SecureBlackbox 2020 Python Edition

Questions / Feedback?

WebSocketServer Class

Properties   Methods   Events   Configuration Settings   Errors  

The WebSocketServer class provides the server-side functionality of the WebSocket protocol.

Syntax

class secureblackbox.WebSocketServer

Remarks

Use this component to accept secure WebSocket connections in your application.

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

activeIndicates whether the server is active and is listening to new connections.
bound_portIndicates the bound listening port.
error_originIndicates the endpoint where the error originates from.
error_severityThe severity of the error that happened.
external_crypto_custom_paramsCustom parameters to be passed to the signing service (uninterpreted).
external_crypto_dataAdditional data to be included in the async state and mirrored back by the requestor.
external_crypto_external_hash_calculationSpecifies whether the message hash is to be calculated at the external endpoint.
external_crypto_hash_algorithmSpecifies the request's signature hash algorithm.
external_crypto_key_idThe ID of the pre-shared key used for DC request authentication.
external_crypto_key_secretThe pre-shared key used for DC request authentication.
external_crypto_methodSpecifies the asynchronous signing method.
external_crypto_modeSpecifies the external cryptography mode.
external_crypto_public_key_algorithmProvide public key algorithm here if the certificate is not available on the pre-signing stage.
handshake_timeoutSpecifies the handshake timeout in milliseconds.
hostThe host to bind the listening port to.
pinned_client_addressThe client's IP address.
pinned_client_chain_validation_detailsThe details of a certificate chain validation outcome.
pinned_client_chain_validation_resultThe outcome of a certificate chain validation routine.
pinned_client_ciphersuiteThe cipher suite employed by this connection.
pinned_client_client_authenticatedSpecifies whether client authentication was performed during this connection.
pinned_client_digest_algorithmThe digest algorithm used in a TLS-enabled connection.
pinned_client_encryption_algorithmThe symmetric encryption algorithm used in a TLS-enabled connection.
pinned_client_idThe client connection's unique identifier.
pinned_client_key_exchange_algorithmThe key exchange algorithm used in a TLS-enabled connection.
pinned_client_key_exchange_key_bitsThe length of the key exchange key of a TLS-enabled connection.
pinned_client_named_ec_curveThe elliptic curve used in this connection.
pinned_client_pfs_cipherIndicates whether the chosen ciphersuite provides perfect forward secrecy (PFS).
pinned_client_portThe remote port of the client connection.
pinned_client_public_key_bitsThe length of the public key.
pinned_client_resumed_sessionIndicates whether a TLS-enabled connection was spawned from another TLS connection.
pinned_client_secure_connectionIndicates whether TLS or SSL is enabled for this connection.
pinned_client_signature_algorithmThe signature algorithm used in a TLS handshake.
pinned_client_symmetric_block_sizeThe block size of the symmetric algorithm used.
pinned_client_symmetric_key_bitsThe key length of the symmetric algorithm used.
pinned_client_total_bytes_receivedThe total number of bytes received over this connection.
pinned_client_total_bytes_sentThe total number of bytes sent over this connection.
pinned_client_validation_logContains the server certificate's chain validation log.
pinned_client_versionIndicates the version of SSL/TLS protocol negotiated during this connection.
pinned_client_cert_countThe number of records in the PinnedClientCert arrays.
pinned_client_cert_bytesReturns raw certificate data in DER format.
pinned_client_cert_ca_key_idA unique identifier (fingerprint) of the CA certificate's private key.
pinned_client_cert_fingerprintContains the fingerprint (a hash imprint) of this certificate.
pinned_client_cert_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
pinned_client_cert_issuerThe common name of the certificate issuer (CA), typically a company name.
pinned_client_cert_issuer_rdnA collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.
pinned_client_cert_key_algorithmSpecifies the public key algorithm of this certificate.
pinned_client_cert_key_bitsReturns the length of the public key.
pinned_client_cert_key_fingerprintReturns a fingerprint of the public key contained in the certificate.
pinned_client_cert_key_usageIndicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.
