tlslite.handshakehelpers module

Class with various handshake helpers.

class tlslite.handshakehelpers.HandshakeHelpers[source]

Bases: object

This class encapsulates helper functions to be used with a TLS handshake.

static alignClientHelloPadding(clientHello)[source]

Align ClientHello using the Padding extension to 512 bytes at least.

Parameters:

clientHello (ClientHello) – ClientHello to be aligned

static calc_res_binder_psk(iden, res_master_secret, tickets)[source]

Calculate PSK associated with provided ticket identity.

static update_binders(client_hello, handshake_hashes, psk_configs, tickets=None, res_master_secret=None)[source]

Sign the Client Hello using TLS 1.3 PSK binders.

note: the psk_configs should be in the same order as the ones in the PreSharedKeyExtension extension (extra ones are ok)

Parameters:

  • client_hello – ClientHello to sign

  • handshake_hashes – hashes of messages exchanged so far

  • psk_configs – PSK identities and secrets

  • tickets – optional list of tickets received from server

  • res_master_secret (bytearray) – secret associated with the tickets

static verify_binder(client_hello, handshake_hashes, position, secret, prf, external=True)[source]

Verify the PSK binder value in client hello.

Parameters:

  • client_hello – ClientHello to verify

  • handshake_hashes – hashes of messages exchanged so far

  • position – binder at which position should be verified

  • secret – the secret PSK

  • prf – name of the hash used as PRF