OLD | NEW |
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Google - handling CertificateRequest.certificate_types | 3 # Google - handling CertificateRequest.certificate_types |
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
6 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | 6 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
7 # | 7 # |
8 # See the LICENSE file for legal information regarding use of this file. | 8 # See the LICENSE file for legal information regarding use of this file. |
9 | 9 |
10 """Classes representing TLS messages.""" | 10 """Classes representing TLS messages.""" |
(...skipping 491 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
502 | 502 |
503 class ServerKeyExchange(HandshakeMsg): | 503 class ServerKeyExchange(HandshakeMsg): |
504 def __init__(self, cipherSuite, version): | 504 def __init__(self, cipherSuite, version): |
505 HandshakeMsg.__init__(self, HandshakeType.server_key_exchange) | 505 HandshakeMsg.__init__(self, HandshakeType.server_key_exchange) |
506 self.cipherSuite = cipherSuite | 506 self.cipherSuite = cipherSuite |
507 self.version = version | 507 self.version = version |
508 self.srp_N = 0 | 508 self.srp_N = 0 |
509 self.srp_g = 0 | 509 self.srp_g = 0 |
510 self.srp_s = bytearray(0) | 510 self.srp_s = bytearray(0) |
511 self.srp_B = 0 | 511 self.srp_B = 0 |
512 # DH params: | 512 # Anon DH params: |
513 self.dh_p = 0 | 513 self.dh_p = 0 |
514 self.dh_g = 0 | 514 self.dh_g = 0 |
515 self.dh_Ys = 0 | 515 self.dh_Ys = 0 |
516 # ECDH params: | |
517 self.ecdhCurve = 0 | |
518 self.ecdhPublic = bytearray(0) | |
519 self.signature = bytearray(0) | 516 self.signature = bytearray(0) |
520 | 517 |
521 def createSRP(self, srp_N, srp_g, srp_s, srp_B): | 518 def createSRP(self, srp_N, srp_g, srp_s, srp_B): |
522 self.srp_N = srp_N | 519 self.srp_N = srp_N |
523 self.srp_g = srp_g | 520 self.srp_g = srp_g |
524 self.srp_s = srp_s | 521 self.srp_s = srp_s |
525 self.srp_B = srp_B | 522 self.srp_B = srp_B |
526 return self | 523 return self |
527 | 524 |
528 def createDH(self, dh_p, dh_g, dh_Ys): | 525 def createDH(self, dh_p, dh_g, dh_Ys): |
529 self.dh_p = dh_p | 526 self.dh_p = dh_p |
530 self.dh_g = dh_g | 527 self.dh_g = dh_g |
531 self.dh_Ys = dh_Ys | 528 self.dh_Ys = dh_Ys |
532 return self | 529 return self |
533 | 530 |
534 def createECDH(self, ecdhCurve, ecdhPublic): | |
535 self.ecdhCurve = ecdhCurve | |
536 self.ecdhPublic = ecdhPublic | |
537 return self | |
538 | |
539 def parse(self, p): | 531 def parse(self, p): |
540 p.startLengthCheck(3) | 532 p.startLengthCheck(3) |
541 if self.cipherSuite in CipherSuite.srpAllSuites: | 533 if self.cipherSuite in CipherSuite.srpAllSuites: |
542 self.srp_N = bytesToNumber(p.getVarBytes(2)) | 534 self.srp_N = bytesToNumber(p.getVarBytes(2)) |
543 self.srp_g = bytesToNumber(p.getVarBytes(2)) | 535 self.srp_g = bytesToNumber(p.getVarBytes(2)) |
544 self.srp_s = p.getVarBytes(1) | 536 self.srp_s = p.getVarBytes(1) |
545 self.srp_B = bytesToNumber(p.getVarBytes(2)) | 537 self.srp_B = bytesToNumber(p.getVarBytes(2)) |
546 if self.cipherSuite in CipherSuite.srpCertSuites: | 538 if self.cipherSuite in CipherSuite.srpCertSuites: |
547 self.signature = p.getVarBytes(2) | 539 self.signature = p.getVarBytes(2) |
548 elif self.cipherSuite in CipherSuite.anonSuites: | 540 elif self.cipherSuite in CipherSuite.anonSuites: |
549 self.dh_p = bytesToNumber(p.getVarBytes(2)) | 541 self.dh_p = bytesToNumber(p.getVarBytes(2)) |
550 self.dh_g = bytesToNumber(p.getVarBytes(2)) | 542 self.dh_g = bytesToNumber(p.getVarBytes(2)) |
551 self.dh_Ys = bytesToNumber(p.getVarBytes(2)) | 543 self.dh_Ys = bytesToNumber(p.getVarBytes(2)) |
552 p.stopLengthCheck() | 544 p.stopLengthCheck() |
553 return self | 545 return self |
554 | 546 |
555 def write_params(self): | 547 def write_params(self): |
556 w = Writer() | 548 w = Writer() |
