OLD | NEW |
---|---|
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Google - added reqCAs parameter | 3 # Google - added reqCAs parameter |
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
6 # Martin von Loewis - python 3 port | 6 # Martin von Loewis - python 3 port |
7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | |
7 # | 8 # |
8 # See the LICENSE file for legal information regarding use of this file. | 9 # See the LICENSE file for legal information regarding use of this file. |
9 | 10 |
10 """ | 11 """ |
11 MAIN CLASS FOR TLS LITE (START HERE!). | 12 MAIN CLASS FOR TLS LITE (START HERE!). |
12 """ | 13 """ |
13 | 14 |
14 import socket | 15 import socket |
15 from .utils.compat import formatExceptionTrace | 16 from .utils.compat import formatExceptionTrace |
16 from .tlsrecordlayer import TLSRecordLayer | 17 from .tlsrecordlayer import TLSRecordLayer |
17 from .session import Session | 18 from .session import Session |
18 from .constants import * | 19 from .constants import * |
19 from .utils.cryptomath import getRandomBytes | 20 from .utils.cryptomath import getRandomBytes |
20 from .errors import * | 21 from .errors import * |
21 from .messages import * | 22 from .messages import * |
22 from .mathtls import * | 23 from .mathtls import * |
23 from .handshakesettings import HandshakeSettings | 24 from .handshakesettings import HandshakeSettings |
24 from .utils.tackwrapper import * | 25 from .utils.tackwrapper import * |
26 from .utils.rsakey import RSAKey | |
25 | 27 |
26 class KeyExchange(object): | 28 class KeyExchange(object): |
27 def __init__(self, cipherSuite, clientHello, serverHello, privateKey): | 29 def __init__(self, cipherSuite, clientHello, serverHello, privateKey): |
28 """ | 30 """ |
29 Initializes the KeyExchange. privateKey is the signing private key. | 31 Initializes the KeyExchange. privateKey is the signing private key. |
30 """ | 32 """ |
31 self.cipherSuite = cipherSuite | 33 self.cipherSuite = cipherSuite |
32 self.clientHello = clientHello | 34 self.clientHello = clientHello |
33 self.serverHello = serverHello | 35 self.serverHello = serverHello |
34 self.privateKey = privateKey | 36 self.privateKey = privateKey |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
95 | 97 |
96 # RFC 3526, Section 8. | 98 # RFC 3526, Section 8. |
97 strength = 160 | 99 strength = 160 |
98 | 100 |
99 def makeServerKeyExchange(self): | 101 def makeServerKeyExchange(self): |
100 # Per RFC 3526, Section 1, the exponent should have double the entropy | 102 # Per RFC 3526, Section 1, the exponent should have double the entropy |
101 # of the strength of the curve. | 103 # of the strength of the curve. |
102 self.dh_Xs = bytesToNumber(getRandomBytes(self.strength * 2 / 8)) | 104 self.dh_Xs = bytesToNumber(getRandomBytes(self.strength * 2 / 8)) |
103 dh_Ys = powMod(self.dh_g, self.dh_Xs, self.dh_p) | 105 dh_Ys = powMod(self.dh_g, self.dh_Xs, self.dh_p) |
104 | 106 |
105 serverKeyExchange = ServerKeyExchange(self.cipherSuite) | 107 version = self.serverHello.server_version |
108 serverKeyExchange = ServerKeyExchange(self.cipherSuite, version) | |
106 serverKeyExchange.createDH(self.dh_p, self.dh_g, dh_Ys) | 109 serverKeyExchange.createDH(self.dh_p, self.dh_g, dh_Ys) |
107 serverKeyExchange.signature = self.privateKey.sign( | 110 hashBytes = serverKeyExchange.hash(self.clientHello.random, |
108 serverKeyExchange.hash(self.clientHello.random, | 111 self.serverHello.random) |
109 self.serverHello.random)) | 112 if version >= (3,3): |
113 # TODO: Signature algorithm negotiation not supported. | |
114 hashBytes = RSAKey.addPKCS1SHA1Prefix(hashBytes) | |
115 serverKeyExchange.signature = self.privateKey.sign(hashBytes) | |
