tlslite.extensions module

Helper package for handling TLS extensions encountered in ClientHello and ServerHello messages.

class tlslite.extensions.ALPNExtension[source]

Bases: TLSExtension

Handling of Application Layer Protocol Negotiation extension from RFC 7301.

Variables:

protocol_names (list of bytearrays) – list of protocol names acceptable or selected by peer
extType (int) – numberic type of ALPNExtension, i.e. 16
~.extData (bytearray) – raw encoding of the extension data

__init__()[source]

Create instance of ALPNExtension

See also: create() and parse()

__repr__()[source]

Create programmer-readable representation of object

Return type:: str

create(protocol_names=None)[source]

Create an instance of ALPNExtension with specified protocols

Parameters:: protocols (list) – list of protocol names that are to be sent

property extData

Return encoded payload of the extension

Return type:: bytearray

parse(parser)[source]

Parse the extension from on the wire format

Parameters:: parser (Parser) – data to be parsed as extension
Raises:: DecodeError – when the encoding of the extension is self inconsistent
Return type:: ALPNExtension

class tlslite.extensions.CertificateStatusExtension[source]

Bases: TLSExtension

Handling of Certificate Status response as redefined in TLS1.3

__init__()[source]: Create instance of CertificateStatusExtension.

create(status_type, response)[source]: Set values of the extension.

property extData: Serialise the object.

parse(parser)[source]: Deserialise the data from on the wire representation.

class tlslite.extensions.ClientCertTypeExtension[source]

Bases: VarListExtension

This class handles the (client variant of) Certificate Type extension

See RFC 6091.

Variables:

extType (int) – numeric type of Certificate Type extension, i.e. 9
~.extData (bytearray) – raw representation of the extension data
certTypes (list of int) – list of certificate type identifiers (each one byte long)

__init__()[source]

Create an instance of ClientCertTypeExtension

See also: create() and parse()

class tlslite.extensions.ClientKeyShareExtension[source]

Bases: TLSExtension

Class for handling the Client Hello version of the Key Share extension.

Extension for sending the key shares to server

__init__()[source]: Create instance of the object.

__repr__()[source]: Output human readable representation of the object.

create(client_shares)[source]: Set the advertised client shares in the extension.

property extData

Return the on the wire raw encoding of the extension

Return type:: bytearray

parse(parser)[source]

Parse the extension from on the wire format

Parameters:: parser (Parser) – data to be parsed
Raises:: DecodeError – when the data does not match the definition
Return type:: ClientKeyShareExtension

class tlslite.extensions.CookieExtension[source]

Bases: VarBytesExtension

Handling of the TLS 1.3 cookie extension.

__init__()[source]: Create instance.

class tlslite.extensions.CustomNameExtension(field_name, extType)[source]

Bases: TLSExtension

Abstract class for handling custom name for payload variable.

Used for handling arbitrary extensions that deal with a single value in payload (either an opaque data, single value or single array).

Must be subclassed.

__init__(field_name, extType)[source]

Create instance of the class.

Parameters:

field_name (str) – name of the field to store the extension payload
ext_type (int) – numerical ID of the extension

create(values)[source]

Set the list to specified values.

Parameters:: values (list) – list of values to save

property extData

Return raw data encoding of the extension.

Return type:: bytearray

parse(parser)[source]

Deserialise extension from on-the-wire data.

Parameters:: parser (tlslite.utils.codec.Parser) – data
Return type:: Extension

class tlslite.extensions.ECPointFormatsExtension[source]

Bases: VarListExtension

Client side list of supported ECC point formats.

See RFC4492.

Variables:: formats (list of int) – list of point formats supported by peer

__init__()[source]: Create instance of class

class tlslite.extensions.HRRKeyShareExtension[source]

Bases: TLSExtension

Class for handling the Hello Retry Request variant of the Key Share ext.

Extension for notifying the client of the server selected group for key exchange.

__init__()[source]: Create instance of the object.

create(selected_group)[source]: Set the selected group in the extension.

property extData: Serialise the payload of the extension.

parse(parser)[source]

Parse the extension from on the wire format.

Parameters:: parser (Parser) – data to be parsed
Return type:: HRRKeyShareExtension

class tlslite.extensions.HeartbeatExtension[source]

Bases: IntExtension

Heartbeat extension from RFC 6520

Variables:: mode – mode if peer is allowed or nor allowed to send responses

__init__()[source]

Create handler for extension that has a single integer as payload.

