OLD | NEW |
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Google - added reqCAs parameter | 3 # Google - added reqCAs parameter |
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
6 # Martin von Loewis - python 3 port | 6 # Martin von Loewis - python 3 port |
7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
8 # | 8 # |
9 # See the LICENSE file for legal information regarding use of this file. | 9 # See the LICENSE file for legal information regarding use of this file. |
10 | 10 |
(...skipping 1352 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1363 clientHello.extended_master_secret and \ | 1363 clientHello.extended_master_secret and \ |
1364 settings.enableExtendedMasterSecret | 1364 settings.enableExtendedMasterSecret |
1365 for param in clientHello.tb_client_params: | 1365 for param in clientHello.tb_client_params: |
1366 if param in settings.supportedTokenBindingParams: | 1366 if param in settings.supportedTokenBindingParams: |
1367 serverHello.tb_params = param | 1367 serverHello.tb_params = param |
1368 break | 1368 break |
1369 if clientHello.support_signed_cert_timestamps: | 1369 if clientHello.support_signed_cert_timestamps: |
1370 serverHello.signed_cert_timestamps = signedCertTimestamps | 1370 serverHello.signed_cert_timestamps = signedCertTimestamps |
1371 if clientHello.status_request: | 1371 if clientHello.status_request: |
1372 serverHello.status_request = ocspResponse | 1372 serverHello.status_request = ocspResponse |
| 1373 if clientHello.ri: |
| 1374 serverHello.send_ri = True |
1373 | 1375 |
1374 # Perform the SRP key exchange | 1376 # Perform the SRP key exchange |
1375 clientCertChain = None | 1377 clientCertChain = None |
1376 if cipherSuite in CipherSuite.srpAllSuites: | 1378 if cipherSuite in CipherSuite.srpAllSuites: |
1377 for result in self._serverSRPKeyExchange(clientHello, serverHello, | 1379 for result in self._serverSRPKeyExchange(clientHello, serverHello, |
1378 verifierDB, cipherSuite, | 1380 verifierDB, cipherSuite, |
1379 privateKey, certChain): | 1381 privateKey, certChain): |
1380 if result in (0,1): yield result | 1382 if result in (0,1): yield result |
1381 else: break | 1383 else: break |
1382 premasterSecret = result | 1384 premasterSecret = result |
(...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1576 session.sessionID, session.cipherSuite, | 1578 session.sessionID, session.cipherSuite, |
1577 CertificateType.x509, None, | 1579 CertificateType.x509, None, |
1578 alpn_proto_selected, None) | 1580 alpn_proto_selected, None) |
1579 serverHello.extended_master_secret = \ | 1581 serverHello.extended_master_secret = \ |
1580 clientHello.extended_master_secret and \ | 1582 clientHello.extended_master_secret and \ |
1581 settings.enableExtendedMasterSecret | 1583 settings.enableExtendedMasterSecret |
1582 for param in clientHello.tb_client_params: | 1584 for param in clientHello.tb_client_params: |
1583 if param in settings.supportedTokenBindingParams: | 1585 if param in settings.supportedTokenBindingParams: |
1584 serverHello.tb_params = param | 1586 serverHello.tb_params = param |
1585 break | 1587 break |
| 1588 if clientHello.ri: |
| 1589 serverHello.send_ri = True |
1586 for result in self._sendMsg(serverHello): | 1590 for result in self._sendMsg(serverHello): |
1587 yield result | 1591 yield result |
1588 | 1592 |
1589 #From here on, the client's messages must have right version | 1593 #From here on, the client's messages must have right version |
1590 self._versionCheck = True | 1594 self._versionCheck = True |
1591 | 1595 |
1592 #Calculate pending connection states | 1596 #Calculate pending connection states |
1593 self._calcPendingStates(session.cipherSuite, | 1597 self._calcPendingStates(session.cipherSuite, |
1594 session.masterSecret, | 1598 session.masterSecret, |
1595 clientHello.random, | 1599 clientHello.random, |
(...skipping 478 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2074 seed += bytearray(2) | 2078 seed += bytearray(2) |
2075 seed[len(seed) - 2] = len(context) >> 8 | 2079 seed[len(seed) - 2] = len(context) >> 8 |
2076 seed[len(seed) - 1] = len(context) & 0xFF | 2080 seed[len(seed) - 1] = len(context) & 0xFF |
2077 seed += context | 2081 seed += context |
2078 if self.version in ((3,1), (3,2)): | 2082 if self.version in ((3,1), (3,2)): |
2079 return PRF(self.session.masterSecret, label, seed, length) | 2083 return PRF(self.session.masterSecret, label, seed, length) |
2080 elif self.version == (3,3): | 2084 elif self.version == (3,3): |
2081 return PRF_1_2(self.session.masterSecret, label, seed, length) | 2085 return PRF_1_2(self.session.masterSecret, label, seed, length) |
2082 else: | 2086 else: |
2083 raise AssertionError() | 2087 raise AssertionError() |
OLD | NEW |