110 return serverKeyExchange | 116 return serverKeyExchange |
111 | 117 |
112 def processClientKeyExchange(self, clientKeyExchange): | 118 def processClientKeyExchange(self, clientKeyExchange): |
113 dh_Yc = clientKeyExchange.dh_Yc | 119 dh_Yc = clientKeyExchange.dh_Yc |
114 | 120 |
115 # First half of RFC 2631, Section 2.1.5. Validate the client's public | 121 # First half of RFC 2631, Section 2.1.5. Validate the client's public |
116 # key. | 122 # key. |
117 if not 2 <= dh_Yc <= self.dh_p - 1: | 123 if not 2 <= dh_Yc <= self.dh_p - 1: |
118 raise TLSLocalAlert(AlertDescription.illegal_parameter, | 124 raise TLSLocalAlert(AlertDescription.illegal_parameter, |
119 "Invalid dh_Yc value") | 125 "Invalid dh_Yc value") |
(...skipping 469 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
589 | 595 |
590 | 596 |
591 def _clientSendClientHello(self, settings, session, srpUsername, | 597 def _clientSendClientHello(self, settings, session, srpUsername, |
592 srpParams, certParams, anonParams, | 598 srpParams, certParams, anonParams, |
593 serverName, nextProtos, reqTack): | 599 serverName, nextProtos, reqTack): |
594 #Initialize acceptable ciphersuites | 600 #Initialize acceptable ciphersuites |
595 cipherSuites = [CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV] | 601 cipherSuites = [CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV] |
596 if srpParams: | 602 if srpParams: |
597 cipherSuites += CipherSuite.getSrpAllSuites(settings) | 603 cipherSuites += CipherSuite.getSrpAllSuites(settings) |
598 elif certParams: | 604 elif certParams: |
599 cipherSuites += CipherSuite.getCertSuites(settings) | |
600 # TODO: Client DHE_RSA not supported. | 605 # TODO: Client DHE_RSA not supported. |
601 # cipherSuites += CipherSuite.getDheCertSuites(settings) | 606 # cipherSuites += CipherSuite.getDheCertSuites(settings) |
607 cipherSuites += CipherSuite.getCertSuites(settings) | |
602 elif anonParams: | 608 elif anonParams: |
603 cipherSuites += CipherSuite.getAnonSuites(settings) | 609 cipherSuites += CipherSuite.getAnonSuites(settings) |
604 else: | 610 else: |
605 assert(False) | 611 assert(False) |
606 | 612 |
607 #Initialize acceptable certificate types | 613 #Initialize acceptable certificate types |
608 certificateTypes = settings._getCertificateTypes() | 614 certificateTypes = settings._getCertificateTypes() |
609 | 615 |
610 #Either send ClientHello (with a resumable session)... | 616 #Either send ClientHello (with a resumable session)... |
611 if session and session.sessionID: | 617 if session and session.sessionID: |
(...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
952 if certificateRequest and privateKey: | 958 if certificateRequest and privateKey: |
953 if self.version == (3,0): | 959 if self.version == (3,0): |
954 masterSecret = calcMasterSecret(self.version, | 960 masterSecret = calcMasterSecret(self.version, |
955 premasterSecret, | 961 premasterSecret, |
956 clientRandom, | 962 clientRandom, |
957 serverRandom) | 963 serverRandom) |
958 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") | 964 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") |
959 elif self.version in ((3,1), (3,2)): | 965 elif self.version in ((3,1), (3,2)): |
960 verifyBytes = self._handshake_md5.digest() + \ | 966 verifyBytes = self._handshake_md5.digest() + \ |
961 self._handshake_sha.digest() | 967 self._handshake_sha.digest() |
968 elif self.version == (3,3): | |
969 # TODO: This does not handle the PKCS#1 prefix in TLS 1.2. | |
970 verifyBytes = self._handshake_sha256.digest() | |
davidben
2015/01/21 23:44:11
This completely broken for TLS 1.2. It is likewise
davidben
2015/01/22 00:18:35
Actually... we do have some tests in SSLClientSock
davidben
2015/01/22 00:56:46
Done.
