error when uncompressed is not supported

tests/tlstest.py

@@ -314,19 +314,19 @@ def connect():
 
     test_no += 1
 
-    print("Test {0} - client uncompressed - error, TLSv1.2".format(test_no))
+    print("Test {0} - client missing uncompressed - error, TLSv1.2".format(test_no))
     synchro.recv(1)
     connection = connect()
     settings = HandshakeSettings()
     settings.minVersion = (3, 3)
     settings.maxVersion = (3, 3)
-    settings.ec_point_formats = [ECPointFormat.uncompressed]
+    settings.ec_point_formats = [ECPointFormat.ansiX962_compressed_prime]
     settings.eccCurves = ["secp256r1", "secp384r1", "secp521r1", "x25519", "x448"]
     try:
         connection.handshakeClientCert(settings=settings)
         assert False
-    except TLSIllegalParameterException  as e:
-        assert "No common EC point format" in str(e)
+    except ValueError  as e:
+        assert "Uncompressed EC point format is not provided" in str(e)
     except TLSAbruptCloseError as e:
         pass
     connection.close()
@@ -736,7 +736,7 @@ def connect():
     settings.cipherNames = ["rc4"]
     settings.maxVersion = (3, 3)
     connection.handshakeClientCert(settings=settings)
-    testConnClient(connection)    
+    testConnClient(connection)
     assert(isinstance(connection.session.serverCertChain, X509CertChain))
     assert(connection.session.cipherSuite == constants.CipherSuite.TLS_RSA_WITH_RC4_128_MD5)
     assert(connection.encryptThenMAC == False)
@@ -755,8 +755,8 @@ def connect():
         connection = connect()
         connection.handshakeClientCert(settings=settings)
         assert(connection.session.tackExt.tacks[0].getTackId() == "5lcbe.eyweo.yxuan.rw6xd.jtoz7")
-        assert(connection.session.tackExt.activation_flags == 1)        
-        testConnClient(connection)    
+        assert(connection.session.tackExt.activation_flags == 1)
+        testConnClient(connection)
         connection.close()
 
         test_no += 1
@@ -922,7 +922,7 @@ def connect():
     print("Test {0} - good SRP: with X.509 certificate, TLSv1.0".format(test_no))
     settings = HandshakeSettings()
     settings.minVersion = (3,1)
-    settings.maxVersion = (3,1)    
+    settings.maxVersion = (3,1)
     synchro.recv(1)
     connection = connect()
     connection.handshakeClientSRP("test", "password", settings=settings)
@@ -1281,7 +1281,7 @@ def connect():
     connection = connect()
     settings = HandshakeSettings()
     settings.maxVersion = (3, 3)
-    connection.handshakeClientSRP("test", "garbage", serverName=address[0], 
+    connection.handshakeClientSRP("test", "garbage", serverName=address[0],
                                   session=session, settings=settings)
     testConnClient(connection)
     #Don't close! -- see below
@@ -1360,7 +1360,7 @@ def connect():
             settings.cipherNames = [cipher]
             settings.cipherImplementations = [implementation, "python"]
             settings.minVersion = (3,1)
-            settings.maxVersion = (3,1)            
+            settings.maxVersion = (3,1)
             connection.handshakeClientCert(settings=settings)
             testConnClient(connection)
             print("%s %s" % (connection.getCipherName(), connection.getCipherImplementation()))
@@ -1941,7 +1941,7 @@ def serverTestCmd(argv):
 
     address = argv[0]
     dir = argv[1]
-    
+
     #Split address into hostname/port tuple
     address = address.split(":")
     address = ( address[0], int(address[1]) )
@@ -2076,7 +2076,7 @@ def connect():
     synchro.send(b'R')
     connection = connect()
     connection.handshakeServer(anon=True)
-    testConnServer(connection)    
+    testConnServer(connection)
     connection.close()
 
     test_no += 1
@@ -2259,20 +2259,19 @@ def connect():
 
     test_no +=1
 
-    print("Test {0} - server compressed ec format - error, TLSv1.2".format(test_no))
+    print("Test {0} - server missing uncompressed in client - error, TLSv1.2".format(test_no))
     synchro.send(b'R')
     connection = connect()
     settings = HandshakeSettings()
     settings.minVersion = (3, 1)
     settings.maxVersion = (3, 3)
-    settings.ec_point_formats = [ECPointFormat.ansiX962_compressed_prime]
     settings.eccCurves = ["secp256r1", "secp384r1", "secp521r1", "x25519", "x448"]
     try:
         connection.handshakeServer(certChain=x509ecdsaChain,
                                 privateKey=x509ecdsaKey, settings=settings)
         assert False
-    except TLSIllegalParameterException as e:
-        assert "No common EC point format" in str(e)
+    except ValueError as e:
+        assert "Uncompressed EC point format is not provided" in str(e)
     except TLSAbruptCloseError as e:
         pass
     connection.close()
@@ -2736,7 +2735,7 @@ def connect():
     connection = connect()
     connection.handshakeServer(verifierDB=verifierDB, \
                                certChain=x509Chain, privateKey=x509Key)
-    testConnServer(connection)    
+    testConnServer(connection)
     connection.close()
 
