Package tlslite :: Module extensions :: Class TLSExtension
[hide private]
[frames] | no frames]

type TLSExtension

source code

Known Subclasses:

Base class for handling handshake protocol hello messages extensions.

This class handles the generic information about TLS extensions used by both sides of connection in Client Hello and Server Hello messages. See RFC 4366 for more info.

It is used as a base class for specific users and as a way to store extensions that are not implemented in library.

To implement a new extension you will need to create a new class which calls this class contructor (__init__), usually specifying just the extType parameter. The other methods which need to be implemented are: extData, create, parse and __repr__. If the parser can be used for client and optionally server extensions, the extension constructor should be added to _universalExtensions. Otherwise, when the client and server extensions have completely different forms, you should add client form to the _universalExtensions and the server form to _serverExtensions. Since the server MUST NOT send extensions not advertised by client, there are no purely server-side extensions. But if the client side extension is just marked by presence and has no payload, the client side (thus the _universalExtensions may be skipped, then the TLSExtension class will be used for implementing it. See end of the file for type-to-constructor bindings.

Though please note that subclassing for the purpose of parsing extensions is not an officially supported part of API (just as underscores in their names would indicate.

Instance Methods [hide private]
 
__eq__(self, that)
Test if two TLS extensions are effectively the same
source code
 
__init__(self, server=False, extType=None)
Creates a generic TLS extension.
source code
str
__repr__(self)
Output human readable representation of object
source code
 
_newCreate(self, data)
New format for create method
source code
 
_oldCreate(self, extType, data)
Legacy handling of create method
source code
TLSExtension
create(self, *args, **kwargs)
Initializes a generic TLS extension.
source code
TLSExtension
parse(self, p)
Parses extension from on the wire format
source code
bytearray
write(self)
Returns encoded extension, as encoded on the wire
source code
Static Methods [hide private]
 
_parseExt(parser, extType, extLength, extList)
Parse a extension using a predefined constructor
source code
Class Variables [hide private]
dict _serverExtensions = {9: <class 'tlslite.extensions.ServerCertT...
dictionary with concrete implementations of specific TLS extensions where key is the numeric value of the extension ID.
dict _universalExtensions = {0: <class 'tlslite.extensions.SNIExten...
dictionary with concrete implementations of specific TLS extensions where key is the numeric value of the extension ID.
Instance Variables [hide private]
bytearray extData
a byte array containing the value of the extension as to be written on the wire
int extType
a 2^16-1 limited integer specifying the type of the extension that it contains, e.g.
boolean serverType
indicates that the extension was parsed with ServerHello specific parser, otherwise it used universal or ClientHello specific parser
Method Details [hide private]

__eq__(self, that)
(Equality operator)

source code 

Test if two TLS extensions are effectively the same

Will check if encoding them will result in the same on the wire representation.

Will return False for every object that's not an extension.

__init__(self, server=False, extType=None)
(Constructor)

source code 

Creates a generic TLS extension.

You'll need to use create or parse methods to create an extension that is actually usable.

Parameters:
  • server (boolean) - whether to select ClientHello or ServerHello version for parsing
  • extType (int) - type of extension encoded as an integer, to be used by subclasses
Overrides: object.__init__

__repr__(self)
(Representation operator)

source code 

Output human readable representation of object

Child classes should override this method to support more appropriate string rendering of the extension.

Returns: str
Overrides: object.__repr__

create(self, *args, **kwargs)

source code 

Initializes a generic TLS extension.

The extension can carry arbitrary data and have arbitrary payload, can be used in client hello or server hello messages.

The legacy calling method uses two arguments - the extType and data. If the new calling method is used, only one argument is passed in - data.

Child classes need to override this method so that it is possible to set values for all fields used by the extension.

Parameters:
  • extType (int) - if int: type of the extension encoded as an integer between 0 and 2^16-1
  • data (bytearray) - raw data representing extension on the wire
Returns: TLSExtension

parse(self, p)

source code 

Parses extension from on the wire format

Child classes should override this method so that it parses the extension from on the wire data. Note that child class parsers will not receive the generic header of the extension, but just a parser with the payload. In other words, the method should be the exact reverse of the extData property.

Parameters:
Returns: TLSExtension
Raises:
  • SyntaxError - when the size of the passed element doesn't match the internal representation

write(self)

source code 

Returns encoded extension, as encoded on the wire

Note that child classes in general don't need to override this method.

Returns: bytearray
An array of bytes formatted as is supposed to be written on the wire, including the extension_type, length and the extension data
Raises:
  • AssertionError - when the object was not initialized

Class Variable Details [hide private]

_serverExtensions

dictionary with concrete implementations of specific TLS extensions where key is the numeric value of the extension ID. Includes only those extensions that require special handlers for ServerHello versions.
Type:
dict
Value:
{9: <class 'tlslite.extensions.ServerCertTypeExtension'>,
 62208: <class 'tlslite.extensions.TACKExtension'>}

_universalExtensions

dictionary with concrete implementations of specific TLS extensions where key is the numeric value of the extension ID. Contains ClientHello version of extensions or universal implementations
Type:
dict
Value:
{0: <class 'tlslite.extensions.SNIExtension'>,
 5: <class 'tlslite.extensions.StatusRequestExtension'>,
 9: <class 'tlslite.extensions.ClientCertTypeExtension'>,
 10: <class 'tlslite.extensions.SupportedGroupsExtension'>,
 11: <class 'tlslite.extensions.ECPointFormatsExtension'>,
 12: <class 'tlslite.extensions.SRPExtension'>,
 13: <class 'tlslite.extensions.SignatureAlgorithmsExtension'>,
 16: <class 'tlslite.extensions.ALPNExtension'>,
...

Instance Variable Details [hide private]

extData

a byte array containing the value of the extension as to be written on the wire
Type:
bytearray

extType

a 2^16-1 limited integer specifying the type of the extension that it contains, e.g. 0 indicates server name extension
Type:
int