Conform to line length requirements and batch write to log file

nickrabbott · nickrabbott · commit 68122f9b18a0 · 2025-01-28T22:03:05.000-06:00
diff --git a/tlslite/session.py b/tlslite/session.py
@@ -109,8 +109,8 @@ def create(self, masterSecret, sessionID, cipherSuite,
                sr_app_secret=bytearray(0), exporterMasterSecret=bytearray(0),
                resumptionMasterSecret=bytearray(0), tickets=None,
                tls_1_0_tickets=None, ec_point_format=None,
-               cl_handshake_traffic_secret=bytearray(0),
-               sr_handshake_traffic_secret=bytearray(0)):
+               cl_hs_traffic_secret=bytearray(0),
+               sr_hs_traffic_secret=bytearray(0)):
         self.masterSecret = masterSecret
         self.sessionID = sessionID
         self.cipherSuite = cipherSuite
@@ -128,8 +128,8 @@ def create(self, masterSecret, sessionID, cipherSuite,
         self.sr_app_secret = sr_app_secret
         self.exporterMasterSecret = exporterMasterSecret
         self.resumptionMasterSecret = resumptionMasterSecret
-        self.cl_handshake_traffic_secret = cl_handshake_traffic_secret
-        self.sr_handshake_traffic_secret = sr_handshake_traffic_secret
+        self.cl_handshake_traffic_secret = cl_hs_traffic_secret
+        self.sr_handshake_traffic_secret = sr_hs_traffic_secret
         # NOTE we need a reference copy not a copy of object here!
         self.tickets = tickets
         self.tls_1_0_tickets = tls_1_0_tickets
diff --git a/tlslite/tlsconnection.py b/tlslite/tlsconnection.py
@@ -429,7 +429,7 @@ def _handshakeClientAsync(self, srpParams=(), certParams=(), anonParams=(),
 
         # Log client random and master secret for version < TLS1.3
         if self.sslkeylogfile and self.version < (3, 4):
-            self._log_session_keys('CLIENT_RANDOM', self._clientRandom, self.session.masterSecret)
+            self._log_session_keys(('CLIENT_RANDOM', self._clientRandom, self.session.masterSecret))
 
 
     def _handshakeClientAsyncHelper(self, srpParams, certParams, anonParams,
@@ -1329,10 +1329,12 @@ def _clientTLS13Handshake(self, settings, session, clientHello,
 
         # TLS1.3 log Client and Server traffic secrets for SSLKEYLOGFILE
         if self.sslkeylogfile:
-            self._log_session_keys('CLIENT_HANDSHAKE_TRAFFIC_SECRET',
-                                   clientHello.random,
-                                   cl_handshake_traffic_secret)
-            self._log_session_keys('SERVER_HANDSHAKE_TRAFFIC_SECRET', clientHello.random, sr_handshake_traffic_secret)
+            self._log_session_keys([
+                ('CLIENT_HANDSHAKE_TRAFFIC_SECRET',
+                 clientHello.random, cl_handshake_traffic_secret),
+                ('SERVER_HANDSHAKE_TRAFFIC_SECRET',
+                 clientHello.random, sr_handshake_traffic_secret)
+            ])
 
         # prepare for reading encrypted messages
         self._recordLayer.calcTLS1_3PendingState(
@@ -1625,11 +1627,14 @@ def _clientTLS13Handshake(self, settings, session, clientHello,
                                                self._handshake_hash, prfName)
 
 
-        # Now that we have all the TLS1.3 secrets during the handshake, log them if necessary
+        # Now that we have all the TLS1.3 secrets during the handshake,
+        # log them if necessary
         if self.sslkeylogfile:
-            self._log_session_keys('EXPORTER_SECRET', clientHello.random, exporter_master_secret)
-            self._log_session_keys('CLIENT_TRAFFIC_SECRET_0', clientHello.random, cl_app_traffic)
-            self._log_session_keys('SERVER_TRAFFIC_SECRET_0', clientHello.random, sr_app_traffic)
+            self._log_session_keys([
+                ('EXPORTER_SECRET', clientHello.random, exporter_master_secret),
+                ('CLIENT_TRAFFIC_SECRET_0', clientHello.random, cl_app_traffic),
+                ('SERVER_TRAFFIC_SECRET_0', clientHello.random, sr_app_traffic)
+            ])
 
         self._recordLayer.calcTLS1_3PendingState(
             serverHello.cipher_suite,
@@ -1727,8 +1732,8 @@ def _clientTLS13Handshake(self, settings, session, clientHello,
                             resumptionMasterSecret=resumption_master_secret,
                             # NOTE it must be a reference, not a copy!
                             tickets=self.tickets,
-                            cl_handshake_traffic_secret=cl_handshake_traffic_secret,
-                            sr_handshake_traffic_secret=sr_handshake_traffic_secret)
+                            cl_hs_traffic_secret=cl_handshake_traffic_secret,
+                            sr_hs_traffic_secret=sr_handshake_traffic_secret)
 
         yield "finished" if not resuming else "resumed_and_finished"
 
