| OLD | NEW |
|---|
| (Empty) |
| 1 Only in chromium: patches | |
| 2 diff -aur tlslite-0.3.8/tlslite/TLSConnection.py chromium/tlslite/TLSConnection.
py | |
| 3 --- tlslite-0.3.8/tlslite/TLSConnection.py 2004-10-06 01:55:37.000000000 -0
400 | |
| 4 +++ chromium/tlslite/TLSConnection.py 2010-08-18 22:17:30.962786700 -0400 | |
| 5 @@ -931,7 +931,8 @@ | |
| 6 | |
| 7 def handshakeServer(self, sharedKeyDB=None, verifierDB=None, | |
| 8 certChain=None, privateKey=None, reqCert=False, | |
| 9 - sessionCache=None, settings=None, checker=None): | |
| 10 + sessionCache=None, settings=None, checker=None, | |
| 11 + reqCAs=None): | |
| 12 """Perform a handshake in the role of server. | |
| 13 | |
| 14 This function performs an SSL or TLS handshake. Depending on | |
| 15 @@ -997,6 +998,11 @@ | |
| 16 invoked to examine the other party's authentication | |
| 17 credentials, if the handshake completes succesfully. | |
| 18 | |
| 19 + @type reqCAs: list of L{array.array} of unsigned bytes | |
| 20 + @param reqCAs: A collection of DER-encoded DistinguishedNames that | |
| 21 + will be sent along with a certificate request. This does not affect | |
| 22 + verification. | |
| 23 + | |
| 24 @raise socket.error: If a socket error occurs. | |
| 25 @raise tlslite.errors.TLSAbruptCloseError: If the socket is closed | |
| 26 without a preceding alert. | |
| 27 @@ -1006,13 +1012,14 @@ | |
| 28 """ | |
| 29 for result in self.handshakeServerAsync(sharedKeyDB, verifierDB, | |
| 30 certChain, privateKey, reqCert, sessionCache, settings, | |
| 31 - checker): | |
| 32 + checker, reqCAs): | |
| 33 pass | |
| 34 | |
| 35 | |
| 36 def handshakeServerAsync(self, sharedKeyDB=None, verifierDB=None, | |
| 37 certChain=None, privateKey=None, reqCert=False, | |
| 38 - sessionCache=None, settings=None, checker=None): | |
| 39 + sessionCache=None, settings=None, checker=None, | |
| 40 + reqCAs=None): | |
| 41 """Start a server handshake operation on the TLS connection. | |
| 42 | |
| 43 This function returns a generator which behaves similarly to | |
| 44 @@ -1028,14 +1035,15 @@ | |
| 45 sharedKeyDB=sharedKeyDB, | |
| 46 verifierDB=verifierDB, certChain=certChain, | |
| 47 privateKey=privateKey, reqCert=reqCert, | |
| 48 - sessionCache=sessionCache, settings=settings) | |
| 49 + sessionCache=sessionCache, settings=settings, | |
| 50 + reqCAs=reqCAs) | |
| 51 for result in self._handshakeWrapperAsync(handshaker, checker): | |
| 52 yield result | |
| 53 | |
| 54 | |
| 55 def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB, | |
| 56 certChain, privateKey, reqCert, sessionCache, | |
| 57 - settings): | |
| 58 + settings, reqCAs): | |
| 59 | |
| 60 self._handshakeStart(client=False) | |
| 61 | |
| 62 @@ -1045,6 +1053,8 @@ | |
| 63 raise ValueError("Caller passed a certChain but no privateKey") | |
| 64 if privateKey and not certChain: | |
| 65 raise ValueError("Caller passed a privateKey but no certChain") | |
| 66 + if reqCAs and not reqCert: | |
| 67 + raise ValueError("Caller passed reqCAs but not reqCert") | |
| 68 | |
| 69 if not settings: | |
| 70 settings = HandshakeSettings() | |
| 71 @@ -1380,7 +1390,9 @@ | |
| 72 msgs.append(ServerHello().create(self.version, serverRandom, | |
| 73 sessionID, cipherSuite, certificateType)) | |
| 74 msgs.append(Certificate(certificateType).create(serverCertChain)) | |
| 75 - if reqCert: | |
| 76 + if reqCert and reqCAs: | |
| 77 + msgs.append(CertificateRequest().create([], reqCAs)) | |
| 78 + elif reqCert: | |
| 79 msgs.append(CertificateRequest()) | |
| 80 msgs.append(ServerHelloDone()) | |
| 81 for result in self._sendMsgs(msgs): | |
| 82 diff -aur tlslite-0.3.8/tlslite/X509.py chromium/tlslite/X509.py | |
| 83 --- tlslite-0.3.8/tlslite/X509.py 2004-03-19 21:43:19.000000000 -0400 | |
| 84 +++ chromium/tlslite/X509.py 2010-08-18 22:17:30.967787000 -0400 | |
| 85 @@ -13,11 +13,15 @@ | |
| 86 | |
| 87 @type publicKey: L{tlslite.utils.RSAKey.RSAKey} | |
| 88 @ivar publicKey: The subject public key from the certificate. | |
| 89 + | |
| 90 + @type subject: L{array.array} of unsigned bytes | |
| 91 + @ivar subject: The DER-encoded ASN.1 subject distinguished name. | |
| 92 """ | |
| 93 | |
| 94 def __init__(self): | |
| 95 self.bytes = createByteArraySequence([]) | |
| 96 self.publicKey = None | |
| 97 + self.subject = None | |
| 98 | |
| 99 def parse(self, s): | |
| 100 """Parse a PEM-encoded X.509 certificate. | |
| 101 @@ -63,6 +67,10 @@ | |
| 102 else: | |
| 103 subjectPublicKeyInfoIndex = 5 | |
| 104 | |
| 105 + #Get the subject | |
| 106 + self.subject = tbsCertificateP.getChildBytes(\ | |
| 107 + subjectPublicKeyInfoIndex - 1) | |
| 108 + | |
| 109 #Get the subjectPublicKeyInfo | |
| 110 subjectPublicKeyInfoP = tbsCertificateP.getChild(\ | |
| 111 subjectPublicKeyInfoIndex) | |
| 112 diff -aur tlslite-0.3.8/tlslite/messages.py chromium/tlslite/messages.py | |
| 113 --- tlslite-0.3.8/tlslite/messages.py 2004-10-06 01:01:24.000000000 -0400 | |
| 114 +++ chromium/tlslite/messages.py 2010-08-18 22:17:30.976787500 -0400 | |
| 115 @@ -338,8 +338,7 @@ | |
| 116 def __init__(self): | |
| 117 self.contentType = ContentType.handshake | |
| 118 self.certificate_types = [] | |
| 119 - #treat as opaque bytes for now | |
| 120 - self.certificate_authorities = createByteArraySequence([]) | |
| 121 + self.certificate_authorities = [] | |
| 122 | |
| 123 def create(self, certificate_types, certificate_authorities): | |
| 124 self.certificate_types = certificate_types | |
| 125 @@ -349,7 +348,13 @@ | |
| 126 def parse(self, p): | |
| 127 p.startLengthCheck(3) | |
| 128 self.certificate_types = p.getVarList(1, 1) | |
| 129 - self.certificate_authorities = p.getVarBytes(2) | |
| 130 + ca_list_length = p.get(2) | |
| 131 + index = 0 | |
| 132 + self.certificate_authorities = [] | |
| 133 + while index != ca_list_length: | |
| 134 + ca_bytes = p.getVarBytes(2) | |
| 135 + self.certificate_authorities.append(ca_bytes) | |
| 136 + index += len(ca_bytes)+2 | |
| 137 p.stopLengthCheck() | |
| 138 return self | |
| 139 | |
| 140 @@ -357,7 +362,14 @@ | |
| 141 w = HandshakeMsg.preWrite(self, HandshakeType.certificate_request, | |
| 142 trial) | |
| 143 w.addVarSeq(self.certificate_types, 1, 1) | |
| 144 - w.addVarSeq(self.certificate_authorities, 1, 2) | |
| 145 + caLength = 0 | |
| 146 + #determine length | |
| 147 + for ca_dn in self.certificate_authorities: | |
| 148 + caLength += len(ca_dn)+2 | |
| 149 + w.add(caLength, 2) | |
| 150 + #add bytes | |
| 151 + for ca_dn in self.certificate_authorities: | |
| 152 + w.addVarSeq(ca_dn, 1, 2) | |
| 153 return HandshakeMsg.postWrite(self, w, trial) | |
| 154 | |
| 155 class ServerKeyExchange(HandshakeMsg): | |
| 156 diff -aur tlslite-0.3.8/tlslite/utils/ASN1Parser.py chromium/tlslite/utils/ASN1P
arser.py | |
| 157 --- tlslite-0.3.8/tlslite/utils/ASN1Parser.py 2004-10-06 01:02:40.000000000 -0
400 | |
| 158 +++ chromium/tlslite/utils/ASN1Parser.py 2010-08-18 22:17:30.979787700 -0
400 | |
| 159 @@ -16,13 +16,16 @@ | |
| 160 | |
| 161 #Assuming this is a sequence... | |
| 162 def getChild(self, which): | |
| 163 + return ASN1Parser(self.getChildBytes(which)) | |
| 164 + | |
| 165 + def getChildBytes(self, which): | |
| 166 p = Parser(self.value) | |
| 167 for x in range(which+1): | |
| 168 markIndex = p.index | |
| 169 p.get(1) #skip Type | |
| 170 length = self._getASN1Length(p) | |
| 171 p.getFixBytes(length) | |
| 172 - return ASN1Parser(p.bytes[markIndex : p.index]) | |
| 173 + return p.bytes[markIndex : p.index] | |
| 174 | |
| 175 #Decode the ASN.1 DER length field | |
| 176 def _getASN1Length(self, p): | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 210323002:
Update tlslite to 0.4.6. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src