OLD | NEW |
---|---|
1 """ | 1 """ |
2 MAIN CLASS FOR TLS LITE (START HERE!). | 2 MAIN CLASS FOR TLS LITE (START HERE!). |
3 """ | 3 """ |
4 from __future__ import generators | 4 from __future__ import generators |
5 | 5 |
6 import socket | 6 import socket |
7 from utils.compat import formatExceptionTrace | 7 from utils.compat import formatExceptionTrace |
8 from TLSRecordLayer import TLSRecordLayer | 8 from TLSRecordLayer import TLSRecordLayer |
9 from Session import Session | 9 from Session import Session |
10 from constants import * | 10 from constants import * |
(...skipping 919 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
930 #Mark the connection as open | 930 #Mark the connection as open |
931 self.session._setResumable(True) | 931 self.session._setResumable(True) |
932 self._handshakeDone(resumed=False) | 932 self._handshakeDone(resumed=False) |
933 | 933 |
934 | 934 |
935 | 935 |
936 def handshakeServer(self, sharedKeyDB=None, verifierDB=None, | 936 def handshakeServer(self, sharedKeyDB=None, verifierDB=None, |
937 certChain=None, privateKey=None, reqCert=False, | 937 certChain=None, privateKey=None, reqCert=False, |
938 sessionCache=None, settings=None, checker=None, | 938 sessionCache=None, settings=None, checker=None, |
939 reqCAs=None, tlsIntolerant=0, | 939 reqCAs=None, tlsIntolerant=0, |
940 signedCertTimestamps=None): | 940 signedCertTimestamps=None, |
941 fallbackSCSV=False): | |
941 """Perform a handshake in the role of server. | 942 """Perform a handshake in the role of server. |
942 | 943 |
943 This function performs an SSL or TLS handshake. Depending on | 944 This function performs an SSL or TLS handshake. Depending on |
944 the arguments and the behavior of the client, this function can | 945 the arguments and the behavior of the client, this function can |
945 perform a shared-key, SRP, or certificate-based handshake. It | 946 perform a shared-key, SRP, or certificate-based handshake. It |
946 can also perform a combined SRP and server-certificate | 947 can also perform a combined SRP and server-certificate |
947 handshake. | 948 handshake. |
948 | 949 |
949 Like any handshake function, this can be called on a closed | 950 Like any handshake function, this can be called on a closed |
950 TLS connection, or on a TLS connection that is already open. | 951 TLS connection, or on a TLS connection that is already open. |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1015 | 1016 |
1016 @raise socket.error: If a socket error occurs. | 1017 @raise socket.error: If a socket error occurs. |
1017 @raise tlslite.errors.TLSAbruptCloseError: If the socket is closed | 1018 @raise tlslite.errors.TLSAbruptCloseError: If the socket is closed |
1018 without a preceding alert. | 1019 without a preceding alert. |
1019 @raise tlslite.errors.TLSAlert: If a TLS alert is signalled. | 1020 @raise tlslite.errors.TLSAlert: If a TLS alert is signalled. |
1020 @raise tlslite.errors.TLSAuthenticationError: If the checker | 1021 @raise tlslite.errors.TLSAuthenticationError: If the checker |
1021 doesn't like the other party's authentication credentials. | 1022 doesn't like the other party's authentication credentials. |
1022 """ | 1023 """ |
1023 for result in self.handshakeServerAsync(sharedKeyDB, verifierDB, | 1024 for result in self.handshakeServerAsync(sharedKeyDB, verifierDB, |
1024 certChain, privateKey, reqCert, sessionCache, settings, | 1025 certChain, privateKey, reqCert, sessionCache, settings, |
1025 checker, reqCAs, tlsIntolerant, signedCertTimestamps): | 1026 checker, reqCAs, tlsIntolerant, signedCertTimestamps, |
1027 fallbackSCSV): | |
1026 pass | 1028 pass |
1027 | 1029 |
1028 | 1030 |
1029 def handshakeServerAsync(self, sharedKeyDB=None, verifierDB=None, | 1031 def handshakeServerAsync(self, sharedKeyDB=None, verifierDB=None, |
1030 certChain=None, privateKey=None, reqCert=False, | 1032 certChain=None, privateKey=None, reqCert=False, |
