def send_handshake_finished(
self, handshake_keys: HandshakeKeys, handshake_hash: bytes
):
hh_payload = HandshakeFinishedHandshakePayload.generate(
handshake_keys.client_handshake_traffic_secret, handshake_hash
)
hh_header = HandshakeHeader(
HandshakeFinishedHandshakePayload.default_htype(),
len(hh_payload.verify_data),
)
plaintext_payload = b"".join(
[hh_header.serialize(), hh_payload.verify_data, b"\x16"]
)
record_header = RecordHeader(rtype=0x17, size=len(plaintext_payload) + 16)
encryptor = AES.new(
handshake_keys.client_key, AES.MODE_GCM, handshake_keys.client_iv
)
encryptor.update(record_header.serialize())
ciphertext_payload = encryptor.encrypt(plaintext_payload)
tag = encryptor.digest()
w = Wrapper(record_header=record_header, payload=ciphertext_payload + tag)
self.socket.send(w.serialize())
class ClientHello:
def __init__(self, domain: bytes, public_key_bytes: bytes):
self.record_header = RecordHeader(rtype=0x16,
legacy_proto_version=0x0301,
size=0)
self.handshake_header = HandshakeHeader(message_type=0x01, size=0)
self.client_version = 0x0303
self.client_random = secrets.token_bytes(32)
self.session_id = secrets.token_bytes(32)
# hard coded for now...
# 13 01 - assigned value for TLS_AES_128_GCM_SHA256
# 13 02 - assigned value for TLS_AES_256_GCM_SHA384
# 13 03 - assigned value for TLS_CHACHA20_POLY1305_SHA256
self.cipher_suites = bytes.fromhex("130113021303")
self.extensions = [
ExtensionServerName(domain),
ExtensionSupportedGroups(),
ExtensionSignatureAlgorithms(),
ExtensionKeyShare(public_key_bytes),
ExtensionPSKKeyExchangeModes(),
ExtensionSupportedVersions(),
]
def add_extension(self, extension: ClientHelloExtension):
self.extensions.append(extension)
def calc_record_size(self) -> int:
data = self._serialize()
self.record_header.size = len(data) - 5
self.handshake_header.size = self.record_header.size - 4
def _serialize(self) -> bytes:
self.extension_data = b"".join(
[ex.serialize() for ex in self.extensions])
self.extension_length = len(self.extension_data)
return b"".join([
self.record_header.serialize(),
self.handshake_header.serialize(),
struct.pack(">h", self.client_version),
struct.pack("32s", self.client_random),
struct.pack("b32s", len(self.session_id), self.session_id),
struct.pack(
f">h{len(self.cipher_suites)}s",
len(self.cipher_suites),
self.cipher_suites,
),
struct.pack("bb", 1, 0), # compression mode
struct.pack(">h", self.extension_length),
self.extension_data,
])
def serialize(self) -> bytes:
self.calc_record_size()
return self._serialize()