OLD | NEW |
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Google - added reqCAs parameter | 3 # Google - added reqCAs parameter |
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
6 # Martin von Loewis - python 3 port | 6 # Martin von Loewis - python 3 port |
7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
8 # | 8 # |
9 # See the LICENSE file for legal information regarding use of this file. | 9 # See the LICENSE file for legal information regarding use of this file. |
10 | 10 |
11 """ | 11 """ |
12 MAIN CLASS FOR TLS LITE (START HERE!). | 12 MAIN CLASS FOR TLS LITE (START HERE!). |
13 """ | 13 """ |
14 | 14 |
15 import socket | 15 import socket |
16 from .utils.compat import formatExceptionTrace | 16 from .utils.compat import formatExceptionTrace |
17 from .tlsrecordlayer import TLSRecordLayer | 17 from .tlsrecordlayer import TLSRecordLayer |
18 from .session import Session | 18 from .session import Session |
19 from .constants import * | 19 from .constants import * |
20 from .utils.cryptomath import getRandomBytes | 20 from .utils.cryptomath import getRandomBytes |
21 from .errors import * | 21 from .errors import * |
22 from .messages import * | 22 from .messages import * |
23 from .mathtls import * | 23 from .mathtls import * |
24 from .handshakesettings import HandshakeSettings | 24 from .handshakesettings import HandshakeSettings |
25 from .utils.tackwrapper import * | 25 from .utils.tackwrapper import * |
26 from .utils.rsakey import RSAKey | 26 from .utils.rsakey import RSAKey |
27 from .utils import p256 | |
28 | 27 |
29 class KeyExchange(object): | 28 class KeyExchange(object): |
30 def __init__(self, cipherSuite, clientHello, serverHello, privateKey): | 29 def __init__(self, cipherSuite, clientHello, serverHello, privateKey): |
31 """ | 30 """ |
32 Initializes the KeyExchange. privateKey is the signing private key. | 31 Initializes the KeyExchange. privateKey is the signing private key. |
33 """ | 32 """ |
34 self.cipherSuite = cipherSuite | 33 self.cipherSuite = cipherSuite |
35 self.clientHello = clientHello | 34 self.clientHello = clientHello |
36 self.serverHello = serverHello | 35 self.serverHello = serverHello |
37 self.privateKey = privateKey | 36 self.privateKey = privateKey |
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
121 | 120 |
122 # First half of RFC 2631, Section 2.1.5. Validate the client's public | 121 # First half of RFC 2631, Section 2.1.5. Validate the client's public |
123 # key. | 122 # key. |
124 if not 2 <= dh_Yc <= self.dh_p - 1: | 123 if not 2 <= dh_Yc <= self.dh_p - 1: |
125 raise TLSLocalAlert(AlertDescription.illegal_parameter, | 124 raise TLSLocalAlert(AlertDescription.illegal_parameter, |
126 "Invalid dh_Yc value") | 125 "Invalid dh_Yc value") |
127 | 126 |
128 S = powMod(dh_Yc, self.dh_Xs, self.dh_p) | 127 S = powMod(dh_Yc, self.dh_Xs, self.dh_p) |
129 return numberToByteArray(S) | 128 return numberToByteArray(S) |
130 | 129 |
131 class ECDHE_RSAKeyExchange(KeyExchange): | |
132 def makeServerKeyExchange(self): | |
133 public, self.private = p256.generatePublicPrivate() | |
134 | |
135 version = self.serverHello.server_version | |
136 serverKeyExchange = ServerKeyExchange(self.cipherSuite, version) | |
137 serverKeyExchange.createECDH(NamedCurve.secp256r1, bytearray(public)) | |
138 hashBytes = serverKeyExchange.hash(self.clientHello.random, | |
139 self.serverHello.random) | |
140 if version >= (3,3): | |
141 # TODO: Signature algorithm negotiation not supported. | |
142 hashBytes = RSAKey.addPKCS1SHA1Prefix(hashBytes) | |
143 serverKeyExchange.signature = self.privateKey.sign(hashBytes) | |
144 return serverKeyExchange | |
145 | |
146 def processClientKeyExchange(self, clientKeyExchange): | |
147 ecdh_Yc = clientKeyExchange.ecdh_Yc | |
148 return bytearray(p256.generateSharedValue(bytes(ecdh_Yc), self.private)) | |
149 | |
150 class TLSConnection(TLSRecordLayer): | 130 class TLSConnection(TLSRecordLayer): |
151 """ | 131 """ |
152 This class wraps a socket and provides TLS handshaking and data | 132 This class wraps a socket and provides TLS handshaking and data |
153 transfer. | 133 transfer. |
154 | 134 |
155 To use this class, create a new instance, passing a connected | 135 To use this class, create a new instance, passing a connected |
156 socket into the constructor. Then call some handshake function. | 136 socket into the constructor. Then call some handshake function. |
157 If the handshake completes without raising an exception, then a TLS | 137 If the handshake completes without raising an exception, then a TLS |
158 connection has been negotiated. You can transfer data over this | 138 connection has been negotiated. You can transfer data over this |
159 connection as if it were a socket. | 139 connection as if it were a socket. |