| |
962 if self.fault == Fault.badVerifyMessage: | 971 if self.fault == Fault.badVerifyMessage: |
963 verifyBytes[0] = ((verifyBytes[0]+1) % 256) | 972 verifyBytes[0] = ((verifyBytes[0]+1) % 256) |
964 signedBytes = privateKey.sign(verifyBytes) | 973 signedBytes = privateKey.sign(verifyBytes) |
965 certificateVerify = CertificateVerify() | 974 certificateVerify = CertificateVerify() |
966 certificateVerify.create(signedBytes) | 975 certificateVerify.create(signedBytes) |
967 for result in self._sendMsg(certificateVerify): | 976 for result in self._sendMsg(certificateVerify): |
968 yield result | 977 yield result |
969 yield (premasterSecret, serverCertChain, clientCertChain, tackExt) | 978 yield (premasterSecret, serverCertChain, clientCertChain, tackExt) |
970 | 979 |
971 def _clientAnonKeyExchange(self, settings, cipherSuite, clientRandom, | 980 def _clientAnonKeyExchange(self, settings, cipherSuite, clientRandom, |
(...skipping 402 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1374 def _serverGetClientHello(self, settings, certChain, verifierDB, | 1383 def _serverGetClientHello(self, settings, certChain, verifierDB, |
1375 sessionCache, anon, fallbackSCSV): | 1384 sessionCache, anon, fallbackSCSV): |
1376 #Initialize acceptable cipher suites | 1385 #Initialize acceptable cipher suites |
1377 cipherSuites = [] | 1386 cipherSuites = [] |
1378 if verifierDB: | 1387 if verifierDB: |
1379 if certChain: | 1388 if certChain: |
1380 cipherSuites += \ | 1389 cipherSuites += \ |
1381 CipherSuite.getSrpCertSuites(settings) | 1390 CipherSuite.getSrpCertSuites(settings) |
1382 cipherSuites += CipherSuite.getSrpSuites(settings) | 1391 cipherSuites += CipherSuite.getSrpSuites(settings) |
1383 elif certChain: | 1392 elif certChain: |
1393 cipherSuites += CipherSuite.getDheCertSuites(settings) | |
1384 cipherSuites += CipherSuite.getCertSuites(settings) | 1394 cipherSuites += CipherSuite.getCertSuites(settings) |
1385 cipherSuites += CipherSuite.getDheCertSuites(settings) | |
1386 elif anon: | 1395 elif anon: |
1387 cipherSuites += CipherSuite.getAnonSuites(settings) | 1396 cipherSuites += CipherSuite.getAnonSuites(settings) |
1388 else: | 1397 else: |
1389 assert(False) | 1398 assert(False) |
1390 | 1399 |
1391 #Tentatively set version to most-desirable version, so if an error | 1400 #Tentatively set version to most-desirable version, so if an error |
1392 #occurs parsing the ClientHello, this is what we'll use for the | 1401 #occurs parsing the ClientHello, this is what we'll use for the |
1393 #error alert | 1402 #error alert |
1394 self.version = settings.maxVersion | 1403 self.version = settings.maxVersion |
1395 | 1404 |
(...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1505 self.session = session | 1514 self.session = session |
1506 | 1515 |
1507 yield None # Handshake done! | 1516 yield None # Handshake done! |
1508 | 1517 |
1509 #Calculate the first cipher suite intersection. | 1518 #Calculate the first cipher suite intersection. |
1510 #This is the 'privileged' ciphersuite. We'll use it if we're | 1519 #This is the 'privileged' ciphersuite. We'll use it if we're |
1511 #doing a new negotiation. In fact, | 1520 #doing a new negotiation. In fact, |
1512 #the only time we won't use it is if we're resuming a | 1521 #the only time we won't use it is if we're resuming a |
1513 #session, in which case we use the ciphersuite from the session. | 1522 #session, in which case we use the ciphersuite from the session. |
1514 # | 1523 # |
