third_party/tlslite/patches/extended_master_secret.patch - Issue 1283373002: Implement extended master secret in tlslite

Side by Side Diff: third_party/tlslite/patches/extended_master_secret.patch

Issue 1283373002: Implement extended master secret in tlslite (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlsl ite/constants.py

	2 index 6d78a20..97508d5 100644

	3 --- a/third_party/tlslite/tlslite/constants.py

	4 +++ b/third_party/tlslite/tlslite/constants.py

	5 @@ -55,6 +55,7 @@ class ExtensionType: # RFC 6066 / 4366

	6 srp = 12 # RFC 5054

	7 cert_type = 9 # RFC 6091

	8 signed_cert_timestamps = 18 # RFC 6962

	9 + extended_master_secret = 23 # RFC-ietf-tls-session-hash-06

	10 tack = 0xF300

	11 supports_npn = 13172

	12 channel_id = 30032

	13 diff --git a/third_party/tlslite/tlslite/mathtls.py b/third_party/tlslite/tlslit e/mathtls.py

	14 index 60a331a..ba8cd5f 100644

	15 --- a/third_party/tlslite/tlslite/mathtls.py

	16 +++ b/third_party/tlslite/tlslite/mathtls.py

	17 @@ -10,6 +10,7 @@

	18 from .utils.compat import *

	19 from .utils.cryptomath import *

	20

	21 +import hashlib

	22 import hmac

	23

	24 #1024, 1536, 2048, 3072, 4096, 6144, and 8192 bit groups]

	25 @@ -67,16 +68,31 @@ def PRF_SSL(secret, seed, length):

	26 index += 1

	27 return bytes

	28

	29 -def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom):

	30 +def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom,

	31 + handshakeMessages, useExtendedMasterSecret):

	32 + label = b"master secret"

	33 + seed = clientRandom + serverRandom

	34 + if useExtendedMasterSecret:

	35 + label = b"extended master secret"

	36 +

	37 if version == (3,0):

	38 - masterSecret = PRF_SSL(premasterSecret,

	39 - clientRandom + serverRandom, 48)

	40 + masterSecret = PRF_SSL(premasterSecret, seed, 48)

	41 elif version in ((3,1), (3,2)):

	42 - masterSecret = PRF(premasterSecret, b"master secret",

	43 - clientRandom + serverRandom, 48)

	44 + if useExtendedMasterSecret:

	45 + seed_md5 = hashlib.md5()

	46 + seed_sha1 = hashlib.sha1()

	47 + for msg in handshakeMessages:

	48 + seed_md5.update(msg)

	49 + seed_sha1.update(msg)

	50 + seed = seed_md5.digest() + seed_sha1.digest()

	51 + masterSecret = PRF(premasterSecret, label, seed, 48)

	52 elif version == (3,3):

	53 - masterSecret = PRF_1_2(premasterSecret, b"master secret",

	54 - clientRandom + serverRandom, 48)

	55 + if useExtendedMasterSecret:

	56 + seed_sha256 = hashlib.sha256()

	57 + for msg in handshakeMessages:

	58 + seed_sha256.update(msg)

	59 + seed = seed_sha256.digest()

	60 + masterSecret = PRF_1_2(premasterSecret, label, seed, 48)

	61 else:

	62 raise AssertionError()

	63 return masterSecret

	64 diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlsli te/messages.py

	65 index 9aeff6d..0bdaf96 100644

	66 --- a/third_party/tlslite/tlslite/messages.py

	67 +++ b/third_party/tlslite/tlslite/messages.py

	68 @@ -92,12 +92,14 @@ class HandshakeMsg(object):

	69 def __init__(self, handshakeType):

	70 self.contentType = ContentType.handshake

	71 self.handshakeType = handshakeType

	72 + self.rawMessage = bytearray(0)

	73

	74 def postWrite(self, w):

	75 headerWriter = Writer()

	76 headerWriter.add(self.handshakeType, 1)

	77 headerWriter.add(len(w.bytes), 3)

	78 - return headerWriter.bytes + w.bytes

	79 + self.rawMessage = headerWriter.bytes + w.bytes

	80 + return self.rawMessage

	81

	82 class ClientHello(HandshakeMsg):

	83 def __init__(self, ssl2=False):

	84 @@ -114,6 +116,7 @@ class ClientHello(HandshakeMsg):

	85 self.supports_npn = False

	86 self.server_name = bytearray(0)

	87 self.channel_id = False

	88 + self.extended_master_secret = False

	89 self.support_signed_cert_timestamps = False

	90 self.status_request = False

	91

	92 @@ -185,6 +188,8 @@ class ClientHello(HandshakeMsg):

	93 break

	94 elif extType == ExtensionType.channel_id:

	95 self.channel_id = True

	96 + elif extType == ExtensionType.extended_master_secret:

	97 + self.extended_master_secret = True

	98 elif extType == ExtensionType.signed_cert_timestamps:

	99 if extLength:

	100 raise SyntaxError()

	101 @@ -267,6 +272,7 @@ class ServerHello(HandshakeMsg):

	102 self.next_protos_advertised = None

	103 self.next_protos = None

	104 self.channel_id = False

	105 + self.extended_master_secret = False

	106 self.signed_cert_timestamps = None

	107 self.status_request = False

	108

	109 @@ -358,6 +364,9 @@ class ServerHello(HandshakeMsg):

	110 if self.channel_id:

	111 w2.add(ExtensionType.channel_id, 2)

	112 w2.add(0, 2)

	113 + if self.extended_master_secret:

	114 + w2.add(ExtensionType.extended_master_secret, 2)

	115 + w2.add(0, 2)

	116 if self.signed_cert_timestamps:

