Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Add support for basic parsing of TLS Extensions in the Client Hello.

  • Loading branch information...
commit 60306d27d1d71485fa145587aad5a86f6d4fe9bd 1 parent f08b43c
Paul Querna authored September 06, 2012

Showing 1 changed file with 45 additions and 1 deletion. Show diff stats Hide diff stats

  1. 46  third_party/dpkt/dpkt/ssl.py
46  third_party/dpkt/dpkt/ssl.py
@@ -224,6 +224,37 @@ class TLSHelloRequest(dpkt.Packet):
224 224
     __hdr__ = tuple()
225 225
 
226 226
 
  227
+TLSExtensionTypes = {
  228
+    0: 'server_name',
  229
+    1: 'max_fragment_length',
  230
+    2: 'client_certificate_url',
  231
+    3: 'trusted_ca_keys',
  232
+    4: 'truncated_hmac',
  233
+    5: 'status_request',
  234
+    6: 'user_mapping',
  235
+    7: 'client_authz',
  236
+    8: 'server_authz',
  237
+    9: 'cert_type',
  238
+    10: 'elliptic_curves',
  239
+    11: 'ec_point_formats',
  240
+    12: 'srp',
  241
+    13: 'signature_algorithms',
  242
+    14: 'use_srtp',
  243
+    15: 'heartbeat',
  244
+    35: 'session_tickets',
  245
+    13172: 'next_protocol_negotiation',
  246
+    65281: 'renegotiation_info',
  247
+}
  248
+
  249
+class TLSExtension(object):
  250
+    def __init__(self, extNumber, data):
  251
+        self.data = data
  252
+        self.value = extNumber
  253
+
  254
+    @property
  255
+    def name(self):
  256
+        return TLSExtensionTypes.get(self.value, 'unknown')
  257
+
227 258
 class TLSClientHello(dpkt.Packet):
228 259
     __hdr__ = (
229 260
         ('version', 'H', 0x0301),
@@ -246,8 +277,21 @@ def unpack(self, buf):
246 277
         pointer += parsed
247 278
         self.num_compression_methods = parsed - 1
248 279
         self.compression_methods = map(ord, compression_methods)
249  
-        # extensions
250 280
 
  281
+        self.extensions = []
  282
+
  283
+        if len(self.data[pointer:]) <= 0:
  284
+            return
  285
+        # skip total extensions length
  286
+        pointer += 2
  287
+
  288
+        while len(self.data[pointer:]) > 0:
  289
+            # extensions
  290
+            extType = struct.unpack('!H', self.data[pointer:pointer+2])[0]
  291
+            pointer += 2
  292
+            extension, extensionLength = parse_variable_array(self.data[pointer:], 2)
  293
+            pointer += extensionLength
  294
+            self.extensions.append(TLSExtension(extType, extension))
251 295
 
252 296
 class TLSServerHello(dpkt.Packet):
253 297
     __hdr__ = (

0 notes on commit 60306d2

Please sign in to comment.
Something went wrong with that request. Please try again.