OLD | NEW |
---|---|
1 """Classes representing TLS messages.""" | 1 """Classes representing TLS messages.""" |
2 | 2 |
3 from utils.compat import * | 3 from utils.compat import * |
4 from utils.cryptomath import * | 4 from utils.cryptomath import * |
5 from errors import * | 5 from errors import * |
6 from utils.codec import * | 6 from utils.codec import * |
7 from constants import * | 7 from constants import * |
8 from X509 import X509 | 8 from X509 import X509 |
9 from X509CertChain import X509CertChain | 9 from X509CertChain import X509CertChain |
10 | 10 |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
124 self.contentType = ContentType.handshake | 124 self.contentType = ContentType.handshake |
125 self.ssl2 = ssl2 | 125 self.ssl2 = ssl2 |
126 self.client_version = (0,0) | 126 self.client_version = (0,0) |
127 self.random = createByteArrayZeros(32) | 127 self.random = createByteArrayZeros(32) |
128 self.session_id = createByteArraySequence([]) | 128 self.session_id = createByteArraySequence([]) |
129 self.cipher_suites = [] # a list of 16-bit values | 129 self.cipher_suites = [] # a list of 16-bit values |
130 self.certificate_types = [CertificateType.x509] | 130 self.certificate_types = [CertificateType.x509] |
131 self.compression_methods = [] # a list of 8-bit values | 131 self.compression_methods = [] # a list of 8-bit values |
132 self.srp_username = None # a string | 132 self.srp_username = None # a string |
133 self.channel_id = False | 133 self.channel_id = False |
134 self.support_signed_cert_timestamps = False | |
134 | 135 |
135 def create(self, version, random, session_id, cipher_suites, | 136 def create(self, version, random, session_id, cipher_suites, |
136 certificate_types=None, srp_username=None): | 137 certificate_types=None, srp_username=None): |
137 self.client_version = version | 138 self.client_version = version |
138 self.random = random | 139 self.random = random |
139 self.session_id = session_id | 140 self.session_id = session_id |
140 self.cipher_suites = cipher_suites | 141 self.cipher_suites = cipher_suites |
141 self.certificate_types = certificate_types | 142 self.certificate_types = certificate_types |
142 self.compression_methods = [0] | 143 self.compression_methods = [0] |
143 self.srp_username = srp_username | 144 self.srp_username = srp_username |
(...skipping 20 matching lines...) Expand all Loading... | |
164 self.random = p.getFixBytes(32) | 165 self.random = p.getFixBytes(32) |
165 self.session_id = p.getVarBytes(1) | 166 self.session_id = p.getVarBytes(1) |
166 self.cipher_suites = p.getVarList(2, 2) | 167 self.cipher_suites = p.getVarList(2, 2) |
167 self.compression_methods = p.getVarList(1, 1) | 168 self.compression_methods = p.getVarList(1, 1) |
168 if not p.atLengthCheck(): | 169 if not p.atLengthCheck(): |
169 totalExtLength = p.get(2) | 170 totalExtLength = p.get(2) |
170 soFar = 0 | 171 soFar = 0 |
171 while soFar != totalExtLength: | 172 while soFar != totalExtLength: |
172 extType = p.get(2) | 173 extType = p.get(2) |
173 extLength = p.get(2) | 174 extLength = p.get(2) |
175 # Note: the mapping of the following two types is not | |
176 # RFC-compatible: | |
177 # extension 6 is user_mapping | |
178 # extension 7 is client_authz | |
wtc
2013/11/26 22:46:12
Sorry about the confusion. I didn't mean to ask yo
ekasper
2013/11/27 14:09:04
Done.
