| OLD | NEW |
|---|
| 1 # Authors: | 1 # Authors: |
| 2 # Trevor Perrin | 2 # Trevor Perrin |
| 3 # Google - added reqCAs parameter | 3 # Google - added reqCAs parameter |
| 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
| 5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
| 6 # Martin von Loewis - python 3 port | 6 # Martin von Loewis - python 3 port |
| 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
| 8 # | 8 # |
| 9 # See the LICENSE file for legal information regarding use of this file. | 9 # See the LICENSE file for legal information regarding use of this file. |
| 10 | 10 |
| (...skipping 963 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 974 yield result | 974 yield result |
| 975 | 975 |
| 976 #If client authentication was requested and we have a | 976 #If client authentication was requested and we have a |
| 977 #private key, send CertificateVerify | 977 #private key, send CertificateVerify |
| 978 if certificateRequest and privateKey: | 978 if certificateRequest and privateKey: |
| 979 signatureAlgorithm = None | 979 signatureAlgorithm = None |
| 980 if self.version == (3,0): | 980 if self.version == (3,0): |
| 981 masterSecret = calcMasterSecret(self.version, | 981 masterSecret = calcMasterSecret(self.version, |
| 982 premasterSecret, | 982 premasterSecret, |
| 983 clientRandom, | 983 clientRandom, |
| 984 serverRandom) | 984 serverRandom, |
| 985 b"", False) |
| 985 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") | 986 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") |
| 986 elif self.version in ((3,1), (3,2)): | 987 elif self.version in ((3,1), (3,2)): |
| 987 verifyBytes = self._handshake_md5.digest() + \ | 988 verifyBytes = self._handshake_md5.digest() + \ |
| 988 self._handshake_sha.digest() | 989 self._handshake_sha.digest() |
| 989 elif self.version == (3,3): | 990 elif self.version == (3,3): |
| 990 # TODO: Signature algorithm negotiation not supported. | 991 # TODO: Signature algorithm negotiation not supported. |
| 991 signatureAlgorithm = (HashAlgorithm.sha1, SignatureAlgorithm.rsa
) | 992 signatureAlgorithm = (HashAlgorithm.sha1, SignatureAlgorithm.rsa
) |
| 992 verifyBytes = self._handshake_sha.digest() | 993 verifyBytes = self._handshake_sha.digest() |
| 993 verifyBytes = RSAKey.addPKCS1SHA1Prefix(verifyBytes) | 994 verifyBytes = RSAKey.addPKCS1SHA1Prefix(verifyBytes) |
| 994 if self.fault == Fault.badVerifyMessage: | 995 if self.fault == Fault.badVerifyMessage: |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1029 #Calculate premaster secret | 1030 #Calculate premaster secret |
| 1030 S = powMod(dh_Ys, dh_Xc, dh_p) | 1031 S = powMod(dh_Ys, dh_Xc, dh_p) |
| 1031 premasterSecret = numberToByteArray(S) | 1032 premasterSecret = numberToByteArray(S) |
| 1032 | 1033 |
| 1033 yield (premasterSecret, None, None) | 1034 yield (premasterSecret, None, None) |
| 1034 | 1035 |
| 1035 def _clientFinished(self, premasterSecret, clientRandom, serverRandom, | 1036 def _clientFinished(self, premasterSecret, clientRandom, serverRandom, |
| 1036 cipherSuite, cipherImplementations, nextProto): | 1037 cipherSuite, cipherImplementations, nextProto): |
| 1037 | 1038 |
| 1038 masterSecret = calcMasterSecret(self.version, premasterSecret, | 1039 masterSecret = calcMasterSecret(self.version, premasterSecret, |
| 1039 clientRandom, serverRandom) | 1040 clientRandom, serverRandom, b"", False) |
| 1040 self._calcPendingStates(cipherSuite, masterSecret, | 1041 self._calcPendingStates(cipherSuite, masterSecret, |
| 1041 clientRandom, serverRandom, | 1042 clientRandom, serverRandom, |
| 1042 cipherImplementations) | 1043 cipherImplementations) |
| 1043 | 1044 |
| 1044 #Exchange ChangeCipherSpec and Finished messages | 1045 #Exchange ChangeCipherSpec and Finished messages |
| 1045 for result in self._sendFinished(masterSecret, nextProto): | 1046 for result in self._sendFinished(masterSecret, nextProto): |
| 1046 yield result | 1047 yield result |
| 1047 for result in self._getFinished(masterSecret, nextProto=nextProto): | 1048 for result in self._getFinished(masterSecret, nextProto=nextProto): |
| 1048 yield result | 1049 yield result |
| 1049 yield masterSecret | 1050 yield masterSecret |
| (...skipping 269 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1319 # Prepare a TACK Extension if requested | 1320 # Prepare a TACK Extension if requested |
| 1320 if clientHello.tack: | 1321 if clientHello.tack: |
| 1321 tackExt = TackExtension.create(tacks, activationFlags) | 1322 tackExt = TackExtension.create(tacks, activationFlags) |
