OLD | NEW |
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Google - added reqCAs parameter | 3 # Google - added reqCAs parameter |
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
6 # Martin von Loewis - python 3 port | 6 # Martin von Loewis - python 3 port |
7 # | 7 # |
8 # See the LICENSE file for legal information regarding use of this file. | 8 # See the LICENSE file for legal information regarding use of this file. |
9 | 9 |
10 """ | 10 """ |
(...skipping 1044 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1055 | 1055 |
1056 | 1056 |
1057 #********************************************************* | 1057 #********************************************************* |
1058 # Server Handshake Functions | 1058 # Server Handshake Functions |
1059 #********************************************************* | 1059 #********************************************************* |
1060 | 1060 |
1061 | 1061 |
1062 def handshakeServer(self, verifierDB=None, | 1062 def handshakeServer(self, verifierDB=None, |
1063 certChain=None, privateKey=None, reqCert=False, | 1063 certChain=None, privateKey=None, reqCert=False, |
1064 sessionCache=None, settings=None, checker=None, | 1064 sessionCache=None, settings=None, checker=None, |
1065 reqCAs = None, | 1065 reqCAs = None, reqCertTypes = None, |
1066 tacks=None, activationFlags=0, | 1066 tacks=None, activationFlags=0, |
1067 nextProtos=None, anon=False, | 1067 nextProtos=None, anon=False, |
1068 tlsIntolerant=None, signedCertTimestamps=None, | 1068 tlsIntolerant=None, signedCertTimestamps=None, |
1069 fallbackSCSV=False, ocspResponse=None): | 1069 fallbackSCSV=False, ocspResponse=None): |
1070 """Perform a handshake in the role of server. | 1070 """Perform a handshake in the role of server. |
1071 | 1071 |
1072 This function performs an SSL or TLS handshake. Depending on | 1072 This function performs an SSL or TLS handshake. Depending on |
1073 the arguments and the behavior of the client, this function can | 1073 the arguments and the behavior of the client, this function can |
1074 perform an SRP, or certificate-based handshake. It | 1074 perform an SRP, or certificate-based handshake. It |
1075 can also perform a combined SRP and server-certificate | 1075 can also perform a combined SRP and server-certificate |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1123 @type checker: L{tlslite.checker.Checker} | 1123 @type checker: L{tlslite.checker.Checker} |
1124 @param checker: A Checker instance. This instance will be | 1124 @param checker: A Checker instance. This instance will be |
1125 invoked to examine the other party's authentication | 1125 invoked to examine the other party's authentication |
1126 credentials, if the handshake completes succesfully. | 1126 credentials, if the handshake completes succesfully. |
1127 | 1127 |
1128 @type reqCAs: list of L{bytearray} of unsigned bytes | 1128 @type reqCAs: list of L{bytearray} of unsigned bytes |
1129 @param reqCAs: A collection of DER-encoded DistinguishedNames that | 1129 @param reqCAs: A collection of DER-encoded DistinguishedNames that |
1130 will be sent along with a certificate request. This does not affect | 1130 will be sent along with a certificate request. This does not affect |
1131 verification. | 1131 verification. |
1132 | 1132 |
| 1133 @type reqCertTypes: list of int |
| 1134 @param reqCertTypes: A list of certificate_type values to be sent |
| 1135 along with a certificate request. This does not affect verification. |
| 1136 |
1133 @type nextProtos: list of strings. | 1137 @type nextProtos: list of strings. |
1134 @param nextProtos: A list of upper layer protocols to expose to the | 1138 @param nextProtos: A list of upper layer protocols to expose to the |
1135 clients through the Next-Protocol Negotiation Extension, | 1139 clients through the Next-Protocol Negotiation Extension, |
1136 if they support it. | 1140 if they support it. |
1137 | 1141 |
1138 @type tlsIntolerant: (int, int) or None | 1142 @type tlsIntolerant: (int, int) or None |
1139 @param tlsIntolerant: If tlsIntolerant is not None, the server will | 1143 @param tlsIntolerant: If tlsIntolerant is not None, the server will |
1140 simulate TLS version intolerance by returning a fatal handshake_failure | 1144 simulate TLS version intolerance by returning a fatal handshake_failure |