1515 #Use the client's preferences for now. | 1524 #Given the current ciphersuite ordering, this means we prefer SRP |
1516 for cipherSuite in clientHello.cipher_suites: | 1525 #over non-SRP. |
1517 if cipherSuite in cipherSuites: | 1526 for cipherSuite in cipherSuites: |
1527 if cipherSuite in clientHello.cipher_suites: | |
1518 break | 1528 break |
1519 else: | 1529 else: |
1520 for result in self._sendError(\ | 1530 for result in self._sendError(\ |
1521 AlertDescription.handshake_failure, | 1531 AlertDescription.handshake_failure, |
1522 "No mutual ciphersuite"): | 1532 "No mutual ciphersuite"): |
1523 yield result | 1533 yield result |
1524 if cipherSuite in CipherSuite.srpAllSuites and \ | 1534 if cipherSuite in CipherSuite.srpAllSuites and \ |
1525 not clientHello.srp_username: | 1535 not clientHello.srp_username: |
1526 for result in self._sendError(\ | 1536 for result in self._sendError(\ |
1527 AlertDescription.unknown_psk_identity, | 1537 AlertDescription.unknown_psk_identity, |
(...skipping 26 matching lines...) Expand all Loading... | |
1554 AlertDescription.unknown_psk_identity): | 1564 AlertDescription.unknown_psk_identity): |
1555 yield result | 1565 yield result |
1556 (N, g, s, v) = entry | 1566 (N, g, s, v) = entry |
1557 | 1567 |
1558 #Calculate server's ephemeral DH values (b, B) | 1568 #Calculate server's ephemeral DH values (b, B) |
1559 b = bytesToNumber(getRandomBytes(32)) | 1569 b = bytesToNumber(getRandomBytes(32)) |
1560 k = makeK(N, g) | 1570 k = makeK(N, g) |
1561 B = (powMod(g, b, N) + (k*v)) % N | 1571 B = (powMod(g, b, N) + (k*v)) % N |
1562 | 1572 |
1563 #Create ServerKeyExchange, signing it if necessary | 1573 #Create ServerKeyExchange, signing it if necessary |
1564 serverKeyExchange = ServerKeyExchange(cipherSuite) | 1574 serverKeyExchange = ServerKeyExchange(cipherSuite, self.version) |
1565 serverKeyExchange.createSRP(N, g, s, B) | 1575 serverKeyExchange.createSRP(N, g, s, B) |
1566 if cipherSuite in CipherSuite.srpCertSuites: | 1576 if cipherSuite in CipherSuite.srpCertSuites: |
1567 hashBytes = serverKeyExchange.hash(clientHello.random, | 1577 hashBytes = serverKeyExchange.hash(clientHello.random, |
1568 serverHello.random) | 1578 serverHello.random) |
1569 serverKeyExchange.signature = privateKey.sign(hashBytes) | 1579 serverKeyExchange.signature = privateKey.sign(hashBytes) |
1570 | 1580 |
1571 #Send ServerHello[, Certificate], ServerKeyExchange, | 1581 #Send ServerHello[, Certificate], ServerKeyExchange, |
1572 #ServerHelloDone | 1582 #ServerHelloDone |
1573 msgs = [] | 1583 msgs = [] |
1574 msgs.append(serverHello) | 1584 msgs.append(serverHello) |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1624 if serverHello.status_request: | 1634 if serverHello.status_request: |
1625 msgs.append(CertificateStatus().create(ocspResponse)) | 1635 msgs.append(CertificateStatus().create(ocspResponse)) |
1626 serverKeyExchange = keyExchange.makeServerKeyExchange() | 1636 serverKeyExchange = keyExchange.makeServerKeyExchange() |
1627 if serverKeyExchange is not None: | 1637 if serverKeyExchange is not None: |
1628 msgs.append(serverKeyExchange) | 1638 msgs.append(serverKeyExchange) |
1629 if reqCert: | 1639 if reqCert: |
1630 reqCAs = reqCAs or [] | 1640 reqCAs = reqCAs or [] |
1631 #Apple's Secure Transport library rejects empty certificate_types, | 1641 #Apple's Secure Transport library rejects empty certificate_types, |
1632 #so default to rsa_sign. | 1642 #so default to rsa_sign. |
1633 reqCertTypes = reqCertTypes or [ClientCertificateType.rsa_sign] | 1643 reqCertTypes = reqCertTypes or [ClientCertificateType.rsa_sign] |
