Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(394)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/tlslite/tlslite/messages.py

Issue 1057733002: Require ECDHE for False Start. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fix components build Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/tlslite/tlslite/handshakesettings.py ('k') | third_party/tlslite/tlslite/tlsconnection.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Authors: 1 # Authors:
2 # Trevor Perrin 2 # Trevor Perrin
3 # Google - handling CertificateRequest.certificate_types 3 # Google - handling CertificateRequest.certificate_types
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support
5 # Dimitris Moraitis - Anon ciphersuites 5 # Dimitris Moraitis - Anon ciphersuites
6 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 6 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
7 # 7 #
8 # See the LICENSE file for legal information regarding use of this file. 8 # See the LICENSE file for legal information regarding use of this file.
9 9
10 """Classes representing TLS messages.""" 10 """Classes representing TLS messages."""
(...skipping 491 matching lines...) Expand 10 before | Expand all | Expand 10 after
502 502
503 class ServerKeyExchange(HandshakeMsg): 503 class ServerKeyExchange(HandshakeMsg):
504 def __init__(self, cipherSuite, version): 504 def __init__(self, cipherSuite, version):
505 HandshakeMsg.__init__(self, HandshakeType.server_key_exchange) 505 HandshakeMsg.__init__(self, HandshakeType.server_key_exchange)
506 self.cipherSuite = cipherSuite 506 self.cipherSuite = cipherSuite
507 self.version = version 507 self.version = version
508 self.srp_N = 0 508 self.srp_N = 0
509 self.srp_g = 0 509 self.srp_g = 0
510 self.srp_s = bytearray(0) 510 self.srp_s = bytearray(0)
511 self.srp_B = 0 511 self.srp_B = 0
512 # Anon DH params: 512 # DH params:
513 self.dh_p = 0 513 self.dh_p = 0
514 self.dh_g = 0 514 self.dh_g = 0
515 self.dh_Ys = 0 515 self.dh_Ys = 0
516 # ECDH params:
517 self.ecdhCurve = 0
518 self.ecdhPublic = bytearray(0)
516 self.signature = bytearray(0) 519 self.signature = bytearray(0)
517 520
518 def createSRP(self, srp_N, srp_g, srp_s, srp_B): 521 def createSRP(self, srp_N, srp_g, srp_s, srp_B):
519 self.srp_N = srp_N 522 self.srp_N = srp_N
520 self.srp_g = srp_g 523 self.srp_g = srp_g
521 self.srp_s = srp_s 524 self.srp_s = srp_s
522 self.srp_B = srp_B 525 self.srp_B = srp_B
523 return self 526 return self
524 527
525 def createDH(self, dh_p, dh_g, dh_Ys): 528 def createDH(self, dh_p, dh_g, dh_Ys):
526 self.dh_p = dh_p 529 self.dh_p = dh_p
527 self.dh_g = dh_g 530 self.dh_g = dh_g
528 self.dh_Ys = dh_Ys 531 self.dh_Ys = dh_Ys
529 return self 532 return self
530 533
534 def createECDH(self, ecdhCurve, ecdhPublic):
535 self.ecdhCurve = ecdhCurve
536 self.ecdhPublic = ecdhPublic
537 return self
538
531 def parse(self, p): 539 def parse(self, p):
532 p.startLengthCheck(3) 540 p.startLengthCheck(3)
533 if self.cipherSuite in CipherSuite.srpAllSuites: 541 if self.cipherSuite in CipherSuite.srpAllSuites:
534 self.srp_N = bytesToNumber(p.getVarBytes(2)) 542 self.srp_N = bytesToNumber(p.getVarBytes(2))
535 self.srp_g = bytesToNumber(p.getVarBytes(2)) 543 self.srp_g = bytesToNumber(p.getVarBytes(2))
536 self.srp_s = p.getVarBytes(1) 544 self.srp_s = p.getVarBytes(1)
537 self.srp_B = bytesToNumber(p.getVarBytes(2)) 545 self.srp_B = bytesToNumber(p.getVarBytes(2))
538 if self.cipherSuite in CipherSuite.srpCertSuites: 546 if self.cipherSuite in CipherSuite.srpCertSuites:
539 self.signature = p.getVarBytes(2) 547 self.signature = p.getVarBytes(2)
540 elif self.cipherSuite in CipherSuite.anonSuites: 548 elif self.cipherSuite in CipherSuite.anonSuites:
541 self.dh_p = bytesToNumber(p.getVarBytes(2)) 549 self.dh_p = bytesToNumber(p.getVarBytes(2))
542 self.dh_g = bytesToNumber(p.getVarBytes(2)) 550 self.dh_g = bytesToNumber(p.getVarBytes(2))
543 self.dh_Ys = bytesToNumber(p.getVarBytes(2)) 551 self.dh_Ys = bytesToNumber(p.getVarBytes(2))
544 p.stopLengthCheck() 552 p.stopLengthCheck()
