRequest_from_ServerKeyExchange': [], 'should_handle_ChangeCipherSpec': [], 'should_handle_Finished': [], 'should_handle_ServerCertificate': [], 'should_handle_ServerData': [], 'should_handle_ServerHello': [], 'should_handle_ServerHelloDone_from_CertificateRequest': [], 'should_handle_ServerHelloDone_from_ServerCertificate': [], 'should_handle_ServerHelloDone_from_ServerKeyExchange': [], 'should_handle_ServerKeyExchange_from_ServerCertificate': [], 'should_send_ClientData': [], 'should_send_ClientFlight1': [], 'should_send_ClientFlight2': [], 'should_wait_ClientData': [], 'sslv2_add_ClientData': [], 'sslv2_close_session': [], 'sslv2_missing_ServerFinished': [], 'sslv2_missing_ServerHello': [], 'sslv2_missing_ServerVerify': [], 'sslv2_no_more_ClientData': [], 'sslv2_should_add_ClientCertificate': [], 'sslv2_should_add_ClientFinished_from_NoServerVerify': [], 'sslv2_should_add_ClientFinished_from_ServerVerify': [], 'sslv2_should_add_ClientHello': [], 'sslv2_should_add_ClientMasterKey': [], 'sslv2_should_handle_RequestCertificate': [], 'sslv2_should_handle_ServerData': [], 'sslv2_should_handle_ServerFinished': [], 'sslv2_should_handle_ServerHello': [], 'sslv2_should_handle_ServerVerify': [], 'sslv2_should_send_ClientCertificate': [], 'sslv2_should_send_ClientData': [], 'sslv2_should_send_ClientFinished': [], 'sslv2_should_send_ClientHello': [], 'sslv2_should_send_ClientMasterKey': [], 'sslv2_should_wait_ClientData': [], 'sslv2_should_wait_ServerFinished_from_ServerVerify': [], 'tls13_missing_CertificateVerify': [], 'tls13_missing_ServerHello': [], 'tls13_missing_encryptedExtension': [], 'tls13_should_add_ClientCertificate': [], 'tls13_should_add_ClientCertificateVerify': [], 'tls13_should_add_ClientFinished': [], 'tls13_should_add_ClientHello': [], 'tls13_should_add_ClientHello_Retry': [], 'tls13_should_handle_AlertMessage_': [], 'tls13_should_handle_CertificateVerify': [], 'tls13_should_handle_Certificate_from_CertificateRequest': [], 'tls13_should_handle_ChangeCipherSpec': [], 'tls13_should_handle_HelloRetryRequest': [], 'tls13_should_handle_ServerHello': [], 'tls13_should_handle_certificateRequest_from_encryptedExtensions': [], 'tls13_should_handle_certificate_from_encryptedExtensions': [], 'tls13_should_handle_encrytpedExtensions': [], 'tls13_should_handle_finished': [], 'tls13_should_handle_finished_from_encryptedExtensions': [], 'tls13_should_send_ClientFlight1': [], 'tls13_should_send_ClientFlight2': []}

add_ClientData()

The user may type in: GET / HTTP/1.1rnHost: testserver.comrnrn Special characters are handled so that it becomes a valid HTTP request.

breakpoints: Set[_StateWrapper]

close_session()

