Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(43)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/tlslite/tlslite/constants.py

Issue 212883008: Add DHE_RSA support to tlslite. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/tlslite/README.chromium ('K') | « third_party/tlslite/patches/dhe_rsa.patch ('k') | third_party/tlslite/tlslite/handshakesettings.py » ('j') | third_party/tlslite/tlslite/handshakesettings.py » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/tlslite/tlslite/constants.py
diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlslite/constants.py
index 52c20ac48af8add5be41778fef7eb53ef463487f..feca4232f474fa4a50fe2505ec544c8673078a6f 100644
--- a/third_party/tlslite/tlslite/constants.py
+++ b/third_party/tlslite/tlslite/constants.py
@@ -143,6 +143,10 @@ class CipherSuite:
TLS_RSA_WITH_RC4_128_MD5 = 0x0004
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039
+
TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034
TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A
@@ -150,17 +154,20 @@ class CipherSuite:
tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA)
+ tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
aes128Suites = []
aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA)
aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA)
aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA)
+ aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
aes256Suites = []
aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA)
aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA)
aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
+ aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
rc4Suites = []
@@ -178,6 +185,9 @@ class CipherSuite:
shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA)
shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
shaSuites.append(TLS_RSA_WITH_RC4_128_SHA)
+ shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
+ shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
+ shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
@@ -188,6 +198,7 @@ class CipherSuite:
def _filterSuites(suites, settings):
macNames = settings.macNames
cipherNames = settings.cipherNames
+ keyExchangeNames = settings.keyExchangeNames
macSuites = []
if "sha" in macNames:
macSuites += CipherSuite.shaSuites
@@ -204,7 +215,20 @@ class CipherSuite:
if "rc4" in cipherNames:
cipherSuites += CipherSuite.rc4Suites
- return [s for s in suites if s in macSuites and s in cipherSuites]
+ keyExchangeSuites = []
+ if "rsa" in keyExchangeNames:
+ keyExchangeSuites += CipherSuite.certSuites
+ if "dhe_rsa" in keyExchangeNames:
+ keyExchangeSuites += CipherSuite.dheCertSuites
+ if "srp_sha" in keyExchangeNames:
+ keyExchangeSuites += CipherSuite.srpSuites
+ if "srp_sha_rsa" in keyExchangeNames:
+ keyExchangeSuites += CipherSuite.srpCertSuites
+ if "dh_anon" in keyExchangeNames:
+ keyExchangeSuites += CipherSuite.anonSuites
+
+ return [s for s in suites if s in macSuites and
+ s in cipherSuites and s in keyExchangeSuites]
srpSuites = []
srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
@@ -236,12 +260,22 @@ class CipherSuite:
certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
certSuites.append(TLS_RSA_WITH_RC4_128_SHA)
certSuites.append(TLS_RSA_WITH_RC4_128_MD5)
- certAllSuites = srpCertSuites + certSuites
@staticmethod
def getCertSuites(settings):
return CipherSuite._filterSuites(CipherSuite.certSuites, settings)
+ dheCertSuites = []
+ dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
+ dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
+ dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
+
+ @staticmethod
+ def getDheCertSuites(settings):
+ return CipherSuite._filterSuites(CipherSuite.dheCertSuites, settings)
+
+ certAllSuites = srpCertSuites + certSuites + dheCertSuites
+
anonSuites = []
anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
@@ -250,6 +284,8 @@ class CipherSuite:
def getAnonSuites(settings):
return CipherSuite._filterSuites(CipherSuite.anonSuites, settings)
+ dhAllSuites = dheCertSuites + anonSuites
+
@staticmethod
def canonicalCipherName(ciphersuite):
"Return the canonical name of the cipher whose number is provided."
« third_party/tlslite/README.chromium ('K') | « third_party/tlslite/patches/dhe_rsa.patch ('k') | third_party/tlslite/tlslite/handshakesettings.py » ('j') | third_party/tlslite/tlslite/handshakesettings.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698