1141 alert to all TLS versions tlsIntolerant or higher. | 1145 alert to all TLS versions tlsIntolerant or higher. |
1142 | 1146 |
(...skipping 19 matching lines...) Expand all Loading... |
1162 | 1166 |
1163 @raise socket.error: If a socket error occurs. | 1167 @raise socket.error: If a socket error occurs. |
1164 @raise tlslite.errors.TLSAbruptCloseError: If the socket is closed | 1168 @raise tlslite.errors.TLSAbruptCloseError: If the socket is closed |
1165 without a preceding alert. | 1169 without a preceding alert. |
1166 @raise tlslite.errors.TLSAlert: If a TLS alert is signalled. | 1170 @raise tlslite.errors.TLSAlert: If a TLS alert is signalled. |
1167 @raise tlslite.errors.TLSAuthenticationError: If the checker | 1171 @raise tlslite.errors.TLSAuthenticationError: If the checker |
1168 doesn't like the other party's authentication credentials. | 1172 doesn't like the other party's authentication credentials. |
1169 """ | 1173 """ |
1170 for result in self.handshakeServerAsync(verifierDB, | 1174 for result in self.handshakeServerAsync(verifierDB, |
1171 certChain, privateKey, reqCert, sessionCache, settings, | 1175 certChain, privateKey, reqCert, sessionCache, settings, |
1172 checker, reqCAs, | 1176 checker, reqCAs, reqCertTypes, |
1173 tacks=tacks, activationFlags=activationFlags, | 1177 tacks=tacks, activationFlags=activationFlags, |
1174 nextProtos=nextProtos, anon=anon, tlsIntolerant=tlsIntolerant, | 1178 nextProtos=nextProtos, anon=anon, tlsIntolerant=tlsIntolerant, |
1175 signedCertTimestamps=signedCertTimestamps, | 1179 signedCertTimestamps=signedCertTimestamps, |
1176 fallbackSCSV=fallbackSCSV, ocspResponse=ocspResponse): | 1180 fallbackSCSV=fallbackSCSV, ocspResponse=ocspResponse): |
1177 pass | 1181 pass |
1178 | 1182 |
1179 | 1183 |
1180 def handshakeServerAsync(self, verifierDB=None, | 1184 def handshakeServerAsync(self, verifierDB=None, |
1181 certChain=None, privateKey=None, reqCert=False, | 1185 certChain=None, privateKey=None, reqCert=False, |
1182 sessionCache=None, settings=None, checker=None, | 1186 sessionCache=None, settings=None, checker=None, |
1183 reqCAs=None, | 1187 reqCAs=None, reqCertTypes=None, |
1184 tacks=None, activationFlags=0, | 1188 tacks=None, activationFlags=0, |
1185 nextProtos=None, anon=False, | 1189 nextProtos=None, anon=False, |
1186 tlsIntolerant=None, | 1190 tlsIntolerant=None, |
1187 signedCertTimestamps=None, | 1191 signedCertTimestamps=None, |
1188 fallbackSCSV=False, | 1192 fallbackSCSV=False, |
1189 ocspResponse=None | 1193 ocspResponse=None |
1190 ): | 1194 ): |
1191 """Start a server handshake operation on the TLS connection. | 1195 """Start a server handshake operation on the TLS connection. |
1192 | 1196 |
1193 This function returns a generator which behaves similarly to | 1197 This function returns a generator which behaves similarly to |
1194 handshakeServer(). Successive invocations of the generator | 1198 handshakeServer(). Successive invocations of the generator |
1195 will return 0 if it is waiting to read from the socket, 1 if it is | 1199 will return 0 if it is waiting to read from the socket, 1 if it is |
1196 waiting to write to the socket, or it will raise StopIteration | 1200 waiting to write to the socket, or it will raise StopIteration |
1197 if the handshake operation is complete. | 1201 if the handshake operation is complete. |
1198 | 1202 |
1199 @rtype: iterable | 1203 @rtype: iterable |
1200 @return: A generator; see above for details. | 1204 @return: A generator; see above for details. |
1201 """ | 1205 """ |
1202 handshaker = self._handshakeServerAsyncHelper(\ | 1206 handshaker = self._handshakeServerAsyncHelper(\ |
1203 verifierDB=verifierDB, certChain=certChain, | 1207 verifierDB=verifierDB, certChain=certChain, |
1204 privateKey=privateKey, reqCert=reqCert, | 1208 privateKey=privateKey, reqCert=reqCert, |
1205 sessionCache=sessionCache, settings=settings, | 1209 sessionCache=sessionCache, settings=settings, |
1206 reqCAs=reqCAs, | 1210 reqCAs=reqCAs, reqCertTypes=reqCertTypes, |
1207 tacks=tacks, activationFlags=activationFlags, | 1211 tacks=tacks, activationFlags=activationFlags, |
1208 nextProtos=nextProtos, anon=anon, | 1212 nextProtos=nextProtos, anon=anon, |