conditions: Dict[str, List[_StateWrapper]] = {'ADDED_CERTIFICATEVERIFY': [<function TLSClientAutomaton.should_add_ChangeCipherSpec_from_CertificateVerify>], 'ADDED_CHANGECIPHERSPEC': [<function TLSClientAutomaton.should_add_ClientFinished>], 'ADDED_CLIENTCERTIFICATE': [<function TLSClientAutomaton.should_add_ClientKeyExchange_from_ClientCertificate>], 'ADDED_CLIENTDATA': [<function TLSClientAutomaton.should_send_ClientData>], 'ADDED_CLIENTFINISHED': [<function TLSClientAutomaton.should_send_ClientFlight2>], 'ADDED_CLIENTHELLO': [<function TLSClientAutomaton.should_send_ClientFlight1>], 'ADDED_CLIENTKEYEXCHANGE': [<function TLSClientAutomaton.should_add_ClientVerify>, <function TLSClientAutomaton.should_add_ChangeCipherSpec_from_ClientKeyExchange>], 'CLOSE_NOTIFY': [<function TLSClientAutomaton.close_session>], 'CONNECT': [], 'FINAL': [], 'HANDLED_CERTIFICATEREQUEST': [<function TLSClientAutomaton.should_handle_ServerHelloDone_from_CertificateRequest>], 'HANDLED_CHANGECIPHERSPEC': [<function TLSClientAutomaton.should_handle_Finished>], 'HANDLED_SERVERCERTIFICATE': [<function TLSClientAutomaton.should_handle_ServerKeyExchange_from_ServerCertificate>, <function TLSClientAutomaton.missing_ServerKeyExchange>, <function TLSClientAutomaton.should_handle_CertificateRequest_from_ServerCertificate>, <function TLSClientAutomaton.should_handle_ServerHelloDone_from_ServerCertificate>], 'HANDLED_SERVERDATA': [], 'HANDLED_SERVERFINISHED': [<function TLSClientAutomaton.should_wait_ClientData>], 'HANDLED_SERVERHELLO': [<function TLSClientAutomaton.should_handle_ServerCertificate>, <function TLSClientAutomaton.missing_ServerCertificate>], 'HANDLED_SERVERHELLODONE': [], 'HANDLED_SERVERKEYEXCHANGE': [<function TLSClientAutomaton.should_handle_ServerHelloDone_from_ServerKeyExchange>, <function TLSClientAutomaton.should_handle_CertificateRequest_from_ServerKeyExchange>], 'INITIAL': [], 'INIT_TLS_SESSION': [], 'MISSING_SERVERCERTIFICATE': [], 'MISSING_SERVERHELLO': [], 'MISSING_SERVERKEYEXCHANGE': [], 'PREPARE_CLIENTFLIGHT1': [<function TLSClientAutomaton.should_add_ClientHello>], 'PREPARE_CLIENTFLIGHT2': [<function TLSClientAutomaton.should_add_ClientCertificate>, <function TLSClientAutomaton.should_add_ClientKeyExchange_from_ClientFlight2>], 'RECEIVED_SERVERDATA': [<function TLSClientAutomaton.should_handle_ServerData>], 'RECEIVED_SERVERFLIGHT1': [<function TLSClientAutomaton.should_handle_ServerHello>, <function TLSClientAutomaton.missing_ServerHello>], 'RECEIVED_SERVERFLIGHT2': [<function TLSClientAutomaton.should_handle_ChangeCipherSpec>], 'SENT_CLIENTDATA': [], 'SENT_CLIENTFLIGHT1': [], 'SENT_CLIENTFLIGHT2': [], 'SOCKET_CLOSED': [], 'SSLv2_ADDED_CLIENTCERTIFICATE': [<function TLSClientAutomaton.sslv2_should_send_ClientCertificate>], 'SSLv2_ADDED_CLIENTDATA': [<function TLSClientAutomaton.sslv2_should_send_ClientData>], 'SSLv2_ADDED_CLIENTFINISHED': [<function TLSClientAutomaton.sslv2_should_send_ClientFinished>], 'SSLv2_ADDED_CLIENTHELLO': [<function TLSClientAutomaton.sslv2_should_send_ClientHello>], 'SSLv2_ADDED_CLIENTMASTERKEY': [<function TLSClientAutomaton.sslv2_should_send_ClientMasterKey>], 'SSLv2_CLOSE_NOTIFY': [<function TLSClientAutomaton.sslv2_close_session>], 'SSLv2_HANDLED_REQUESTCERTIFICATE': [<function TLSClientAutomaton.sslv2_should_add_ClientCertificate>], 'SSLv2_HANDLED_SERVERDATA': [], 'SSLv2_HANDLED_SERVERFINISHED': [<function TLSClientAutomaton.sslv2_should_wait_ClientData>], 'SSLv2_HANDLED_SERVERHELLO': [<function TLSClientAutomaton.sslv2_should_add_ClientMasterKey>], 'SSLv2_HANDLED_SERVERVERIFY': [<function TLSClientAutomaton.sslv2_should_add_ClientFinished_from_ServerVerify>, <function TLSClientAutomaton.sslv2_should_wait_ServerFinished_from_ServerVerify>], 