def _hook_tls_client_hello_sni(self, record):
server_name = ServerNameField()
server_name.payload = HostNameField("")
server_name.payload.value = self._scanner.handler.hostname.encode("utf-8")
tmp_sni = ServerNameIndication()
tmp_sni.server_name_list.append(server_name)
tmp_ext_sni = Extension() + tmp_sni
record.payload.extensions.append(tmp_ext_sni)
return record
def _hook_tls_client_hello_sni(self, record):
server_name = ServerNameField()
server_name.payload = HostNameField("")
server_name.payload.value = self._scanner.handler.hostname.encode(
"utf-8")
tmp_sni = ServerNameIndication()
tmp_sni.server_name_list.append(server_name)
tmp_ext_sni = Extension() + tmp_sni
record.payload.extensions.append(tmp_ext_sni)
return record
def test_encode(self):
# Type: server_name, Length: 16
data = b"00000010"
# Length: 14
data += b"000e"
# Type: host_name, Length: 11, Name: example.org
data += b"00000b6578616d706c652e6f7267"
server_name = ServerNameField()
server_name.payload = HostNameField("")
server_name.payload.value = b"example.org"
tmp_sni = ServerNameIndication()
tmp_sni.server_name_list.append(server_name)
tmp = Extension() + tmp_sni
assert binascii.hexlify(tmp.encode()) == data
def _build_dtls_base_client_hello(self, protocol_version, cipher_suites, elliptic_curves=None):
ver_major, ver_minor = flextls.helper.get_tls_version(protocol_version)
hash_algorithms = flextls.registry.tls.hash_algorithms.get_ids()
sign_algorithms = flextls.registry.tls.signature_algorithms.get_ids()
comp_methods = flextls.registry.tls.compression_methods.get_ids()
hello = DTLSv10ClientHello()
for i in cipher_suites:
cipher = CipherSuiteField()
cipher.value = i
hello.cipher_suites.append(cipher)
for comp_id in comp_methods:
comp = CompressionMethodField()
comp.value = comp_id
hello.compression_methods.append(comp)
server_name = ServerNameField()
server_name.payload = HostNameField("")
server_name.payload.value = self._scanner.handler.hostname.encode("utf-8")
tmp_sni = ServerNameIndication()
tmp_sni.server_name_list.append(server_name)
tmp_ext_sni = Extension() + tmp_sni
hello.extensions.append(tmp_ext_sni)
ext_elliptic_curves = EllipticCurves()
a = ext_elliptic_curves.get_field("elliptic_curve_list")
if elliptic_curves is None:
elliptic_curves = flextls.registry.ec.named_curves.get_ids()
for i in elliptic_curves:
v = a.item_class("unnamed", None)
v.value = i
a.value.append(v)
hello.extensions.append(Extension() + ext_elliptic_curves)
ext_ec_point_formats = EcPointFormats()
a = ext_ec_point_formats.get_field("point_format_list")
for tmp_pf in flextls.registry.ec.point_formats:
v = a.item_class("unnamed", tmp_pf.id)
a.value.append(v)
hello.extensions.append(Extension() + ext_ec_point_formats)
ext_signature_algorithm = SignatureAlgorithms()
a = ext_signature_algorithm.get_field("supported_signature_algorithms")
for i in hash_algorithms:
for j in sign_algorithms:
v = a.item_class("unnamed")
v.hash = i
v.signature = j
a.value.append(v)
hello.extensions.append(Extension() + ext_signature_algorithm)
hello.extensions.append(Extension() + SessionTicketTLS())
hb_ext = HeartbeatExt()
hb_ext.mode = 1
hello.extensions.append(Extension() + hb_ext)
hello.random = os.urandom(32)
hello.version.major = ver_major
hello.version.minor = ver_minor
msg_handshake = DTLSv10Handshake()
msg_handshake.set_payload(hello)
return msg_handshake
def _build_dtls_base_client_hello(self,
protocol_version,
cipher_suites,
elliptic_curves=None):
ver_major, ver_minor = flextls.helper.get_tls_version(protocol_version)
hash_algorithms = flextls.registry.tls.hash_algorithms.get_ids()
sign_algorithms = flextls.registry.tls.signature_algorithms.get_ids()
comp_methods = flextls.registry.tls.compression_methods.get_ids()
hello = DTLSv10ClientHello()
for i in cipher_suites:
cipher = CipherSuiteField()
cipher.value = i
hello.cipher_suites.append(cipher)
for comp_id in comp_methods:
comp = CompressionMethodField()
comp.value = comp_id
hello.compression_methods.append(comp)
server_name = ServerNameField()
server_name.payload = HostNameField("")
server_name.payload.value = self._scanner.handler.hostname.encode(
"utf-8")
tmp_sni = ServerNameIndication()
tmp_sni.server_name_list.append(server_name)
tmp_ext_sni = Extension() + tmp_sni
hello.extensions.append(tmp_ext_sni)
ext_elliptic_curves = EllipticCurves()
a = ext_elliptic_curves.get_field("elliptic_curve_list")
if elliptic_curves is None:
elliptic_curves = flextls.registry.ec.named_curves.get_ids()
for i in elliptic_curves:
v = a.item_class("unnamed", None)
v.value = i
a.value.append(v)
hello.extensions.append(Extension() + ext_elliptic_curves)
ext_ec_point_formats = EcPointFormats()
a = ext_ec_point_formats.get_field("point_format_list")
for tmp_pf in flextls.registry.ec.point_formats:
v = a.item_class("unnamed", tmp_pf.id)
a.value.append(v)
hello.extensions.append(Extension() + ext_ec_point_formats)
ext_signature_algorithm = SignatureAlgorithms()
a = ext_signature_algorithm.get_field("supported_signature_algorithms")
for i in hash_algorithms:
for j in sign_algorithms:
v = a.item_class("unnamed")
v.hash = i
v.signature = j
a.value.append(v)
hello.extensions.append(Extension() + ext_signature_algorithm)
hello.extensions.append(Extension() + SessionTicketTLS())
hb_ext = HeartbeatExt()
hb_ext.mode = 1
hello.extensions.append(Extension() + hb_ext)
hello.random = os.urandom(32)
hello.version.major = ver_major
hello.version.minor = ver_minor
msg_handshake = DTLSv10Handshake()
msg_handshake.set_payload(hello)
return msg_handshake