1209 tlsIntolerant=tlsIntolerant, | 1213 tlsIntolerant=tlsIntolerant, |
1210 signedCertTimestamps=signedCertTimestamps, | 1214 signedCertTimestamps=signedCertTimestamps, |
1211 fallbackSCSV=fallbackSCSV, | 1215 fallbackSCSV=fallbackSCSV, |
1212 ocspResponse=ocspResponse) | 1216 ocspResponse=ocspResponse) |
1213 for result in self._handshakeWrapperAsync(handshaker, checker): | 1217 for result in self._handshakeWrapperAsync(handshaker, checker): |
1214 yield result | 1218 yield result |
1215 | 1219 |
1216 | 1220 |
1217 def _handshakeServerAsyncHelper(self, verifierDB, | 1221 def _handshakeServerAsyncHelper(self, verifierDB, |
1218 certChain, privateKey, reqCert, sessionCache, | 1222 certChain, privateKey, reqCert, sessionCache, |
1219 settings, reqCAs, | 1223 settings, reqCAs, reqCertTypes, |
1220 tacks, activationFlags, | 1224 tacks, activationFlags, |
1221 nextProtos, anon, | 1225 nextProtos, anon, |
1222 tlsIntolerant, signedCertTimestamps, fallbackSCSV, | 1226 tlsIntolerant, signedCertTimestamps, fallbackSCSV, |
1223 ocspResponse): | 1227 ocspResponse): |
1224 | 1228 |
1225 self._handshakeStart(client=False) | 1229 self._handshakeStart(client=False) |
1226 | 1230 |
1227 if (not verifierDB) and (not certChain) and not anon: | 1231 if (not verifierDB) and (not certChain) and not anon: |
1228 raise ValueError("Caller passed no authentication credentials") | 1232 raise ValueError("Caller passed no authentication credentials") |
1229 if certChain and not privateKey: | 1233 if certChain and not privateKey: |
1230 raise ValueError("Caller passed a certChain but no privateKey") | 1234 raise ValueError("Caller passed a certChain but no privateKey") |
1231 if privateKey and not certChain: | 1235 if privateKey and not certChain: |
1232 raise ValueError("Caller passed a privateKey but no certChain") | 1236 raise ValueError("Caller passed a privateKey but no certChain") |
1233 if reqCAs and not reqCert: | 1237 if reqCAs and not reqCert: |
1234 raise ValueError("Caller passed reqCAs but not reqCert") | 1238 raise ValueError("Caller passed reqCAs but not reqCert") |
| 1239 if reqCertTypes and not reqCert: |
| 1240 raise ValueError("Caller passed reqCertTypes but not reqCert") |
1235 if certChain and not isinstance(certChain, X509CertChain): | 1241 if certChain and not isinstance(certChain, X509CertChain): |
1236 raise ValueError("Unrecognized certificate type") | 1242 raise ValueError("Unrecognized certificate type") |
1237 if activationFlags and not tacks: | 1243 if activationFlags and not tacks: |
1238 raise ValueError("Nonzero activationFlags requires tacks") | 1244 raise ValueError("Nonzero activationFlags requires tacks") |
1239 if tacks: | 1245 if tacks: |
1240 if not tackpyLoaded: | 1246 if not tackpyLoaded: |
1241 raise ValueError("tackpy is not loaded") | 1247 raise ValueError("tackpy is not loaded") |
1242 if not settings or not settings.useExperimentalTackExtension: | 1248 if not settings or not settings.useExperimentalTackExtension: |
1243 raise ValueError("useExperimentalTackExtension not enabled") | 1249 raise ValueError("useExperimentalTackExtension not enabled") |
1244 if signedCertTimestamps and not certChain: | 1250 if signedCertTimestamps and not certChain: |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1313 privateKey) | 1319 privateKey) |
1314 elif cipherSuite in CipherSuite.dheCertSuites: | 1320 elif cipherSuite in CipherSuite.dheCertSuites: |
1315 keyExchange = DHE_RSAKeyExchange(cipherSuite, | 1321 keyExchange = DHE_RSAKeyExchange(cipherSuite, |
1316 clientHello, | 1322 clientHello, |
1317 serverHello, | 1323 serverHello, |
1318 privateKey) | 1324 privateKey) |
1319 else: | 1325 else: |
1320 assert(False) | 1326 assert(False) |
1321 for result in self._serverCertKeyExchange(clientHello, serverHello, | 1327 for result in self._serverCertKeyExchange(clientHello, serverHello, |
1322 certChain, keyExchange, | 1328 certChain, keyExchange, |
1323 reqCert, reqCAs, cipherSuite, | 1329 reqCert, reqCAs, reqCertTypes, cipherSui
te, |
1324 settings, ocspResponse): | 1330 settings, ocspResponse): |
1325 if result in (0,1): yield result | 1331 if result in (0,1): yield result |
1326 else: break | 1332 else: break |
