third_party/tlslite/tlslite/messages.py - Issue 2337253004: Update Token Binding code to the latest drafts

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/tlslite/tlslite/messages.py

Issue 2337253004: Update Token Binding code to the latest drafts (Closed)

Patch Set: Add call to CBS_len() Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: third_party/tlslite/tlslite/messages.py

diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlslite/messages.py

index 1ce9320e13b211bf5178bc245ada4e6e1c967d0b..ac7e563021d9e177899b71c3220e27be1c50db83 100644

--- a/third_party/tlslite/tlslite/messages.py

+++ b/third_party/tlslite/tlslite/messages.py

@@ -140,6 +140,7 @@ class ClientHello(HandshakeMsg):

self.tb_client_params = []

self.support_signed_cert_timestamps = False

self.status_request = False

+ self.ri = False

def create(self, version, random, session_id, cipher_suites,

certificate_types=None, srpUsername=None,

@@ -223,7 +224,7 @@ class ClientHello(HandshakeMsg):

p2 = Parser(tokenBindingBytes)

ver_minor = p2.get(1)

ver_major = p2.get(1)

- if (ver_major, ver_minor) >= (0, 6):

+ if (ver_major, ver_minor) >= (0, 10):

p2.startLengthCheck(1)

while not p2.atLengthCheck():

self.tb_client_params.append(p2.get(1))

@@ -244,12 +245,20 @@ class ClientHello(HandshakeMsg):

# request_extensions in the OCSP request.

p.getFixBytes(extLength)

self.status_request = True

+ elif extType == ExtensionType.renegotiation_info:

+ # We don't support renegotiation, so if we receive this

+ # extension, it should contain a single null byte.

+ if extLength != 1 or p.getFixBytes(extLength)[0] != 0:

+ raise SyntaxError()

+ self.ri = True

else:

_ = p.getFixBytes(extLength)

index2 = p.index

if index2 - index1 != extLength:

raise SyntaxError("Bad length for extension_data")

soFar += 4 + extLength

+ if CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV in self.cipher_suites:

+ self.ri = True

p.stopLengthCheck()

return self

@@ -327,6 +336,7 @@ class ServerHello(HandshakeMsg):

self.tb_params = None

self.signed_cert_timestamps = None

self.status_request = False

+ self.send_ri = False

def create(self, version, random, session_id, cipher_suite,

certificate_type, tackExt, alpn_proto_selected,

@@ -421,7 +431,7 @@ class ServerHello(HandshakeMsg):

w2.add(4, 2)

# version

w2.add(0, 1)

- w2.add(6, 1)

+ w2.add(10, 1)

# length of params (defined as variable length <1..2^8-1>, but in

# this context the server can only send a single value.

w2.add(1, 1)

@@ -432,6 +442,10 @@ class ServerHello(HandshakeMsg):

if self.status_request:

w2.add(ExtensionType.status_request, 2)

w2.add(0, 2)

+ if self.send_ri:

+ w2.add(ExtensionType.renegotiation_info, 2)

+ w2.add(1, 2)

+ w2.add(0, 1)

if len(w2.bytes):

w.add(len(w2.bytes), 2)

w.bytes += w2.bytes

« no previous file with comments | « third_party/tlslite/tlslite/constants.py ('k') | third_party/tlslite/tlslite/tlsconnection.py » ('j') | no next file with comments »