pinned_client_cert_public_key_bytesContains the certificate's public key in DER format.
pinned_client_cert_self_signedIndicates whether the certificate is self-signed (root) or signed by an external CA.
pinned_client_cert_serial_numberReturns the certificate's serial number.
pinned_client_cert_sig_algorithmIndicates the algorithm that was used by the CA to sign this certificate.
pinned_client_cert_subjectThe common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.
pinned_client_cert_subject_key_idContains a unique identifier (fingerprint) of the certificate's private key.
pinned_client_cert_subject_rdnA collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).
pinned_client_cert_valid_fromThe time point at which the certificate becomes valid, in UTC.
pinned_client_cert_valid_toThe time point at which the certificate expires, in UTC.
portSpecifies the port number to listen for connections on.
port_range_fromSpecifies the lower limit of the listening port range for incoming connections.
port_range_toSpecifies the upper limit of the listening port range for incoming connections.
server_cert_countThe number of records in the ServerCert arrays.
server_cert_bytesReturns raw certificate data in DER format.
server_cert_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
session_timeoutSpecifies the default session timeout value in milliseconds.
socket_incoming_speed_limitThe maximum number of bytes to read from the socket, per second.
socket_local_addressThe local network interface to bind the socket to.
socket_local_portThe local port number to bind the socket to.
socket_outgoing_speed_limitThe maximum number of bytes to write to the socket, per second.
socket_timeoutThe maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful.
socket_use_i_pv6Enables or disables IP protocol version 6.
tls_auto_validate_certificatesSpecifies whether server-side TLS certificates should be validated automatically using internal validation rules.
tls_base_configurationSelects the base configuration for the TLS settings.
tls_ciphersuitesA list of ciphersuites separated with commas or semicolons.
tlsec_curvesDefines the elliptic curves to enable.
tls_force_resume_if_destination_changesWhether to force TLS session resumption when the destination address changes.
tls_pre_shared_identityDefines the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated.
tls_pre_shared_keyContains the pre-shared for the PSK (Pre-Shared Key) key-exchange mechanism, encoded with base16.
tls_pre_shared_key_ciphersuiteDefines the ciphersuite used for PSK (Pre-Shared Key) negotiation.
tls_renegotiation_attack_prevention_modeSelects renegotiation attack prevention mechanism.
tls_revocation_checkSpecifies the kind(s) of revocation check to perform.
tlsssl_optionsVarious SSL (TLS) protocol options, set of cssloExpectShutdownMessage 0x001 Wait for the close-notify message when shutting down the connection cssloOpenSSLDTLSWorkaround 0x002 (DEPRECATED) Use a DTLS version workaround when talking to very old OpenSSL versions cssloDisableKexLengthAlignment 0x004 Do not align the client-side PMS by the RSA modulus size.
tlstls_modeSpecifies the TLS mode to use.
tls_use_extended_master_secretEnables Extended Master Secret Extension, as defined in RFC 7627.
tls_use_session_resumptionEnables or disables TLS session resumption capability.
tls_versionsTh SSL/TLS versions to enable by default.
user_countThe number of records in the User arrays.
user_associated_dataContains the user's Associated Data when SSH AEAD (Authenticated Encryption with Associated Data) algorithm is used.
user_base_pathBase path for this user in the server's file system.
user_certContains the user's certificate.
user_dataContains uninterpreted user-defined data that should be associated with the user account, such as comments or custom settings.
user_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
user_hash_algorithmSpecifies the hash algorithm used to generate TOTP (Time-based One-Time Passwords) passwords for this user.
user_incoming_speed_limitSpecifies the incoming speed limit for this user.
user_outgoing_speed_limitSpecifies the outgoing speed limit for this user.
user_passwordThe user's authentication password.
user_shared_secretContains the user's secret key, which is essentially a shared secret between the client and server.
user_usernameThe registered name (login) of the user.
use_tlsEnables or disables the TLS requirement.
website_nameSpecifies the web site name to use in the certificate.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

