Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(9)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/tlslite/tlslite/tlsconnection.py

Issue 1378613004: Set Token-Binding HTTP header (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@tb-tls-ext-new
Patch Set: Add UMA logging of Token Binding support and NetLog event for Token Binding key lookup Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« third_party/tlslite/tlslite/session.py ('K') | « third_party/tlslite/tlslite/session.py ('k') | tools/metrics/histograms/histograms.xml » ('j') | tools/metrics/histograms/histograms.xml » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Authors: 1 # Authors:
2 # Trevor Perrin 2 # Trevor Perrin
3 # Google - added reqCAs parameter 3 # Google - added reqCAs parameter
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support
5 # Dimitris Moraitis - Anon ciphersuites 5 # Dimitris Moraitis - Anon ciphersuites
6 # Martin von Loewis - python 3 port 6 # Martin von Loewis - python 3 port
7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
8 # 8 #
9 # See the LICENSE file for legal information regarding use of this file. 9 # See the LICENSE file for legal information regarding use of this file.
10 10
(...skipping 591 matching lines...) Expand 10 before | Expand all | Expand 10 after
602 serverHello.random, 602 serverHello.random,
603 cipherSuite, settings.cipherImplementations, 603 cipherSuite, settings.cipherImplementations,
604 nextProto): 604 nextProto):
605 if result in (0,1): yield result 605 if result in (0,1): yield result
606 else: break 606 else: break
607 masterSecret = result 607 masterSecret = result
608 608
609 # Create the session object which is used for resumptions 609 # Create the session object which is used for resumptions
610 self.session = Session() 610 self.session = Session()
611 self.session.create(masterSecret, serverHello.session_id, cipherSuite, 611 self.session.create(masterSecret, serverHello.session_id, cipherSuite,
612 srpUsername, clientCertChain, serverCertChain, 612 srpUsername, clientCertChain, serverCertChain, clientHello.random,
613 tackExt, serverHello.tackExt!=None, serverName) 613 serverHello.random, tackExt, serverHello.tackExt!=None, serverName)
614 self._handshakeDone(resumed=False) 614 self._handshakeDone(resumed=False)
615 615
616 616
617 def _clientSendClientHello(self, settings, session, srpUsername, 617 def _clientSendClientHello(self, settings, session, srpUsername,
618 srpParams, certParams, anonParams, 618 srpParams, certParams, anonParams,
619 serverName, nextProtos, reqTack): 619 serverName, nextProtos, reqTack):
620 #Initialize acceptable ciphersuites 620 #Initialize acceptable ciphersuites
621 cipherSuites = [CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 621 cipherSuites = [CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
622 if srpParams: 622 if srpParams:
623 cipherSuites += CipherSuite.getSrpAllSuites(settings) 623 cipherSuites += CipherSuite.getSrpAllSuites(settings)
(...skipping 780 matching lines...) Expand 10 before | Expand all | Expand 10 after
1404 serverCertChain = certChain 1404 serverCertChain = certChain
1405 else: 1405 else:
1406 serverCertChain = None 1406 serverCertChain = None
1407 srpUsername = None 1407 srpUsername = None
1408 serverName = None 1408 serverName = None
1409 if clientHello.srp_username: 1409 if clientHello.srp_username:
1410 srpUsername = clientHello.srp_username.decode("utf-8") 1410 srpUsername = clientHello.srp_username.decode("utf-8")
1411 if clientHello.server_name: 1411 if clientHello.server_name:
1412 serverName = clientHello.server_name.decode("utf-8") 1412 serverName = clientHello.server_name.decode("utf-8")
1413 self.session.create(masterSecret, serverHello.session_id, cipherSuite, 1413 self.session.create(masterSecret, serverHello.session_id, cipherSuite,
1414 srpUsername, clientCertChain, serverCertChain, 1414 srpUsername, clientCertChain, serverCertChain, clientHello.random,
1415 tackExt, serverHello.tackExt!=None, serverName) 1415 serverHello.random, tackExt, serverHello.tackExt!=None, serverName)
1416 1416
1417 #Add the session object to the session cache 1417 #Add the session object to the session cache
1418 if sessionCache and sessionID: 1418 if sessionCache and sessionID:
1419 sessionCache[sessionID] = self.session 1419 sessionCache[sessionID] = self.session
1420 1420
1421 self._handshakeDone(resumed=False) 1421 self._handshakeDone(resumed=False)
1422 1422
1423 1423
1424 def _serverGetClientHello(self, settings, certChain, verifierDB, 1424 def _serverGetClientHello(self, settings, certChain, verifierDB,
1425 sessionCache, anon, fallbackSCSV): 1425 sessionCache, anon, fallbackSCSV):
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after
1529 #If a session is found.. 1529 #If a session is found..
1530 if session: 1530 if session:
1531 #Send ServerHello 1531 #Send ServerHello
1532 serverHello = ServerHello() 1532 serverHello = ServerHello()
1533 serverHello.create(self.version, getRandomBytes(32), 1533 serverHello.create(self.version, getRandomBytes(32),
1534 session.sessionID, session.cipherSuite, 1534 session.sessionID, session.cipherSuite,
1535 CertificateType.x509, None, None) 1535 CertificateType.x509, None, None)
1536 serverHello.extended_master_secret = \ 1536 serverHello.extended_master_secret = \
1537 clientHello.extended_master_secret and \ 1537 clientHello.extended_master_secret and \
1538 settings.enableExtendedMasterSecret 1538 settings.enableExtendedMasterSecret
1539 for param in clientHello.tb_client_params:
1540 if param in settings.supportedTokenBindingParams:
1541 serverHello.tb_params = param
1542 break
1539 for result in self._sendMsg(serverHello): 1543 for result in self._sendMsg(serverHello):
1540 yield result 1544 yield result
1541 1545
1542 #From here on, the client's messages must have right version 1546 #From here on, the client's messages must have right version
1543 self._versionCheck = True 1547 self._versionCheck = True
1544 1548
1545 #Calculate pending connection states 1549 #Calculate pending connection states
1546 self._calcPendingStates(session.cipherSuite, 1550 self._calcPendingStates(session.cipherSuite,
1547 session.masterSecret, 1551 session.masterSecret,
1548 clientHello.random, 1552 clientHello.random,
(...skipping 457 matching lines...) Expand 10 before | Expand all | Expand 10 after
2006 except TLSAlert as alert: 2010 except TLSAlert as alert:
2007 if not self.fault: 2011 if not self.fault:
2008 raise 2012 raise
2009 if alert.description not in Fault.faultAlerts[self.fault]: 2013 if alert.description not in Fault.faultAlerts[self.fault]:
2010 raise TLSFaultError(str(alert)) 2014 raise TLSFaultError(str(alert))
2011 else: 2015 else:
2012 pass 2016 pass
2013 except: 2017 except:
2014 self._shutdown(False) 2018 self._shutdown(False)
2015 raise 2019 raise
OLDNEW
« third_party/tlslite/tlslite/session.py ('K') | « third_party/tlslite/tlslite/session.py ('k') | tools/metrics/histograms/histograms.xml » ('j') | tools/metrics/histograms/histograms.xml » ('J')

Powered by Google App Engine
This is Rietveld 408576698