1327 (premasterSecret, clientCertChain) = result | 1333 (premasterSecret, clientCertChain) = result |
1328 | 1334 |
1329 # Perform anonymous Diffie Hellman key exchange | 1335 # Perform anonymous Diffie Hellman key exchange |
1330 elif cipherSuite in CipherSuite.anonSuites: | 1336 elif cipherSuite in CipherSuite.anonSuites: |
1331 for result in self._serverAnonKeyExchange(clientHello, serverHello, | 1337 for result in self._serverAnonKeyExchange(clientHello, serverHello, |
1332 cipherSuite, settings): | 1338 cipherSuite, settings): |
1333 if result in (0,1): yield result | 1339 if result in (0,1): yield result |
(...skipping 256 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1590 | 1596 |
1591 #Calculate premaster secret | 1597 #Calculate premaster secret |
1592 S = powMod((A * powMod(v,u,N)) % N, b, N) | 1598 S = powMod((A * powMod(v,u,N)) % N, b, N) |
1593 premasterSecret = numberToByteArray(S) | 1599 premasterSecret = numberToByteArray(S) |
1594 | 1600 |
1595 yield premasterSecret | 1601 yield premasterSecret |
1596 | 1602 |
1597 | 1603 |
1598 def _serverCertKeyExchange(self, clientHello, serverHello, | 1604 def _serverCertKeyExchange(self, clientHello, serverHello, |
1599 serverCertChain, keyExchange, | 1605 serverCertChain, keyExchange, |
1600 reqCert, reqCAs, cipherSuite, | 1606 reqCert, reqCAs, reqCertTypes, cipherSuite, |
1601 settings, ocspResponse): | 1607 settings, ocspResponse): |
1602 #Send ServerHello, Certificate[, ServerKeyExchange] | 1608 #Send ServerHello, Certificate[, ServerKeyExchange] |
1603 #[, CertificateRequest], ServerHelloDone | 1609 #[, CertificateRequest], ServerHelloDone |
1604 msgs = [] | 1610 msgs = [] |
1605 | 1611 |
1606 # If we verify a client cert chain, return it | 1612 # If we verify a client cert chain, return it |
1607 clientCertChain = None | 1613 clientCertChain = None |
1608 | 1614 |
1609 msgs.append(serverHello) | 1615 msgs.append(serverHello) |
1610 msgs.append(Certificate(CertificateType.x509).create(serverCertChain)) | 1616 msgs.append(Certificate(CertificateType.x509).create(serverCertChain)) |
1611 if serverHello.status_request: | 1617 if serverHello.status_request: |
1612 msgs.append(CertificateStatus().create(ocspResponse)) | 1618 msgs.append(CertificateStatus().create(ocspResponse)) |
1613 serverKeyExchange = keyExchange.makeServerKeyExchange() | 1619 serverKeyExchange = keyExchange.makeServerKeyExchange() |
1614 if serverKeyExchange is not None: | 1620 if serverKeyExchange is not None: |
1615 msgs.append(serverKeyExchange) | 1621 msgs.append(serverKeyExchange) |
1616 if reqCert and reqCAs: | 1622 if reqCert: |
1617 msgs.append(CertificateRequest().create(\ | 1623 reqCAs = reqCAs or [] |
1618 [ClientCertificateType.rsa_sign], reqCAs)) | 1624 #Apple's Secure Transport library rejects empty certificate_types, |
1619 elif reqCert: | 1625 #so default to rsa_sign. |
1620 msgs.append(CertificateRequest()) | 1626 reqCertTypes = reqCertTypes or [ClientCertificateType.rsa_sign] |
| 1627 msgs.append(CertificateRequest().create(reqCertTypes, reqCAs)) |
1621 msgs.append(ServerHelloDone()) | 1628 msgs.append(ServerHelloDone()) |
1622 for result in self._sendMsgs(msgs): | 1629 for result in self._sendMsgs(msgs): |
1623 yield result | 1630 yield result |
1624 | 1631 |
1625 #From here on, the client's messages must have the right version | 1632 #From here on, the client's messages must have the right version |
1626 self._versionCheck = True | 1633 self._versionCheck = True |
1627 | 1634 |
1628 #Get [Certificate,] (if was requested) | 1635 #Get [Certificate,] (if was requested) |
1629 if reqCert: | 1636 if reqCert: |
1630 if self.version == (3,0): | 1637 if self.version == (3,0): |
(...skipping 287 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1918 except TLSAlert as alert: | 1925 except TLSAlert as alert: |
1919 if not self.fault: | 1926 if not self.fault: |
1920 raise | 1927 raise |
1921 if alert.description not in Fault.faultAlerts[self.fault]: | 1928 if alert.description not in Fault.faultAlerts[self.fault]: |
1922 raise TLSFaultError(str(alert)) | 1929 raise TLSFaultError(str(alert)) |
1923 else: | 1930 else: |
1924 pass | 1931 pass |
1925 except: | 1932 except: |
1926 self._shutdown(False) | 1933 self._shutdown(False) |
1927 raise | 1934 raise |
OLD | NEW |