OLD | NEW |
---|---|
1 """Classes representing TLS messages.""" | 1 """Classes representing TLS messages.""" |
2 | 2 |
3 from utils.compat import * | 3 from utils.compat import * |
4 from utils.cryptomath import * | 4 from utils.cryptomath import * |
5 from errors import * | 5 from errors import * |
6 from utils.codec import * | 6 from utils.codec import * |
7 from constants import * | 7 from constants import * |
8 from X509 import X509 | 8 from X509 import X509 |
9 from X509CertChain import X509CertChain | 9 from X509CertChain import X509CertChain |
10 | 10 |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
124 self.contentType = ContentType.handshake | 124 self.contentType = ContentType.handshake |
125 self.ssl2 = ssl2 | 125 self.ssl2 = ssl2 |
126 self.client_version = (0,0) | 126 self.client_version = (0,0) |
127 self.random = createByteArrayZeros(32) | 127 self.random = createByteArrayZeros(32) |
128 self.session_id = createByteArraySequence([]) | 128 self.session_id = createByteArraySequence([]) |
129 self.cipher_suites = [] # a list of 16-bit values | 129 self.cipher_suites = [] # a list of 16-bit values |
130 self.certificate_types = [CertificateType.x509] | 130 self.certificate_types = [CertificateType.x509] |
131 self.compression_methods = [] # a list of 8-bit values | 131 self.compression_methods = [] # a list of 8-bit values |
132 self.srp_username = None # a string | 132 self.srp_username = None # a string |
133 self.channel_id = False | 133 self.channel_id = False |
134 self.signed_cert_timestamps = False | |
134 | 135 |
135 def create(self, version, random, session_id, cipher_suites, | 136 def create(self, version, random, session_id, cipher_suites, |
136 certificate_types=None, srp_username=None): | 137 certificate_types=None, srp_username=None): |
137 self.client_version = version | 138 self.client_version = version |
138 self.random = random | 139 self.random = random |
139 self.session_id = session_id | 140 self.session_id = session_id |
140 self.cipher_suites = cipher_suites | 141 self.cipher_suites = cipher_suites |
141 self.certificate_types = certificate_types | 142 self.certificate_types = certificate_types |
142 self.compression_methods = [0] | 143 self.compression_methods = [0] |
143 self.srp_username = srp_username | 144 self.srp_username = srp_username |
(...skipping 22 matching lines...) Expand all Loading... | |
166 self.cipher_suites = p.getVarList(2, 2) | 167 self.cipher_suites = p.getVarList(2, 2) |
167 self.compression_methods = p.getVarList(1, 1) | 168 self.compression_methods = p.getVarList(1, 1) |
168 if not p.atLengthCheck(): | 169 if not p.atLengthCheck(): |
169 totalExtLength = p.get(2) | 170 totalExtLength = p.get(2) |
170 soFar = 0 | 171 soFar = 0 |
171 while soFar != totalExtLength: | 172 while soFar != totalExtLength: |
172 extType = p.get(2) | 173 extType = p.get(2) |
173 extLength = p.get(2) | 174 extLength = p.get(2) |
174 if extType == 6: | 175 if extType == 6: |
175 self.srp_username = bytesToString(p.getVarBytes(1)) | 176 self.srp_username = bytesToString(p.getVarBytes(1)) |
176 elif extType == 7: | 177 elif extType == 7: |
wtc
2013/11/26 17:32:55
Unrelated problem: this is strange. Extension numb
ekasper
2013/11/26 19:33:54
Hmm. It's probably experimental code that was simp
| |
177 self.certificate_types = p.getVarList(1, 1) | 178 self.certificate_types = p.getVarList(1, 1) |
178 elif extType == ExtensionType.channel_id: | 179 elif extType == ExtensionType.channel_id: |
179 self.channel_id = True | 180 self.channel_id = True |
181 elif extType == ExtensionType.signed_cert_timestamps: | |
182 self.signed_cert_timestamps = True | |
wtc
2013/11/26 17:32:55
Should we verify that extension_data is empty? The
ekasper
2013/11/26 19:33:54
Good point. In a correct implementation, all exten
| |
180 else: | 183 else: |
181 p.getFixBytes(extLength) | 184 p.getFixBytes(extLength) |
182 soFar += 4 + extLength | 185 soFar += 4 + extLength |
183 p.stopLengthCheck() | 186 p.stopLengthCheck() |
184 return self | 187 return self |
185 | 188 |
186 def write(self, trial=False): | 189 def write(self, trial=False): |
187 w = HandshakeMsg.preWrite(self, HandshakeType.client_hello, trial) | 190 w = HandshakeMsg.preWrite(self, HandshakeType.client_hello, trial) |
188 w.add(self.client_version[0], 1) | 191 w.add(self.client_version[0], 1) |
189 w.add(self.client_version[1], 1) | 192 w.add(self.client_version[1], 1) |
