OLD | NEW |
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Google - handling CertificateRequest.certificate_types | 3 # Google - handling CertificateRequest.certificate_types |
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
6 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | 6 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
7 # | 7 # |
8 # See the LICENSE file for legal information regarding use of this file. | 8 # See the LICENSE file for legal information regarding use of this file. |
9 | 9 |
10 """Classes representing TLS messages.""" | 10 """Classes representing TLS messages.""" |
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
107 self.random = bytearray(32) | 107 self.random = bytearray(32) |
108 self.session_id = bytearray(0) | 108 self.session_id = bytearray(0) |
109 self.cipher_suites = [] # a list of 16-bit values | 109 self.cipher_suites = [] # a list of 16-bit values |
110 self.certificate_types = [CertificateType.x509] | 110 self.certificate_types = [CertificateType.x509] |
111 self.compression_methods = [] # a list of 8-bit values | 111 self.compression_methods = [] # a list of 8-bit values |
112 self.srp_username = None # a string | 112 self.srp_username = None # a string |
113 self.tack = False | 113 self.tack = False |
114 self.supports_npn = False | 114 self.supports_npn = False |
115 self.server_name = bytearray(0) | 115 self.server_name = bytearray(0) |
116 self.channel_id = False | 116 self.channel_id = False |
| 117 self.extended_master_secret = False |
117 self.support_signed_cert_timestamps = False | 118 self.support_signed_cert_timestamps = False |
118 self.status_request = False | 119 self.status_request = False |
119 | 120 |
120 def create(self, version, random, session_id, cipher_suites, | 121 def create(self, version, random, session_id, cipher_suites, |
121 certificate_types=None, srpUsername=None, | 122 certificate_types=None, srpUsername=None, |
122 tack=False, supports_npn=False, serverName=None): | 123 tack=False, supports_npn=False, serverName=None): |
123 self.client_version = version | 124 self.client_version = version |
124 self.random = random | 125 self.random = random |
125 self.session_id = session_id | 126 self.session_id = session_id |
126 self.cipher_suites = cipher_suites | 127 self.cipher_suites = cipher_suites |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
178 while 1: | 179 while 1: |
179 if p2.atLengthCheck(): | 180 if p2.atLengthCheck(): |
180 break # no host_name, oh well | 181 break # no host_name, oh well |
181 name_type = p2.get(1) | 182 name_type = p2.get(1) |
182 hostNameBytes = p2.getVarBytes(2) | 183 hostNameBytes = p2.getVarBytes(2) |
183 if name_type == NameType.host_name: | 184 if name_type == NameType.host_name: |
184 self.server_name = hostNameBytes | 185 self.server_name = hostNameBytes |
185 break | 186 break |
186 elif extType == ExtensionType.channel_id: | 187 elif extType == ExtensionType.channel_id: |
187 self.channel_id = True | 188 self.channel_id = True |
| 189 elif extType == ExtensionType.extended_master_secret: |
| 190 self.extended_master_secret = True |
188 elif extType == ExtensionType.signed_cert_timestamps: | 191 elif extType == ExtensionType.signed_cert_timestamps: |
189 if extLength: | 192 if extLength: |
190 raise SyntaxError() | 193 raise SyntaxError() |
191 self.support_signed_cert_timestamps = True | 194 self.support_signed_cert_timestamps = True |
192 elif extType == ExtensionType.status_request: | 195 elif extType == ExtensionType.status_request: |
193 # Extension contents are currently ignored. | 196 # Extension contents are currently ignored. |
194 # According to RFC 6066, this is not strictly forbidden | 197 # According to RFC 6066, this is not strictly forbidden |
195 # (although it is suboptimal): | 198 # (although it is suboptimal): |
196 # Servers that receive a client hello containing the | 199 # Servers that receive a client hello containing the |