545 return self 553 return self
546 554
547 def write_params(self): 555 def write_params(self):
548 w = Writer() 556 w = Writer()
549 if self.cipherSuite in CipherSuite.srpAllSuites: 557 if self.cipherSuite in CipherSuite.srpAllSuites:
550 w.addVarSeq(numberToByteArray(self.srp_N), 1, 2) 558 w.addVarSeq(numberToByteArray(self.srp_N), 1, 2)
551 w.addVarSeq(numberToByteArray(self.srp_g), 1, 2) 559 w.addVarSeq(numberToByteArray(self.srp_g), 1, 2)
552 w.addVarSeq(self.srp_s, 1, 1) 560 w.addVarSeq(self.srp_s, 1, 1)
553 w.addVarSeq(numberToByteArray(self.srp_B), 1, 2) 561 w.addVarSeq(numberToByteArray(self.srp_B), 1, 2)
554 elif self.cipherSuite in CipherSuite.dhAllSuites: 562 elif self.cipherSuite in CipherSuite.dhAllSuites:
555 w.addVarSeq(numberToByteArray(self.dh_p), 1, 2) 563 w.addVarSeq(numberToByteArray(self.dh_p), 1, 2)
556 w.addVarSeq(numberToByteArray(self.dh_g), 1, 2) 564 w.addVarSeq(numberToByteArray(self.dh_g), 1, 2)
557 w.addVarSeq(numberToByteArray(self.dh_Ys), 1, 2) 565 w.addVarSeq(numberToByteArray(self.dh_Ys), 1, 2)
566 elif self.cipherSuite in CipherSuite.ecdhAllSuites:
567 w.add(ECCurveType.named_curve, 1)
568 w.add(self.ecdhCurve, 2)
569 w.addVarSeq(self.ecdhPublic, 1, 1)
558 else: 570 else:
559 assert(False) 571 assert(False)
560 return w.bytes 572 return w.bytes
561 573
562 def write(self): 574 def write(self):
563 w = Writer() 575 w = Writer()
564 w.bytes += self.write_params() 576 w.bytes += self.write_params()
565 if self.cipherSuite in CipherSuite.certAllSuites: 577 if self.cipherSuite in CipherSuite.certAllSuites:
566 if self.version >= (3,3): 578 if self.version >= (3,3):
567 # TODO: Signature algorithm negotiation not supported. 579 # TODO: Signature algorithm negotiation not supported.
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after
619 self.srp_A = bytesToNumber(p.getVarBytes(2)) 631 self.srp_A = bytesToNumber(p.getVarBytes(2))
620 elif self.cipherSuite in CipherSuite.certSuites: 632 elif self.cipherSuite in CipherSuite.certSuites:
621 if self.version in ((3,1), (3,2), (3,3)): 633 if self.version in ((3,1), (3,2), (3,3)):
622 self.encryptedPreMasterSecret = p.getVarBytes(2) 634 self.encryptedPreMasterSecret = p.getVarBytes(2)
623 elif self.version == (3,0): 635 elif self.version == (3,0):
624 self.encryptedPreMasterSecret = \ 636 self.encryptedPreMasterSecret = \
625 p.getFixBytes(len(p.bytes)-p.index) 637 p.getFixBytes(len(p.bytes)-p.index)
626 else: 638 else:
627 raise AssertionError() 639 raise AssertionError()
628 elif self.cipherSuite in CipherSuite.dhAllSuites: 640 elif self.cipherSuite in CipherSuite.dhAllSuites:
629 self.dh_Yc = bytesToNumber(p.getVarBytes(2)) 641 self.dh_Yc = bytesToNumber(p.getVarBytes(2))
642 elif self.cipherSuite in CipherSuite.ecdhAllSuites:
643 self.ecdh_Yc = p.getVarBytes(1)
630 else: 644 else:
631 raise AssertionError() 645 raise AssertionError()
632 p.stopLengthCheck() 646 p.stopLengthCheck()
633 return self 647 return self
634 648
635 def write(self): 649 def write(self):
636 w = Writer() 650 w = Writer()
637 if self.cipherSuite in CipherSuite.srpAllSuites: 651 if self.cipherSuite in CipherSuite.srpAllSuites:
638 w.addVarSeq(numberToByteArray(self.srp_A), 1, 2) 652 w.addVarSeq(numberToByteArray(self.srp_A), 1, 2)
639 elif self.cipherSuite in CipherSuite.certSuites: 653 elif self.cipherSuite in CipherSuite.certSuites:
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after
782 newMsg = ApplicationData().create(self.bytes[:1]) 796 newMsg = ApplicationData().create(self.bytes[:1])
783 self.bytes = self.bytes[1:] 797 self.bytes = self.bytes[1:]
784 return newMsg 798 return newMsg
785 799
786 def parse(self, p): 800 def parse(self, p):
787 self.bytes = p.bytes 801 self.bytes = p.bytes
788 return self 802 return self
789 803
790 def write(self): 804 def write(self):
791 return self.bytes 805 return self.bytes
OLDNEW
« no previous file with comments | « third_party/tlslite/tlslite/handshakesettings.py ('k') | third_party/tlslite/tlslite/tlsconnection.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698