557 if self.cipherSuite in CipherSuite.srpAllSuites: | 549 if self.cipherSuite in CipherSuite.srpAllSuites: |
558 w.addVarSeq(numberToByteArray(self.srp_N), 1, 2) | 550 w.addVarSeq(numberToByteArray(self.srp_N), 1, 2) |
559 w.addVarSeq(numberToByteArray(self.srp_g), 1, 2) | 551 w.addVarSeq(numberToByteArray(self.srp_g), 1, 2) |
560 w.addVarSeq(self.srp_s, 1, 1) | 552 w.addVarSeq(self.srp_s, 1, 1) |
561 w.addVarSeq(numberToByteArray(self.srp_B), 1, 2) | 553 w.addVarSeq(numberToByteArray(self.srp_B), 1, 2) |
562 elif self.cipherSuite in CipherSuite.dhAllSuites: | 554 elif self.cipherSuite in CipherSuite.dhAllSuites: |
563 w.addVarSeq(numberToByteArray(self.dh_p), 1, 2) | 555 w.addVarSeq(numberToByteArray(self.dh_p), 1, 2) |
564 w.addVarSeq(numberToByteArray(self.dh_g), 1, 2) | 556 w.addVarSeq(numberToByteArray(self.dh_g), 1, 2) |
565 w.addVarSeq(numberToByteArray(self.dh_Ys), 1, 2) | 557 w.addVarSeq(numberToByteArray(self.dh_Ys), 1, 2) |
566 elif self.cipherSuite in CipherSuite.ecdhAllSuites: | |
567 w.add(ECCurveType.named_curve, 1) | |
568 w.add(self.ecdhCurve, 2) | |
569 w.addVarSeq(self.ecdhPublic, 1, 1) | |
570 else: | 558 else: |
571 assert(False) | 559 assert(False) |
572 return w.bytes | 560 return w.bytes |
573 | 561 |
574 def write(self): | 562 def write(self): |
575 w = Writer() | 563 w = Writer() |
576 w.bytes += self.write_params() | 564 w.bytes += self.write_params() |
577 if self.cipherSuite in CipherSuite.certAllSuites: | 565 if self.cipherSuite in CipherSuite.certAllSuites: |
578 if self.version >= (3,3): | 566 if self.version >= (3,3): |
579 # TODO: Signature algorithm negotiation not supported. | 567 # TODO: Signature algorithm negotiation not supported. |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
631 self.srp_A = bytesToNumber(p.getVarBytes(2)) | 619 self.srp_A = bytesToNumber(p.getVarBytes(2)) |
632 elif self.cipherSuite in CipherSuite.certSuites: | 620 elif self.cipherSuite in CipherSuite.certSuites: |
633 if self.version in ((3,1), (3,2), (3,3)): | 621 if self.version in ((3,1), (3,2), (3,3)): |
634 self.encryptedPreMasterSecret = p.getVarBytes(2) | 622 self.encryptedPreMasterSecret = p.getVarBytes(2) |
635 elif self.version == (3,0): | 623 elif self.version == (3,0): |
636 self.encryptedPreMasterSecret = \ | 624 self.encryptedPreMasterSecret = \ |
637 p.getFixBytes(len(p.bytes)-p.index) | 625 p.getFixBytes(len(p.bytes)-p.index) |
638 else: | 626 else: |
639 raise AssertionError() | 627 raise AssertionError() |
640 elif self.cipherSuite in CipherSuite.dhAllSuites: | 628 elif self.cipherSuite in CipherSuite.dhAllSuites: |
641 self.dh_Yc = bytesToNumber(p.getVarBytes(2)) | 629 self.dh_Yc = bytesToNumber(p.getVarBytes(2)) |
642 elif self.cipherSuite in CipherSuite.ecdhAllSuites: | |
643 self.ecdh_Yc = p.getVarBytes(1) | |
644 else: | 630 else: |
645 raise AssertionError() | 631 raise AssertionError() |
646 p.stopLengthCheck() | 632 p.stopLengthCheck() |
647 return self | 633 return self |
648 | 634 |
649 def write(self): | 635 def write(self): |
650 w = Writer() | 636 w = Writer() |
651 if self.cipherSuite in CipherSuite.srpAllSuites: | 637 if self.cipherSuite in CipherSuite.srpAllSuites: |
652 w.addVarSeq(numberToByteArray(self.srp_A), 1, 2) | 638 w.addVarSeq(numberToByteArray(self.srp_A), 1, 2) |
653 elif self.cipherSuite in CipherSuite.certSuites: | 639 elif self.cipherSuite in CipherSuite.certSuites: |
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
796 newMsg = ApplicationData().create(self.bytes[:1]) | 782 newMsg = ApplicationData().create(self.bytes[:1]) |
797 self.bytes = self.bytes[1:] | 783 self.bytes = self.bytes[1:] |
798 return newMsg | 784 return newMsg |
799 | 785 |
800 def parse(self, p): | 786 def parse(self, p): |
801 self.bytes = p.bytes | 787 self.bytes = p.bytes |
802 return self | 788 return self |
803 | 789 |
804 def write(self): | 790 def write(self): |
805 return self.bytes | 791 return self.bytes |
OLD | NEW |