'SSLv2_MISSING_SERVERFINISHED': [], 'SSLv2_MISSING_SERVERHELLO': [], 'SSLv2_MISSING_SERVERVERIFY': [], 'SSLv2_PREPARE_CLIENTHELLO': [<function TLSClientAutomaton.sslv2_should_add_ClientHello>], 'SSLv2_RECEIVED_SERVERDATA': [<function TLSClientAutomaton.sslv2_should_handle_ServerData>], 'SSLv2_RECEIVED_SERVERFINISHED': [<function TLSClientAutomaton.sslv2_should_handle_ServerFinished>, <function TLSClientAutomaton.sslv2_should_handle_RequestCertificate>, <function TLSClientAutomaton.sslv2_missing_ServerFinished>], 'SSLv2_RECEIVED_SERVERHELLO': [<function TLSClientAutomaton.sslv2_should_handle_ServerHello>, <function TLSClientAutomaton.sslv2_missing_ServerHello>], 'SSLv2_RECEIVED_SERVERVERIFY': [<function TLSClientAutomaton.sslv2_should_handle_ServerVerify>, <function TLSClientAutomaton.sslv2_should_add_ClientFinished_from_NoServerVerify>, <function TLSClientAutomaton.sslv2_missing_ServerVerify>], 'SSLv2_SENT_CLIENTCERTIFICATE': [], 'SSLv2_SENT_CLIENTDATA': [], 'SSLv2_SENT_CLIENTFINISHED': [], 'SSLv2_SENT_CLIENTHELLO': [], 'SSLv2_SENT_CLIENTMASTERKEY': [], 'SSLv2_WAITING_CLIENTDATA': [<function TLSClientAutomaton.sslv2_add_ClientData>, <function TLSClientAutomaton.sslv2_no_more_ClientData>], 'SSLv2_WAITING_SERVERDATA': [], 'SSLv2_WAITING_SERVERFINISHED': [], 'SSLv2_WAITING_SERVERHELLO': [], 'SSLv2_WAITING_SERVERVERIFY': [], 'STOP': [], 'TLS13_ADDED_CERTIFICATEVERIFY': [], 'TLS13_ADDED_CLIENTCERTIFICATE': [<function TLSClientAutomaton.tls13_should_add_ClientCertificateVerify>], 'TLS13_ADDED_CLIENTFINISHED': [<function TLSClientAutomaton.tls13_should_send_ClientFlight2>], 'TLS13_ADDED_CLIENTHELLO': [], 'TLS13_HANDLED_ALERT_FROM_SERVERFLIGHT1': [], 'TLS13_HANDLED_CERTIFICATE': [<function TLSClientAutomaton.tls13_should_handle_CertificateVerify>, <function TLSClientAutomaton.tls13_missing_CertificateVerify>], 'TLS13_HANDLED_CERTIFICATEREQUEST': [<function TLSClientAutomaton.tls13_should_handle_Certificate_from_CertificateRequest>], 'TLS13_HANDLED_CERTIFICATE_VERIFY': [<function TLSClientAutomaton.tls13_should_handle_finished>], 'TLS13_HANDLED_CHANGE_CIPHER_SPEC': [], 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': [<function TLSClientAutomaton.tls13_should_handle_certificateRequest_from_encryptedExtensions>, <function TLSClientAutomaton.tls13_should_handle_certificate_from_encryptedExtensions>, <function TLSClientAutomaton.tls13_should_handle_finished_from_encryptedExtensions>], 'TLS13_HANDLED_FINISHED': [], 'TLS13_HANDLED_SERVERHELLO': [<function TLSClientAutomaton.tls13_should_handle_encrytpedExtensions>, <function TLSClientAutomaton.tls13_should_handle_ChangeCipherSpec>, <function TLSClientAutomaton.tls13_missing_encryptedExtension>], 'TLS13_HELLO_RETRY_REQUESTED': [<function TLSClientAutomaton.tls13_should_add_ClientHello_Retry>], 'TLS13_PREPARE_CLIENTFLIGHT2': [<function TLSClientAutomaton.tls13_should_add_ClientCertificate>, <function TLSClientAutomaton.tls13_should_add_ClientFinished>], 'TLS13_RECEIVED_SERVERFLIGHT1': [<function TLSClientAutomaton.tls13_should_handle_ServerHello>, <function TLSClientAutomaton.tls13_should_handle_HelloRetryRequest>, <function TLSClientAutomaton.tls13_should_handle_AlertMessage_>, <function TLSClientAutomaton.tls13_missing_ServerHello>], 'TLS13_SENDING_CLIENTFLIGHT1': [<function TLSClientAutomaton.tls13_should_send_ClientFlight1>], 'TLS13_SENT_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT2': [], 'TLS13_START': [<function TLSClientAutomaton.tls13_should_add_ClientHello>], 'TLS13_WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERDATA': [], 'WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERFLIGHT2': [], 'WAIT_CLIENTDATA': [<function TLSClientAutomaton.add_ClientData>, <function TLSClientAutomaton.no_more_ClientData>]}

