Chromium Code Reviews Chromium Code Reviews
Issue 19557004:
net: add a test to ensure that our TLS handshake doesn't get too large. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 """Classes representing TLS messages.""" | 1 """Classes representing TLS messages.""" |
| 2 | 2 |
| 3 from utils.compat import * | 3 from utils.compat import * |
| 4 from utils.cryptomath import * | 4 from utils.cryptomath import * |
| 5 from errors import * | 5 from errors import * |
| 6 from utils.codec import * | 6 from utils.codec import * |
| 7 from constants import * | 7 from constants import * |
| 8 from X509 import X509 | 8 from X509 import X509 |
| 9 from X509CertChain import X509CertChain | 9 from X509CertChain import X509CertChain |
| 10 | 10 |
| (...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 124 self.contentType = ContentType.handshake | 124 self.contentType = ContentType.handshake |
| 125 self.ssl2 = ssl2 | 125 self.ssl2 = ssl2 |
| 126 self.client_version = (0,0) | 126 self.client_version = (0,0) |
| 127 self.random = createByteArrayZeros(32) | 127 self.random = createByteArrayZeros(32) |
| 128 self.session_id = createByteArraySequence([]) | 128 self.session_id = createByteArraySequence([]) |
| 129 self.cipher_suites = [] # a list of 16-bit values | 129 self.cipher_suites = [] # a list of 16-bit values |
| 130 self.certificate_types = [CertificateType.x509] | 130 self.certificate_types = [CertificateType.x509] |
| 131 self.compression_methods = [] # a list of 8-bit values | 131 self.compression_methods = [] # a list of 8-bit values |
| 132 self.srp_username = None # a string | 132 self.srp_username = None # a string |
| 133 self.channel_id = False | 133 self.channel_id = False |
| 134 # client_hello_length is the length of the ClientHello record - i.e. | |
| 135 # including the handshake type byte and 3 byte handshake length. | |
| 136 self.client_hello_length = 0 | |
| 134 | 137 |
| 135 def create(self, version, random, session_id, cipher_suites, | 138 def create(self, version, random, session_id, cipher_suites, |
| 136 certificate_types=None, srp_username=None): | 139 certificate_types=None, srp_username=None): |
| 137 self.client_version = version | 140 self.client_version = version |
| 138 self.random = random | 141 self.random = random |
| 139 self.session_id = session_id | 142 self.session_id = session_id |
| 140 self.cipher_suites = cipher_suites | 143 self.cipher_suites = cipher_suites |
| 141 self.certificate_types = certificate_types | 144 self.certificate_types = certificate_types |
| 142 self.compression_methods = [0] | 145 self.compression_methods = [0] |
| 143 self.srp_username = srp_username | 146 self.srp_username = srp_username |
| 144 return self | 147 return self |
| 145 | 148 |
| 146 def parse(self, p): | 149 def parse(self, p): |
| 147 if self.ssl2: | 150 if self.ssl2: |
| 148 self.client_version = (p.get(1), p.get(1)) | 151 self.client_version = (p.get(1), p.get(1)) |
| 149 cipherSpecsLength = p.get(2) | 152 cipherSpecsLength = p.get(2) |
| 150 sessionIDLength = p.get(2) | 153 sessionIDLength = p.get(2) |
| 151 randomLength = p.get(2) | 154 randomLength = p.get(2) |
| 152 self.cipher_suites = p.getFixList(3, int(cipherSpecsLength/3)) | 155 self.cipher_suites = p.getFixList(3, int(cipherSpecsLength/3)) |
| 153 self.session_id = p.getFixBytes(sessionIDLength) | 156 self.session_id = p.getFixBytes(sessionIDLength) |
| 154 self.random = p.getFixBytes(randomLength) | 157 self.random = p.getFixBytes(randomLength) |
| 155 if len(self.random) < 32: | 158 if len(self.random) < 32: |
| 156 zeroBytes = 32-len(self.random) | 159 zeroBytes = 32-len(self.random) |
| 157 self.random = createByteArrayZeros(zeroBytes) + self.random | 160 self.random = createByteArrayZeros(zeroBytes) + self.random |
| 158 self.compression_methods = [0]#Fake this value | 161 self.compression_methods = [0]#Fake this value |
| 159 | 162 |
| 160 #We're not doing a stopLengthCheck() for SSLv2, oh well.. | 163 #We're not doing a stopLengthCheck() for SSLv2, oh well.. |
| 161 else: | 164 else: |
| 165 self.client_hello_length = len(p.bytes) - p.index | |
|
wtc
2013/07/24 19:25:10
I didn't verify the correctness of this expression
| |
| 166 # Account for the handshake type byte which has already been | |
| 167 # removed. | |
| 168 self.client_hello_length += 1 | |
| 169 | |
| 162 p.startLengthCheck(3) | 170 p.startLengthCheck(3) |
| 163 self.client_version = (p.get(1), p.get(1)) | 171 self.client_version = (p.get(1), p.get(1)) |
| 164 self.random = p.getFixBytes(32) | 172 self.random = p.getFixBytes(32) |
| 165 self.session_id = p.getVarBytes(1) | 173 self.session_id = p.getVarBytes(1) |
| 166 self.cipher_suites = p.getVarList(2, 2) | 174 self.cipher_suites = p.getVarList(2, 2) |
| 167 self.compression_methods = p.getVarList(1, 1) | 175 self.compression_methods = p.getVarList(1, 1) |
| 168 if not p.atLengthCheck(): | 176 if not p.atLengthCheck(): |
| 169 totalExtLength = p.get(2) | 177 totalExtLength = p.get(2) |
| 170 soFar = 0 | 178 soFar = 0 |
| 171 while soFar != totalExtLength: | 179 while soFar != totalExtLength: |
| (...skipping 436 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 608 def create(self, bytes): | 616 def create(self, bytes): |
| 609 self.bytes = bytes | 617 self.bytes = bytes |
| 610 return self | 618 return self |
| 611 | 619 |
| 612 def parse(self, p): | 620 def parse(self, p): |
| 613 self.bytes = p.bytes | 621 self.bytes = p.bytes |
| 614 return self | 622 return self |
| 615 | 623 |
| 616 def write(self): | 624 def write(self): |
| 617 return self.bytes | 625 return self.bytes |
| OLD | NEW |