| 1322 else: | 1323 else: |
| 1323 tackExt = None | 1324 tackExt = None |
| 1324 serverHello = ServerHello() | 1325 serverHello = ServerHello() |
| 1325 serverHello.create(self.version, getRandomBytes(32), sessionID, \ | 1326 serverHello.create(self.version, getRandomBytes(32), sessionID, \ |
| 1326 cipherSuite, CertificateType.x509, tackExt, | 1327 cipherSuite, CertificateType.x509, tackExt, |
| 1327 nextProtos) | 1328 nextProtos) |
| 1328 serverHello.channel_id = clientHello.channel_id | 1329 serverHello.channel_id = clientHello.channel_id |
| 1330 serverHello.extended_master_secret = \ |
| 1331 clientHello.extended_master_secret and \ |
| 1332 settings.enableExtendedMasterSecret |
| 1329 if clientHello.support_signed_cert_timestamps: | 1333 if clientHello.support_signed_cert_timestamps: |
| 1330 serverHello.signed_cert_timestamps = signedCertTimestamps | 1334 serverHello.signed_cert_timestamps = signedCertTimestamps |
| 1331 if clientHello.status_request: | 1335 if clientHello.status_request: |
| 1332 serverHello.status_request = ocspResponse | 1336 serverHello.status_request = ocspResponse |
| 1333 | 1337 |
| 1334 # Perform the SRP key exchange | 1338 # Perform the SRP key exchange |
| 1335 clientCertChain = None | 1339 clientCertChain = None |
| 1336 if cipherSuite in CipherSuite.srpAllSuites: | 1340 if cipherSuite in CipherSuite.srpAllSuites: |
| 1337 for result in self._serverSRPKeyExchange(clientHello, serverHello, | 1341 for result in self._serverSRPKeyExchange(clientHello, serverHello, |
| 1338 verifierDB, cipherSuite, | 1342 verifierDB, cipherSuite, |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1376 else: break | 1380 else: break |
| 1377 premasterSecret = result | 1381 premasterSecret = result |
| 1378 | 1382 |
| 1379 else: | 1383 else: |
| 1380 assert(False) | 1384 assert(False) |
| 1381 | 1385 |
| 1382 # Exchange Finished messages | 1386 # Exchange Finished messages |
| 1383 for result in self._serverFinished(premasterSecret, | 1387 for result in self._serverFinished(premasterSecret, |
| 1384 clientHello.random, serverHello.random, | 1388 clientHello.random, serverHello.random, |
| 1385 cipherSuite, settings.cipherImplementations, | 1389 cipherSuite, settings.cipherImplementations, |
| 1386 nextProtos, clientHello.channel_id): | 1390 nextProtos, clientHello.channel_id, |
| 1391 serverHello.extended_master_secret): |
| 1387 if result in (0,1): yield result | 1392 if result in (0,1): yield result |
| 1388 else: break | 1393 else: break |
| 1389 masterSecret = result | 1394 masterSecret = result |
| 1390 | 1395 |
| 1391 #Create the session object | 1396 #Create the session object |
| 1392 self.session = Session() | 1397 self.session = Session() |
| 1393 if cipherSuite in CipherSuite.certAllSuites: | 1398 if cipherSuite in CipherSuite.certAllSuites: |
| 1394 serverCertChain = certChain | 1399 serverCertChain = certChain |
| 1395 else: | 1400 else: |
| 1396 serverCertChain = None | 1401 serverCertChain = None |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1516 except KeyError: | 1521 except KeyError: |
| 1517 pass | 1522 pass |
| 1518 | 1523 |
| 1519 #If a session is found.. | 1524 #If a session is found.. |
| 1520 if session: | 1525 if session: |
| 1521 #Send ServerHello | 1526 #Send ServerHello |
| 1522 serverHello = ServerHello() | 1527 serverHello = ServerHello() |
| 1523 serverHello.create(self.version, getRandomBytes(32), | 1528 serverHello.create(self.version, getRandomBytes(32), |
| 1524 session.sessionID, session.cipherSuite, | 1529 session.sessionID, session.cipherSuite, |
| 1525 CertificateType.x509, None, None) | 1530 CertificateType.x509, None, None) |
| 1531 serverHello.extended_master_secret = \ |
| 1532 clientHello.extended_master_secret and \ |
| 1533 settings.enableExtendedMasterSecret |
| 1526 for result in self._sendMsg(serverHello): | 1534 for result in self._sendMsg(serverHello): |
| 1527 yield result | 1535 yield result |
| 1528 | 1536 |
| 1529 #From here on, the client's messages must have right version | 1537 #From here on, the client's messages must have right version |
| 1530 self._versionCheck = True | 1538 self._versionCheck = True |
| 1531 | 1539 |
| 1532 #Calculate pending connection states | 1540 #Calculate pending connection states |
| 1533 self._calcPendingStates(session.cipherSuite, | 1541 self._calcPendingStates(session.cipherSuite, |
| 1534 session.masterSecret, | 1542 session.masterSecret, |
| 1535 clientHello.random, | 1543 clientHello.random, |