Parameters:

field_name (str) – name of the field that will store the value
elem_length (int) – size (in bytes) of the value in the extension
ext_tyoe (int) – numerical ID of the extension encoded
item_enum (class) – TLSEnum class that defines entries in the extension

parse(parser)[source]: Deserialise the extension from on the wire data.

class tlslite.extensions.IntExtension(elem_length, field_name, ext_type, item_enum=None)[source]

Bases: CustomNameExtension

Abstract class for extensions that deal with single integer in payload.

Extension for handling arbitrary extensions that have a payload that is a single integer of a given size (1, 2, … bytes)

__init__(elem_length, field_name, ext_type, item_enum=None)[source]

Create handler for extension that has a single integer as payload.

Parameters:

field_name (str) – name of the field that will store the value
elem_length (int) – size (in bytes) of the value in the extension
ext_tyoe (int) – numerical ID of the extension encoded
item_enum (class) – TLSEnum class that defines entries in the extension

__repr__()[source]: Return human readable representation of the extension.

property extData

Return raw data encoding of the extension.

Return type:: bytearray

parse(parser)[source]

Deserialise extension from on-the-wire data.

Parameters:: parser (tlslite.utils.codec.Parser) – data
Return type:: Extension

class tlslite.extensions.KeyShareEntry[source]

Bases: object

Handler for of the item of the Key Share extension.

__init__()[source]: Initialise the object.

__repr__()[source]: Returns human readable representation of the extension.

create(group, key_exchange, private=None)[source]

Initialise the Key Share Entry from Key Share extension.

Parameters:

group (int) – ID of the key share
key_exchange (bytearray) – value of the key share
private (object) – private value for the given share (won’t be encoded during serialisation)

Return type:

KeyShareEntry

parse(parser)[source]

Parse the value from on the wire format.

Parameters:: parser (Parser) – data to be parsed as extension
Return type:: KeyShareEntry

write(writer)[source]

Write the on the wire representation of the item to writer.

Parameters:: writer (Writer) – buffer to write the data to

class tlslite.extensions.ListExtension(fieldName, extType, item_enum=None)[source]

Bases: CustomNameExtension

Abstract class for extensions that deal with single list in payload.

Extension for handling arbitrary extensions comprising of just a list of same-sized elementes inside an array

__init__(fieldName, extType, item_enum=None)[source]

Create instance of the class.

Parameters:

fieldName (str) – name of the field to store the list that is the payload
extType (int) – numerical ID of the extension
item_enum (class) – TLSEnum class that defines the enum of the items in the list

__repr__()[source]: Return human readable representation of the extension.

class tlslite.extensions.NPNExtension[source]

Bases: TLSExtension

This class handles the unofficial Next Protocol Negotiation TLS extension.

Variables:

protocols (list of bytearrays) – list of protocol names supported by the server
extType (int) – numeric type of NPNExtension, i.e. 13172
~.extData (bytearray) – raw representation of extension data

__init__()[source]

Create an instance of NPNExtension

See also: create() and parse()

__repr__()[source]

Create programmer-readable version of representation

Return type:: str

create(protocols=None)[source]

Create an instance of NPNExtension with specified protocols

Parameters:: protocols (list) – list of protocol names that are supported

property extData

Return the raw data encoding of the extension

Return type:: bytearray

parse(p)[source]

Parse the extension from on the wire format

Parameters:: p (Parser) – data to be parsed
Raises:: DecodeError – when the size of the passed element doesn’t match the internal representation
Return type:: NPNExtension

class tlslite.extensions.PaddingExtension[source]

Bases: TLSExtension

ClientHello message padding with a desired size.

Can be used to pad ClientHello messages to a desired size in order to avoid implementation bugs caused by certain ClientHello sizes.

See RFC7685.

__init__()[source]: Create instance of class.

create(size)[source]

Set the padding size and create null byte padding of defined size.

Parameters:: size (int) – required padding size in bytes

property extData

Return raw encoding of the extension.

Return type:: bytearray

parse(p)[source]

Deserialise extension from on the wire data.

Parameters:: p (Parser) – data to be parsed
Raises:: DecodeError – when the size of the passed element doesn’t match the internal representation
Return type:: TLSExtension

class tlslite.extensions.PreSharedKeyExtension[source]

Bases: TLSExtension

Class for handling Pre Shared Key negotiation.

__init__()[source]: Create instance of class.

create(identities, binders)[source]: Set list of offered PSKs.

property extData: Serialise the payload of the extension.

parse(parser)[source]: Parse the extension from on the wire format.

class tlslite.extensions.PskIdentity[source]

Bases: object

Handling of PskIdentity from PreSharedKey Extension.

