OLD | NEW |
1 """Constants used in various places.""" | 1 """Constants used in various places.""" |
2 | 2 |
3 class CertificateType: | 3 class CertificateType: |
4 x509 = 0 | 4 x509 = 0 |
5 openpgp = 1 | 5 openpgp = 1 |
6 cryptoID = 2 | 6 cryptoID = 2 |
7 | 7 |
8 class ClientCertificateType: | 8 class ClientCertificateType: |
9 rsa_sign = 1 | 9 rsa_sign = 1 |
10 dss_sign = 2 | 10 dss_sign = 2 |
(...skipping 12 matching lines...) Expand all Loading... |
23 client_key_exchange = 16 | 23 client_key_exchange = 16 |
24 finished = 20 | 24 finished = 20 |
25 | 25 |
26 class ContentType: | 26 class ContentType: |
27 change_cipher_spec = 20 | 27 change_cipher_spec = 20 |
28 alert = 21 | 28 alert = 21 |
29 handshake = 22 | 29 handshake = 22 |
30 application_data = 23 | 30 application_data = 23 |
31 all = (20,21,22,23) | 31 all = (20,21,22,23) |
32 | 32 |
| 33 class ClientHelloExtension: |
| 34 srp = 12 |
| 35 |
33 class AlertLevel: | 36 class AlertLevel: |
34 warning = 1 | 37 warning = 1 |
35 fatal = 2 | 38 fatal = 2 |
36 | 39 |
37 class AlertDescription: | 40 class AlertDescription: |
38 """ | 41 """ |
39 @cvar bad_record_mac: A TLS record failed to decrypt properly. | 42 @cvar bad_record_mac: A TLS record failed to decrypt properly. |
40 | 43 |
41 If this occurs during a shared-key or SRP handshake it most likely | 44 If this occurs during a shared-key or SRP handshake it most likely |
42 indicates a bad password. It may also indicate an implementation | 45 indicates a bad password. It may also indicate an implementation |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
81 unknown_ca = 48 | 84 unknown_ca = 48 |
82 access_denied = 49 | 85 access_denied = 49 |
83 decode_error = 50 | 86 decode_error = 50 |
84 decrypt_error = 51 | 87 decrypt_error = 51 |
85 export_restriction = 60 | 88 export_restriction = 60 |
86 protocol_version = 70 | 89 protocol_version = 70 |
87 insufficient_security = 71 | 90 insufficient_security = 71 |
88 internal_error = 80 | 91 internal_error = 80 |
89 user_canceled = 90 | 92 user_canceled = 90 |
90 no_renegotiation = 100 | 93 no_renegotiation = 100 |
91 unknown_srp_username = 120 | 94 unknown_psk_identity = 115 |
92 missing_srp_username = 121 | 95 untrusted_srp_parameters = 122 # TODO(sqs): probably outdated wrt RFC 5054 |
93 untrusted_srp_parameters = 122 | |
94 | 96 |
95 class CipherSuite: | 97 class CipherSuite: |
96 TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0x0050 | 98 TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A |
97 TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0x0053 | 99 TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D |
98 TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0x0056 | 100 TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020 |
99 | 101 |
100 TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0x0051 | 102 TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B |
101 TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0x0054 | 103 TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E |
102 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0x0057 | 104 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021 |
| 105 |
| 106 # TODO(sqs): No SRP DSS cipher suites |
103 | 107 |
104 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A | 108 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A |
105 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F | 109 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F |
106 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 | 110 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 |
107 TLS_RSA_WITH_RC4_128_SHA = 0x0005 | 111 TLS_RSA_WITH_RC4_128_SHA = 0x0005 |
108 | 112 |
109 srpSuites = [] | 113 srpSuites = [] |
110 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) | 114 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) |
111 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) | 115 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) |
112 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) | 116 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
195 | 199 |
196 badB = 201 | 200 badB = 201 |
197 serverFaults = range(201,202) | 201 serverFaults = range(201,202) |
198 | 202 |
199 badFinished = 300 | 203 badFinished = 300 |
200 badMAC = 301 | 204 badMAC = 301 |
201 badPadding = 302 | 205 badPadding = 302 |
202 genericFaults = range(300,303) | 206 genericFaults = range(300,303) |
203 | 207 |
204 faultAlerts = {\ | 208 faultAlerts = {\ |
205 badUsername: (AlertDescription.unknown_srp_username, \ | 209 badUsername: (AlertDescription.unknown_psk_identity, \ |
206 AlertDescription.bad_record_mac),\ | 210 AlertDescription.bad_record_mac, \ |
| 211 AlertDescription.user_canceled),\ |
207 badPassword: (AlertDescription.bad_record_mac,),\ | 212 badPassword: (AlertDescription.bad_record_mac,),\ |
208 badA: (AlertDescription.illegal_parameter,),\ | 213 badA: (AlertDescription.illegal_parameter,),\ |
209 badIdentifier: (AlertDescription.handshake_failure,),\ | 214 badIdentifier: (AlertDescription.handshake_failure,),\ |
210 badSharedKey: (AlertDescription.bad_record_mac,),\ | 215 badSharedKey: (AlertDescription.bad_record_mac,),\ |
211 badPremasterPadding: (AlertDescription.bad_record_mac,),\ | 216 badPremasterPadding: (AlertDescription.bad_record_mac,),\ |
212 shortPremasterSecret: (AlertDescription.bad_record_mac,),\ | 217 shortPremasterSecret: (AlertDescription.bad_record_mac,),\ |
213 badVerifyMessage: (AlertDescription.decrypt_error,),\ | 218 badVerifyMessage: (AlertDescription.decrypt_error,),\ |
214 badFinished: (AlertDescription.decrypt_error,),\ | 219 badFinished: (AlertDescription.decrypt_error,),\ |
215 badMAC: (AlertDescription.bad_record_mac,),\ | 220 badMAC: (AlertDescription.bad_record_mac,),\ |
216 badPadding: (AlertDescription.bad_record_mac,) | 221 badPadding: (AlertDescription.bad_record_mac,) |
217 } | 222 } |
218 | 223 |
219 faultNames = {\ | 224 faultNames = {\ |
220 badUsername: "bad username",\ | 225 badUsername: "bad username",\ |
221 badPassword: "bad password",\ | 226 badPassword: "bad password",\ |
222 badA: "bad A",\ | 227 badA: "bad A",\ |
223 badIdentifier: "bad identifier",\ | 228 badIdentifier: "bad identifier",\ |
224 badSharedKey: "bad sharedkey",\ | 229 badSharedKey: "bad sharedkey",\ |
225 badPremasterPadding: "bad premaster padding",\ | 230 badPremasterPadding: "bad premaster padding",\ |
226 shortPremasterSecret: "short premaster secret",\ | 231 shortPremasterSecret: "short premaster secret",\ |
227 badVerifyMessage: "bad verify message",\ | 232 badVerifyMessage: "bad verify message",\ |
228 badFinished: "bad finished message",\ | 233 badFinished: "bad finished message",\ |
229 badMAC: "bad MAC",\ | 234 badMAC: "bad MAC",\ |
230 badPadding: "bad padding" | 235 badPadding: "bad padding" |
231 } | 236 } |
OLD | NEW |