OLD | NEW |
| (Empty) |
1 diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlsl
ite/constants.py | |
2 index 6d78a20..f9c8676 100644 | |
3 --- a/third_party/tlslite/tlslite/constants.py | |
4 +++ b/third_party/tlslite/tlslite/constants.py | |
5 @@ -55,6 +55,7 @@ class ExtensionType: # RFC 6066 / 4366 | |
6 srp = 12 # RFC 5054 | |
7 cert_type = 9 # RFC 6091 | |
8 signed_cert_timestamps = 18 # RFC 6962 | |
9 + extended_master_secret = 23 # draft-ietf-tls-session-hash-06 | |
10 tack = 0xF300 | |
11 supports_npn = 13172 | |
12 channel_id = 30032 | |
13 diff --git a/third_party/tlslite/tlslite/handshakesettings.py b/third_party/tlsl
ite/tlslite/handshakesettings.py | |
14 index 605ed42..7679823 100644 | |
15 --- a/third_party/tlslite/tlslite/handshakesettings.py | |
16 +++ b/third_party/tlslite/tlslite/handshakesettings.py | |
17 @@ -111,6 +111,10 @@ class HandshakeSettings(object): | |
18 @type alertAfterHandshake: bool | |
19 @ivar alertAfterHandshake: If true, the server will send a fatal | |
20 alert immediately after the handshake completes. | |
21 + | |
22 + @type enableExtendedMasterSecret: bool | |
23 + @ivar enableExtendedMasterSecret: If true, the server supports the extended | |
24 + master secret TLS extension and will negotiated it with supporting clients. | |
25 | |
26 Note that TACK support is not standardized by IETF and uses a temporary | |
27 TLS Extension number, so should NOT be used in production software. | |
28 @@ -129,6 +133,7 @@ class HandshakeSettings(object): | |
29 self.tlsIntoleranceType = 'alert' | |
30 self.useExperimentalTackExtension = False | |
31 self.alertAfterHandshake = False | |
32 + self.enableExtendedMasterSecret = True | |
33 | |
34 # Validates the min/max fields, and certificateTypes | |
35 # Filters out unsupported cipherNames and cipherImplementations | |
36 diff --git a/third_party/tlslite/tlslite/mathtls.py b/third_party/tlslite/tlslit
e/mathtls.py | |
37 index 60a331a..0a23fe1 100644 | |
38 --- a/third_party/tlslite/tlslite/mathtls.py | |
39 +++ b/third_party/tlslite/tlslite/mathtls.py | |
40 @@ -67,16 +67,20 @@ def PRF_SSL(secret, seed, length): | |
41 index += 1 | |
42 return bytes | |
43 | |
44 -def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom): | |
45 +def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom, | |
46 + handshakeHash, useExtendedMasterSecret): | |
47 + label = b"master secret" | |
48 + seed = clientRandom + serverRandom | |
49 + if useExtendedMasterSecret: | |
50 + label = b"extended master secret" | |
51 + seed = handshakeHash | |
52 + | |
53 if version == (3,0): | |
54 - masterSecret = PRF_SSL(premasterSecret, | |
55 - clientRandom + serverRandom, 48) | |
56 + masterSecret = PRF_SSL(premasterSecret, seed, 48) | |
57 elif version in ((3,1), (3,2)): | |
58 - masterSecret = PRF(premasterSecret, b"master secret", | |
59 - clientRandom + serverRandom, 48) | |
60 + masterSecret = PRF(premasterSecret, label, seed, 48) | |
61 elif version == (3,3): | |
62 - masterSecret = PRF_1_2(premasterSecret, b"master secret", | |
63 - clientRandom + serverRandom, 48) | |
64 + masterSecret = PRF_1_2(premasterSecret, label, seed, 48) | |
65 else: | |
66 raise AssertionError() | |
67 return masterSecret | |
68 diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlsli
te/messages.py | |
69 index 9aeff6d..9b553ce 100644 | |
70 --- a/third_party/tlslite/tlslite/messages.py | |
71 +++ b/third_party/tlslite/tlslite/messages.py | |
72 @@ -114,6 +114,7 @@ class ClientHello(HandshakeMsg): | |
73 self.supports_npn = False | |
74 self.server_name = bytearray(0) | |
75 self.channel_id = False | |
76 + self.extended_master_secret = False | |
77 self.support_signed_cert_timestamps = False | |
78 self.status_request = False | |
79 | |
80 @@ -185,6 +186,8 @@ class ClientHello(HandshakeMsg): | |
81 break | |
82 elif extType == ExtensionType.channel_id: | |
83 self.channel_id = True | |
84 + elif extType == ExtensionType.extended_master_secret: | |
85 + self.extended_master_secret = True | |
86 elif extType == ExtensionType.signed_cert_timestamps: | |
87 if extLength: | |
88 raise SyntaxError() | |
89 @@ -267,6 +270,7 @@ class ServerHello(HandshakeMsg): | |
90 self.next_protos_advertised = None | |
91 self.next_protos = None | |
92 self.channel_id = False | |
93 + self.extended_master_secret = False | |
94 self.signed_cert_timestamps = None | |
95 self.status_request = False | |
96 | |
97 @@ -358,6 +362,9 @@ class ServerHello(HandshakeMsg): | |
98 if self.channel_id: | |
99 w2.add(ExtensionType.channel_id, 2) | |