@@ -2272,7 +2277,9 @@ def handshakeServerAsync(self, verifierDB=None,
 
         # Log client random and master secret for version < TLS1.3
         if self.sslkeylogfile and self.version < (3, 4):
-            self._log_session_keys('CLIENT_RANDOM', self._clientRandom, self.session.masterSecret)
+            self._log_session_keys(('CLIENT_RANDOM',
+                                   self._clientRandom,
+                                   self.session.masterSecret))
 
 
     def _handshakeServerAsyncHelper(self, verifierDB,
@@ -2983,10 +2990,12 @@ def _serverTLS13Handshake(self, settings, clientHello, cipherSuite,
 
         # TLS1.3 log Client and Server traffic secrets for SSLKEYLOGFILE
         if self.sslkeylogfile:
-            self._log_session_keys('CLIENT_HANDSHAKE_TRAFFIC_SECRET',
-                                   clientHello.random,
-                                   cl_handshake_traffic_secret)
-            self._log_session_keys('SERVER_HANDSHAKE_TRAFFIC_SECRET', clientHello.random, sr_handshake_traffic_secret)
+            self._log_session_keys([
+                ('CLIENT_HANDSHAKE_TRAFFIC_SECRET',
+                 clientHello.random, cl_handshake_traffic_secret),
+                ('SERVER_HANDSHAKE_TRAFFIC_SECRET',
+                 clientHello.random, sr_handshake_traffic_secret)
+            ])
 
         self.version = version
         self._recordLayer.calcTLS1_3PendingState(
@@ -3255,11 +3264,14 @@ def _serverTLS13Handshake(self, settings, clientHello, cipherSuite,
                                                prf_name)
 
 
-        # Now that we have all the TLS1.3 secrets during the handshake, log them if necessary
+        # Now that we have all the TLS1.3 secrets during the handshake,
+        # log them if necessary
         if self.sslkeylogfile:
-            self._log_session_keys('EXPORTER_SECRET', clientHello.random, exporter_master_secret)
-            self._log_session_keys('CLIENT_TRAFFIC_SECRET_0', clientHello.random, cl_app_traffic)
-            self._log_session_keys('SERVER_TRAFFIC_SECRET_0', clientHello.random, sr_app_traffic)
+            self._log_session_keys([
+                ('EXPORTER_SECRET', clientHello.random, exporter_master_secret),
+                ('CLIENT_TRAFFIC_SECRET_0', clientHello.random, cl_app_traffic),
+                ('SERVER_TRAFFIC_SECRET_0', clientHello.random, sr_app_traffic)
+            ])
 
 
         # verify Finished of client
@@ -3326,8 +3338,8 @@ def _serverTLS13Handshake(self, settings, clientHello, cipherSuite,
                             resumptionMasterSecret=resumption_master_secret,
                             # NOTE it must be a reference, not a copy
                             tickets=self.tickets,
-                            cl_handshake_traffic_secret=cl_handshake_traffic_secret,
-                            sr_handshake_traffic_secret=sr_handshake_traffic_secret)
+                            cl_hs_traffic_secret=cl_handshake_traffic_secret,
+                            sr_hs_traffic_secret=sr_handshake_traffic_secret)
 
         # switch to application_traffic_secret for client packets
         self._changeReadState()
@@ -4783,7 +4795,7 @@ def _serverFinished(self, premasterSecret, clientRandom, serverRandom,
         #Log client random and master secret if SSLKEYLOGFILE is set
         if self.sslkeylogfile and self.version < (3, 3):
             print('Logging session keys in serverFinished')
-            self._log_session_keys("CLIENT_RANDOM", clientRandom, masterSecret)
+            self._log_session_keys(("CLIENT_RANDOM", clientRandom, masterSecret))
 
         #Exchange ChangeCipherSpec and Finished messages
         for result in self._getFinished(masterSecret,
@@ -4981,9 +4993,15 @@ def _calculate_master_secret(self, premaster_secret, cipher_suite,
                               output_length=48)
         return secret
 
-    def _log_session_keys(self, secret_label, client_random, secret):
+    def _log_session_keys(self, keys):
+        if isinstance(keys, tuple):
+            keys = [keys]
+
         with open(self.sslkeylogfile, 'a') as ssl_key_log_file:
-            ssl_key_log_file.write(f"{secret_label} {client_random.hex()} {secret.hex()}\n")
+            ssl_key_log_file.writelines(
+                f"{label} {client_random.hex()} {secret.hex()}\n"
+                for label, client_random, secret in keys
+            )
 
     @staticmethod
     def _pickServerKeyExchangeSig(settings, clientHello, certList=None,