     test_no += 1
@@ -3041,7 +3040,7 @@ def connect():
     sessionCache = SessionCache()
     connection = connect()
     connection.handshakeServer(verifierDB=verifierDB, sessionCache=sessionCache)
-    assert(connection.session.serverName == address[0])    
+    assert(connection.session.serverName == address[0])
     testConnServer(connection)
     connection.close()
 
@@ -3052,7 +3051,7 @@ def connect():
     connection = connect()
     connection.handshakeServer(verifierDB=verifierDB, sessionCache=sessionCache)
     assert(connection.session.serverName == address[0])
-    testConnServer(connection)    
+    testConnServer(connection)
     #Don't close! -- see next test
 
     test_no += 1
@@ -3184,7 +3183,7 @@ def server_bind(self):
     synchro.send(b'R')
     connection = connect()
     settings = HandshakeSettings()
-    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, 
+    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
                                settings=settings, nextProtos=[b"http/1.1"])
     testConnServer(connection)
     connection.close()
@@ -3195,7 +3194,7 @@ def server_bind(self):
     synchro.send(b'R')
     connection = connect()
     settings = HandshakeSettings()
-    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, 
+    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
                                settings=settings, nextProtos=[b"spdy/2", b"http/1.1"])
     testConnServer(connection)
     connection.close()
@@ -3206,7 +3205,7 @@ def server_bind(self):
     synchro.send(b'R')
     connection = connect()
     settings = HandshakeSettings()
-    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, 
+    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
                                settings=settings, nextProtos=[b"http/1.1", b"spdy/2"])
     testConnServer(connection)
     connection.close()
@@ -3217,7 +3216,7 @@ def server_bind(self):
     synchro.send(b'R')
     connection = connect()
     settings = HandshakeSettings()
-    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, 
+    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
                                settings=settings, nextProtos=[b"spdy/2", b"http/1.1"])
     testConnServer(connection)
     connection.close()
@@ -3228,7 +3227,7 @@ def server_bind(self):
     synchro.send(b'R')
     connection = connect()
     settings = HandshakeSettings()
-    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, 
+    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
                                settings=settings, nextProtos=[b"http/1.1", b"spdy/2", b"spdy/3"])
     testConnServer(connection)
     connection.close()
@@ -3239,7 +3238,7 @@ def server_bind(self):
     synchro.send(b'R')
     connection = connect()
     settings = HandshakeSettings()
-    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, 
+    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
                                settings=settings, nextProtos=[b"spdy/3", b"spdy/2"])
     testConnServer(connection)
     connection.close()
@@ -3250,7 +3249,7 @@ def server_bind(self):
     synchro.send(b'R')
     connection = connect()
     settings = HandshakeSettings()
-    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key, 
+    connection.handshakeServer(certChain=x509Chain, privateKey=x509Key,
                                settings=settings, nextProtos=[])
     testConnServer(connection)
     connection.close()

tlslite/handshakesettings.py

@@ -611,6 +611,8 @@ def _sanityCheckExtensions(other):
         if bad_ec_ext:
             raise ValueError("Unknown EC point format provided: "
                              "{0}".format(bad_ec_ext))
+        if ECPointFormat.uncompressed not in other.ec_point_formats:
+            raise ValueError("Uncompressed EC point format is not provided")
 
         HandshakeSettings._sanityCheckEMSExtension(other)
 

tlslite/tlsconnection.py

@@ -2107,7 +2107,6 @@ def handshakeServerAsync(self, verifierDB=None,
                              certChain=None, privateKey=None, reqCert=False,
                              sessionCache=None, settings=None, checker=None,
                              reqCAs=None,
-                             reqCAs=None,
                              tacks=None, activationFlags=0,
                              nextProtos=None, anon=False, alpn=None, sni=None
                              ):
@@ -2128,9 +2127,6 @@ def handshakeServerAsync(self, verifierDB=None,
             sessionCache=sessionCache, settings=settings,
             reqCAs=reqCAs,
             tacks=tacks, activationFlags=activationFlags,
-            sessionCache=sessionCache, settings=settings,
-            reqCAs=reqCAs,
-            tacks=tacks, activationFlags=activationFlags,
             nextProtos=nextProtos, anon=anon, alpn=alpn, sni=sni)
         for result in self._handshakeWrapperAsync(handshaker, checker):
             yield result