third_party/tlslite/tlslite/mathtls.py - Issue 1306553002: Implement extended master secret in tlslite (again)

Side by Side Diff: third_party/tlslite/tlslite/mathtls.py

Issue 1306553002: Implement extended master secret in tlslite (again) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 # Authors:	1 # Authors:

2 # Trevor Perrin	2 # Trevor Perrin

3 # Dave Baggett (Arcode Corporation) - MD5 support for MAC_SSL	3 # Dave Baggett (Arcode Corporation) - MD5 support for MAC_SSL

4 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2	4 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2

5 #	5 #

6 # See the LICENSE file for legal information regarding use of this file.	6 # See the LICENSE file for legal information regarding use of this file.

7	7

8 """Miscellaneous helper functions."""	8 """Miscellaneous helper functions."""

9	9

10 from .utils.compat import *	10 from .utils.compat import *

(...skipping 49 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
60 A = bytearray([ord('A')+x] * (x+1)) # 'A', 'BB', 'CCC', etc..	60 A = bytearray([ord('A')+x] * (x+1)) # 'A', 'BB', 'CCC', etc..

61 input = secret + SHA1(A + secret + seed)	61 input = secret + SHA1(A + secret + seed)

62 output = MD5(input)	62 output = MD5(input)

63 for c in output:	63 for c in output:

64 if index >= length:	64 if index >= length:

65 return bytes	65 return bytes

66 bytes[index] = c	66 bytes[index] = c

67 index += 1	67 index += 1

68 return bytes	68 return bytes

69	69

70 def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom):	70 def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom,

	71 handshakeHash, useExtendedMasterSecret):

	72 label = b"master secret"

	73 seed = clientRandom + serverRandom

	74 if useExtendedMasterSecret:

	75 label = b"extended master secret"

	76 seed = handshakeHash

	77

71 if version == (3,0):	78 if version == (3,0):

72 masterSecret = PRF_SSL(premasterSecret,	79 masterSecret = PRF_SSL(premasterSecret, seed, 48)

73 clientRandom + serverRandom, 48)

74 elif version in ((3,1), (3,2)):	80 elif version in ((3,1), (3,2)):

75 masterSecret = PRF(premasterSecret, b"master secret",	81 masterSecret = PRF(premasterSecret, label, seed, 48)

76 clientRandom + serverRandom, 48)

77 elif version == (3,3):	82 elif version == (3,3):

78 masterSecret = PRF_1_2(premasterSecret, b"master secret",	83 masterSecret = PRF_1_2(premasterSecret, label, seed, 48)

79 clientRandom + serverRandom, 48)

80 else:	84 else:

81 raise AssertionError()	85 raise AssertionError()

82 return masterSecret	86 return masterSecret

83	87

84	88

85 def makeX(salt, username, password):	89 def makeX(salt, username, password):

86 if len(username)>=256:	90 if len(username)>=256:

87 raise ValueError("username too long")	91 raise ValueError("username too long")

88 if len(salt)>=256:	92 if len(salt)>=256:

89 raise ValueError("salt too long")	93 raise ValueError("salt too long")

(...skipping 52 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
142 new.ihash = self.ihash.copy()	146 new.ihash = self.ihash.copy()

143 new.ohash = self.ohash.copy()	147 new.ohash = self.ohash.copy()

144 new.digestmod = self.digestmod	148 new.digestmod = self.digestmod

145 new.digest_size = self.digest_size	149 new.digest_size = self.digest_size

146 return new	150 return new

147	151

148 def digest(self):	152 def digest(self):

149 ohash2 = self.ohash.copy()	153 ohash2 = self.ohash.copy()

150 ohash2.update(self.ihash.digest())	154 ohash2.update(self.ihash.digest())

151 return bytearray(ohash2.digest())	155 return bytearray(ohash2.digest())

OLD	NEW