initial_states: List[_StateWrapper] = [<function ATMT.state.<locals>.deco.<locals>._state_wrapper>]

intercepted_packet: None | Packet

interception_points: Set[_StateWrapper]

ioevents: Dict[str, List[_StateWrapper]] = {'ADDED_CERTIFICATEVERIFY': [], 'ADDED_CHANGECIPHERSPEC': [], 'ADDED_CLIENTCERTIFICATE': [], 'ADDED_CLIENTDATA': [], 'ADDED_CLIENTFINISHED': [], 'ADDED_CLIENTHELLO': [], 'ADDED_CLIENTKEYEXCHANGE': [], 'CLOSE_NOTIFY': [], 'CONNECT': [], 'FINAL': [], 'HANDLED_CERTIFICATEREQUEST': [], 'HANDLED_CHANGECIPHERSPEC': [], 'HANDLED_SERVERCERTIFICATE': [], 'HANDLED_SERVERDATA': [], 'HANDLED_SERVERFINISHED': [], 'HANDLED_SERVERHELLO': [], 'HANDLED_SERVERHELLODONE': [], 'HANDLED_SERVERKEYEXCHANGE': [], 'INITIAL': [<function TLSClientAutomaton._socket>], 'INIT_TLS_SESSION': [], 'MISSING_SERVERCERTIFICATE': [], 'MISSING_SERVERHELLO': [], 'MISSING_SERVERKEYEXCHANGE': [], 'PREPARE_CLIENTFLIGHT1': [], 'PREPARE_CLIENTFLIGHT2': [], 'RECEIVED_SERVERDATA': [], 'RECEIVED_SERVERFLIGHT1': [], 'RECEIVED_SERVERFLIGHT2': [], 'SENT_CLIENTDATA': [], 'SENT_CLIENTFLIGHT1': [], 'SENT_CLIENTFLIGHT2': [], 'SOCKET_CLOSED': [], 'SSLv2_ADDED_CLIENTCERTIFICATE': [], 'SSLv2_ADDED_CLIENTDATA': [], 'SSLv2_ADDED_CLIENTFINISHED': [], 'SSLv2_ADDED_CLIENTHELLO': [], 'SSLv2_ADDED_CLIENTMASTERKEY': [], 'SSLv2_CLOSE_NOTIFY': [], 'SSLv2_HANDLED_REQUESTCERTIFICATE': [], 'SSLv2_HANDLED_SERVERDATA': [], 'SSLv2_HANDLED_SERVERFINISHED': [], 'SSLv2_HANDLED_SERVERHELLO': [], 'SSLv2_HANDLED_SERVERVERIFY': [], 'SSLv2_MISSING_SERVERFINISHED': [], 'SSLv2_MISSING_SERVERHELLO': [], 'SSLv2_MISSING_SERVERVERIFY': [], 'SSLv2_PREPARE_CLIENTHELLO': [], 'SSLv2_RECEIVED_SERVERDATA': [], 'SSLv2_RECEIVED_SERVERFINISHED': [], 'SSLv2_RECEIVED_SERVERHELLO': [], 'SSLv2_RECEIVED_SERVERVERIFY': [], 'SSLv2_SENT_CLIENTCERTIFICATE': [], 'SSLv2_SENT_CLIENTDATA': [], 'SSLv2_SENT_CLIENTFINISHED': [], 'SSLv2_SENT_CLIENTHELLO': [], 'SSLv2_SENT_CLIENTMASTERKEY': [], 'SSLv2_WAITING_CLIENTDATA': [], 'SSLv2_WAITING_SERVERDATA': [], 'SSLv2_WAITING_SERVERFINISHED': [], 'SSLv2_WAITING_SERVERHELLO': [], 'SSLv2_WAITING_SERVERVERIFY': [], 'STOP': [], 'TLS13_ADDED_CERTIFICATEVERIFY': [], 'TLS13_ADDED_CLIENTCERTIFICATE': [], 'TLS13_ADDED_CLIENTFINISHED': [], 'TLS13_ADDED_CLIENTHELLO': [], 'TLS13_HANDLED_ALERT_FROM_SERVERFLIGHT1': [], 'TLS13_HANDLED_CERTIFICATE': [], 'TLS13_HANDLED_CERTIFICATEREQUEST': [], 'TLS13_HANDLED_CERTIFICATE_VERIFY': [], 'TLS13_HANDLED_CHANGE_CIPHER_SPEC': [], 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': [], 'TLS13_HANDLED_FINISHED': [], 'TLS13_HANDLED_SERVERHELLO': [], 'TLS13_HELLO_RETRY_REQUESTED': [], 'TLS13_PREPARE_CLIENTFLIGHT2': [], 'TLS13_RECEIVED_SERVERFLIGHT1': [], 'TLS13_SENDING_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT2': [], 'TLS13_START': [], 'TLS13_WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERDATA': [], 'WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERFLIGHT2': [], 'WAIT_CLIENTDATA': []}