__init__()[source]: Create instance of class.

create(identity, obf_ticket_age)[source]: Initialise instance.

parse(parser)[source]: Deserialize the object from bytearray.

write()[source]: Serialise the object.

class tlslite.extensions.PskKeyExchangeModesExtension[source]

Bases: VarListExtension

Handling of the PSK Key Exchange Modes extension.

__init__()[source]: Create instance of class.

class tlslite.extensions.RecordSizeLimitExtension[source]

Bases: IntExtension

Class for handling the record_size_limit extension from RFC 8449.

__init__()[source]: Create instance.

class tlslite.extensions.RenegotiationInfoExtension[source]

Bases: VarBytesExtension

Client and Server Hello secure renegotiation extension from RFC 5746

Should have an empty renegotiated_connection field in case of initial connection

__init__()[source]: Create instance

class tlslite.extensions.SNIExtension[source]

Bases: TLSExtension

Class for handling Server Name Indication (server_name) extension from RFC 4366.

Note that while usually the client does advertise just one name, it is possible to provide a list of names, each of different type. The type is a single byte value (represented by ints), the names are opaque byte strings, in case of DNS host names (records of type 0) they are UTF-8 encoded domain names (without the ending dot).

Variables:

hostNames (tuple of bytearrays) –
tuple of hostnames (server name records of type 0) advertised in the extension. Note that it may not include all names from client hello as the client can advertise other types. Also note that while it’s not possible to change the returned array in place, it is possible to assign a new set of names. IOW, this won’t work:
```
sni_extension.hostNames[0] = bytearray(b'example.com')
```
while this will work:
```
names = list(sni_extension.hostNames)
names[0] = bytearray(b'example.com')
sni_extension.hostNames = names
```
serverNames (list of ServerName) – list of all names advertised in extension. ServerName is a namedtuple with two elements, the first element (type) defines the type of the name (encoded as int) while the other (name) is a bytearray that carries the value. Known types are defined in tlslite.constants.NameType. The list will be empty if the on the wire extension had and empty list while it will be None if the extension was empty.
extType (int) – numeric type of SNIExtension, i.e. 0
~.extData (bytearray) – raw representation of the extension

class ServerName(name_type, name)

Bases: tuple

__repr__(): Return a nicely formatted representation string

name: Alias for field number 1

name_type: Alias for field number 0

__init__()[source]

Create an instance of SNIExtension.

See also: create() and parse()

__repr__()[source]

Return programmer-centric description of extension

Return type:: str

create(identity=None)[source]

Create and instance of SRPExtension with specified protocols

Parameters:: identity (bytearray) – UTF-8 encoded identity (user name) to be provided to user. MUST be shorter than 2^8-1.
Raises:: ValueError – when the identity lenght is longer than 2^8-1

property extData

Return raw data encoding of the extension

Return type:: bytearray

parse(p)[source]

Parse the extension from on the wire format

Parameters:: p (Parser) – data to be parsed
Raises:: DecodeError – when the data is internally inconsistent
Return type:: SRPExtension

class tlslite.extensions.ServerCertTypeExtension[source]

Bases: IntExtension

This class handles the Certificate Type extension (variant sent by server) defined in RFC 6091.

Variables:

extType (int) – binary type of Certificate Type extension, i.e. 9
~.extData (bytearray) – raw representation of the extension data
cert_type (int) – the certificate type selected by server

__init__()[source]

Create an instance of ServerCertTypeExtension

See also: create() and parse()

parse(parser)[source]

Parse the extension from on the wire format

Parameters:: p (Parser) – parser with data

class tlslite.extensions.ServerKeyShareExtension[source]

Bases: TLSExtension

Class for handling the Server Hello variant of the Key Share extension.

Extension for sending the key shares to client

__init__()[source]: Create instance of the object.

create(server_share)[source]: Set the advertised server share in the extension.

property extData: Serialise the payload of the extension

parse(parser)[source]

Parse the extension from on the wire format.

Parameters:: parser (Parser) – data to be parsed
Return type:: ServerKeyShareExtension

class tlslite.extensions.SessionTicketExtension[source]

Bases: TLSExtension

Client and server session ticket extension from RFC 5077

__init__()[source]: Create instance of the object.

__repr__()[source]: Return human readable representation of the extension.

create(ticket)[source]

Initializes a generic TLS extension.

The extension can carry arbitrary data and have arbitrary payload, can be used in client hello or server hello messages.

