| Index: third_party/tlslite/patches/extended_master_secret.patch
|
| diff --git a/third_party/tlslite/patches/extended_master_secret.patch b/third_party/tlslite/patches/extended_master_secret.patch
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..df60b4bc9781e49531722de76fe740dbba0fd586
|
| --- /dev/null
|
| +++ b/third_party/tlslite/patches/extended_master_secret.patch
|
| @@ -0,0 +1,197 @@
|
| +diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlslite/constants.py
|
| +index 6d78a20..f9c8676 100644
|
| +--- a/third_party/tlslite/tlslite/constants.py
|
| ++++ b/third_party/tlslite/tlslite/constants.py
|
| +@@ -55,6 +55,7 @@ class ExtensionType: # RFC 6066 / 4366
|
| + srp = 12 # RFC 5054
|
| + cert_type = 9 # RFC 6091
|
| + signed_cert_timestamps = 18 # RFC 6962
|
| ++ extended_master_secret = 23 # draft-ietf-tls-session-hash-06
|
| + tack = 0xF300
|
| + supports_npn = 13172
|
| + channel_id = 30032
|
| +diff --git a/third_party/tlslite/tlslite/handshakesettings.py b/third_party/tlslite/tlslite/handshakesettings.py
|
| +index 605ed42..7679823 100644
|
| +--- a/third_party/tlslite/tlslite/handshakesettings.py
|
| ++++ b/third_party/tlslite/tlslite/handshakesettings.py
|
| +@@ -111,6 +111,10 @@ class HandshakeSettings(object):
|
| + @type alertAfterHandshake: bool
|
| + @ivar alertAfterHandshake: If true, the server will send a fatal
|
| + alert immediately after the handshake completes.
|
| ++
|
| ++ @type enableExtendedMasterSecret: bool
|
| ++ @ivar enableExtendedMasterSecret: If true, the server supports the extended
|
| ++ master secret TLS extension and will negotiated it with supporting clients.
|
| +
|
| + Note that TACK support is not standardized by IETF and uses a temporary
|
| + TLS Extension number, so should NOT be used in production software.
|
| +@@ -129,6 +133,7 @@ class HandshakeSettings(object):
|
| + self.tlsIntoleranceType = 'alert'
|
| + self.useExperimentalTackExtension = False
|
| + self.alertAfterHandshake = False
|
| ++ self.enableExtendedMasterSecret = True
|
| +
|
| + # Validates the min/max fields, and certificateTypes
|
| + # Filters out unsupported cipherNames and cipherImplementations
|
| +diff --git a/third_party/tlslite/tlslite/mathtls.py b/third_party/tlslite/tlslite/mathtls.py
|
| +index 60a331a..0a23fe1 100644
|
| +--- a/third_party/tlslite/tlslite/mathtls.py
|
| ++++ b/third_party/tlslite/tlslite/mathtls.py
|
| +@@ -67,16 +67,20 @@ def PRF_SSL(secret, seed, length):
|
| + index += 1
|
| + return bytes
|
| +
|
| +-def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom):
|
| ++def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom,
|
| ++ handshakeHash, useExtendedMasterSecret):
|
| ++ label = b"master secret"
|
| ++ seed = clientRandom + serverRandom
|
| ++ if useExtendedMasterSecret:
|
| ++ label = b"extended master secret"
|
| ++ seed = handshakeHash
|
| ++
|
| + if version == (3,0):
|
| +- masterSecret = PRF_SSL(premasterSecret,
|
| +- clientRandom + serverRandom, 48)
|
| ++ masterSecret = PRF_SSL(premasterSecret, seed, 48)
|
| + elif version in ((3,1), (3,2)):
|
| +- masterSecret = PRF(premasterSecret, b"master secret",
|
| +- clientRandom + serverRandom, 48)
|
| ++ masterSecret = PRF(premasterSecret, label, seed, 48)
|
| + elif version == (3,3):
|
| +- masterSecret = PRF_1_2(premasterSecret, b"master secret",
|
| +- clientRandom + serverRandom, 48)
|
| ++ masterSecret = PRF_1_2(premasterSecret, label, seed, 48)
|
| + else:
|
| + raise AssertionError()
|
| + return masterSecret
|
| +diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlslite/messages.py
|
| +index 9aeff6d..9b553ce 100644
|
| +--- a/third_party/tlslite/tlslite/messages.py
|
| ++++ b/third_party/tlslite/tlslite/messages.py
|
| +@@ -114,6 +114,7 @@ class ClientHello(HandshakeMsg):
|
| + self.supports_npn = False
|
| + self.server_name = bytearray(0)
|
| + self.channel_id = False
|
| ++ self.extended_master_secret = False
|
| + self.support_signed_cert_timestamps = False
|
| + self.status_request = False
|
| +
|
| +@@ -185,6 +186,8 @@ class ClientHello(HandshakeMsg):
|
| + break
|
| + elif extType == ExtensionType.channel_id:
|
| + self.channel_id = True
|
| ++ elif extType == ExtensionType.extended_master_secret:
|
| ++ self.extended_master_secret = True
|
| + elif extType == ExtensionType.signed_cert_timestamps:
|
| + if extLength:
|
| + raise SyntaxError()
|
| +@@ -267,6 +270,7 @@ class ServerHello(HandshakeMsg):
|
| + self.next_protos_advertised = None
|
| + self.next_protos = None
|
| + self.channel_id = False
|
| ++ self.extended_master_secret = False
|
| + self.signed_cert_timestamps = None