100 w2.add(0, 2) | |
101 + if self.extended_master_secret: | |
102 + w2.add(ExtensionType.extended_master_secret, 2) | |
103 + w2.add(0, 2) | |
104 if self.signed_cert_timestamps: | |
105 w2.add(ExtensionType.signed_cert_timestamps, 2) | |
106 w2.addVarSeq(bytearray(self.signed_cert_timestamps), 1, 2) | |
107 diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/
tlslite/tlsconnection.py | |
108 index dfac274..231ba15 100644 | |
109 --- a/third_party/tlslite/tlslite/tlsconnection.py | |
110 +++ b/third_party/tlslite/tlslite/tlsconnection.py | |
111 @@ -981,7 +981,8 @@ class TLSConnection(TLSRecordLayer): | |
112 masterSecret = calcMasterSecret(self.version, | |
113 premasterSecret, | |
114 clientRandom, | |
115 - serverRandom) | |
116 + serverRandom, | |
117 + b"", False) | |
118 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") | |
119 elif self.version in ((3,1), (3,2)): | |
120 verifyBytes = self._handshake_md5.digest() + \ | |
121 @@ -1036,7 +1037,7 @@ class TLSConnection(TLSRecordLayer): | |
122 cipherSuite, cipherImplementations, nextProto): | |
123 | |
124 masterSecret = calcMasterSecret(self.version, premasterSecret, | |
125 - clientRandom, serverRandom) | |
126 + clientRandom, serverRandom, b"", False) | |
127 self._calcPendingStates(cipherSuite, masterSecret, | |
128 clientRandom, serverRandom, | |
129 cipherImplementations) | |
130 @@ -1326,6 +1327,9 @@ class TLSConnection(TLSRecordLayer): | |
131 cipherSuite, CertificateType.x509, tackExt, | |
132 nextProtos) | |
133 serverHello.channel_id = clientHello.channel_id | |
134 + serverHello.extended_master_secret = \ | |
135 + clientHello.extended_master_secret and \ | |
136 + settings.enableExtendedMasterSecret | |
137 if clientHello.support_signed_cert_timestamps: | |
138 serverHello.signed_cert_timestamps = signedCertTimestamps | |
139 if clientHello.status_request: | |
140 @@ -1383,7 +1387,8 @@ class TLSConnection(TLSRecordLayer): | |
141 for result in self._serverFinished(premasterSecret, | |
142 clientHello.random, serverHello.random, | |
143 cipherSuite, settings.cipherImplementations, | |
144 - nextProtos, clientHello.channel_id): | |
145 + nextProtos, clientHello.channel_id, | |
146 + serverHello.extended_master_secret): | |
147 if result in (0,1): yield result | |
148 else: break | |
149 masterSecret = result | |
150 @@ -1523,6 +1528,9 @@ class TLSConnection(TLSRecordLayer): | |
151 serverHello.create(self.version, getRandomBytes(32), | |
152 session.sessionID, session.cipherSuite, | |
153 CertificateType.x509, None, None) | |
154 + serverHello.extended_master_secret = \ | |
155 + clientHello.extended_master_secret and \ | |
156 + settings.enableExtendedMasterSecret | |
157 for result in self._sendMsg(serverHello): | |
158 yield result | |
159 | |
160 @@ -1743,7 +1751,8 @@ class TLSConnection(TLSRecordLayer): | |
161 if clientCertChain: | |
162 if self.version == (3,0): | |
163 masterSecret = calcMasterSecret(self.version, premasterSecret, | |
164 - clientHello.random, serverHello.random
) | |
165 + clientHello.random, serverHello.random
, | |
166 + b"", False) | |
167 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") | |
168 elif self.version in ((3,1), (3,2)): | |
169 verifyBytes = self._handshake_md5.digest() + \ | |
170 @@ -1827,9 +1836,11 @@ class TLSConnection(TLSRecordLayer): | |
171 | |
172 def _serverFinished(self, premasterSecret, clientRandom, serverRandom, | |
173 cipherSuite, cipherImplementations, nextProtos, | |
174 - doingChannelID): | |
175 + doingChannelID, useExtendedMasterSecret): | |
176 masterSecret = calcMasterSecret(self.version, premasterSecret, | |
177 - clientRandom, serverRandom) | |
178 + clientRandom, serverRandom, | |
179 + self._getHandshakeHash(), | |
180 + useExtendedMasterSecret) | |
181 | |
182 #Calculate pending connection states | |
183 self._calcPendingStates(cipherSuite, masterSecret, | |
184 diff --git a/third_party/tlslite/tlslite/tlsrecordlayer.py b/third_party/tlslite
/tlslite/tlsrecordlayer.py | |
185 index c3bcd8c..b7d68a7a 100644 | |
186 --- a/third_party/tlslite/tlslite/tlsrecordlayer.py | |
187 +++ b/third_party/tlslite/tlslite/tlsrecordlayer.py | |
188 @@ -1256,3 +1256,9 @@ class TLSRecordLayer(object): | |
189 | |
190 return md5Bytes + shaBytes | |
191 | |
192 + def _getHandshakeHash(self): | |
193 + if self.version in ((3,1), (3,2)): | |
194 + return self._handshake_md5.digest() + \ | |
195 + self._handshake_sha.digest() | |
196 + elif self.version == (3,3): | |
197 + return self._handshake_sha256.digest() | |
OLD | NEW |