(...skipping 1174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1334 # Perform the SRP key exchange | 1314 # Perform the SRP key exchange |
1335 clientCertChain = None | 1315 clientCertChain = None |
1336 if cipherSuite in CipherSuite.srpAllSuites: | 1316 if cipherSuite in CipherSuite.srpAllSuites: |
1337 for result in self._serverSRPKeyExchange(clientHello, serverHello, | 1317 for result in self._serverSRPKeyExchange(clientHello, serverHello, |
1338 verifierDB, cipherSuite, | 1318 verifierDB, cipherSuite, |
1339 privateKey, certChain): | 1319 privateKey, certChain): |
1340 if result in (0,1): yield result | 1320 if result in (0,1): yield result |
1341 else: break | 1321 else: break |
1342 premasterSecret = result | 1322 premasterSecret = result |
1343 | 1323 |
1344 # Perform a certificate-based key exchange | 1324 # Perform the RSA or DHE_RSA key exchange |
1345 elif cipherSuite in CipherSuite.certAllSuites: | 1325 elif (cipherSuite in CipherSuite.certSuites or |
| 1326 cipherSuite in CipherSuite.dheCertSuites): |
1346 if cipherSuite in CipherSuite.certSuites: | 1327 if cipherSuite in CipherSuite.certSuites: |
1347 keyExchange = RSAKeyExchange(cipherSuite, | 1328 keyExchange = RSAKeyExchange(cipherSuite, |
1348 clientHello, | 1329 clientHello, |
1349 serverHello, | 1330 serverHello, |
1350 privateKey) | 1331 privateKey) |
1351 elif cipherSuite in CipherSuite.dheCertSuites: | 1332 elif cipherSuite in CipherSuite.dheCertSuites: |
1352 keyExchange = DHE_RSAKeyExchange(cipherSuite, | 1333 keyExchange = DHE_RSAKeyExchange(cipherSuite, |
1353 clientHello, | 1334 clientHello, |
1354 serverHello, | 1335 serverHello, |
1355 privateKey) | 1336 privateKey) |
1356 elif cipherSuite in CipherSuite.ecdheCertSuites: | |
1357 keyExchange = ECDHE_RSAKeyExchange(cipherSuite, | |
1358 clientHello, | |
1359 serverHello, | |
1360 privateKey) | |
1361 else: | 1337 else: |
1362 assert(False) | 1338 assert(False) |
1363 for result in self._serverCertKeyExchange(clientHello, serverHello, | 1339 for result in self._serverCertKeyExchange(clientHello, serverHello, |
1364 certChain, keyExchange, | 1340 certChain, keyExchange, |
1365 reqCert, reqCAs, reqCertTypes, cipherSui
te, | 1341 reqCert, reqCAs, reqCertTypes, cipherSui
te, |
1366 settings, ocspResponse): | 1342 settings, ocspResponse): |
1367 if result in (0,1): yield result | 1343 if result in (0,1): yield result |
1368 else: break | 1344 else: break |
1369 (premasterSecret, clientCertChain) = result | 1345 (premasterSecret, clientCertChain) = result |
1370 | 1346 |
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1467 self.version = clientHello.client_version | 1443 self.version = clientHello.client_version |
1468 | 1444 |
1469 #Initialize acceptable cipher suites | 1445 #Initialize acceptable cipher suites |
1470 cipherSuites = [] | 1446 cipherSuites = [] |
1471 if verifierDB: | 1447 if verifierDB: |
1472 if certChain: | 1448 if certChain: |
1473 cipherSuites += \ | 1449 cipherSuites += \ |
1474 CipherSuite.getSrpCertSuites(settings, self.version) | 1450 CipherSuite.getSrpCertSuites(settings, self.version) |
1475 cipherSuites += CipherSuite.getSrpSuites(settings, self.version) | 1451 cipherSuites += CipherSuite.getSrpSuites(settings, self.version) |
1476 elif certChain: | 1452 elif certChain: |
1477 cipherSuites += CipherSuite.getEcdheCertSuites(settings, self.versio
n) | |
1478 cipherSuites += CipherSuite.getDheCertSuites(settings, self.version) | 1453 cipherSuites += CipherSuite.getDheCertSuites(settings, self.version) |
1479 cipherSuites += CipherSuite.getCertSuites(settings, self.version) | 1454 cipherSuites += CipherSuite.getCertSuites(settings, self.version) |
1480 elif anon: | 1455 elif anon: |
1481 cipherSuites += CipherSuite.getAnonSuites(settings, self.version) | 1456 cipherSuites += CipherSuite.getAnonSuites(settings, self.version) |
1482 else: | 1457 else: |
1483 assert(False) | 1458 assert(False) |
1484 | 1459 |
1485 #If resumption was requested and we have a session cache... | 1460 #If resumption was requested and we have a session cache... |
1486 if clientHello.session_id and sessionCache: | 1461 if clientHello.session_id and sessionCache: |
1487 session = None | 1462 session = None |
(...skipping 502 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1990 except TLSAlert as alert: | 1965 except TLSAlert as alert: |
1991 if not self.fault: | 1966 if not self.fault: |
1992 raise | 1967 raise |
1993 if alert.description not in Fault.faultAlerts[self.fault]: | 1968 if alert.description not in Fault.faultAlerts[self.fault]: |
1994 raise TLSFaultError(str(alert)) | 1969 raise TLSFaultError(str(alert)) |
1995 else: | 1970 else: |
1996 pass | 1971 pass |
1997 except: | 1972 except: |
1998 self._shutdown(False) | 1973 self._shutdown(False) |
1999 raise | 1974 raise |
OLD | NEW |