The legacy calling method uses two arguments - the extType and data. If the new calling method is used, only one argument is passed in - data.

Child classes need to override this method so that it is possible to set values for all fields used by the extension.

Parameters:

extType (int) – if int: type of the extension encoded as an integer between 0 and 2^16-1
data (bytearray) – raw data representing extension on the wire

Return type:

TLSExtension

property extData: Serialise the payload of the extension.

parse(parser)[source]

Parse the extension from on the wire format.

Parameters:: parser (Parser) – data to be parsed
Return type:: SessionTicketExtension

class tlslite.extensions.SignatureAlgorithmsCertExtension[source]

Bases: _SigListExt

Client side list of supported signatures in certificates.

Should be used when the signatures supported in certificates and in TLS messages differ.

See TLS1.3 RFC

__init__()[source]: Create instance of class.

class tlslite.extensions.SignatureAlgorithmsExtension[source]

Bases: _SigListExt

Client side list of supported signature algorithms.

Should be used by server to select certificate and signing method for Server Key Exchange messages. In practice used only for the latter.

See RFC5246.

__init__()[source]: Create instance of class

class tlslite.extensions.SrvPreSharedKeyExtension[source]

Bases: IntExtension

Handling of the Pre Shared Key extension from server.

__init__()[source]: Create instance of class.

class tlslite.extensions.SrvSupportedVersionsExtension[source]

Bases: TLSExtension

Handling of SupportedVersion extension in SH and HRR in TLS 1.3.

See draft-ietf-tls-tls13.

Variables:

extType (int) – numeric type of the Supported Versions extension, i.e. 43
~.extData (bytearray) – raw representation of the extension payload
~.version (tuple) – version selected by the server

__init__()[source]

Creates a generic TLS extension.

You’ll need to use create() or parse() methods to create an extension that is actually usable.

Parameters:

server (bool) – whether to select ClientHello or ServerHello version for parsing
extType (int) – type of extension encoded as an integer, to be used by subclasses
encExt (bool) – whether to select the EncryptedExtensions type for parsing
cert (bool) – whether to select the Certificate type of extension for parsing
hrr (bool) – whether to select the Hello Retry Request type of extension for parsing

__repr__()[source]

Return programmer-readable representation of the extension.

Return type:: str

create(version)[source]

Set the version supported by the server.

Parameters:: version (tuple) – Version selected by server.
Return type:: SrvSupportedVersionsExtension

property extData

Raw encoding of extension data, without type and length header.

Return type:: bytearray

parse(parser)[source]

Deserialise the extension from on-the-wire data.

The parser should not include the type or length of extension.

Parameters:: parser (tlslite.util.codec.Parser) – data to be parsed
Return type:: SrvSupportedVersionsExtension

class tlslite.extensions.StatusRequestExtension[source]

Bases: TLSExtension

Handling of the Certificate Status Request extension from RFC 6066.

Variables:

status_type (int) – type of the status request
responder_id_list (list of bytearray) – list of DER encoded OCSP responder identifiers that the client trusts
request_extensions (bytearray) – DER encoded list of OCSP extensions, as defined in RFC 2560

__init__()[source]: Create instance of StatusRequestExtension.

__repr__()[source]

Create programmer-readable representation of object

Return type:: str

create(status_type=1, responder_id_list=(), request_extensions=b'')[source]

Create an instance of StatusRequestExtension with specified options.

Parameters:

status_type (int) – type of status returned
responder_id_list (list) – list of encoded OCSP responder identifiers that the client trusts
request_extensions (bytearray) – DER encoding of requested OCSP extensions

property extData

Return encoded payload of the extension.

Return type:: bytearray

parse(parser)[source]

Parse the extension from on the wire format.

Parameters:: parser (Parser) – data to be parsed as extension
Return type:: StatusRequestExtension

class tlslite.extensions.SupportedGroupsExtension[source]

Bases: VarListExtension

Client side list of supported groups of (EC)DHE key exchage.

See RFC4492, RFC7027 and RFC-ietf-tls-negotiated-ff-dhe-10

Variables:: groups (int) – list of groups that the client supports

__init__()[source]: Create instance of class

class tlslite.extensions.SupportedVersionsExtension[source]

Bases: VarSeqListExtension

This class handles the SupportedVersion extensions used in TLS 1.3.

See draft-ietf-tls-tls13.

