token_binding_negotiation.patch 5.52 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlslite/constants.py
index f9c8676..84bb703 100644
--- a/third_party/tlslite/tlslite/constants.py
+++ b/third_party/tlslite/tlslite/constants.py
@@ -59,6 +59,7 @@ class ExtensionType:    # RFC 6066 / 4366
     tack = 0xF300
     supports_npn = 13172
     channel_id = 30032
+    token_binding = 30033
 
 class HashAlgorithm:
     none = 0
diff --git a/third_party/tlslite/tlslite/handshakesettings.py b/third_party/tlslite/tlslite/handshakesettings.py
index a7b6ab9..8f25f62 100644
--- a/third_party/tlslite/tlslite/handshakesettings.py
+++ b/third_party/tlslite/tlslite/handshakesettings.py
@@ -115,6 +115,13 @@ class HandshakeSettings(object):
     @type enableExtendedMasterSecret: bool
     @ivar enableExtendedMasterSecret: If true, the server supports the extended
     master secret TLS extension and will negotiated it with supporting clients.
+
+    @type supportedTokenBindingParams: list
+    @ivar supportedTokenBindingParams: A list of token binding parameters that
+    the server supports when negotiating token binding. List values are integers
+    corresponding to the TokenBindingKeyParameters enum in the Token Binding
+    Negotiation spec (draft-ietf-tokbind-negotiation-00). Values are in server's
+    preference order, with most preferred params first.
     
     Note that TACK support is not standardized by IETF and uses a temporary
     TLS Extension number, so should NOT be used in production software.
@@ -134,6 +141,7 @@ class HandshakeSettings(object):
         self.useExperimentalTackExtension = False
         self.alertAfterHandshake = False
         self.enableExtendedMasterSecret = True
+        self.supportedTokenBindingParams = []
 
     # Validates the min/max fields, and certificateTypes
     # Filters out unsupported cipherNames and cipherImplementations
@@ -152,6 +160,7 @@ class HandshakeSettings(object):
         other.tlsIntoleranceType = self.tlsIntoleranceType
         other.alertAfterHandshake = self.alertAfterHandshake
         other.enableExtendedMasterSecret = self.enableExtendedMasterSecret
+        other.supportedTokenBindingParams = self.supportedTokenBindingParams
 
         if not cipherfactory.tripleDESPresent:
             other.cipherNames = [e for e in self.cipherNames if e != "3des"]
diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlslite/messages.py
index 9b553ce..ab2be57 100644
--- a/third_party/tlslite/tlslite/messages.py
+++ b/third_party/tlslite/tlslite/messages.py
@@ -115,6 +115,7 @@ class ClientHello(HandshakeMsg):
         self.server_name = bytearray(0)
         self.channel_id = False
         self.extended_master_secret = False
+        self.tb_client_params = []
         self.support_signed_cert_timestamps = False
         self.status_request = False
 
@@ -188,6 +189,15 @@ class ClientHello(HandshakeMsg):
                         self.channel_id = True
                     elif extType == ExtensionType.extended_master_secret:
                         self.extended_master_secret = True
+                    elif extType == ExtensionType.token_binding:
+                        tokenBindingBytes = p.getFixBytes(extLength)
+                        p2 = Parser(tokenBindingBytes)
+                        ver_minor = p2.get(1)
+                        ver_major = p2.get(1)
68
+                        if (ver_major, ver_minor) >= (0, 6):
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
+                            p2.startLengthCheck(1)
+                            while not p2.atLengthCheck():
+                                self.tb_client_params.append(p2.get(1))
                     elif extType == ExtensionType.signed_cert_timestamps:
                         if extLength:
                             raise SyntaxError()
@@ -271,6 +281,7 @@ class ServerHello(HandshakeMsg):
         self.next_protos = None
         self.channel_id = False
         self.extended_master_secret = False
+        self.tb_params = None
         self.signed_cert_timestamps = None
         self.status_request = False
 
@@ -365,6 +376,17 @@ class ServerHello(HandshakeMsg):
         if self.extended_master_secret:
             w2.add(ExtensionType.extended_master_secret, 2)
             w2.add(0, 2)
+        if self.tb_params:
+            w2.add(ExtensionType.token_binding, 2)
+            # length of extension
+            w2.add(4, 2)
+            # version
+            w2.add(0, 1)
93
+            w2.add(6, 1)
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
+            # length of params (defined as variable length <1..2^8-1>, but in
+            # this context the server can only send a single value.
+            w2.add(1, 1)
+            w2.add(self.tb_params, 1)
         if self.signed_cert_timestamps:
             w2.add(ExtensionType.signed_cert_timestamps, 2)
             w2.addVarSeq(bytearray(self.signed_cert_timestamps), 1, 2)
diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/tlslite/tlsconnection.py
index 04161513..06404fe 100644
--- a/third_party/tlslite/tlslite/tlsconnection.py
+++ b/third_party/tlslite/tlslite/tlsconnection.py
@@ -1330,6 +1330,10 @@ class TLSConnection(TLSRecordLayer):
         serverHello.extended_master_secret = \
             clientHello.extended_master_secret and \
             settings.enableExtendedMasterSecret
+        for param in clientHello.tb_client_params:
+            if param in settings.supportedTokenBindingParams:
+                serverHello.tb_params = param
+                break
         if clientHello.support_signed_cert_timestamps:
             serverHello.signed_cert_timestamps = signedCertTimestamps
         if clientHello.status_request: