Index: third_party/tlslite/tlslite/mathtls.py |
diff --git a/third_party/tlslite/tlslite/mathtls.py b/third_party/tlslite/tlslite/mathtls.py |
index 7f75904fe9228db533913b48f43bd2a86b7fc2d2..6e2377a64f2708753a86afca737a1789598747f1 100644 |
--- a/third_party/tlslite/tlslite/mathtls.py |
+++ b/third_party/tlslite/tlslite/mathtls.py |
@@ -1,22 +1,16 @@ |
+# Authors: |
+# Trevor Perrin |
+# Dave Baggett (Arcode Corporation) - MD5 support for MAC_SSL |
+# |
+# See the LICENSE file for legal information regarding use of this file. |
+ |
"""Miscellaneous helper functions.""" |
-from utils.compat import * |
-from utils.cryptomath import * |
+from .utils.compat import * |
+from .utils.cryptomath import * |
import hmac |
-# The sha module is deprecated in Python 2.6 |
-try: |
- import sha |
-except ImportError: |
- from hashlib import sha1 as sha |
- |
-# The md5 module is deprecated in Python 2.6 |
-try: |
- import md5 |
-except ImportError: |
- from hashlib import md5 |
- |
#1024, 1536, 2048, 3072, 4096, 6144, and 8192 bit groups] |
goodGroupParameters = [(2,0xEEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3),\ |
(2,0x9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA9614B19CC4D5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F84380B655BB9A22E8DCDF028A7CEC67F0D08134B1C8B97989149B609E0BE3BAB63D47548381DBC5B1FC764E3F4B53DD9DA1158BFD3E2B9C8CF56EDF019539349627DB2FD53D24B7C48665772E437D6C7F8CE442734AF7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E5A021FFF5E91479E8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB),\ |
@@ -26,30 +20,29 @@ goodGroupParameters = [(2,0xEEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2 |
(5,0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF),\ |
(5,0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD922222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC50846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E7160C980DD98EDD3DFFFFFFFFFFFFFFFFF)] |
-def P_hash(hashModule, secret, seed, length): |
- bytes = createByteArrayZeros(length) |
- secret = bytesToString(secret) |
- seed = bytesToString(seed) |
+def P_hash(macFunc, secret, seed, length): |
+ bytes = bytearray(length) |
A = seed |
index = 0 |
while 1: |
- A = hmac.HMAC(secret, A, hashModule).digest() |
- output = hmac.HMAC(secret, A+seed, hashModule).digest() |
+ A = macFunc(secret, A) |
+ output = macFunc(secret, A + seed) |
for c in output: |
if index >= length: |
return bytes |
- bytes[index] = ord(c) |
+ bytes[index] = c |
index += 1 |
return bytes |
def PRF(secret, label, seed, length): |
#Split the secret into left and right halves |
+ # which may share a byte if len is odd |
S1 = secret[ : int(math.ceil(len(secret)/2.0))] |
S2 = secret[ int(math.floor(len(secret)/2.0)) : ] |
#Run the left half through P_MD5 and the right half through P_SHA1 |
- p_md5 = P_hash(md5, S1, concatArrays(stringToBytes(label), seed), length) |
- p_sha1 = P_hash(sha, S2, concatArrays(stringToBytes(label), seed), length) |
+ p_md5 = P_hash(HMAC_MD5, S1, label + seed, length) |
+ p_sha1 = P_hash(HMAC_SHA1, S2, label + seed, length) |
#XOR the output values and return the result |
for x in range(length): |
@@ -58,123 +51,95 @@ def PRF(secret, label, seed, length): |
def PRF_SSL(secret, seed, length): |
- secretStr = bytesToString(secret) |
- seedStr = bytesToString(seed) |
- bytes = createByteArrayZeros(length) |
+ bytes = bytearray(length) |
index = 0 |
for x in range(26): |
- A = chr(ord('A')+x) * (x+1) # 'A', 'BB', 'CCC', etc.. |
- input = secretStr + sha.sha(A + secretStr + seedStr).digest() |
- output = md5.md5(input).digest() |
+ A = bytearray([ord('A')+x] * (x+1)) # 'A', 'BB', 'CCC', etc.. |
+ input = secret + SHA1(A + secret + seed) |
+ output = MD5(input) |
for c in output: |
if index >= length: |
return bytes |
- bytes[index] = ord(c) |
+ bytes[index] = c |
index += 1 |
return bytes |
+def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom): |
+ if version == (3,0): |
+ masterSecret = PRF_SSL(premasterSecret, |
+ clientRandom + serverRandom, 48) |
+ elif version in ((3,1), (3,2)): |
+ masterSecret = PRF(premasterSecret, b"master secret", |
+ clientRandom + serverRandom, 48) |
+ else: |
+ raise AssertionError() |
+ return masterSecret |
+ |
+ |
def makeX(salt, username, password): |
if len(username)>=256: |
raise ValueError("username too long") |
if len(salt)>=256: |
raise ValueError("salt too long") |
- return stringToNumber(sha.sha(salt + sha.sha(username + ":" + password)\ |
- .digest()).digest()) |
+ innerHashResult = SHA1(username + bytearray(b":") + password) |
+ outerHashResult = SHA1(salt + innerHashResult) |
+ return bytesToNumber(outerHashResult) |
#This function is used by VerifierDB.makeVerifier |
def makeVerifier(username, password, bits): |
bitsIndex = {1024:0, 1536:1, 2048:2, 3072:3, 4096:4, 6144:5, 8192:6}[bits] |
g,N = goodGroupParameters[bitsIndex] |
- salt = bytesToString(getRandomBytes(16)) |
+ salt = getRandomBytes(16) |
x = makeX(salt, username, password) |
verifier = powMod(g, x, N) |
return N, g, salt, verifier |
def PAD(n, x): |
- nLength = len(numberToString(n)) |
- s = numberToString(x) |
- if len(s) < nLength: |
- s = ("\0" * (nLength-len(s))) + s |
- return s |
+ nLength = len(numberToByteArray(n)) |
+ b = numberToByteArray(x) |
+ if len(b) < nLength: |
+ b = (b"\0" * (nLength-len(b))) + b |
+ return b |
def makeU(N, A, B): |
- return stringToNumber(sha.sha(PAD(N, A) + PAD(N, B)).digest()) |
+ return bytesToNumber(SHA1(PAD(N, A) + PAD(N, B))) |
def makeK(N, g): |
- return stringToNumber(sha.sha(numberToString(N) + PAD(N, g)).digest()) |
- |
+ return bytesToNumber(SHA1(numberToByteArray(N) + PAD(N, g))) |
-""" |
-MAC_SSL |
-Modified from Python HMAC by Trevor |
-""" |
+def createHMAC(k, digestmod=hashlib.sha1): |
+ return hmac.HMAC(k, digestmod=digestmod) |
-class MAC_SSL: |
- """MAC_SSL class. |
+def createMAC_SSL(k, digestmod=None): |
+ mac = MAC_SSL() |
+ mac.create(k, digestmod=digestmod) |
+ return mac |
- This supports the API for Cryptographic Hash Functions (PEP 247). |
- """ |
- def __init__(self, key, msg = None, digestmod = None): |
- """Create a new MAC_SSL object. |
+class MAC_SSL(object): |
+ def create(self, k, digestmod=None): |
+ self.digestmod = digestmod or hashlib.sha1 |
+ # Repeat pad bytes 48 times for MD5; 40 times for other hash functions. |
+ self.digest_size = 16 if (self.digestmod is hashlib.md5) else 20 |
+ repeat = 40 if self.digest_size == 20 else 48 |
+ opad = b"\x5C" * repeat |
+ ipad = b"\x36" * repeat |
- key: key for the keyed hash object. |
- msg: Initial input for the hash, if provided. |
- digestmod: A module supporting PEP 247. Defaults to the md5 module. |
- """ |
- if digestmod is None: |
- import md5 |
- digestmod = md5 |
+ self.ohash = self.digestmod(k + opad) |
+ self.ihash = self.digestmod(k + ipad) |
- if key == None: #TREVNEW - for faster copying |
- return #TREVNEW |
- |
- self.digestmod = digestmod |
- self.outer = digestmod.new() |
- self.inner = digestmod.new() |
- self.digest_size = digestmod.digest_size |
- |
- ipad = "\x36" * 40 |
- opad = "\x5C" * 40 |
- |
- self.inner.update(key) |
- self.inner.update(ipad) |
- self.outer.update(key) |
- self.outer.update(opad) |
- if msg is not None: |
- self.update(msg) |
- |
- |
- def update(self, msg): |
- """Update this hashing object with the string msg. |
- """ |
- self.inner.update(msg) |
+ def update(self, m): |
+ self.ihash.update(m) |
def copy(self): |
- """Return a separate copy of this hashing object. |
- |
- An update to this copy won't affect the original object. |
- """ |
- other = MAC_SSL(None) #TREVNEW - for faster copying |
- other.digest_size = self.digest_size #TREVNEW |
- other.digestmod = self.digestmod |
- other.inner = self.inner.copy() |
- other.outer = self.outer.copy() |
- return other |
+ new = MAC_SSL() |
+ new.ihash = self.ihash.copy() |
+ new.ohash = self.ohash.copy() |
+ new.digestmod = self.digestmod |
+ new.digest_size = self.digest_size |
+ return new |
def digest(self): |
- """Return the hash value of this hashing object. |
- |
- This returns a string containing 8-bit data. The object is |
- not altered in any way by this function; you can continue |
- updating the object after calling this function. |
- """ |
- h = self.outer.copy() |
- h.update(self.inner.digest()) |
- return h.digest() |
- |
- def hexdigest(self): |
- """Like digest(), but returns a string of hexadecimal digits instead. |
- """ |
- return "".join([hex(ord(x))[2:].zfill(2) |
- for x in tuple(self.digest())]) |
+ ohash2 = self.ohash.copy() |
+ ohash2.update(self.ihash.digest()) |
+ return bytearray(ohash2.digest()) |