197 # "status_request" extension MAY return a suitable | 200 # "status_request" extension MAY return a suitable |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
260 self.server_version = (0,0) | 263 self.server_version = (0,0) |
261 self.random = bytearray(32) | 264 self.random = bytearray(32) |
262 self.session_id = bytearray(0) | 265 self.session_id = bytearray(0) |
263 self.cipher_suite = 0 | 266 self.cipher_suite = 0 |
264 self.certificate_type = CertificateType.x509 | 267 self.certificate_type = CertificateType.x509 |
265 self.compression_method = 0 | 268 self.compression_method = 0 |
266 self.tackExt = None | 269 self.tackExt = None |
267 self.next_protos_advertised = None | 270 self.next_protos_advertised = None |
268 self.next_protos = None | 271 self.next_protos = None |
269 self.channel_id = False | 272 self.channel_id = False |
| 273 self.extended_master_secret = False |
270 self.signed_cert_timestamps = None | 274 self.signed_cert_timestamps = None |
271 self.status_request = False | 275 self.status_request = False |
272 | 276 |
273 def create(self, version, random, session_id, cipher_suite, | 277 def create(self, version, random, session_id, cipher_suite, |
274 certificate_type, tackExt, next_protos_advertised): | 278 certificate_type, tackExt, next_protos_advertised): |
275 self.server_version = version | 279 self.server_version = version |
276 self.random = random | 280 self.random = random |
277 self.session_id = session_id | 281 self.session_id = session_id |
278 self.cipher_suite = cipher_suite | 282 self.cipher_suite = cipher_suite |
279 self.certificate_type = certificate_type | 283 self.certificate_type = certificate_type |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
351 w2.add(len(b), 2) | 355 w2.add(len(b), 2) |
352 w2.bytes += b | 356 w2.bytes += b |
353 if self.next_protos_advertised is not None: | 357 if self.next_protos_advertised is not None: |
354 encoded_next_protos_advertised = self.__next_protos_encoded() | 358 encoded_next_protos_advertised = self.__next_protos_encoded() |
355 w2.add(ExtensionType.supports_npn, 2) | 359 w2.add(ExtensionType.supports_npn, 2) |
356 w2.add(len(encoded_next_protos_advertised), 2) | 360 w2.add(len(encoded_next_protos_advertised), 2) |
357 w2.addFixSeq(encoded_next_protos_advertised, 1) | 361 w2.addFixSeq(encoded_next_protos_advertised, 1) |
358 if self.channel_id: | 362 if self.channel_id: |
359 w2.add(ExtensionType.channel_id, 2) | 363 w2.add(ExtensionType.channel_id, 2) |
360 w2.add(0, 2) | 364 w2.add(0, 2) |
| 365 if self.extended_master_secret: |
| 366 w2.add(ExtensionType.extended_master_secret, 2) |
| 367 w2.add(0, 2) |
361 if self.signed_cert_timestamps: | 368 if self.signed_cert_timestamps: |
362 w2.add(ExtensionType.signed_cert_timestamps, 2) | 369 w2.add(ExtensionType.signed_cert_timestamps, 2) |
363 w2.addVarSeq(bytearray(self.signed_cert_timestamps), 1, 2) | 370 w2.addVarSeq(bytearray(self.signed_cert_timestamps), 1, 2) |
364 if self.status_request: | 371 if self.status_request: |
365 w2.add(ExtensionType.status_request, 2) | 372 w2.add(ExtensionType.status_request, 2) |
366 w2.add(0, 2) | 373 w2.add(0, 2) |
367 if len(w2.bytes): | 374 if len(w2.bytes): |
368 w.add(len(w2.bytes), 2) | 375 w.add(len(w2.bytes), 2) |
369 w.bytes += w2.bytes | 376 w.bytes += w2.bytes |
370 return self.postWrite(w) | 377 return self.postWrite(w) |
(...skipping 425 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
796 newMsg = ApplicationData().create(self.bytes[:1]) | 803 newMsg = ApplicationData().create(self.bytes[:1]) |
797 self.bytes = self.bytes[1:] | 804 self.bytes = self.bytes[1:] |
798 return newMsg | 805 return newMsg |
799 | 806 |
800 def parse(self, p): | 807 def parse(self, p): |
801 self.bytes = p.bytes | 808 self.bytes = p.bytes |
802 return self | 809 return self |
803 | 810 |
804 def write(self): | 811 def write(self): |
805 return self.bytes | 812 return self.bytes |
OLD | NEW |