ionames: List[str] = ['tls']

iosupersockets: List[SuperSocket] = [<function TLSClientAutomaton._socket>]

missing_ServerCertificate()

missing_ServerHello()

missing_ServerKeyExchange()

no_more_ClientData()

packets: PacketList

parse_args(server='127.0.0.1', dport=4433, server_name=None, mycert=None, mykey=None, client_hello=None, version=None, resumption_master_secret=None, session_ticket_file_in=None, session_ticket_file_out=None, psk=None, psk_mode=None, data=None, ciphersuite=None, curve=None, **kargs)

recv_conditions: Dict[str, List[_StateWrapper]] = {'ADDED_CERTIFICATEVERIFY': [], 'ADDED_CHANGECIPHERSPEC': [], 'ADDED_CLIENTCERTIFICATE': [], 'ADDED_CLIENTDATA': [], 'ADDED_CLIENTFINISHED': [], 'ADDED_CLIENTHELLO': [], 'ADDED_CLIENTKEYEXCHANGE': [], 'CLOSE_NOTIFY': [], 'CONNECT': [], 'FINAL': [], 'HANDLED_CERTIFICATEREQUEST': [], 'HANDLED_CHANGECIPHERSPEC': [], 'HANDLED_SERVERCERTIFICATE': [], 'HANDLED_SERVERDATA': [], 'HANDLED_SERVERFINISHED': [], 'HANDLED_SERVERHELLO': [], 'HANDLED_SERVERHELLODONE': [], 'HANDLED_SERVERKEYEXCHANGE': [], 'INITIAL': [], 'INIT_TLS_SESSION': [], 'MISSING_SERVERCERTIFICATE': [], 'MISSING_SERVERHELLO': [], 'MISSING_SERVERKEYEXCHANGE': [], 'PREPARE_CLIENTFLIGHT1': [], 'PREPARE_CLIENTFLIGHT2': [], 'RECEIVED_SERVERDATA': [], 'RECEIVED_SERVERFLIGHT1': [], 'RECEIVED_SERVERFLIGHT2': [], 'SENT_CLIENTDATA': [], 'SENT_CLIENTFLIGHT1': [], 'SENT_CLIENTFLIGHT2': [], 'SOCKET_CLOSED': [], 'SSLv2_ADDED_CLIENTCERTIFICATE': [], 'SSLv2_ADDED_CLIENTDATA': [], 'SSLv2_ADDED_CLIENTFINISHED': [], 'SSLv2_ADDED_CLIENTHELLO': [], 'SSLv2_ADDED_CLIENTMASTERKEY': [], 'SSLv2_CLOSE_NOTIFY': [], 'SSLv2_HANDLED_REQUESTCERTIFICATE': [], 'SSLv2_HANDLED_SERVERDATA': [], 'SSLv2_HANDLED_SERVERFINISHED': [], 'SSLv2_HANDLED_SERVERHELLO': [], 'SSLv2_HANDLED_SERVERVERIFY': [], 'SSLv2_MISSING_SERVERFINISHED': [], 'SSLv2_MISSING_SERVERHELLO': [], 'SSLv2_MISSING_SERVERVERIFY': [], 'SSLv2_PREPARE_CLIENTHELLO': [], 'SSLv2_RECEIVED_SERVERDATA': [], 'SSLv2_RECEIVED_SERVERFINISHED': [], 'SSLv2_RECEIVED_SERVERHELLO': [], 'SSLv2_RECEIVED_SERVERVERIFY': [], 'SSLv2_SENT_CLIENTCERTIFICATE': [], 'SSLv2_SENT_CLIENTDATA': [], 'SSLv2_SENT_CLIENTFINISHED': [], 'SSLv2_SENT_CLIENTHELLO': [], 'SSLv2_SENT_CLIENTMASTERKEY': [], 'SSLv2_WAITING_CLIENTDATA': [], 'SSLv2_WAITING_SERVERDATA': [], 'SSLv2_WAITING_SERVERFINISHED': [], 'SSLv2_WAITING_SERVERHELLO': [], 'SSLv2_WAITING_SERVERVERIFY': [], 'STOP': [], 'TLS13_ADDED_CERTIFICATEVERIFY': [], 'TLS13_ADDED_CLIENTCERTIFICATE': [], 'TLS13_ADDED_CLIENTFINISHED': [], 'TLS13_ADDED_CLIENTHELLO': [], 'TLS13_HANDLED_ALERT_FROM_SERVERFLIGHT1': [], 'TLS13_HANDLED_CERTIFICATE': [], 'TLS13_HANDLED_CERTIFICATEREQUEST': [], 'TLS13_HANDLED_CERTIFICATE_VERIFY': [], 'TLS13_HANDLED_CHANGE_CIPHER_SPEC': [], 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': [], 'TLS13_HANDLED_FINISHED': [], 'TLS13_HANDLED_SERVERHELLO': [], 'TLS13_HELLO_RETRY_REQUESTED': [], 'TLS13_PREPARE_CLIENTFLIGHT2': [], 'TLS13_RECEIVED_SERVERFLIGHT1': [], 'TLS13_SENDING_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT2': [], 'TLS13_START': [], 'TLS13_WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERDATA': [], 'WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERFLIGHT2': [], 'WAIT_CLIENTDATA': []}