configSets or retrieves a configuration setting.
drop_clientTerminates a client connection.
list_clientsEnumerates the connected clients.
pin_clientTakes a snapshot of the connection's properties.
send_dataSends a piece of binary data to the client.
send_keep_aliveSends a keep-alive message.
send_textSends a piece of text data to the client.
set_response_bytesSets a byte array to be served as a response.
set_response_statusSets an HTTP status to be sent with the response.
set_response_stringSets a string to be served as a response.
startStarts the server.
stopStops the server.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

on_acceptReports an incoming connection.
on_auth_attemptFires when a connected client makes an authentication attempt.
on_binary_dataPasses a received chunk of binary data to the application.
on_certificate_validateFires when a client certificate needs to be validated.
on_connectReports an accepted connection.
on_dataSupplies a data chunk received within a POST or PUT upload.
on_disconnectFires to report a disconnected client.
on_errorInformation about errors during data delivery.
on_external_signHandles remote or external signing initiated by the server protocol.
on_get_requestReports a GET request.
on_keep_alive_responseReports a response to a keep-alive message.
on_notificationThis event notifies the application about an underlying control flow event.
on_text_dataPasses a received chunk of text data to the application.
on_tls_establishedReports the setup of a TLS session.
on_tlspskRequests a pre-shared key for TLS-PSK.
on_tls_shutdownReports closure of a TLS session.

Configuration Settings


The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.

AllowOptionsResponseWithoutAuthEnables unauthenticated responses to OPTIONS requests.
ClientAuthEnables or disables certificate-based client authentication.
DualStackAllows the use of ip4 and ip6 simultaneously.
HomePageSpecifies the home page resource name.
HostThe host to bind to.
RequestFilterThe request string modifier.
ServerSSLDHKeyLengthSets the size of the TLS DHE key exchange group.
TLSExtensionsProvides access to TLS extensions.
WebsiteNameThe website name for the TLS certificate.
CheckKeyIntegrityBeforeUseEnables or disable private key integrity check before use.
CookieCachingSpecifies whether a cookie cache should be used for HTTP(S) transports.
CookiesGets or sets local cookies for the class (supported for HTTPClient, RESTClient and SOAPClient only).
DefDeriveKeyIterationsSpecifies the default key derivation algorithm iteration count.
EnableClientSideSSLFFDHEEnables or disables finite field DHE key exchange support in TLS clients.
GlobalCookiesGets or sets global cookies for all the HTTP transports.
HttpUserAgentSpecifies the user agent name to be used by all HTTP clients.
LogDestinationSpecifies the debug log destination.
LogDetailsSpecifies the debug log details to dump.
LogFileSpecifies the debug log filename.
LogFiltersSpecifies the debug log filters.
LogFlushModeSpecifies the log flush mode.
LogLevelSpecifies the debug log level.
LogMaxEventCountSpecifies the maximum number of events to cache before further action is taken.
LogRotationModeSpecifies the log rotation mode.
MaxASN1BufferLengthSpecifies the maximal allowed length for ASN.1 primitive tag data.
MaxASN1TreeDepthSpecifies the maximal depth for processed ASN.1 trees.
OCSPHashAlgorithmSpecifies the hash algorithm to be used to identify certificates in OCSP requests.
UseOwnDNSResolverSpecifies whether the client classes should use own DNS resolver.
UseSharedSystemStoragesSpecifies whether the validation engine should use a global per-process copy of the system certificate stores.
UseSystemOAEPAndPSSEnforces or disables the use of system-driven RSA OAEP and PSS computations.
UseSystemRandomEnables or disables the use of the OS PRNG.

Copyright (c) 2022 /n software inc. - All rights reserved.
SecureBlackbox 2020 Python Edition - Version 20.0 [Build 8165]