Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(375)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/tlslite/tlslite/handshakesettings.py

Issue 1306553002: Implement extended master secret in tlslite (again) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/tlslite/tlslite/constants.py ('k') | third_party/tlslite/tlslite/mathtls.py » ('j') | third_party/tlslite/tlslite/tlsrecordlayer.py » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Authors: 1 # Authors:
2 # Trevor Perrin 2 # Trevor Perrin
3 # Dave Baggett (Arcode Corporation) - cleanup handling of constants 3 # Dave Baggett (Arcode Corporation) - cleanup handling of constants
4 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 4 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
5 # 5 #
6 # See the LICENSE file for legal information regarding use of this file. 6 # See the LICENSE file for legal information regarding use of this file.
7 7
8 """Class for setting handshake parameters.""" 8 """Class for setting handshake parameters."""
9 9
10 from .constants import CertificateType 10 from .constants import CertificateType
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after
104 104
105 The allowed values are "alert" (return a fatal handshake_failure alert), 105 The allowed values are "alert" (return a fatal handshake_failure alert),
106 "close" (abruptly close the connection), and "reset" (send a TCP reset). 106 "close" (abruptly close the connection), and "reset" (send a TCP reset).
107 107
108 @type useExperimentalTackExtension: bool 108 @type useExperimentalTackExtension: bool
109 @ivar useExperimentalTackExtension: Whether to enabled TACK support. 109 @ivar useExperimentalTackExtension: Whether to enabled TACK support.
110 110
111 @type alertAfterHandshake: bool 111 @type alertAfterHandshake: bool
112 @ivar alertAfterHandshake: If true, the server will send a fatal 112 @ivar alertAfterHandshake: If true, the server will send a fatal
113 alert immediately after the handshake completes. 113 alert immediately after the handshake completes.
114
115 @type enableExtendedMasterSecret: bool
116 @ivar enableExtendedMasterSecret: If true, the server supports the extended
117 master secret TLS extension and will negotiated it with supporting clients.
114 118
115 Note that TACK support is not standardized by IETF and uses a temporary 119 Note that TACK support is not standardized by IETF and uses a temporary
116 TLS Extension number, so should NOT be used in production software. 120 TLS Extension number, so should NOT be used in production software.
117 """ 121 """
118 def __init__(self): 122 def __init__(self):
119 self.minKeySize = 1023 123 self.minKeySize = 1023
120 self.maxKeySize = 8193 124 self.maxKeySize = 8193
121 self.cipherNames = CIPHER_NAMES 125 self.cipherNames = CIPHER_NAMES
122 self.macNames = MAC_NAMES 126 self.macNames = MAC_NAMES
123 self.keyExchangeNames = KEY_EXCHANGE_NAMES 127 self.keyExchangeNames = KEY_EXCHANGE_NAMES
124 self.cipherImplementations = CIPHER_IMPLEMENTATIONS 128 self.cipherImplementations = CIPHER_IMPLEMENTATIONS
125 self.certificateTypes = CERTIFICATE_TYPES 129 self.certificateTypes = CERTIFICATE_TYPES
126 self.minVersion = (3,1) 130 self.minVersion = (3,1)
127 self.maxVersion = (3,3) 131 self.maxVersion = (3,3)
128 self.tlsIntolerant = None 132 self.tlsIntolerant = None
129 self.tlsIntoleranceType = 'alert' 133 self.tlsIntoleranceType = 'alert'
130 self.useExperimentalTackExtension = False 134 self.useExperimentalTackExtension = False
131 self.alertAfterHandshake = False 135 self.alertAfterHandshake = False
136 self.enableExtendedMasterSecret = True
132 137
133 # Validates the min/max fields, and certificateTypes 138 # Validates the min/max fields, and certificateTypes
134 # Filters out unsupported cipherNames and cipherImplementations 139 # Filters out unsupported cipherNames and cipherImplementations
135 def _filter(self): 140 def _filter(self):
136 other = HandshakeSettings() 141 other = HandshakeSettings()
137 other.minKeySize = self.minKeySize 142 other.minKeySize = self.minKeySize
138 other.maxKeySize = self.maxKeySize 143 other.maxKeySize = self.maxKeySize
139 other.cipherNames = self.cipherNames 144 other.cipherNames = self.cipherNames
140 other.macNames = self.macNames 145 other.macNames = self.macNames
141 other.keyExchangeNames = self.keyExchangeNames 146 other.keyExchangeNames = self.keyExchangeNames
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after
203 return other 208 return other
204 209
205 def _getCertificateTypes(self): 210 def _getCertificateTypes(self):
206 l = [] 211 l = []
207 for ct in self.certificateTypes: 212 for ct in self.certificateTypes:
208 if ct == "x509": 213 if ct == "x509":
209 l.append(CertificateType.x509) 214 l.append(CertificateType.x509)
210 else: 215 else:
211 raise AssertionError() 216 raise AssertionError()
212 return l 217 return l
OLDNEW
« no previous file with comments | « third_party/tlslite/tlslite/constants.py ('k') | third_party/tlslite/tlslite/mathtls.py » ('j') | third_party/tlslite/tlslite/tlsrecordlayer.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698