def tls13_should_add_Certificate(self): certs = [] for c in self.cur_session.server_certs: certs += _ASN1CertAndExt(cert=c) self.add_msg(TLS13Certificate(certs=certs)) raise self.tls13_ADDED_CERTIFICATE()
def tls13_should_add_Certificate(self): # If a PSK is set, an extension pre_shared_key # was send in the ServerHello. No certificate should # be send here if not self.cur_session.tls13_psk_secret: certs = [] for c in self.cur_session.server_certs: certs += _ASN1CertAndExt(cert=c) self.add_msg(TLS13Certificate(certs=certs)) raise self.tls13_ADDED_CERTIFICATE()
def tls13_should_add_ClientCertificate(self): """ If the server sent a CertificateRequest, we send a Certificate message. If no certificate is available, an empty Certificate message is sent: - this is a SHOULD in RFC 4346 (Section 7.4.6) - this is a MUST in RFC 5246 (Section 7.4.6) XXX We may want to add a complete chain. """ hs_msg = [type(m) for m in self.cur_session.handshake_messages_parsed] if TLS13CertificateRequest not in hs_msg: raise self.TLS13_ADDED_CLIENTCERTIFICATE() # return certs = [] if self.mycert: certs += _ASN1CertAndExt(cert=self.mycert) self.add_msg(TLS13Certificate(certs=certs)) raise self.TLS13_ADDED_CLIENTCERTIFICATE()