|
| + self.status_request = False
|
| +
|
| +@@ -358,6 +362,9 @@ class ServerHello(HandshakeMsg):
|
| + if self.channel_id:
|
| + w2.add(ExtensionType.channel_id, 2)
|
| + w2.add(0, 2)
|
| ++ if self.extended_master_secret:
|
| ++ w2.add(ExtensionType.extended_master_secret, 2)
|
| ++ w2.add(0, 2)
|
| + if self.signed_cert_timestamps:
|
| + w2.add(ExtensionType.signed_cert_timestamps, 2)
|
| + w2.addVarSeq(bytearray(self.signed_cert_timestamps), 1, 2)
|
| +diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/tlslite/tlsconnection.py
|
| +index dfac274..231ba15 100644
|
| +--- a/third_party/tlslite/tlslite/tlsconnection.py
|
| ++++ b/third_party/tlslite/tlslite/tlsconnection.py
|
| +@@ -981,7 +981,8 @@ class TLSConnection(TLSRecordLayer):
|
| + masterSecret = calcMasterSecret(self.version,
|
| + premasterSecret,
|
| + clientRandom,
|
| +- serverRandom)
|
| ++ serverRandom,
|
| ++ b"", False)
|
| + verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"")
|
| + elif self.version in ((3,1), (3,2)):
|
| + verifyBytes = self._handshake_md5.digest() + \
|
| +@@ -1036,7 +1037,7 @@ class TLSConnection(TLSRecordLayer):
|
| + cipherSuite, cipherImplementations, nextProto):
|
| +
|
| + masterSecret = calcMasterSecret(self.version, premasterSecret,
|
| +- clientRandom, serverRandom)
|
| ++ clientRandom, serverRandom, b"", False)
|
| + self._calcPendingStates(cipherSuite, masterSecret,
|
| + clientRandom, serverRandom,
|
| + cipherImplementations)
|
| +@@ -1326,6 +1327,9 @@ class TLSConnection(TLSRecordLayer):
|
| + cipherSuite, CertificateType.x509, tackExt,
|
| + nextProtos)
|
| + serverHello.channel_id = clientHello.channel_id
|
| ++ serverHello.extended_master_secret = \
|
| ++ clientHello.extended_master_secret and \
|
| ++ settings.enableExtendedMasterSecret
|
| + if clientHello.support_signed_cert_timestamps:
|
| + serverHello.signed_cert_timestamps = signedCertTimestamps
|
| + if clientHello.status_request:
|
| +@@ -1383,7 +1387,8 @@ class TLSConnection(TLSRecordLayer):
|
| + for result in self._serverFinished(premasterSecret,
|
| + clientHello.random, serverHello.random,
|
| + cipherSuite, settings.cipherImplementations,
|
| +- nextProtos, clientHello.channel_id):
|
| ++ nextProtos, clientHello.channel_id,
|
| ++ serverHello.extended_master_secret):
|
| + if result in (0,1): yield result
|
| + else: break
|
| + masterSecret = result
|
| +@@ -1523,6 +1528,9 @@ class TLSConnection(TLSRecordLayer):
|
| + serverHello.create(self.version, getRandomBytes(32),
|
| + session.sessionID, session.cipherSuite,
|
| + CertificateType.x509, None, None)
|
| ++ serverHello.extended_master_secret = \
|
| ++ clientHello.extended_master_secret and \
|
| ++ settings.enableExtendedMasterSecret
|
| + for result in self._sendMsg(serverHello):
|
| + yield result
|
| +
|
| +@@ -1743,7 +1751,8 @@ class TLSConnection(TLSRecordLayer):
|
| + if clientCertChain:
|
| + if self.version == (3,0):
|
| + masterSecret = calcMasterSecret(self.version, premasterSecret,
|
| +- clientHello.random, serverHello.random)
|
| ++ clientHello.random, serverHello.random,
|
| ++ b"", False)
|
| + verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"")
|
| + elif self.version in ((3,1), (3,2)):
|
| + verifyBytes = self._handshake_md5.digest() + \
|
| +@@ -1827,9 +1836,11 @@ class TLSConnection(TLSRecordLayer):
|
| +
|
| + def _serverFinished(self, premasterSecret, clientRandom, serverRandom,
|
| + cipherSuite, cipherImplementations, nextProtos,
|
| +- doingChannelID):
|
| ++ doingChannelID, useExtendedMasterSecret):
|
| + masterSecret = calcMasterSecret(self.version, premasterSecret,
|
| +- clientRandom, serverRandom)
|
| ++ clientRandom, serverRandom,
|
| ++ self._getHandshakeHash(),
|
| ++ useExtendedMasterSecret)
|
| +
|
| + #Calculate pending connection states
|
| + self._calcPendingStates(cipherSuite, masterSecret,
|
| +diff --git a/third_party/tlslite/tlslite/tlsrecordlayer.py b/third_party/tlslite/tlslite/tlsrecordlayer.py
|
| +index c3bcd8c..b7d68a7a 100644
|
| +--- a/third_party/tlslite/tlslite/tlsrecordlayer.py
|
| ++++ b/third_party/tlslite/tlslite/tlsrecordlayer.py
|
| +@@ -1256,3 +1256,9 @@ class TLSRecordLayer(object):
|
| +
|
| + return md5Bytes + shaBytes
|
| +
|
| ++ def _getHandshakeHash(self):
|
| ++ if self.version in ((3,1), (3,2)):
|
| ++ return self._handshake_md5.digest() + \
|
| ++ self._handshake_sha.digest()
|
| ++ elif self.version == (3,3):
|
| ++ return self._handshake_sha256.digest()
|
|
|
Chromium Code Reviews
Issue 1283373002:
Implement extended master secret in tlslite (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master