OLD | NEW |
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Google - added reqCAs parameter | 3 # Google - added reqCAs parameter |
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
6 # Martin von Loewis - python 3 port | 6 # Martin von Loewis - python 3 port |
7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
8 # | 8 # |
9 # See the LICENSE file for legal information regarding use of this file. | 9 # See the LICENSE file for legal information regarding use of this file. |
10 | 10 |
11 """ | 11 """ |
12 MAIN CLASS FOR TLS LITE (START HERE!). | 12 MAIN CLASS FOR TLS LITE (START HERE!). |
13 """ | 13 """ |
14 | 14 |
15 import socket | 15 import socket |
16 from .utils.compat import formatExceptionTrace | 16 from .utils.compat import formatExceptionTrace |
17 from .tlsrecordlayer import TLSRecordLayer | 17 from .tlsrecordlayer import TLSRecordLayer |
18 from .session import Session | 18 from .session import Session |
19 from .constants import * | 19 from .constants import * |
20 from .utils.cryptomath import getRandomBytes | 20 from .utils.cryptomath import getRandomBytes |
21 from .errors import * | 21 from .errors import * |
22 from .messages import * | 22 from .messages import * |
23 from .mathtls import * | 23 from .mathtls import * |
24 from .handshakesettings import HandshakeSettings | 24 from .handshakesettings import HandshakeSettings |
25 from .utils.tackwrapper import * | 25 from .utils.tackwrapper import * |
26 from .utils.rsakey import RSAKey | 26 from .utils.rsakey import RSAKey |
| 27 from .utils import p256 |
27 | 28 |
28 class KeyExchange(object): | 29 class KeyExchange(object): |
29 def __init__(self, cipherSuite, clientHello, serverHello, privateKey): | 30 def __init__(self, cipherSuite, clientHello, serverHello, privateKey): |
30 """ | 31 """ |
31 Initializes the KeyExchange. privateKey is the signing private key. | 32 Initializes the KeyExchange. privateKey is the signing private key. |
32 """ | 33 """ |
33 self.cipherSuite = cipherSuite | 34 self.cipherSuite = cipherSuite |
34 self.clientHello = clientHello | 35 self.clientHello = clientHello |
35 self.serverHello = serverHello | 36 self.serverHello = serverHello |
36 self.privateKey = privateKey | 37 self.privateKey = privateKey |
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
120 | 121 |
121 # First half of RFC 2631, Section 2.1.5. Validate the client's public | 122 # First half of RFC 2631, Section 2.1.5. Validate the client's public |
122 # key. | 123 # key. |
123 if not 2 <= dh_Yc <= self.dh_p - 1: | 124 if not 2 <= dh_Yc <= self.dh_p - 1: |
124 raise TLSLocalAlert(AlertDescription.illegal_parameter, | 125 raise TLSLocalAlert(AlertDescription.illegal_parameter, |
125 "Invalid dh_Yc value") | 126 "Invalid dh_Yc value") |
126 | 127 |
127 S = powMod(dh_Yc, self.dh_Xs, self.dh_p) | 128 S = powMod(dh_Yc, self.dh_Xs, self.dh_p) |
128 return numberToByteArray(S) | 129 return numberToByteArray(S) |
129 | 130 |
| 131 class ECDHE_RSAKeyExchange(KeyExchange): |
| 132 def makeServerKeyExchange(self): |
| 133 public, self.private = p256.generatePublicPrivate() |
| 134 |
| 135 version = self.serverHello.server_version |
| 136 serverKeyExchange = ServerKeyExchange(self.cipherSuite, version) |
| 137 serverKeyExchange.createECDH(NamedCurve.secp256r1, bytearray(public)) |
| 138 hashBytes = serverKeyExchange.hash(self.clientHello.random, |
| 139 self.serverHello.random) |
| 140 if version >= (3,3): |
| 141 # TODO: Signature algorithm negotiation not supported. |
| 142 hashBytes = RSAKey.addPKCS1SHA1Prefix(hashBytes) |
| 143 serverKeyExchange.signature = self.privateKey.sign(hashBytes) |
| 144 return serverKeyExchange |
| 145 |
| 146 def processClientKeyExchange(self, clientKeyExchange): |
| 147 ecdh_Yc = clientKeyExchange.ecdh_Yc |
| 148 return bytearray(p256.generateSharedValue(bytes(ecdh_Yc), self.private)) |
| 149 |
130 class TLSConnection(TLSRecordLayer): | 150 class TLSConnection(TLSRecordLayer): |
131 """ | 151 """ |
132 This class wraps a socket and provides TLS handshaking and data | 152 This class wraps a socket and provides TLS handshaking and data |
133 transfer. | 153 transfer. |
134 | 154 |
135 To use this class, create a new instance, passing a connected | 155 To use this class, create a new instance, passing a connected |
136 socket into the constructor. Then call some handshake function. | 156 socket into the constructor. Then call some handshake function. |
137 If the handshake completes without raising an exception, then a TLS | 157 If the handshake completes without raising an exception, then a TLS |
138 connection has been negotiated. You can transfer data over this | 158 connection has been negotiated. You can transfer data over this |
139 connection as if it were a socket. | 159 connection as if it were a socket. |
