Index: third_party/tlslite/tlslite/messages.py |
diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlslite/messages.py |
index fa4d8174c1aeb81f0ddd00af614e568dde22b450..3eb2e52f8024911171ea1bbc8bed2d6f43995e7f 100644 |
--- a/third_party/tlslite/tlslite/messages.py |
+++ b/third_party/tlslite/tlslite/messages.py |
@@ -131,6 +131,7 @@ class ClientHello(HandshakeMsg): |
self.compression_methods = [] # a list of 8-bit values |
self.srp_username = None # a string |
self.channel_id = False |
+ self.signed_cert_timestamps = False |
def create(self, version, random, session_id, cipher_suites, |
certificate_types=None, srp_username=None): |
@@ -177,6 +178,8 @@ class ClientHello(HandshakeMsg): |
self.certificate_types = p.getVarList(1, 1) |
elif extType == ExtensionType.channel_id: |
self.channel_id = True |
+ elif extType == ExtensionType.signed_cert_timestamps: |
+ self.signed_cert_timestamps = True |
wtc
2013/11/26 17:32:55
Should we verify that extension_data is empty? The
ekasper
2013/11/26 19:33:54
Good point. In a correct implementation, all exten
|
else: |
p.getFixBytes(extLength) |
soFar += 4 + extLength |
@@ -224,6 +227,7 @@ class ServerHello(HandshakeMsg): |
self.certificate_type = CertificateType.x509 |
self.compression_method = 0 |
self.channel_id = False |
+ self.signed_cert_timestamps = None |
wtc
2013/11/26 17:32:55
Nit: it is a little confusing that signed_cert_tim
ekasper
2013/11/26 19:33:54
I've changed it anyway, to support_signed_cert_tim
|
def create(self, version, random, session_id, cipher_suite, |
certificate_type): |
@@ -273,6 +277,9 @@ class ServerHello(HandshakeMsg): |
if self.channel_id: |
extLength += 4 |
+ if self.signed_cert_timestamps: |
+ extLength += 4 + len(self.signed_cert_timestamps) |
+ |
if extLength != 0: |
w.add(extLength, 2) |
@@ -286,6 +293,10 @@ class ServerHello(HandshakeMsg): |
w.add(ExtensionType.channel_id, 2) |
w.add(0, 2) |
+ if self.signed_cert_timestamps: |
+ w.add(ExtensionType.signed_cert_timestamps, 2) |
+ w.addVarSeq(stringToBytes(self.signed_cert_timestamps), 1, 2) |
wtc
2013/11/26 17:32:55
I am not familiar with the stringToBytes function,
ekasper
2013/11/26 19:33:54
Yeah, this is python strings for you: stringToByte
|
+ |
return HandshakeMsg.postWrite(self, w, trial) |
class Certificate(HandshakeMsg): |