Port SCT test to EmbeddedTestServer

Bug: 492672, 1250903
Change-Id: Icac6ca051805f98c51fcacef079b105bc97cc181
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3170212
Auto-Submit: David Benjamin <davidben@chromium.org>
Reviewed-by: Ryan Sleevi <rsleevi@chromium.org>
Commit-Queue: David Benjamin <davidben@chromium.org>
Cr-Commit-Position: refs/heads/main@{#923009}
NOKEYCHECK=True
GitOrigin-RevId: 8e657bc4d91a5004f72653039235109dba4bd211
diff --git a/testserver.py b/testserver.py
index 10b7d54..2f8d643 100755
--- a/testserver.py
+++ b/testserver.py
@@ -102,9 +102,9 @@
 
   def __init__(self, server_address, request_hander_class, pem_cert_and_key,
                ssl_client_auth, ssl_client_cas, ssl_client_cert_types,
-               tls_intolerant, tls_intolerance_type, signed_cert_timestamps,
-               alert_after_handshake, simulate_tls13_downgrade,
-               simulate_tls12_downgrade, tls_max_version):
+               tls_intolerant, tls_intolerance_type, alert_after_handshake,
+               simulate_tls13_downgrade, simulate_tls12_downgrade,
+               tls_max_version):
     self.cert_chain = tlslite.api.X509CertChain()
     self.cert_chain.parsePemList(pem_cert_and_key)
     # Force using only python implementation - otherwise behavior is different
@@ -117,7 +117,6 @@
     self.ssl_client_auth = ssl_client_auth
     self.ssl_client_cas = []
     self.ssl_client_cert_types = []
-    self.signed_cert_timestamps = signed_cert_timestamps
 
     if ssl_client_auth:
       for ca_file in ssl_client_cas:
@@ -157,15 +156,13 @@
 
     try:
       self.tlsConnection = tlsConnection
-      tlsConnection.handshakeServer(
-          certChain=self.cert_chain,
-          privateKey=self.private_key,
-          sessionCache=self.session_cache,
-          reqCert=self.ssl_client_auth,
-          settings=self.ssl_handshake_settings,
-          reqCAs=self.ssl_client_cas,
-          reqCertTypes=self.ssl_client_cert_types,
-          signedCertTimestamps=self.signed_cert_timestamps)
+      tlsConnection.handshakeServer(certChain=self.cert_chain,
+                                    privateKey=self.private_key,
+                                    sessionCache=self.session_cache,
+                                    reqCert=self.ssl_client_auth,
+                                    settings=self.ssl_handshake_settings,
+                                    reqCAs=self.ssl_client_cas,
+                                    reqCertTypes=self.ssl_client_cert_types)
       tlsConnection.ignoreAbruptClose = True
       return True
     except tlslite.api.TLSAbruptCloseError:
@@ -417,7 +414,6 @@
             self.options.ssl_client_auth, self.options.ssl_client_ca,
             self.options.ssl_client_cert_type, self.options.tls_intolerant,
             self.options.tls_intolerance_type,
-            base64.b64decode(self.options.signed_cert_timestamps_tls_ext),
             self.options.alert_after_handshake,
             self.options.simulate_tls13_downgrade,
             self.options.simulate_tls12_downgrade, self.options.tls_max_version)
@@ -522,13 +518,6 @@
                                   help='Controls how the server reacts to a '
                                   'TLS version it is intolerant to. Valid '
                                   'values are "alert", "close", and "reset".')
-    self.option_parser.add_option('--signed-cert-timestamps-tls-ext',
-                                  dest='signed_cert_timestamps_tls_ext',
-                                  default='',
-                                  help='Base64 encoded SCT list. If set, '
-                                  'server will respond with a '
-                                  'signed_certificate_timestamp TLS extension '
-                                  'whenever the client supports it.')
     self.option_parser.add_option('--ssl-client-auth', action='store_true',
                                   help='Require SSL client auth on every '
                                   'connection.')