Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(14)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/tlslite/tlslite/handshakesettings.py

Issue 1299153002: Revert of Implement extended master secret in tlslite (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/tlslite/tlslite/constants.py ('k') | third_party/tlslite/tlslite/mathtls.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Authors: 1 # Authors:
2 # Trevor Perrin 2 # Trevor Perrin
3 # Dave Baggett (Arcode Corporation) - cleanup handling of constants 3 # Dave Baggett (Arcode Corporation) - cleanup handling of constants
4 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 4 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
5 # 5 #
6 # See the LICENSE file for legal information regarding use of this file. 6 # See the LICENSE file for legal information regarding use of this file.
7 7
8 """Class for setting handshake parameters.""" 8 """Class for setting handshake parameters."""
9 9
10 from .constants import CertificateType 10 from .constants import CertificateType
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after
104 104
105 The allowed values are "alert" (return a fatal handshake_failure alert), 105 The allowed values are "alert" (return a fatal handshake_failure alert),
106 "close" (abruptly close the connection), and "reset" (send a TCP reset). 106 "close" (abruptly close the connection), and "reset" (send a TCP reset).
107 107
108 @type useExperimentalTackExtension: bool 108 @type useExperimentalTackExtension: bool
109 @ivar useExperimentalTackExtension: Whether to enabled TACK support. 109 @ivar useExperimentalTackExtension: Whether to enabled TACK support.
110 110
111 @type alertAfterHandshake: bool 111 @type alertAfterHandshake: bool
112 @ivar alertAfterHandshake: If true, the server will send a fatal 112 @ivar alertAfterHandshake: If true, the server will send a fatal
113 alert immediately after the handshake completes. 113 alert immediately after the handshake completes.
114
115 @type enableExtendedMasterSecret: bool
116 @ivar enableExtendedMasterSecret: If true, the server supports the extended
117 master secret TLS extension and will negotiated it with supporting clients.
118 114
119 Note that TACK support is not standardized by IETF and uses a temporary 115 Note that TACK support is not standardized by IETF and uses a temporary
120 TLS Extension number, so should NOT be used in production software. 116 TLS Extension number, so should NOT be used in production software.
121 """ 117 """
122 def __init__(self): 118 def __init__(self):
123 self.minKeySize = 1023 119 self.minKeySize = 1023
124 self.maxKeySize = 8193 120 self.maxKeySize = 8193
125 self.cipherNames = CIPHER_NAMES 121 self.cipherNames = CIPHER_NAMES
126 self.macNames = MAC_NAMES 122 self.macNames = MAC_NAMES
127 self.keyExchangeNames = KEY_EXCHANGE_NAMES 123 self.keyExchangeNames = KEY_EXCHANGE_NAMES
128 self.cipherImplementations = CIPHER_IMPLEMENTATIONS 124 self.cipherImplementations = CIPHER_IMPLEMENTATIONS
129 self.certificateTypes = CERTIFICATE_TYPES 125 self.certificateTypes = CERTIFICATE_TYPES
130 self.minVersion = (3,1) 126 self.minVersion = (3,1)
131 self.maxVersion = (3,3) 127 self.maxVersion = (3,3)
132 self.tlsIntolerant = None 128 self.tlsIntolerant = None
133 self.tlsIntoleranceType = 'alert' 129 self.tlsIntoleranceType = 'alert'
134 self.useExperimentalTackExtension = False 130 self.useExperimentalTackExtension = False
135 self.alertAfterHandshake = False 131 self.alertAfterHandshake = False
136 self.enableExtendedMasterSecret = True
137 132
138 # Validates the min/max fields, and certificateTypes 133 # Validates the min/max fields, and certificateTypes
139 # Filters out unsupported cipherNames and cipherImplementations 134 # Filters out unsupported cipherNames and cipherImplementations
140 def _filter(self): 135 def _filter(self):
141 other = HandshakeSettings() 136 other = HandshakeSettings()
142 other.minKeySize = self.minKeySize 137 other.minKeySize = self.minKeySize
143 other.maxKeySize = self.maxKeySize 138 other.maxKeySize = self.maxKeySize
144 other.cipherNames = self.cipherNames 139 other.cipherNames = self.cipherNames
145 other.macNames = self.macNames 140 other.macNames = self.macNames
146 other.keyExchangeNames = self.keyExchangeNames 141 other.keyExchangeNames = self.keyExchangeNames
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after
208 return other 203 return other
209 204
210 def _getCertificateTypes(self): 205 def _getCertificateTypes(self):
211 l = [] 206 l = []
212 for ct in self.certificateTypes: 207 for ct in self.certificateTypes:
213 if ct == "x509": 208 if ct == "x509":
214 l.append(CertificateType.x509) 209 l.append(CertificateType.x509)
215 else: 210 else:
216 raise AssertionError() 211 raise AssertionError()
217 return l 212 return l
OLDNEW
« no previous file with comments | « third_party/tlslite/tlslite/constants.py ('k') | third_party/tlslite/tlslite/mathtls.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698