| |
174 if extType == 6: | 179 if extType == 6: |
175 self.srp_username = bytesToString(p.getVarBytes(1)) | 180 self.srp_username = bytesToString(p.getVarBytes(1)) |
176 elif extType == 7: | 181 elif extType == 7: |
177 self.certificate_types = p.getVarList(1, 1) | 182 self.certificate_types = p.getVarList(1, 1) |
178 elif extType == ExtensionType.channel_id: | 183 elif extType == ExtensionType.channel_id: |
179 self.channel_id = True | 184 self.channel_id = True |
185 elif extType == ExtensionType.signed_cert_timestamps: | |
186 if extLength: | |
187 raise SyntaxError() | |
188 self.support_signed_cert_timestamps = True | |
180 else: | 189 else: |
181 p.getFixBytes(extLength) | 190 p.getFixBytes(extLength) |
182 soFar += 4 + extLength | 191 soFar += 4 + extLength |
183 p.stopLengthCheck() | 192 p.stopLengthCheck() |
184 return self | 193 return self |
185 | 194 |
186 def write(self, trial=False): | 195 def write(self, trial=False): |
187 w = HandshakeMsg.preWrite(self, HandshakeType.client_hello, trial) | 196 w = HandshakeMsg.preWrite(self, HandshakeType.client_hello, trial) |
188 w.add(self.client_version[0], 1) | 197 w.add(self.client_version[0], 1) |
189 w.add(self.client_version[1], 1) | 198 w.add(self.client_version[1], 1) |
(...skipping 27 matching lines...) Expand all Loading... | |
217 class ServerHello(HandshakeMsg): | 226 class ServerHello(HandshakeMsg): |
218 def __init__(self): | 227 def __init__(self): |
219 self.contentType = ContentType.handshake | 228 self.contentType = ContentType.handshake |
220 self.server_version = (0,0) | 229 self.server_version = (0,0) |
221 self.random = createByteArrayZeros(32) | 230 self.random = createByteArrayZeros(32) |
222 self.session_id = createByteArraySequence([]) | 231 self.session_id = createByteArraySequence([]) |
223 self.cipher_suite = 0 | 232 self.cipher_suite = 0 |
224 self.certificate_type = CertificateType.x509 | 233 self.certificate_type = CertificateType.x509 |
225 self.compression_method = 0 | 234 self.compression_method = 0 |
226 self.channel_id = False | 235 self.channel_id = False |
236 self.signed_cert_timestamps = None | |
227 | 237 |
228 def create(self, version, random, session_id, cipher_suite, | 238 def create(self, version, random, session_id, cipher_suite, |
229 certificate_type): | 239 certificate_type): |
230 self.server_version = version | 240 self.server_version = version |
231 self.random = random | 241 self.random = random |
232 self.session_id = session_id | 242 self.session_id = session_id |
233 self.cipher_suite = cipher_suite | 243 self.cipher_suite = cipher_suite |
234 self.certificate_type = certificate_type | 244 self.certificate_type = certificate_type |
235 self.compression_method = 0 | 245 self.compression_method = 0 |
236 return self | 246 return self |
(...skipping 29 matching lines...) Expand all Loading... | |
266 w.add(self.compression_method, 1) | 276 w.add(self.compression_method, 1) |
267 | 277 |
268 extLength = 0 | 278 extLength = 0 |
269 if self.certificate_type and self.certificate_type != \ | 279 if self.certificate_type and self.certificate_type != \ |
270 CertificateType.x509: | 280 CertificateType.x509: |
271 extLength += 5 | 281 extLength += 5 |
272 | 282 |
273 if self.channel_id: | 283 if self.channel_id: |
274 extLength += 4 | 284 extLength += 4 |
275 | 285 |
286 if self.signed_cert_timestamps: | |
287 extLength += 4 + len(self.signed_cert_timestamps) | |
288 | |
276 if extLength != 0: | 289 if extLength != 0: |
277 w.add(extLength, 2) | 290 w.add(extLength, 2) |
278 | 291 |
279 if self.certificate_type and self.certificate_type != \ | 292 if self.certificate_type and self.certificate_type != \ |
280 CertificateType.x509: | 293 CertificateType.x509: |
281 w.add(7, 2) | 294 w.add(7, 2) |
282 w.add(1, 2) | 295 w.add(1, 2) |
283 w.add(self.certificate_type, 1) | 296 w.add(self.certificate_type, 1) |
284 | 297 |
285 if self.channel_id: | 298 if self.channel_id: |
286 w.add(ExtensionType.channel_id, 2) | 299 w.add(ExtensionType.channel_id, 2) |
287 w.add(0, 2) | 300 w.add(0, 2) |
288 | 301 |
302 if self.signed_cert_timestamps: | |
303 w.add(ExtensionType.signed_cert_timestamps, 2) | |
304 w.addVarSeq(stringToBytes(self.signed_cert_timestamps), 1, 2) | |
305 | |
289 return HandshakeMsg.postWrite(self, w, trial) | 306 return HandshakeMsg.postWrite(self, w, trial) |
290 | 307 |
291 class Certificate(HandshakeMsg): | 308 class Certificate(HandshakeMsg): |
292 def __init__(self, certificateType): | 309 def __init__(self, certificateType): |
293 self.certificateType = certificateType | 310 self.certificateType = certificateType |
294 self.contentType = ContentType.handshake | 311 self.contentType = ContentType.handshake |
295 self.certChain = None | 312 self.certChain = None |
296 | 313 |
297 def create(self, certChain): | 314 def create(self, certChain): |
298 self.certChain = certChain | 315 self.certChain = certChain |
(...skipping 309 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
608 def create(self, bytes): | 625 def create(self, bytes): |
609 self.bytes = bytes | 626 self.bytes = bytes |
610 return self | 627 return self |
611 | 628 |
612 def parse(self, p): | 629 def parse(self, p): |
613 self.bytes = p.bytes | 630 self.bytes = p.bytes |
614 return self | 631 return self |
615 | 632 |
616 def write(self): | 633 def write(self): |
617 return self.bytes | 634 return self.bytes |
OLD | NEW |