Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(12)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/tlslite/tlslite/tlsconnection.py

Issue 2337253004: Update Token Binding code to the latest drafts (Closed)
Patch Set: Add call to CBS_len() Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/tlslite/tlslite/messages.py ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Authors: 1 # Authors:
2 # Trevor Perrin 2 # Trevor Perrin
3 # Google - added reqCAs parameter 3 # Google - added reqCAs parameter
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support
5 # Dimitris Moraitis - Anon ciphersuites 5 # Dimitris Moraitis - Anon ciphersuites
6 # Martin von Loewis - python 3 port 6 # Martin von Loewis - python 3 port
7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
8 # 8 #
9 # See the LICENSE file for legal information regarding use of this file. 9 # See the LICENSE file for legal information regarding use of this file.
10 10
(...skipping 1352 matching lines...) Expand 10 before | Expand all | Expand 10 after
1363 clientHello.extended_master_secret and \ 1363 clientHello.extended_master_secret and \
1364 settings.enableExtendedMasterSecret 1364 settings.enableExtendedMasterSecret
1365 for param in clientHello.tb_client_params: 1365 for param in clientHello.tb_client_params:
1366 if param in settings.supportedTokenBindingParams: 1366 if param in settings.supportedTokenBindingParams:
1367 serverHello.tb_params = param 1367 serverHello.tb_params = param
1368 break 1368 break
1369 if clientHello.support_signed_cert_timestamps: 1369 if clientHello.support_signed_cert_timestamps:
1370 serverHello.signed_cert_timestamps = signedCertTimestamps 1370 serverHello.signed_cert_timestamps = signedCertTimestamps
1371 if clientHello.status_request: 1371 if clientHello.status_request:
1372 serverHello.status_request = ocspResponse 1372 serverHello.status_request = ocspResponse
1373 if clientHello.ri:
1374 serverHello.send_ri = True
1373 1375
1374 # Perform the SRP key exchange 1376 # Perform the SRP key exchange
1375 clientCertChain = None 1377 clientCertChain = None
1376 if cipherSuite in CipherSuite.srpAllSuites: 1378 if cipherSuite in CipherSuite.srpAllSuites:
1377 for result in self._serverSRPKeyExchange(clientHello, serverHello, 1379 for result in self._serverSRPKeyExchange(clientHello, serverHello,
1378 verifierDB, cipherSuite, 1380 verifierDB, cipherSuite,
1379 privateKey, certChain): 1381 privateKey, certChain):
1380 if result in (0,1): yield result 1382 if result in (0,1): yield result
1381 else: break 1383 else: break
1382 premasterSecret = result 1384 premasterSecret = result
(...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after
1576 session.sessionID, session.cipherSuite, 1578 session.sessionID, session.cipherSuite,
1577 CertificateType.x509, None, 1579 CertificateType.x509, None,
1578 alpn_proto_selected, None) 1580 alpn_proto_selected, None)
1579 serverHello.extended_master_secret = \ 1581 serverHello.extended_master_secret = \
1580 clientHello.extended_master_secret and \ 1582 clientHello.extended_master_secret and \
1581 settings.enableExtendedMasterSecret 1583 settings.enableExtendedMasterSecret
1582 for param in clientHello.tb_client_params: 1584 for param in clientHello.tb_client_params:
1583 if param in settings.supportedTokenBindingParams: 1585 if param in settings.supportedTokenBindingParams:
1584 serverHello.tb_params = param 1586 serverHello.tb_params = param
1585 break 1587 break
1588 if clientHello.ri:
1589 serverHello.send_ri = True
1586 for result in self._sendMsg(serverHello): 1590 for result in self._sendMsg(serverHello):
1587 yield result 1591 yield result
1588 1592
1589 #From here on, the client's messages must have right version 1593 #From here on, the client's messages must have right version
1590 self._versionCheck = True 1594 self._versionCheck = True
1591 1595
1592 #Calculate pending connection states 1596 #Calculate pending connection states
1593 self._calcPendingStates(session.cipherSuite, 1597 self._calcPendingStates(session.cipherSuite,
1594 session.masterSecret, 1598 session.masterSecret,
1595 clientHello.random, 1599 clientHello.random,
(...skipping 478 matching lines...) Expand 10 before | Expand all | Expand 10 after
2074 seed += bytearray(2) 2078 seed += bytearray(2)
2075 seed[len(seed) - 2] = len(context) >> 8 2079 seed[len(seed) - 2] = len(context) >> 8
2076 seed[len(seed) - 1] = len(context) & 0xFF 2080 seed[len(seed) - 1] = len(context) & 0xFF
2077 seed += context 2081 seed += context
2078 if self.version in ((3,1), (3,2)): 2082 if self.version in ((3,1), (3,2)):
2079 return PRF(self.session.masterSecret, label, seed, length) 2083 return PRF(self.session.masterSecret, label, seed, length)
2080 elif self.version == (3,3): 2084 elif self.version == (3,3):
2081 return PRF_1_2(self.session.masterSecret, label, seed, length) 2085 return PRF_1_2(self.session.masterSecret, label, seed, length)
2082 else: 2086 else:
2083 raise AssertionError() 2087 raise AssertionError()
OLDNEW
« no previous file with comments | « third_party/tlslite/tlslite/messages.py ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698