type TLSExtension
source code
- Known Subclasses:
-
Base class for handling handshake protocol hello messages
extensions.
This class handles the generic information about TLS extensions used
by both sides of connection in Client Hello and Server Hello messages.
See RFC
4366 for more info.
It is used as a base class for specific users and as a way to store
extensions that are not implemented in library.
To implement a new extension you will need to create a new class which
calls this class contructor (__init__), usually specifying just the
extType parameter. The other methods which need to be implemented are: extData, create, parse and __repr__. If the parser can be used for client and
optionally server extensions, the extension constructor should be added
to _universalExtensions.
Otherwise, when the client and server extensions have completely
different forms, you should add client form to the _universalExtensions and the
server form to _serverExtensions. Since the
server MUST NOT send extensions not advertised by client, there are no
purely server-side extensions. But if the client side extension is just
marked by presence and has no payload, the client side (thus the _universalExtensions may be
skipped, then the TLSExtension class will be used for implementing it. See
end of the file for type-to-constructor bindings.
Though please note that subclassing for the purpose of parsing
extensions is not an officially supported part of API (just as
underscores in their names would indicate.
|
_parseExt(parser,
extType,
extLength,
extList)
Parse a extension using a predefined constructor |
source code
|
|
dict
|
_serverExtensions = { 9: <class 'tlslite.extensions.ServerCertT...
dictionary with concrete implementations of specific TLS extensions
where key is the numeric value of the extension ID.
|
dict
|
_universalExtensions = { 0: <class 'tlslite.extensions.SNIExten...
dictionary with concrete implementations of specific TLS extensions
where key is the numeric value of the extension ID.
|
bytearray
|
extData
a byte array containing the value of the extension as to be written
on the wire
|
int
|
extType
a 2^16-1 limited integer specifying the type of the extension that it
contains, e.g.
|
boolean
|
serverType
indicates that the extension was parsed with ServerHello specific
parser, otherwise it used universal or ClientHello specific parser
|
Test if two TLS extensions are effectively the same
Will check if encoding them will result in the same on the wire
representation.
Will return False for every object that's not an extension.
|
__init__(self,
server=False,
extType=None)
(Constructor)
| source code
|
Creates a generic TLS extension.
You'll need to use create or parse methods to create an extension that is actually
usable.
- Parameters:
server (boolean) - whether to select ClientHello or ServerHello version for parsing
extType (int) - type of extension encoded as an integer, to be used by subclasses
- Overrides:
object.__init__
|
Output human readable representation of object
Child classes should override this method to support more appropriate
string rendering of the extension.
- Returns: str
- Overrides:
object.__repr__
|
Initializes a generic TLS extension.
The extension can carry arbitrary data and have arbitrary payload, can
be used in client hello or server hello messages.
The legacy calling method uses two arguments - the extType and data.
If the new calling method is used, only one argument is passed in -
data.
Child classes need to override this method so that it is possible to
set values for all fields used by the extension.
- Parameters:
extType (int) - if int: type of the extension encoded as an integer between 0 and 2^16-1
data (bytearray) - raw data representing extension on the wire
- Returns: TLSExtension
|
Parses extension from on the wire format
Child classes should override this method so that it parses the
extension from on the wire data. Note that child class parsers will not
receive the generic header of the extension, but just a parser with the
payload. In other words, the method should be the exact reverse of the extData property.
- Parameters:
- Returns: TLSExtension
- Raises:
SyntaxError - when the size of the passed element doesn't match the internal
representation
|
Returns encoded extension, as encoded on the wire
Note that child classes in general don't need to override this
method.
- Returns: bytearray
- An array of bytes formatted as is supposed to be written on the
wire, including the extension_type, length and the extension data
- Raises:
AssertionError - when the object was not initialized
|
_serverExtensions
dictionary with concrete implementations of specific TLS extensions where
key is the numeric value of the extension ID. Includes only those
extensions that require special handlers for ServerHello versions.
- Type:
- dict
- Value:
{ 9: <class 'tlslite.extensions.ServerCertTypeExtension'>,
62208: <class 'tlslite.extensions.TACKExtension'>}
|
|
_universalExtensions
dictionary with concrete implementations of specific TLS extensions where
key is the numeric value of the extension ID. Contains ClientHello
version of extensions or universal implementations
- Type:
- dict
- Value:
{ 0: <class 'tlslite.extensions.SNIExtension'>,
9: <class 'tlslite.extensions.ClientCertTypeExtension'>,
10: <class 'tlslite.extensions.SupportedGroupsExtension'>,
11: <class 'tlslite.extensions.ECPointFormatsExtension'>,
12: <class 'tlslite.extensions.SRPExtension'>,
13: <class 'tlslite.extensions.SignatureAlgorithmsExtension'>,
21: <class 'tlslite.extensions.PaddingExtension'>,
13172: <class 'tlslite.extensions.NPNExtension'>,
...
|
|
extData
a byte array containing the value of the extension as to be written on
the wire
- Type:
- bytearray
|
extType
a 2^16-1 limited integer specifying the type of the extension that it
contains, e.g. 0 indicates server name extension
- Type:
- int
|