Variables:

extType (int) – numeric type of the Supported Versions extension, i.e. 43
~.extData (bytearray) – raw representation of the extension data
versions (list of tuples) – list of supported protocol versions; each tuple has two one byte long integers

__init__()[source]: Create an instance of SupportedVersionsExtension.

class tlslite.extensions.TACKExtension[source]

Bases: TLSExtension

This class handles the server side TACK extension (see draft-perrin-tls-tack-02).

Variables:

tacks (list) – list of TACK’s supported by server
activation_flags (int) – activation flags for the tacks

class TACK[source]

Bases: object

Implementation of the single TACK

__eq__(other)[source]

Tests if the other object is equivalent to this TACK

Returns False for every object that’s not a TACK

__init__()[source]: Create a single TACK object

__repr__()[source]

Return programmmer readable representation of TACK object

Return type:: str

create(public_key, min_generation, generation, expiration, target_hash, signature)[source]: Initialise the TACK with data

parse(p)[source]

Parse the TACK from on the wire format

Parameters:: p (Parser) – data to be parsed
Return type:: TACK
Raises:: DecodeError – when the internal sizes don’t match the provided data

write()[source]

Convert the TACK into on the wire format

Return type:: bytearray

__init__()[source]

Create an instance of TACKExtension

See also: create() and :py:meth`parse`

__repr__()[source]

Create a programmer readable representation of TACK extension

Return type:: str

create(tacks, activation_flags)[source]

Initialize the instance of TACKExtension

Return type:: TACKExtension

property extData

Return the raw data encoding of the extension

Return type:: bytearray

parse(p)[source]

Parse the extension from on the wire format

Parameters:: p (Parser) – data to be parsed
Return type:: TACKExtension

class tlslite.extensions.TLSExtension(server=False, extType=None, encExt=False, cert=False, hrr=False)[source]

Bases: object

Base class for handling handshake protocol hello messages extensions.

This class handles the generic information about TLS extensions used by both sides of connection in Client Hello and Server Hello messages. See https://tools.ietf.org/html/rfc4366 for more info.

It is used as a base class for specific users and as a way to store extensions that are not implemented in library.

To implement a new extension you will need to create a new class which calls this class contructor (__init__), usually specifying just the extType parameter. The other methods which need to be implemented are: extData, create, parse and __repr__. If the parser can be used for client and optionally server extensions, the extension constructor should be added to _universalExtensions. Otherwise, when the client and server extensions have completely different forms, you should add client form to the _universalExtensions and the server form to _serverExtensions. Since the server MUST NOT send extensions not advertised by client, there are no purely server-side extensions. But if the client side extension is just marked by presence and has no payload, the client side (thus the _universalExtensions may be skipped, then the TLSExtension class will be used for implementing it. See end of the file for type-to-constructor bindings.

Note

Subclassing for the purpose of parsing extensions is not an officially supported part of API (just as underscores in their names would indicate).

Variables:

extType (int) – a 2^16-1 limited integer specifying the type of the extension that it contains, e.g. 0 indicates server name extension
~.extData (bytearray) – a byte array containing the value of the extension as to be written on the wire
serverType (boolean) – indicates that the extension was parsed with ServerHello specific parser, otherwise it used universal or ClientHello specific parser
encExtType (boolean) – indicates that the extension should be the type from Encrypted Extensions
_universalExtensions (dict) – dictionary with concrete implementations of specific TLS extensions where key is the numeric value of the extension ID. Contains ClientHello version of extensions or universal implementations
_serverExtensions (dict) – dictionary with concrete implementations of specific TLS extensions where key is the numeric value of the extension ID. Includes only those extensions that require special handlers for ServerHello versions.
_certificateExtensions (dict) – dictionary with concrete implementations of specific TLS extensions where the key is the numeric value of the type of the extension and the value is the class. Includes only those extensions that require special handlers for Certificate message.
_hrrExtensions (dict) – dictionary with concrete implementation of specific TLS extensions where the key is the numeric type of the extension and the value is the class. Includes only those extensions that require special handlers for the Hello Retry Request message.

__eq__(that)[source]

Test if two TLS extensions are effectively the same

Will check if encoding them will result in the same on the wire representation.

Will return False for every object that’s not an extension.

__init__(server=False, extType=None, encExt=False, cert=False, hrr=False)[source]

Creates a generic TLS extension.

You’ll need to use create() or parse() methods to create an extension that is actually usable.