(...skipping 1174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1314 # Perform the SRP key exchange | 1334 # Perform the SRP key exchange |
1315 clientCertChain = None | 1335 clientCertChain = None |
1316 if cipherSuite in CipherSuite.srpAllSuites: | 1336 if cipherSuite in CipherSuite.srpAllSuites: |
1317 for result in self._serverSRPKeyExchange(clientHello, serverHello, | 1337 for result in self._serverSRPKeyExchange(clientHello, serverHello, |
1318 verifierDB, cipherSuite, | 1338 verifierDB, cipherSuite, |
1319 privateKey, certChain): | 1339 privateKey, certChain): |
1320 if result in (0,1): yield result | 1340 if result in (0,1): yield result |
1321 else: break | 1341 else: break |
1322 premasterSecret = result | 1342 premasterSecret = result |
1323 | 1343 |
1324 # Perform the RSA or DHE_RSA key exchange | 1344 # Perform a certificate-based key exchange |
1325 elif (cipherSuite in CipherSuite.certSuites or | 1345 elif cipherSuite in CipherSuite.certAllSuites: |
1326 cipherSuite in CipherSuite.dheCertSuites): | |
1327 if cipherSuite in CipherSuite.certSuites: | 1346 if cipherSuite in CipherSuite.certSuites: |
1328 keyExchange = RSAKeyExchange(cipherSuite, | 1347 keyExchange = RSAKeyExchange(cipherSuite, |
1329 clientHello, | 1348 clientHello, |
1330 serverHello, | 1349 serverHello, |
1331 privateKey) | 1350 privateKey) |
1332 elif cipherSuite in CipherSuite.dheCertSuites: | 1351 elif cipherSuite in CipherSuite.dheCertSuites: |
1333 keyExchange = DHE_RSAKeyExchange(cipherSuite, | 1352 keyExchange = DHE_RSAKeyExchange(cipherSuite, |
1334 clientHello, | 1353 clientHello, |
1335 serverHello, | 1354 serverHello, |
1336 privateKey) | 1355 privateKey) |
| 1356 elif cipherSuite in CipherSuite.ecdheCertSuites: |
| 1357 keyExchange = ECDHE_RSAKeyExchange(cipherSuite, |
| 1358 clientHello, |
| 1359 serverHello, |
| 1360 privateKey) |
1337 else: | 1361 else: |
1338 assert(False) | 1362 assert(False) |
1339 for result in self._serverCertKeyExchange(clientHello, serverHello, | 1363 for result in self._serverCertKeyExchange(clientHello, serverHello, |
1340 certChain, keyExchange, | 1364 certChain, keyExchange, |
1341 reqCert, reqCAs, reqCertTypes, cipherSui
te, | 1365 reqCert, reqCAs, reqCertTypes, cipherSui
te, |
1342 settings, ocspResponse): | 1366 settings, ocspResponse): |
1343 if result in (0,1): yield result | 1367 if result in (0,1): yield result |
1344 else: break | 1368 else: break |
1345 (premasterSecret, clientCertChain) = result | 1369 (premasterSecret, clientCertChain) = result |
1346 | 1370 |
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1443 self.version = clientHello.client_version | 1467 self.version = clientHello.client_version |
1444 | 1468 |
1445 #Initialize acceptable cipher suites | 1469 #Initialize acceptable cipher suites |
1446 cipherSuites = [] | 1470 cipherSuites = [] |
1447 if verifierDB: | 1471 if verifierDB: |
1448 if certChain: | 1472 if certChain: |
1449 cipherSuites += \ | 1473 cipherSuites += \ |
1450 CipherSuite.getSrpCertSuites(settings, self.version) | 1474 CipherSuite.getSrpCertSuites(settings, self.version) |
1451 cipherSuites += CipherSuite.getSrpSuites(settings, self.version) | 1475 cipherSuites += CipherSuite.getSrpSuites(settings, self.version) |
1452 elif certChain: | 1476 elif certChain: |
| 1477 cipherSuites += CipherSuite.getEcdheCertSuites(settings, self.versio
n) |
1453 cipherSuites += CipherSuite.getDheCertSuites(settings, self.version) | 1478 cipherSuites += CipherSuite.getDheCertSuites(settings, self.version) |
1454 cipherSuites += CipherSuite.getCertSuites(settings, self.version) | 1479 cipherSuites += CipherSuite.getCertSuites(settings, self.version) |
1455 elif anon: | 1480 elif anon: |
1456 cipherSuites += CipherSuite.getAnonSuites(settings, self.version) | 1481 cipherSuites += CipherSuite.getAnonSuites(settings, self.version) |
1457 else: | 1482 else: |
1458 assert(False) | 1483 assert(False) |
1459 | 1484 |
1460 #If resumption was requested and we have a session cache... | 1485 #If resumption was requested and we have a session cache... |
1461 if clientHello.session_id and sessionCache: | 1486 if clientHello.session_id and sessionCache: |
1462 session = None | 1487 session = None |
(...skipping 502 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1965 except TLSAlert as alert: | 1990 except TLSAlert as alert: |
1966 if not self.fault: | 1991 if not self.fault: |
1967 raise | 1992 raise |
1968 if alert.description not in Fault.faultAlerts[self.fault]: | 1993 if alert.description not in Fault.faultAlerts[self.fault]: |
1969 raise TLSFaultError(str(alert)) | 1994 raise TLSFaultError(str(alert)) |
1970 else: | 1995 else: |
1971 pass | 1996 pass |
1972 except: | 1997 except: |
1973 self._shutdown(False) | 1998 self._shutdown(False) |
1974 raise | 1999 raise |
OLD | NEW |