| (...skipping 200 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1736 premasterSecret = \ | 1744 premasterSecret = \ |
| 1737 keyExchange.processClientKeyExchange(clientKeyExchange) | 1745 keyExchange.processClientKeyExchange(clientKeyExchange) |
| 1738 except TLSLocalAlert, alert: | 1746 except TLSLocalAlert, alert: |
| 1739 for result in self._sendError(alert.description, alert.message): | 1747 for result in self._sendError(alert.description, alert.message): |
| 1740 yield result | 1748 yield result |
| 1741 | 1749 |
| 1742 #Get and check CertificateVerify, if relevant | 1750 #Get and check CertificateVerify, if relevant |
| 1743 if clientCertChain: | 1751 if clientCertChain: |
| 1744 if self.version == (3,0): | 1752 if self.version == (3,0): |
| 1745 masterSecret = calcMasterSecret(self.version, premasterSecret, | 1753 masterSecret = calcMasterSecret(self.version, premasterSecret, |
| 1746 clientHello.random, serverHello.random) | 1754 clientHello.random, serverHello.random, |
| 1755 b"", False) |
| 1747 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") | 1756 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") |
| 1748 elif self.version in ((3,1), (3,2)): | 1757 elif self.version in ((3,1), (3,2)): |
| 1749 verifyBytes = self._handshake_md5.digest() + \ | 1758 verifyBytes = self._handshake_md5.digest() + \ |
| 1750 self._handshake_sha.digest() | 1759 self._handshake_sha.digest() |
| 1751 elif self.version == (3,3): | 1760 elif self.version == (3,3): |
| 1752 verifyBytes = self._handshake_sha.digest() | 1761 verifyBytes = self._handshake_sha.digest() |
| 1753 verifyBytes = RSAKey.addPKCS1SHA1Prefix(verifyBytes) | 1762 verifyBytes = RSAKey.addPKCS1SHA1Prefix(verifyBytes) |
| 1754 for result in self._getMsg(ContentType.handshake, | 1763 for result in self._getMsg(ContentType.handshake, |
| 1755 HandshakeType.certificate_verify): | 1764 HandshakeType.certificate_verify): |
| 1756 if result in (0,1): yield result | 1765 if result in (0,1): yield result |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1820 | 1829 |
| 1821 #Calculate premaster secre | 1830 #Calculate premaster secre |
| 1822 S = powMod(dh_Yc,dh_Xs,dh_p) | 1831 S = powMod(dh_Yc,dh_Xs,dh_p) |
| 1823 premasterSecret = numberToByteArray(S) | 1832 premasterSecret = numberToByteArray(S) |
| 1824 | 1833 |
| 1825 yield premasterSecret | 1834 yield premasterSecret |
| 1826 | 1835 |
| 1827 | 1836 |
| 1828 def _serverFinished(self, premasterSecret, clientRandom, serverRandom, | 1837 def _serverFinished(self, premasterSecret, clientRandom, serverRandom, |
| 1829 cipherSuite, cipherImplementations, nextProtos, | 1838 cipherSuite, cipherImplementations, nextProtos, |
| 1830 doingChannelID): | 1839 doingChannelID, useExtendedMasterSecret): |
| 1831 masterSecret = calcMasterSecret(self.version, premasterSecret, | 1840 masterSecret = calcMasterSecret(self.version, premasterSecret, |
| 1832 clientRandom, serverRandom) | 1841 clientRandom, serverRandom, |
| 1842 self._ems_handshake_hash, |
| 1843 useExtendedMasterSecret) |
| 1833 | 1844 |
| 1834 #Calculate pending connection states | 1845 #Calculate pending connection states |
| 1835 self._calcPendingStates(cipherSuite, masterSecret, | 1846 self._calcPendingStates(cipherSuite, masterSecret, |
| 1836 clientRandom, serverRandom, | 1847 clientRandom, serverRandom, |
| 1837 cipherImplementations) | 1848 cipherImplementations) |
| 1838 | 1849 |
| 1839 #Exchange ChangeCipherSpec and Finished messages | 1850 #Exchange ChangeCipherSpec and Finished messages |
| 1840 for result in self._getFinished(masterSecret, | 1851 for result in self._getFinished(masterSecret, |
| 1841 expect_next_protocol=nextProtos is not None, | 1852 expect_next_protocol=nextProtos is not None, |
| 1842 expect_channel_id=doingChannelID): | 1853 expect_channel_id=doingChannelID): |
| (...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1990 except TLSAlert as alert: | 2001 except TLSAlert as alert: |
| 1991 if not self.fault: | 2002 if not self.fault: |
| 1992 raise | 2003 raise |
| 1993 if alert.description not in Fault.faultAlerts[self.fault]: | 2004 if alert.description not in Fault.faultAlerts[self.fault]: |
| 1994 raise TLSFaultError(str(alert)) | 2005 raise TLSFaultError(str(alert)) |
| 1995 else: | 2006 else: |
| 1996 pass | 2007 pass |
| 1997 except: | 2008 except: |
| 1998 self._shutdown(False) | 2009 self._shutdown(False) |
| 1999 raise | 2010 raise |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1306553002:
Implement extended master secret in tlslite (again) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master