Parameters:

server (bool) – whether to select ClientHello or ServerHello version for parsing
extType (int) – type of extension encoded as an integer, to be used by subclasses
encExt (bool) – whether to select the EncryptedExtensions type for parsing
cert (bool) – whether to select the Certificate type of extension for parsing
hrr (bool) – whether to select the Hello Retry Request type of extension for parsing

__repr__()[source]

Output human readable representation of object

Child classes should override this method to support more appropriate string rendering of the extension.

Return type:: str

create(*args, **kwargs)[source]

Initializes a generic TLS extension.

The extension can carry arbitrary data and have arbitrary payload, can be used in client hello or server hello messages.

The legacy calling method uses two arguments - the extType and data. If the new calling method is used, only one argument is passed in - data.

Child classes need to override this method so that it is possible to set values for all fields used by the extension.

Parameters:

extType (int) – if int: type of the extension encoded as an integer between 0 and 2^16-1
data (bytearray) – raw data representing extension on the wire

Return type:

TLSExtension

property extData

Return the on the wire encoding of extension

Child classes need to override this property so that it returns just the payload of an extension, that is, without the 4 byte generic header common to all extension. In other words, without the extension ID and overall extension length.

Return type:: bytearray

parse(p)[source]

Parses extension from on the wire format

Child classes should override this method so that it parses the extension from on the wire data. Note that child class parsers will not receive the generic header of the extension, but just a parser with the payload. In other words, the method should be the exact reverse of the extData property.

Parameters:: p (tlslite.util.codec.Parser) – data to be parsed
Raises:: DecodeError – when the size of the passed element doesn’t match the internal representation
Return type:: TLSExtension

write()[source]

Returns encoded extension, as encoded on the wire

Note that child classes in general don’t need to override this method.

Return type:: bytearray
Returns:: An array of bytes formatted as is supposed to be written on the wire, including the extension_type, length and the extension data
Raises:: AssertionError – when the object was not initialized

class tlslite.extensions.VarBytesExtension(field_name, length_length, ext_type)[source]

Bases: CustomNameExtension

Abstract class for extension that deal with single byte array payload.

Extension for handling arbitrary extensions that comprise of just a single bytearray of variable size.

__init__(field_name, length_length, ext_type)[source]

Crate instance of the class.

Parameters:

field_name (str) – name of the field to store the bytearray that is the payload
length_length (int) – number of bytes needed to encode the length field of the string
ext_type (int) – numerical ID of the extension

__repr__()[source]: Return human readable representation of the extension.

property extData

Return raw data encoding of the extension.

Return type:: bytearray

parse(parser)[source]

Deserialise extension from on-the-wire data.

Parameters:: parser (tlslite.utils.codec.Parser) – data
Return type:: TLSExtension

class tlslite.extensions.VarListExtension(elemLength, lengthLength, fieldName, extType, item_enum=None)[source]

Bases: ListExtension

Abstract extension for handling extensions comprised of uniform value list.

Extension for handling arbitrary extensions comprising of just a list of same-sized elementes inside an array

__init__(elemLength, lengthLength, fieldName, extType, item_enum=None)[source]

Create handler for extension that has a list of items as payload.

Parameters:

elemLength (int) – number of bytes needed to encode single element
lengthLength (int) – number of bytes needed to encode length field
fieldName (str) – name of the field storing the list of elements
extType (int) – numerical ID of the extension encoded
item_enum (class) – TLSEnum class that defines entries in the list

property extData

Return raw data encoding of the extension.

Return type:: bytearray

parse(parser)[source]

Deserialise extension from on-the-wire data.

Parameters:: parser (tlslite.utils.codec.Parser) – data
Return type:: Extension

class tlslite.extensions.VarSeqListExtension(elemLength, elemNum, lengthLength, fieldName, extType, item_enum=None)[source]

Bases: ListExtension

Abstract extension for handling extensions comprised of tuple list.

Extension for handling arbitrary extensions comprising of a single list of same-sized elements in same-sized tuples

__init__(elemLength, elemNum, lengthLength, fieldName, extType, item_enum=None)[source]

Create a handler for extension that has a list of tuples as payload.

Parameters:

elemLength (int) – number of bytes needed to encode single element of a tuple
elemNum (int) – number of elements in a tuple
lengthLength (int) – number of bytes needed to encode overall length of the list
fieldName (str) – name of the field storing the list of elements
extType (int) – numerical ID of the extension encoded
item_enum (class) – TLSEnum class that defines entries in the list

property extData

Return raw data encoding of the extension.

Return type:: bytearray

parse(parser)[source]

Deserialise extension from on-the-wire data.

Parameters:: parser (tlslite.utils.codec.Parser) – data
Return type:: Extension