should_add_ChangeCipherSpec_from_CertificateVerify()

should_add_ChangeCipherSpec_from_ClientKeyExchange()

should_add_ClientCertificate()

If the server sent a CertificateRequest, we send a Certificate message. If no certificate is available, an empty Certificate message is sent: - this is a SHOULD in RFC 4346 (Section 7.4.6) - this is a MUST in RFC 5246 (Section 7.4.6)

XXX We may want to add a complete chain.

should_add_ClientFinished()

should_add_ClientHello()

should_add_ClientKeyExchange()

should_add_ClientKeyExchange_from_ClientCertificate()

should_add_ClientKeyExchange_from_ClientFlight2()

should_add_ClientVerify()

XXX Section 7.4.7.1 of RFC 5246 states that the CertificateVerify message is only sent following a client certificate that has signing capability (i.e. not those containing fixed DH params). We should verify that before adding the message. We should also handle the case when the Certificate message was empty.

should_handle_CertificateRequest()

XXX We should check the CertificateRequest attributes for discrepancies with the cipher suite, etc.

should_handle_CertificateRequest_from_ServerCertificate()

should_handle_CertificateRequest_from_ServerKeyExchange()

should_handle_ChangeCipherSpec()

should_handle_Finished()

should_handle_ServerCertificate()

should_handle_ServerData()

should_handle_ServerHello()

XXX We should check the ServerHello attributes for discrepancies with our own ClientHello.

should_handle_ServerHelloDone()

should_handle_ServerHelloDone_from_CertificateRequest()

should_handle_ServerHelloDone_from_ServerCertificate()

should_handle_ServerHelloDone_from_ServerKeyExchange()

should_handle_ServerKeyExchange_from_ServerCertificate()

XXX We should check the ServerKeyExchange attributes for discrepancies with our own ClientHello, along with the ServerHello and Certificate.

should_send_ClientData()

should_send_ClientFlight1()

should_send_ClientFlight2()

should_wait_ClientData()

sslv2_add_ClientData()

sslv2_close_session()

sslv2_missing_ServerFinished()

sslv2_missing_ServerHello()

sslv2_missing_ServerVerify()

sslv2_no_more_ClientData()

sslv2_should_add_ClientCertificate()

sslv2_should_add_ClientFinished()

sslv2_should_add_ClientFinished_from_NoServerVerify()

sslv2_should_add_ClientFinished_from_ServerVerify()

sslv2_should_add_ClientHello()

sslv2_should_add_ClientMasterKey()

sslv2_should_handle_RequestCertificate()

sslv2_should_handle_ServerData()

sslv2_should_handle_ServerFinished()

sslv2_should_handle_ServerHello()

sslv2_should_handle_ServerVerify()

sslv2_should_send_ClientCertificate()

sslv2_should_send_ClientData()

sslv2_should_send_ClientFinished()

sslv2_should_send_ClientHello()

sslv2_should_send_ClientMasterKey()

sslv2_should_wait_ClientData()

sslv2_should_wait_ServerFinished_from_ServerVerify()

states: Dict[str, _StateWrapper] = {'ADDED_CERTIFICATEVERIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ADDED_CHANGECIPHERSPEC': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ADDED_CLIENTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ADDED_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ADDED_CLIENTFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ADDED_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ADDED_CLIENTKEYEXCHANGE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'CLOSE_NOTIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'CONNECT': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'FINAL': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'HANDLED_CERTIFICATEREQUEST': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'HANDLED_CHANGECIPHERSPEC': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'HANDLED_SERVERCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'HANDLED_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'HANDLED_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'HANDLED_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'HANDLED_SERVERHELLODONE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'HANDLED_SERVERKEYEXCHANGE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'INITIAL': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'INIT_TLS_SESSION': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'MISSING_SERVERCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'MISSING_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'MISSING_SERVERKEYEXCHANGE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'PREPARE_CLIENTFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'PREPARE_CLIENTFLIGHT2': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'RECEIVED_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'RECEIVED_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'RECEIVED_SERVERFLIGHT2': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SENT_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SENT_CLIENTFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SENT_CLIENTFLIGHT2': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SOCKET_CLOSED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_ADDED_CLIENTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_ADDED_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_ADDED_CLIENTFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_ADDED_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_ADDED_CLIENTMASTERKEY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_CLOSE_NOTIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_HANDLED_REQUESTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_HANDLED_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_HANDLED_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_HANDLED_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_HANDLED_SERVERVERIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_MISSING_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_MISSING_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_MISSING_SERVERVERIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_PREPARE_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_RECEIVED_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_RECEIVED_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_RECEIVED_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_RECEIVED_SERVERVERIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_SENT_CLIENTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_SENT_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_SENT_CLIENTFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_SENT_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_SENT_CLIENTMASTERKEY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_WAITING_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_WAITING_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_WAITING_SERVERFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_WAITING_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SSLv2_WAITING_SERVERVERIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'STOP': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_ADDED_CERTIFICATEVERIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_ADDED_CLIENTCERTIFICATE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_ADDED_CLIENTFINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_ADDED_CLIENTHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HANDLED_ALERT_FROM_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HANDLED_CERTIFICATE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HANDLED_CERTIFICATEREQUEST': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HANDLED_CERTIFICATE_VERIFY': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HANDLED_CHANGE_CIPHER_SPEC': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HANDLED_FINISHED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HANDLED_SERVERHELLO': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_HELLO_RETRY_REQUESTED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_PREPARE_CLIENTFLIGHT2': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_RECEIVED_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_SENDING_CLIENTFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_SENT_CLIENTFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_SENT_CLIENTFLIGHT2': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_START': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'TLS13_WAITING_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'WAITING_SERVERDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'WAITING_SERVERFLIGHT1': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'WAITING_SERVERFLIGHT2': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'WAIT_CLIENTDATA': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>}

stop_states: List[_StateWrapper] = [<function ATMT.state.<locals>.deco.<locals>._state_wrapper>]