(...skipping 27 matching lines...) Expand all Loading... | |
217 class ServerHello(HandshakeMsg): | 220 class ServerHello(HandshakeMsg): |
218 def __init__(self): | 221 def __init__(self): |
219 self.contentType = ContentType.handshake | 222 self.contentType = ContentType.handshake |
220 self.server_version = (0,0) | 223 self.server_version = (0,0) |
221 self.random = createByteArrayZeros(32) | 224 self.random = createByteArrayZeros(32) |
222 self.session_id = createByteArraySequence([]) | 225 self.session_id = createByteArraySequence([]) |
223 self.cipher_suite = 0 | 226 self.cipher_suite = 0 |
224 self.certificate_type = CertificateType.x509 | 227 self.certificate_type = CertificateType.x509 |
225 self.compression_method = 0 | 228 self.compression_method = 0 |
226 self.channel_id = False | 229 self.channel_id = False |
230 self.signed_cert_timestamps = None | |
wtc
2013/11/26 17:32:55
Nit: it is a little confusing that signed_cert_tim
ekasper
2013/11/26 19:33:54
I've changed it anyway, to support_signed_cert_tim
| |
227 | 231 |
228 def create(self, version, random, session_id, cipher_suite, | 232 def create(self, version, random, session_id, cipher_suite, |
229 certificate_type): | 233 certificate_type): |
230 self.server_version = version | 234 self.server_version = version |
231 self.random = random | 235 self.random = random |
232 self.session_id = session_id | 236 self.session_id = session_id |
233 self.cipher_suite = cipher_suite | 237 self.cipher_suite = cipher_suite |
234 self.certificate_type = certificate_type | 238 self.certificate_type = certificate_type |
235 self.compression_method = 0 | 239 self.compression_method = 0 |
236 return self | 240 return self |
(...skipping 29 matching lines...) Expand all Loading... | |
266 w.add(self.compression_method, 1) | 270 w.add(self.compression_method, 1) |
267 | 271 |
268 extLength = 0 | 272 extLength = 0 |
269 if self.certificate_type and self.certificate_type != \ | 273 if self.certificate_type and self.certificate_type != \ |
270 CertificateType.x509: | 274 CertificateType.x509: |
271 extLength += 5 | 275 extLength += 5 |
272 | 276 |
273 if self.channel_id: | 277 if self.channel_id: |
274 extLength += 4 | 278 extLength += 4 |
275 | 279 |
280 if self.signed_cert_timestamps: | |
281 extLength += 4 + len(self.signed_cert_timestamps) | |
282 | |
276 if extLength != 0: | 283 if extLength != 0: |
277 w.add(extLength, 2) | 284 w.add(extLength, 2) |
278 | 285 |
279 if self.certificate_type and self.certificate_type != \ | 286 if self.certificate_type and self.certificate_type != \ |
280 CertificateType.x509: | 287 CertificateType.x509: |
281 w.add(7, 2) | 288 w.add(7, 2) |
282 w.add(1, 2) | 289 w.add(1, 2) |
283 w.add(self.certificate_type, 1) | 290 w.add(self.certificate_type, 1) |
284 | 291 |
285 if self.channel_id: | 292 if self.channel_id: |
286 w.add(ExtensionType.channel_id, 2) | 293 w.add(ExtensionType.channel_id, 2) |
287 w.add(0, 2) | 294 w.add(0, 2) |
288 | 295 |
296 if self.signed_cert_timestamps: | |
297 w.add(ExtensionType.signed_cert_timestamps, 2) | |
298 w.addVarSeq(stringToBytes(self.signed_cert_timestamps), 1, 2) | |
wtc
2013/11/26 17:32:55
I am not familiar with the stringToBytes function,
ekasper
2013/11/26 19:33:54
Yeah, this is python strings for you: stringToByte
| |
299 | |
289 return HandshakeMsg.postWrite(self, w, trial) | 300 return HandshakeMsg.postWrite(self, w, trial) |
290 | 301 |
291 class Certificate(HandshakeMsg): | 302 class Certificate(HandshakeMsg): |
292 def __init__(self, certificateType): | 303 def __init__(self, certificateType): |
293 self.certificateType = certificateType | 304 self.certificateType = certificateType |
294 self.contentType = ContentType.handshake | 305 self.contentType = ContentType.handshake |
295 self.certChain = None | 306 self.certChain = None |
296 | 307 |
297 def create(self, certChain): | 308 def create(self, certChain): |
298 self.certChain = certChain | 309 self.certChain = certChain |
(...skipping 309 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
608 def create(self, bytes): | 619 def create(self, bytes): |
609 self.bytes = bytes | 620 self.bytes = bytes |
610 return self | 621 return self |
611 | 622 |
612 def parse(self, p): | 623 def parse(self, p): |
613 self.bytes = p.bytes | 624 self.bytes = p.bytes |
614 return self | 625 return self |
615 | 626 |
616 def write(self): | 627 def write(self): |
617 return self.bytes | 628 return self.bytes |
OLD | NEW |