Revert of Require ECDHE for False Start.

third_party/tlslite/tlslite/tlsconnection.py

 # Authors: 
 #   Trevor Perrin
 #   Google - added reqCAs parameter
 #   Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support
 #   Dimitris Moraitis - Anon ciphersuites
 #   Martin von Loewis - python 3 port
 #   Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
 #
 # See the LICENSE file for legal information regarding use of this file.
 
 """
 MAIN CLASS FOR TLS LITE (START HERE!).
 """
 
 import socket
 from .utils.compat import formatExceptionTrace
 from .tlsrecordlayer import TLSRecordLayer
 from .session import Session
 from .constants import *
 from .utils.cryptomath import getRandomBytes
 from .errors import *
 from .messages import *
 from .mathtls import *
 from .handshakesettings import HandshakeSettings
 from .utils.tackwrapper import *
 from .utils.rsakey import RSAKey
-from .utils import p256
 
 class KeyExchange(object):
     def __init__(self, cipherSuite, clientHello, serverHello, privateKey):
         """
         Initializes the KeyExchange. privateKey is the signing private key.
         """
         self.cipherSuite = cipherSuite
         self.clientHello = clientHello
         self.serverHello = serverHello
         self.privateKey = privateKey
@@ skipping 83 matching lines @@
 
         # First half of RFC 2631, Section 2.1.5. Validate the client's public
         # key.
         if not 2 <= dh_Yc <= self.dh_p - 1:
             raise TLSLocalAlert(AlertDescription.illegal_parameter,
                                 "Invalid dh_Yc value")
 
         S = powMod(dh_Yc, self.dh_Xs, self.dh_p)
         return numberToByteArray(S)
 
-class ECDHE_RSAKeyExchange(KeyExchange):
-    def makeServerKeyExchange(self):
-        public, self.private = p256.generatePublicPrivate()
-
-        version = self.serverHello.server_version
-        serverKeyExchange = ServerKeyExchange(self.cipherSuite, version)
-        serverKeyExchange.createECDH(NamedCurve.secp256r1, bytearray(public))
-        hashBytes = serverKeyExchange.hash(self.clientHello.random,
-                                           self.serverHello.random)
-        if version >= (3,3):
-            # TODO: Signature algorithm negotiation not supported.
-            hashBytes = RSAKey.addPKCS1SHA1Prefix(hashBytes)
-        serverKeyExchange.signature = self.privateKey.sign(hashBytes)
-        return serverKeyExchange
-
-    def processClientKeyExchange(self, clientKeyExchange):
-        ecdh_Yc = clientKeyExchange.ecdh_Yc
-        return bytearray(p256.generateSharedValue(bytes(ecdh_Yc), self.private))
-
 class TLSConnection(TLSRecordLayer):
     """
     This class wraps a socket and provides TLS handshaking and data
     transfer.
 
     To use this class, create a new instance, passing a connected
     socket into the constructor.  Then call some handshake function.
     If the handshake completes without raising an exception, then a TLS
     connection has been negotiated.  You can transfer data over this
     connection as if it were a socket.
@@ skipping 1174 matching lines @@
         # Perform the SRP key exchange
         clientCertChain = None
         if cipherSuite in CipherSuite.srpAllSuites:
             for result in self._serverSRPKeyExchange(clientHello, serverHello, 
                                     verifierDB, cipherSuite, 
                                     privateKey, certChain):
                 if result in (0,1): yield result
                 else: break
             premasterSecret = result
 
-        # Perform a certificate-based key exchange
-        elif cipherSuite in CipherSuite.certAllSuites:
+        # Perform the RSA or DHE_RSA key exchange
+        elif (cipherSuite in CipherSuite.certSuites or
+              cipherSuite in CipherSuite.dheCertSuites):
             if cipherSuite in CipherSuite.certSuites:
                 keyExchange = RSAKeyExchange(cipherSuite,
                                              clientHello,
                                              serverHello,
                                              privateKey)
             elif cipherSuite in CipherSuite.dheCertSuites:
                 keyExchange = DHE_RSAKeyExchange(cipherSuite,
                                                  clientHello,
                                                  serverHello,
                                                  privateKey)
-            elif cipherSuite in CipherSuite.ecdheCertSuites:
-                keyExchange = ECDHE_RSAKeyExchange(cipherSuite,
-                                                   clientHello,
-                                                   serverHello,
-                                                   privateKey)
             else:
                 assert(False)
             for result in self._serverCertKeyExchange(clientHello, serverHello, 
                                         certChain, keyExchange,
                                         reqCert, reqCAs, reqCertTypes, cipherSuite,
                                         settings, ocspResponse):
                 if result in (0,1): yield result
                 else: break
             (premasterSecret, clientCertChain) = result
 
@@ skipping 96 matching lines @@
             self.version = clientHello.client_version
 
         #Initialize acceptable cipher suites
         cipherSuites = []
         if verifierDB:
             if certChain:
                 cipherSuites += \
                     CipherSuite.getSrpCertSuites(settings, self.version)
             cipherSuites += CipherSuite.getSrpSuites(settings, self.version)
         elif certChain:
-            cipherSuites += CipherSuite.getEcdheCertSuites(settings, self.version)
             cipherSuites += CipherSuite.getDheCertSuites(settings, self.version)
             cipherSuites += CipherSuite.getCertSuites(settings, self.version)
         elif anon:
             cipherSuites += CipherSuite.getAnonSuites(settings, self.version)
         else:
             assert(False)
 
         #If resumption was requested and we have a session cache...
         if clientHello.session_id and sessionCache:
             session = None
@@ skipping 502 matching lines @@
             except TLSAlert as alert:
                 if not self.fault:
                     raise
                 if alert.description not in Fault.faultAlerts[self.fault]:
                     raise TLSFaultError(str(alert))
                 else:
                     pass
             except:
                 self._shutdown(False)
                 raise