threadid: int | None

timeout: Dict[str, _TimerList] = {'ADDED_CERTIFICATEVERIFY': [], 'ADDED_CHANGECIPHERSPEC': [], 'ADDED_CLIENTCERTIFICATE': [], 'ADDED_CLIENTDATA': [], 'ADDED_CLIENTFINISHED': [], 'ADDED_CLIENTHELLO': [], 'ADDED_CLIENTKEYEXCHANGE': [], 'CLOSE_NOTIFY': [], 'CONNECT': [], 'FINAL': [], 'HANDLED_CERTIFICATEREQUEST': [], 'HANDLED_CHANGECIPHERSPEC': [], 'HANDLED_SERVERCERTIFICATE': [], 'HANDLED_SERVERDATA': [], 'HANDLED_SERVERFINISHED': [], 'HANDLED_SERVERHELLO': [], 'HANDLED_SERVERHELLODONE': [], 'HANDLED_SERVERKEYEXCHANGE': [], 'INITIAL': [], 'INIT_TLS_SESSION': [], 'MISSING_SERVERCERTIFICATE': [], 'MISSING_SERVERHELLO': [], 'MISSING_SERVERKEYEXCHANGE': [], 'PREPARE_CLIENTFLIGHT1': [], 'PREPARE_CLIENTFLIGHT2': [], 'RECEIVED_SERVERDATA': [], 'RECEIVED_SERVERFLIGHT1': [], 'RECEIVED_SERVERFLIGHT2': [], 'SENT_CLIENTDATA': [], 'SENT_CLIENTFLIGHT1': [], 'SENT_CLIENTFLIGHT2': [], 'SOCKET_CLOSED': [], 'SSLv2_ADDED_CLIENTCERTIFICATE': [], 'SSLv2_ADDED_CLIENTDATA': [], 'SSLv2_ADDED_CLIENTFINISHED': [], 'SSLv2_ADDED_CLIENTHELLO': [], 'SSLv2_ADDED_CLIENTMASTERKEY': [], 'SSLv2_CLOSE_NOTIFY': [], 'SSLv2_HANDLED_REQUESTCERTIFICATE': [], 'SSLv2_HANDLED_SERVERDATA': [], 'SSLv2_HANDLED_SERVERFINISHED': [], 'SSLv2_HANDLED_SERVERHELLO': [], 'SSLv2_HANDLED_SERVERVERIFY': [], 'SSLv2_MISSING_SERVERFINISHED': [], 'SSLv2_MISSING_SERVERHELLO': [], 'SSLv2_MISSING_SERVERVERIFY': [], 'SSLv2_PREPARE_CLIENTHELLO': [], 'SSLv2_RECEIVED_SERVERDATA': [], 'SSLv2_RECEIVED_SERVERFINISHED': [], 'SSLv2_RECEIVED_SERVERHELLO': [], 'SSLv2_RECEIVED_SERVERVERIFY': [], 'SSLv2_SENT_CLIENTCERTIFICATE': [], 'SSLv2_SENT_CLIENTDATA': [], 'SSLv2_SENT_CLIENTFINISHED': [], 'SSLv2_SENT_CLIENTHELLO': [], 'SSLv2_SENT_CLIENTMASTERKEY': [], 'SSLv2_WAITING_CLIENTDATA': [], 'SSLv2_WAITING_SERVERDATA': [], 'SSLv2_WAITING_SERVERFINISHED': [], 'SSLv2_WAITING_SERVERHELLO': [], 'SSLv2_WAITING_SERVERVERIFY': [], 'STOP': [], 'TLS13_ADDED_CERTIFICATEVERIFY': [], 'TLS13_ADDED_CLIENTCERTIFICATE': [], 'TLS13_ADDED_CLIENTFINISHED': [], 'TLS13_ADDED_CLIENTHELLO': [], 'TLS13_HANDLED_ALERT_FROM_SERVERFLIGHT1': [], 'TLS13_HANDLED_CERTIFICATE': [], 'TLS13_HANDLED_CERTIFICATEREQUEST': [], 'TLS13_HANDLED_CERTIFICATE_VERIFY': [], 'TLS13_HANDLED_CHANGE_CIPHER_SPEC': [], 'TLS13_HANDLED_ENCRYPTEDEXTENSIONS': [], 'TLS13_HANDLED_FINISHED': [], 'TLS13_HANDLED_SERVERHELLO': [], 'TLS13_HELLO_RETRY_REQUESTED': [], 'TLS13_PREPARE_CLIENTFLIGHT2': [], 'TLS13_RECEIVED_SERVERFLIGHT1': [], 'TLS13_SENDING_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT1': [], 'TLS13_SENT_CLIENTFLIGHT2': [], 'TLS13_START': [], 'TLS13_WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERDATA': [], 'WAITING_SERVERFLIGHT1': [], 'WAITING_SERVERFLIGHT2': [], 'WAIT_CLIENTDATA': []}

tls13_missing_CertificateVerify()

tls13_missing_ServerHello()

tls13_missing_encryptedExtension()

tls13_should_add_ClientCertificate()

If the server sent a CertificateRequest, we send a Certificate message. If no certificate is available, an empty Certificate message is sent: - this is a SHOULD in RFC 4346 (Section 7.4.6) - this is a MUST in RFC 5246 (Section 7.4.6)

XXX We may want to add a complete chain.

tls13_should_add_ClientCertificateVerify()

XXX Section 7.4.7.1 of RFC 5246 states that the CertificateVerify message is only sent following a client certificate that has signing capability (i.e. not those containing fixed DH params). We should verify that before adding the message. We should also handle the case when the Certificate message was empty.

tls13_should_add_ClientFinished()

tls13_should_add_ClientHello()

tls13_should_add_ClientHello_Retry()

tls13_should_handle_AlertMessage_()

tls13_should_handle_Certificate()

tls13_should_handle_CertificateVerify()

tls13_should_handle_Certificate_from_CertificateRequest()

tls13_should_handle_ChangeCipherSpec()

tls13_should_handle_HelloRetryRequest()

XXX We should check the ServerHello attributes for discrepancies with our own ClientHello.

tls13_should_handle_ServerHello()

XXX We should check the ServerHello attributes for discrepancies with our own ClientHello.

tls13_should_handle_certificateRequest_from_encryptedExtensions()

XXX We should check the CertificateRequest attributes for discrepancies with the cipher suite, etc.

tls13_should_handle_certificate_from_encryptedExtensions()

tls13_should_handle_encrytpedExtensions()

tls13_should_handle_finished()

tls13_should_handle_finished_from_encryptedExtensions()

tls13_should_send_ClientFlight1()

tls13_should_send_ClientFlight2()

tlslink = <scapy.automaton._ATMT_to_supersocket object>

vprint_sessioninfo()