processServerKeyExchange if the clientHello is None

tlsfuzzer · Jun 11, 2024 · dd3ba8a · dd3ba8a
1 parent 981e4e0
commit dd3ba8a
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 15 deletions.
diff --git a/tlslite/keyexchange.py b/tlslite/keyexchange.py
@@ -762,16 +762,18 @@ def processServerKeyExchange(self, srvPublicKey, serverKeyExchange):
         ecdhXc = kex.get_random_private_key()
         ext_negotiated = ECPointFormat.uncompressed
         ext_supported = [ECPointFormat.uncompressed]
-        ext_c = self.clientHello.getExtension(ExtensionType.ec_point_formats)
-        ext_s = self.serverHello.getExtension(ExtensionType.ec_point_formats)
-        if ext_c and ext_s:
-            try:
-                ext_supported = [
-                    i for i in ext_c.formats if i in ext_s.formats
-                    ]
-                ext_negotiated = ext_supported[0]
-            except IndexError:
-                raise TLSIllegalParameterException("No common EC point format")
+
+        if self.clientHello:
+            ext_c = self.clientHello.getExtension(ExtensionType.ec_point_formats)
+            ext_s = self.serverHello.getExtension(ExtensionType.ec_point_formats)
+            if ext_c and ext_s:
+                try:
+                    ext_supported = [
+                        i for i in ext_c.formats if i in ext_s.formats
+                        ]
+                    ext_negotiated = ext_supported[0]
+                except IndexError:
+                    raise TLSIllegalParameterException("No common EC point format")
 
         self.ecdhYc = kex.calc_public_value(ecdhXc, ext_negotiated)
         return kex.calc_shared_key(ecdhXc, ecdh_Ys, ext_supported)

diff --git a/tlslite/session.py b/tlslite/session.py
@@ -1,4 +1,4 @@
-# Authors: 
+# Authors:
 #   Trevor Perrin
 #   Dave Baggett (Arcode Corporation) - canonicalCipherName
 #
@@ -74,7 +74,7 @@ class Session(object):
         from the server
 
     :vartype ec_point_format: int
-    :ivar ec_point_format: used EC point format for the ECDH key exchange; 
+    :ivar ec_point_format: used EC point format for the ECDH key exchange;
     """
 
     def __init__(self):
@@ -114,7 +114,7 @@ def create(self, masterSecret, sessionID, cipherSuite,
         self.clientCertChain = clientCertChain
         self.serverCertChain = serverCertChain
         self.tackExt = tackExt
-        self.tackInHelloExt = tackInHelloExt  
+        self.tackInHelloExt = tackInHelloExt
         self.serverName = serverName
         self.resumable = resumable
         self.encryptThenMAC = encryptThenMAC
@@ -150,6 +150,7 @@ def _clone(self):
         other.resumptionMasterSecret = self.resumptionMasterSecret
         other.tickets = self.tickets
         other.tls_1_0_tickets = self.tls_1_0_tickets
+        other.ec_point_format = self.ec_point_format
         return other
 
     def valid(self):
@@ -172,7 +173,7 @@ def getTackId(self):
             return self.tackExt.tack.getTackId()
         else:
             return None
-        
+
     def getBreakSigs(self):
         if self.tackExt and self.tackExt.break_sigs:
             return self.tackExt.break_sigs
@@ -186,7 +187,7 @@ def getCipherName(self):
         :returns: The name of the cipher used with this connection.
         """
         return CipherSuite.canonicalCipherName(self.cipherSuite)
-        
+
     def getMacName(self):
         """Get the name of the HMAC hash algo used with this connection.