Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(213)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/tlslite/tlslite/constants.py

Issue 1057733002: Require ECDHE for False Start. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fix components build Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/tlslite/patches/ecdhe_rsa.patch ('k') | third_party/tlslite/tlslite/handshakesettings.py » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/tlslite/tlslite/constants.py
diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlslite/constants.py
index e5b88af405d5af8b9038e4d544fb79172dc883ad..6d78a2072710832e3500738072755ff77a35c3f6 100644
--- a/third_party/tlslite/tlslite/constants.py
+++ b/third_party/tlslite/tlslite/constants.py
@@ -76,6 +76,14 @@ class SignatureAlgorithm:
class NameType:
host_name = 0
+class ECCurveType:
+ explicit_prime = 1
+ explicit_char2 = 2
+ named_curve = 3
+
+class NamedCurve:
+ secp256r1 = 23
+
class AlertLevel:
warning = 1
fatal = 2
@@ -178,11 +186,19 @@ class CipherSuite:
TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xc011
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xc012
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xc013
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xc014
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xc027
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xc02f
+
tripleDESSuites = []
tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA)
tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
+ tripleDESSuites.append(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA)
aes128Suites = []
aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA)
@@ -192,6 +208,8 @@ class CipherSuite:
aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256)
aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256)
+ aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)
+ aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256)
aes256Suites = []
aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA)
@@ -201,14 +219,17 @@ class CipherSuite:
aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256)
aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256)
+ aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
aes128GcmSuites = []
aes128GcmSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256)
aes128GcmSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256)
+ aes128GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
rc4Suites = []
rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA)
rc4Suites.append(TLS_RSA_WITH_RC4_128_MD5)
+ rc4Suites.append(TLS_ECDHE_RSA_WITH_RC4_128_SHA)
shaSuites = []
shaSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
@@ -226,6 +247,10 @@ class CipherSuite:
shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
+ shaSuites.append(TLS_ECDHE_RSA_WITH_RC4_128_SHA)
+ shaSuites.append(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA)
+ shaSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)
+ shaSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
sha256Suites = []
sha256Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256)
@@ -234,6 +259,9 @@ class CipherSuite:
sha256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256)
sha256Suites.append(TLS_RSA_WITH_AES_128_GCM_SHA256)
sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256)
+ sha256Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256)
+ sha256Suites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
+
aeadSuites = aes128GcmSuites
@@ -275,6 +303,8 @@ class CipherSuite:
keyExchangeSuites += CipherSuite.certSuites
if "dhe_rsa" in keyExchangeNames:
keyExchangeSuites += CipherSuite.dheCertSuites
+ if "ecdhe_rsa" in keyExchangeNames:
+ keyExchangeSuites += CipherSuite.ecdheCertSuites
if "srp_sha" in keyExchangeNames:
keyExchangeSuites += CipherSuite.srpSuites
if "srp_sha_rsa" in keyExchangeNames:
@@ -335,7 +365,19 @@ class CipherSuite:
def getDheCertSuites(settings, version=None):
return CipherSuite._filterSuites(CipherSuite.dheCertSuites, settings, version)
- certAllSuites = srpCertSuites + certSuites + dheCertSuites
+ ecdheCertSuites = []
+ ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
+ ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256)
+ ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
+ ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)
+ ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA)
+ ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_RC4_128_SHA)
+
+ @staticmethod
+ def getEcdheCertSuites(settings, version=None):
+ return CipherSuite._filterSuites(CipherSuite.ecdheCertSuites, settings, version)
+
+ certAllSuites = srpCertSuites + certSuites + dheCertSuites + ecdheCertSuites
anonSuites = []
anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
@@ -346,6 +388,7 @@ class CipherSuite:
return CipherSuite._filterSuites(CipherSuite.anonSuites, settings, version)
dhAllSuites = dheCertSuites + anonSuites
+ ecdhAllSuites = ecdheCertSuites
@staticmethod
def canonicalCipherName(ciphersuite):
« no previous file with comments | « third_party/tlslite/patches/ecdhe_rsa.patch ('k') | third_party/tlslite/tlslite/handshakesettings.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698