	117 w2.add(ExtensionType.signed_cert_timestamps, 2)

	118 w2.addVarSeq(bytearray(self.signed_cert_timestamps), 1, 2)

	119 diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/ tlslite/tlsconnection.py

	120 index dfac274..9e02671 100644

	121 --- a/third_party/tlslite/tlslite/tlsconnection.py

	122 +++ b/third_party/tlslite/tlslite/tlsconnection.py

	123 @@ -981,7 +981,8 @@ class TLSConnection(TLSRecordLayer):

	124 masterSecret = calcMasterSecret(self.version,

	125 premasterSecret,

	126 clientRandom,

	127 - serverRandom)

	128 + serverRandom,

	129 + [], False)

	130 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"")

	131 elif self.version in ((3,1), (3,2)):

	132 verifyBytes = self._handshake_md5.digest() + \

	133 @@ -1036,7 +1037,7 @@ class TLSConnection(TLSRecordLayer):

	134 cipherSuite, cipherImplementations, nextProto):

	135

	136 masterSecret = calcMasterSecret(self.version, premasterSecret,

	137 - clientRandom, serverRandom)

	138 + clientRandom, serverRandom, [], False)

	139 self._calcPendingStates(cipherSuite, masterSecret,

	140 clientRandom, serverRandom,

	141 cipherImplementations)

	142 @@ -1326,6 +1327,7 @@ class TLSConnection(TLSRecordLayer):

	143 cipherSuite, CertificateType.x509, tackExt,

	144 nextProtos)

	145 serverHello.channel_id = clientHello.channel_id

	146 + serverHello.extended_master_secret = clientHello.extended_master_secret

	147 if clientHello.support_signed_cert_timestamps:

	148 serverHello.signed_cert_timestamps = signedCertTimestamps

	149 if clientHello.status_request:

	150 @@ -1383,7 +1385,8 @@ class TLSConnection(TLSRecordLayer):

	151 for result in self._serverFinished(premasterSecret,

	152 clientHello.random, serverHello.random,

	153 cipherSuite, settings.cipherImplementations,

	154 - nextProtos, clientHello.channel_id):

	155 + nextProtos, clientHello.channel_id,

	156 + clientHello.extended_master_secret):

	157 if result in (0,1): yield result

	158 else: break

	159 masterSecret = result

	160 @@ -1523,6 +1526,8 @@ class TLSConnection(TLSRecordLayer):

	161 serverHello.create(self.version, getRandomBytes(32),

	162 session.sessionID, session.cipherSuite,

	163 CertificateType.x509, None, None)

	164 + serverHello.extended_master_secret = \

	165 + clientHello.extended_master_secret

	166 for result in self._sendMsg(serverHello):

	167 yield result

	168

	169 @@ -1743,7 +1748,8 @@ class TLSConnection(TLSRecordLayer):

	170 if clientCertChain:

	171 if self.version == (3,0):

	172 masterSecret = calcMasterSecret(self.version, premasterSecret,

	173 - clientHello.random, serverHello.random )

	174 + clientHello.random, serverHello.random ,

	175 + [], False)

	176 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"")

	177 elif self.version in ((3,1), (3,2)):

	178 verifyBytes = self._handshake_md5.digest() + \

	179 @@ -1827,9 +1833,11 @@ class TLSConnection(TLSRecordLayer):

	180

	181 def _serverFinished(self, premasterSecret, clientRandom, serverRandom,

	182 cipherSuite, cipherImplementations, nextProtos,

	183 - doingChannelID):

	184 + doingChannelID, useExtendedMasterSecret):

	185 masterSecret = calcMasterSecret(self.version, premasterSecret,

	186 - clientRandom, serverRandom)

	187 + clientRandom, serverRandom,

	188 + self.handshakeMessages,

	189 + useExtendedMasterSecret)

	190

	191 #Calculate pending connection states

	192 self._calcPendingStates(cipherSuite, masterSecret,

	193 diff --git a/third_party/tlslite/tlslite/tlsrecordlayer.py b/third_party/tlslite /tlslite/tlsrecordlayer.py

	194 index c3bcd8c..8faea59 100644

	195 --- a/third_party/tlslite/tlslite/tlsrecordlayer.py

	196 +++ b/third_party/tlslite/tlslite/tlsrecordlayer.py

	197 @@ -115,6 +115,9 @@ class TLSRecordLayer(object):

	198 self.clearReadBuffer()

	199 self.clearWriteBuffer()

	200

	201 + #All handshake messages, for use in extended master secret

	202 + self.handshakeMessages = []

	203 +

	204 #Handshake digests

	205 self._handshake_md5 = hashlib.md5()

	206 self._handshake_sha = hashlib.sha1()

	207 @@ -558,6 +561,7 @@ class TLSRecordLayer(object):

	208 yield result

	209

	210 b = msg.write()

	211 + self.handshakeMessages.append(b)

	212

	213 # If a 1-byte message was passed in, and we "split" the

	214 # first(only) byte off above, we may have a 0-length msg:

	215 @@ -814,6 +818,7 @@ class TLSRecordLayer(object):

	216 self._handshake_md5.update(compat26Str(p.bytes))

	217 self._handshake_sha.update(compat26Str(p.bytes))

	218 self._handshake_sha256.update(compat26Str(p.bytes))

	219 + self.handshakeMessages.append(p.bytes)

	220

	221 #Parse based on handshake type

	222 if subType == HandshakeType.client_hello:

OLD	NEW

« no previous file with comments | « third_party/tlslite/README.chromium ('k') | third_party/tlslite/tlslite/constants.py » ('j') | third_party/tlslite/tlslite/constants.py » ('J')