Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Add support for basic parsing of TLS Extensions in the Client Hello.

commit 60306d27d1d71485fa145587aad5a86f6d4fe9bd 1 parent f08b43c
@pquerna authored
Showing with 45 additions and 1 deletion.
  1. +45 −1 third_party/dpkt/dpkt/ssl.py
View
46 third_party/dpkt/dpkt/ssl.py
@@ -224,6 +224,37 @@ class TLSHelloRequest(dpkt.Packet):
__hdr__ = tuple()
+TLSExtensionTypes = {
+ 0: 'server_name',
+ 1: 'max_fragment_length',
+ 2: 'client_certificate_url',
+ 3: 'trusted_ca_keys',
+ 4: 'truncated_hmac',
+ 5: 'status_request',
+ 6: 'user_mapping',
+ 7: 'client_authz',
+ 8: 'server_authz',
+ 9: 'cert_type',
+ 10: 'elliptic_curves',
+ 11: 'ec_point_formats',
+ 12: 'srp',
+ 13: 'signature_algorithms',
+ 14: 'use_srtp',
+ 15: 'heartbeat',
+ 35: 'session_tickets',
+ 13172: 'next_protocol_negotiation',
+ 65281: 'renegotiation_info',
+}
+
+class TLSExtension(object):
+ def __init__(self, extNumber, data):
+ self.data = data
+ self.value = extNumber
+
+ @property
+ def name(self):
+ return TLSExtensionTypes.get(self.value, 'unknown')
+
class TLSClientHello(dpkt.Packet):
__hdr__ = (
('version', 'H', 0x0301),
@@ -246,8 +277,21 @@ def unpack(self, buf):
pointer += parsed
self.num_compression_methods = parsed - 1
self.compression_methods = map(ord, compression_methods)
- # extensions
+ self.extensions = []
+
+ if len(self.data[pointer:]) <= 0:
+ return
+ # skip total extensions length
+ pointer += 2
+
+ while len(self.data[pointer:]) > 0:
+ # extensions
+ extType = struct.unpack('!H', self.data[pointer:pointer+2])[0]
+ pointer += 2
+ extension, extensionLength = parse_variable_array(self.data[pointer:], 2)
+ pointer += extensionLength
+ self.extensions.append(TLSExtension(extType, extension))
class TLSServerHello(dpkt.Packet):
__hdr__ = (

0 comments on commit 60306d2

Please sign in to comment.
Something went wrong with that request. Please try again.