1031 sessionCache=None, settings=None, checker=None, | 1033 sessionCache=None, settings=None, checker=None, |
1032 reqCAs=None, tlsIntolerant=0, | 1034 reqCAs=None, tlsIntolerant=0, |
1033 signedCertTimestamps=None): | 1035 signedCertTimestamps=None, |
1036 fallbackSCSV=False): | |
1034 """Start a server handshake operation on the TLS connection. | 1037 """Start a server handshake operation on the TLS connection. |
1035 | 1038 |
1036 This function returns a generator which behaves similarly to | 1039 This function returns a generator which behaves similarly to |
1037 handshakeServer(). Successive invocations of the generator | 1040 handshakeServer(). Successive invocations of the generator |
1038 will return 0 if it is waiting to read from the socket, 1 if it is | 1041 will return 0 if it is waiting to read from the socket, 1 if it is |
1039 waiting to write to the socket, or it will raise StopIteration | 1042 waiting to write to the socket, or it will raise StopIteration |
1040 if the handshake operation is complete. | 1043 if the handshake operation is complete. |
1041 | 1044 |
1042 @rtype: iterable | 1045 @rtype: iterable |
1043 @return: A generator; see above for details. | 1046 @return: A generator; see above for details. |
1044 """ | 1047 """ |
1045 handshaker = self._handshakeServerAsyncHelper(\ | 1048 handshaker = self._handshakeServerAsyncHelper(\ |
1046 sharedKeyDB=sharedKeyDB, | 1049 sharedKeyDB=sharedKeyDB, |
1047 verifierDB=verifierDB, certChain=certChain, | 1050 verifierDB=verifierDB, certChain=certChain, |
1048 privateKey=privateKey, reqCert=reqCert, | 1051 privateKey=privateKey, reqCert=reqCert, |
1049 sessionCache=sessionCache, settings=settings, | 1052 sessionCache=sessionCache, settings=settings, |
1050 reqCAs=reqCAs, | 1053 reqCAs=reqCAs, |
1051 tlsIntolerant=tlsIntolerant, | 1054 tlsIntolerant=tlsIntolerant, |
1052 signedCertTimestamps=signedCertTimestamps) | 1055 signedCertTimestamps=signedCertTimestamps, |
1056 fallbackSCSV=fallbackSCSV) | |
1053 for result in self._handshakeWrapperAsync(handshaker, checker): | 1057 for result in self._handshakeWrapperAsync(handshaker, checker): |
1054 yield result | 1058 yield result |
1055 | 1059 |
1056 | 1060 |
1057 def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB, | 1061 def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB, |
1058 certChain, privateKey, reqCert, | 1062 certChain, privateKey, reqCert, |
1059 sessionCache, settings, reqCAs, | 1063 sessionCache, settings, reqCAs, |
1060 tlsIntolerant, signedCertTimestamps): | 1064 tlsIntolerant, signedCertTimestamps, |
1065 fallbackSCSV): | |
1061 | 1066 |
1062 self._handshakeStart(client=False) | 1067 self._handshakeStart(client=False) |
1063 | 1068 |
1064 if (not sharedKeyDB) and (not verifierDB) and (not certChain): | 1069 if (not sharedKeyDB) and (not verifierDB) and (not certChain): |
1065 raise ValueError("Caller passed no authentication credentials") | 1070 raise ValueError("Caller passed no authentication credentials") |
1066 if certChain and not privateKey: | 1071 if certChain and not privateKey: |
1067 raise ValueError("Caller passed a certChain but no privateKey") | 1072 raise ValueError("Caller passed a certChain but no privateKey") |
1068 if privateKey and not certChain: | 1073 if privateKey and not certChain: |
1069 raise ValueError("Caller passed a privateKey but no certChain") | 1074 raise ValueError("Caller passed a privateKey but no certChain") |
1070 if reqCAs and not reqCert: | 1075 if reqCAs and not reqCert: |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1130 yield result | 1135 yield result |
1131 | 1136 |
1132 #If tlsIntolerant is nonzero, reject certain TLS versions. | 1137 #If tlsIntolerant is nonzero, reject certain TLS versions. |
1133 #1: reject all TLS versions. | 1138 #1: reject all TLS versions. |
