tlslite.handshakehelpers module

Class with various handshake helpers.

class tlslite.handshakehelpers.HandshakeHelpers

Bases: object

This class encapsulates helper functions to be used with a TLS handshake.

static alignClientHelloPadding(clientHello)

Align ClientHello using the Padding extension to 512 bytes at least.

Parameters

clientHello (ClientHello) – ClientHello to be aligned

static calc_res_binder_psk(iden, res_master_secret, tickets)

Calculate PSK associated with provided ticket identity.

static update_binders(client_hello, handshake_hashes, psk_configs, tickets=None, res_master_secret=None)

Sign the Client Hello using TLS 1.3 PSK binders.

note: the psk_configs should be in the same order as the ones in the PreSharedKeyExtension extension (extra ones are ok)

Parameters
  • client_hello – ClientHello to sign

  • handshake_hashes – hashes of messages exchanged so far

  • psk_configs – PSK identities and secrets

  • tickets – optional list of tickets received from server

  • res_master_secret (bytearray) – secret associated with the tickets

static verify_binder(client_hello, handshake_hashes, position, secret, prf, external=True)

Verify the PSK binder value in client hello.

Parameters
  • client_hello – ClientHello to verify

  • handshake_hashes – hashes of messages exchanged so far

  • position – binder at which position should be verified

  • secret – the secret PSK

  • prf – name of the hash used as PRF