Implement ALPN in tlslite.

third_party/tlslite/tlslite/tlsconnection.py

 # Authors: 
 #   Trevor Perrin
 #   Google - added reqCAs parameter
 #   Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support
 #   Dimitris Moraitis - Anon ciphersuites
 #   Martin von Loewis - python 3 port
 #   Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
 #
 # See the LICENSE file for legal information regarding use of this file.
 
@@ skipping 477 matching lines @@
         if nextProtos is not None:
             if len(nextProtos) == 0:
                 raise ValueError("Caller passed no nextProtos")
         
         # Validates the settings and filters out any unsupported ciphers
         # or crypto libraries that were requested        
         if not settings:
             settings = HandshakeSettings()
         settings = settings._filter()
 
+        if settings.alpnProtos is not None:
+            if len(settings.alpnProtos) == 0:
+                raise ValueError("Caller passed no alpnProtos")
+
         if clientCertChain:
             if not isinstance(clientCertChain, X509CertChain):
                 raise ValueError("Unrecognized certificate type")
             if "x509" not in settings.certificateTypes:
                 raise ValueError("Client certificate doesn't match "\
                                  "Handshake Settings")
                                   
         if session:
             # session.valid() ensures session is resumable and has 
             # non-empty sessionID
@@ skipping 136 matching lines @@
             #ciphersuite must be one of the acceptable ciphersuites
             if session.cipherSuite not in cipherSuites:
                 raise ValueError("Session's cipher suite not consistent "\
                                  "with parameters")
             else:
                 clientHello = ClientHello()
                 clientHello.create(settings.maxVersion, getRandomBytes(32),
                                    session.sessionID, cipherSuites,
                                    certificateTypes, 
                                    session.srpUsername,
-                                   reqTack, nextProtos is not None,
+                                   reqTack, settings.alpnProtos,
+                                   nextProtos is not None,
                                    session.serverName)
 
         #Or send ClientHello (without)
         else:
             clientHello = ClientHello()
             clientHello.create(settings.maxVersion, getRandomBytes(32),
                                bytearray(0), cipherSuites,
                                certificateTypes, 
                                srpUsername,
-                               reqTack, nextProtos is not None, 
+                               reqTack, settings.alpnProtos,
+                               nextProtos is not None,
                                serverName)
         for result in self._sendMsg(clientHello):
             yield result
         yield clientHello
 
 
     def _clientGetServerHello(self, settings, clientHello):
         for result in self._getMsg(ContentType.handshake,
                                   HandshakeType.server_hello):
             if result in (0,1): yield result
@@ skipping 32 matching lines @@
             for result in self._sendError(\
                 AlertDescription.illegal_parameter,
                 "Server responded with incorrect compression method"):
                 yield result
         if serverHello.tackExt:            
             if not clientHello.tack:
                 for result in self._sendError(\
                     AlertDescription.illegal_parameter,
                     "Server responded with unrequested Tack Extension"):
                     yield result
+        if serverHello.alpn_proto_selected and not clientHello.alpn_protos_advertised:
+            for result in self._sendError(\
+                AlertDescription.illegal_parameter,
+                "Server responded with unrequested ALPN Extension"):
+                yield result
+        if serverHello.alpn_proto_selected and serverHello.next_protos:
+            for result in self._sendError(\
+                AlertDescription.illegal_parameter,
+                "Server responded with both ALPN and NPN extension"):
+                yield result
         if serverHello.next_protos and not clientHello.supports_npn:
             for result in self._sendError(\
                 AlertDescription.illegal_parameter,
                 "Server responded with unrequested NPN Extension"):
                 yield result
             if not serverHello.tackExt.verifySignatures():
                 for result in self._sendError(\
                     AlertDescription.decrypt_error,
                     "TackExtension contains an invalid signature"):
                     yield result
@@ skipping 581 matching lines @@
         self.clientHello = clientHello
         
         #If not a resumption...
 
         # Create the ServerHello message
         if sessionCache:
             sessionID = getRandomBytes(32)
         else:
             sessionID = bytearray(0)
         
+        alpn_proto_selected = None
+        if (clientHello.alpn_protos_advertised is not None
+                and settings.alpnProtos is not None):
+            for proto in settings.alpnProtos:
+                if proto in clientHello.alpn_protos_advertised:
+                    alpn_proto_selected = proto
+                    nextProtos = None
+                    break;
+
         if not clientHello.supports_npn:
             nextProtos = None
 
         # If not doing a certificate-based suite, discard the TACK
         if not cipherSuite in CipherSuite.certAllSuites:
             tacks = None
 
         # Prepare a TACK Extension if requested
         if clientHello.tack:
             tackExt = TackExtension.create(tacks, activationFlags)
         else:
             tackExt = None
         serverHello = ServerHello()
         serverHello.create(self.version, getRandomBytes(32), sessionID, \
                             cipherSuite, CertificateType.x509, tackExt,
+                            alpn_proto_selected,
                             nextProtos)
         serverHello.channel_id = \
             clientHello.channel_id and settings.enableChannelID
         serverHello.extended_master_secret = \
             clientHello.extended_master_secret and \
             settings.enableExtendedMasterSecret
         for param in clientHello.tb_client_params:
             if param in settings.supportedTokenBindingParams:
                 serverHello.tb_params = param
                 break
@@ skipping 150 matching lines @@
             cipherSuites += CipherSuite.getSrpSuites(settings, self.version)
         elif certChain:
             cipherSuites += CipherSuite.getEcdheCertSuites(settings, self.version)
             cipherSuites += CipherSuite.getDheCertSuites(settings, self.version)
             cipherSuites += CipherSuite.getCertSuites(settings, self.version)
         elif anon:
             cipherSuites += CipherSuite.getAnonSuites(settings, self.version)
         else:
             assert(False)
 
+        alpn_proto_selected = None
+        if (clientHello.alpn_protos_advertised is not None
+                and settings.alpnProtos is not None):
+            for proto in settings.alpnProtos:
+                if proto in clientHello.alpn_protos_advertised:
+                    alpn_proto_selected = proto
+                    break;
+
         #If resumption was requested and we have a session cache...
         if clientHello.session_id and sessionCache:
             session = None
 
             #Check in the session cache
             if sessionCache and not session:
                 try:
                     session = sessionCache[clientHello.session_id]
                     if not session.resumable:
                         raise AssertionError()
@@ skipping 20 matching lines @@
                                 yield result                    
                 except KeyError:
                     pass
 
             #If a session is found..
             if session:
                 #Send ServerHello
                 serverHello = ServerHello()
                 serverHello.create(self.version, getRandomBytes(32),
                                    session.sessionID, session.cipherSuite,
-                                   CertificateType.x509, None, None)
+                                   CertificateType.x509, None,
+                                   alpn_proto_selected, None)
                 serverHello.extended_master_secret = \
                     clientHello.extended_master_secret and \
                     settings.enableExtendedMasterSecret
                 for param in clientHello.tb_client_params:
                     if param in settings.supportedTokenBindingParams:
                           serverHello.tb_params = param
                           break
                 for result in self._sendMsg(serverHello):
                     yield result
 
@@ skipping 485 matching lines @@
             seed += bytearray(2)
             seed[len(seed) - 2] = len(context) >> 8
             seed[len(seed) - 1] = len(context) & 0xFF
             seed += context
         if self.version in ((3,1), (3,2)):
             return PRF(self.session.masterSecret, label, seed, length)
         elif self.version == (3,3):
             return PRF_1_2(self.session.masterSecret, label, seed, length)
         else:
             raise AssertionError()