| OLD | NEW |
|---|
| 1 # Authors: | 1 # Authors: |
| 2 # Trevor Perrin | 2 # Trevor Perrin |
| 3 # Google - added reqCAs parameter | 3 # Google - added reqCAs parameter |
| 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
| 5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
| 6 # Martin von Loewis - python 3 port | 6 # Martin von Loewis - python 3 port |
| 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
| 8 # | 8 # |
| 9 # See the LICENSE file for legal information regarding use of this file. | 9 # See the LICENSE file for legal information regarding use of this file. |
| 10 | 10 |
| (...skipping 1312 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1323 else: | 1323 else: |
| 1324 tackExt = None | 1324 tackExt = None |
| 1325 serverHello = ServerHello() | 1325 serverHello = ServerHello() |
| 1326 serverHello.create(self.version, getRandomBytes(32), sessionID, \ | 1326 serverHello.create(self.version, getRandomBytes(32), sessionID, \ |
| 1327 cipherSuite, CertificateType.x509, tackExt, | 1327 cipherSuite, CertificateType.x509, tackExt, |
| 1328 nextProtos) | 1328 nextProtos) |
| 1329 serverHello.channel_id = clientHello.channel_id | 1329 serverHello.channel_id = clientHello.channel_id |
| 1330 serverHello.extended_master_secret = \ | 1330 serverHello.extended_master_secret = \ |
| 1331 clientHello.extended_master_secret and \ | 1331 clientHello.extended_master_secret and \ |
| 1332 settings.enableExtendedMasterSecret | 1332 settings.enableExtendedMasterSecret |
| 1333 for param in clientHello.tb_client_params: |
| 1334 if param in settings.supportedTokenBindingParams: |
| 1335 serverHello.tb_params = param |
| 1336 break |
| 1333 if clientHello.support_signed_cert_timestamps: | 1337 if clientHello.support_signed_cert_timestamps: |
| 1334 serverHello.signed_cert_timestamps = signedCertTimestamps | 1338 serverHello.signed_cert_timestamps = signedCertTimestamps |
| 1335 if clientHello.status_request: | 1339 if clientHello.status_request: |
| 1336 serverHello.status_request = ocspResponse | 1340 serverHello.status_request = ocspResponse |
| 1337 | 1341 |
| 1338 # Perform the SRP key exchange | 1342 # Perform the SRP key exchange |
| 1339 clientCertChain = None | 1343 clientCertChain = None |
| 1340 if cipherSuite in CipherSuite.srpAllSuites: | 1344 if cipherSuite in CipherSuite.srpAllSuites: |
| 1341 for result in self._serverSRPKeyExchange(clientHello, serverHello, | 1345 for result in self._serverSRPKeyExchange(clientHello, serverHello, |
| 1342 verifierDB, cipherSuite, | 1346 verifierDB, cipherSuite, |
| (...skipping 658 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2001 except TLSAlert as alert: | 2005 except TLSAlert as alert: |
| 2002 if not self.fault: | 2006 if not self.fault: |
| 2003 raise | 2007 raise |
| 2004 if alert.description not in Fault.faultAlerts[self.fault]: | 2008 if alert.description not in Fault.faultAlerts[self.fault]: |
| 2005 raise TLSFaultError(str(alert)) | 2009 raise TLSFaultError(str(alert)) |
| 2006 else: | 2010 else: |
| 2007 pass | 2011 pass |
| 2008 except: | 2012 except: |
| 2009 self._shutdown(False) | 2013 self._shutdown(False) |
| 2010 raise | 2014 raise |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1336143002:
Implement Token Binding Negotiation in tlslite (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master