1134 #2: reject TLS 1.1 or higher. | 1139 #2: reject TLS 1.1 or higher. |
1135 #3: reject TLS 1.2 or higher. | 1140 #3: reject TLS 1.2 or higher. |
1136 if (tlsIntolerant == 1 and clientHello.client_version > (3, 0) or | 1141 if (tlsIntolerant == 1 and clientHello.client_version > (3, 0) or |
1137 tlsIntolerant == 2 and clientHello.client_version > (3, 1) or | 1142 tlsIntolerant == 2 and clientHello.client_version > (3, 1) or |
1138 tlsIntolerant == 3 and clientHello.client_version > (3, 2)): | 1143 tlsIntolerant == 3 and clientHello.client_version > (3, 2)): |
1139 for result in self._sendError(\ | 1144 for result in self._sendError(\ |
1140 AlertDescription.handshake_failure): | 1145 AlertDescription.handshake_failure): |
wtc
2013/12/10 16:28:27
NSS has a special case for a handshake_failure ale
agl
2013/12/10 17:53:43
I think any fatal alert will do. Since everything
| |
1141 yield result | 1146 yield result |
1142 | 1147 |
1143 #If client's version is too high, propose my highest version | 1148 #If client's version is too high, propose my highest version |
1144 elif clientHello.client_version > settings.maxVersion: | 1149 if clientHello.client_version > settings.maxVersion: |
wtc
2013/12/10 16:28:27
Could you explain why you changed this "elif" to "
agl
2013/12/10 17:53:43
I think the "elif" was a mistake, perhaps from whe
| |
1145 self.version = settings.maxVersion | 1150 self.version = settings.maxVersion |
1146 | |
1147 else: | 1151 else: |
1148 #Set the version to the client's version | 1152 #Set the version to the client's version |
1149 self.version = clientHello.client_version | 1153 self.version = clientHello.client_version |
1154 if (fallbackSCSV and | |
1155 clientHello.client_version < settings.maxVersion): | |
1156 for cipherSuite in clientHello.cipher_suites: | |
1157 if cipherSuite == 0x5600: | |
1158 for result in self._sendError(\ | |
1159 AlertDescription.inappropriate_fallback): | |
1160 yield result | |
1150 | 1161 |
1151 #Get the client nonce; create server nonce | 1162 #Get the client nonce; create server nonce |
1152 clientRandom = clientHello.random | 1163 clientRandom = clientHello.random |
1153 serverRandom = getRandomBytes(32) | 1164 serverRandom = getRandomBytes(32) |
1154 | 1165 |
1155 #Calculate the first cipher suite intersection. | 1166 #Calculate the first cipher suite intersection. |
1156 #This is the 'privileged' ciphersuite. We'll use it if we're | 1167 #This is the 'privileged' ciphersuite. We'll use it if we're |
1157 #doing a shared-key resumption or a new negotiation. In fact, | 1168 #doing a shared-key resumption or a new negotiation. In fact, |
1158 #the only time we won't use it is if we're resuming a non-sharedkey | 1169 #the only time we won't use it is if we're resuming a non-sharedkey |
1159 #session, in which case we use the ciphersuite from the session. | 1170 #session, in which case we use the ciphersuite from the session. |
(...skipping 490 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1650 if len(publicKey) < settings.minKeySize: | 1661 if len(publicKey) < settings.minKeySize: |
1651 for result in self._sendError(AlertDescription.handshake_failure, | 1662 for result in self._sendError(AlertDescription.handshake_failure, |
1652 "Other party's public key too small: %d" % len(publicKey)): | 1663 "Other party's public key too small: %d" % len(publicKey)): |
1653 yield result | 1664 yield result |
1654 if len(publicKey) > settings.maxKeySize: | 1665 if len(publicKey) > settings.maxKeySize: |
1655 for result in self._sendError(AlertDescription.handshake_failure, | 1666 for result in self._sendError(AlertDescription.handshake_failure, |
1656 "Other party's public key too large: %d" % len(publicKey)): | 1667 "Other party's public key too large: %d" % len(publicKey)): |
1657 yield result | 1668 yield result |
1658 | 1669 |
1659 yield publicKey, certChain | 1670 yield publicKey, certChain |
OLD | NEW |