Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(154)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/tlslite/tlslite/tlsconnection.py

Issue 1378613004: Set Token-Binding HTTP header (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@tb-tls-ext-new
Patch Set: Remove sequence numbers from mock reads Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/io_thread.cc ('K') | « third_party/tlslite/patches/token_binding_resumption.patch ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/tlslite/tlslite/tlsconnection.py
diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/tlslite/tlsconnection.py
index 7363a309d24d9fa16bd09ebba10ca8edd55a7a75..e42b3628ca690baefeee30dca9d2843fa80356b2 100644
--- a/third_party/tlslite/tlslite/tlsconnection.py
+++ b/third_party/tlslite/tlslite/tlsconnection.py
@@ -181,6 +181,8 @@ class TLSConnection(TLSRecordLayer):
@type sock: L{socket.socket}
"""
TLSRecordLayer.__init__(self, sock)
+ self.clientRandom = b""
+ self.serverRandom = b""
#*********************************************************
# Client Handshake Functions
@@ -606,6 +608,9 @@ class TLSConnection(TLSRecordLayer):
else: break
masterSecret = result
+ self.clientRandom = clientHello.random
+ self.serverRandom = serverHello.random
+
# Create the session object which is used for resumptions
self.session = Session()
self.session.create(masterSecret, serverHello.session_id, cipherSuite,
@@ -1398,6 +1403,9 @@ class TLSConnection(TLSRecordLayer):
else: break
masterSecret = result
+ self.clientRandom = clientHello.random
+ self.serverRandom = serverHello.random
+
#Create the session object
self.session = Session()
if cipherSuite in CipherSuite.certAllSuites:
@@ -1536,6 +1544,10 @@ class TLSConnection(TLSRecordLayer):
serverHello.extended_master_secret = \
clientHello.extended_master_secret and \
settings.enableExtendedMasterSecret
+ for param in clientHello.tb_client_params:
+ if param in settings.supportedTokenBindingParams:
+ serverHello.tb_params = param
+ break
for result in self._sendMsg(serverHello):
yield result
@@ -2013,3 +2025,22 @@ class TLSConnection(TLSRecordLayer):
except:
self._shutdown(False)
raise
+
+
+ def exportKeyingMaterial(self, label, context, use_context, length):
+ """Returns the exported keying material as defined in RFC 5705."""
+
+ seed = self.clientRandom + self.serverRandom
+ if use_context:
+ if len(context) > 65535:
+ raise ValueError("Context is too long")
+ seed += bytearray(2)
+ seed[len(seed) - 2] = len(context) >> 8
+ seed[len(seed) - 1] = len(context) & 0xFF
+ seed += context
+ if self.version in ((3,1), (3,2)):
+ return PRF(self.session.masterSecret, label, seed, length)
+ elif self.version == (3,3):
+ return PRF_1_2(self.session.masterSecret, label, seed, length)
+ else:
+ raise AssertionError()
« chrome/browser/io_thread.cc ('K') | « third_party/tlslite/patches/token_binding_resumption.patch ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698