1634 msgs.append(CertificateRequest().create(reqCertTypes, reqCAs)) | 1644 msgs.append(CertificateRequest(self.version).create(reqCertTypes, |
1645 reqCAs)) | |
1635 msgs.append(ServerHelloDone()) | 1646 msgs.append(ServerHelloDone()) |
1636 for result in self._sendMsgs(msgs): | 1647 for result in self._sendMsgs(msgs): |
1637 yield result | 1648 yield result |
1638 | 1649 |
1639 #From here on, the client's messages must have the right version | 1650 #From here on, the client's messages must have the right version |
1640 self._versionCheck = True | 1651 self._versionCheck = True |
1641 | 1652 |
1642 #Get [Certificate,] (if was requested) | 1653 #Get [Certificate,] (if was requested) |
1643 if reqCert: | 1654 if reqCert: |
1644 if self.version == (3,0): | 1655 if self.version == (3,0): |
(...skipping 12 matching lines...) Expand all Loading... | |
1657 AlertDescription.no_certificate: | 1668 AlertDescription.no_certificate: |
1658 self._shutdown(False) | 1669 self._shutdown(False) |
1659 raise TLSRemoteAlert(alert) | 1670 raise TLSRemoteAlert(alert) |
1660 elif isinstance(msg, Certificate): | 1671 elif isinstance(msg, Certificate): |
1661 clientCertificate = msg | 1672 clientCertificate = msg |
1662 if clientCertificate.certChain and \ | 1673 if clientCertificate.certChain and \ |
1663 clientCertificate.certChain.getNumCerts()!=0: | 1674 clientCertificate.certChain.getNumCerts()!=0: |
1664 clientCertChain = clientCertificate.certChain | 1675 clientCertChain = clientCertificate.certChain |
1665 else: | 1676 else: |
1666 raise AssertionError() | 1677 raise AssertionError() |
1667 elif self.version in ((3,1), (3,2)): | 1678 elif self.version in ((3,1), (3,2), (3,3)): |
1668 for result in self._getMsg(ContentType.handshake, | 1679 for result in self._getMsg(ContentType.handshake, |
1669 HandshakeType.certificate, | 1680 HandshakeType.certificate, |
1670 CertificateType.x509): | 1681 CertificateType.x509): |
1671 if result in (0,1): yield result | 1682 if result in (0,1): yield result |
1672 else: break | 1683 else: break |
1673 clientCertificate = result | 1684 clientCertificate = result |
1674 if clientCertificate.certChain and \ | 1685 if clientCertificate.certChain and \ |
1675 clientCertificate.certChain.getNumCerts()!=0: | 1686 clientCertificate.certChain.getNumCerts()!=0: |
1676 clientCertChain = clientCertificate.certChain | 1687 clientCertChain = clientCertificate.certChain |
1677 else: | 1688 else: |
(...skipping 17 matching lines...) Expand all Loading... | |
1695 | 1706 |
1696 #Get and check CertificateVerify, if relevant | 1707 #Get and check CertificateVerify, if relevant |
1697 if clientCertChain: | 1708 if clientCertChain: |
1698 if self.version == (3,0): | 1709 if self.version == (3,0): |
1699 masterSecret = calcMasterSecret(self.version, premasterSecret, | 1710 masterSecret = calcMasterSecret(self.version, premasterSecret, |
1700 clientHello.random, serverHello.random) | 1711 clientHello.random, serverHello.random) |
1701 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") | 1712 verifyBytes = self._calcSSLHandshakeHash(masterSecret, b"") |
1702 elif self.version in ((3,1), (3,2)): | 1713 elif self.version in ((3,1), (3,2)): |
1703 verifyBytes = self._handshake_md5.digest() + \ | 1714 verifyBytes = self._handshake_md5.digest() + \ |
1704 self._handshake_sha.digest() | 1715 self._handshake_sha.digest() |
1716 elif self.version == (3,3): | |
1717 verifyBytes = self._handshake_sha256.digest() | |
1705 for result in self._getMsg(ContentType.handshake, | 1718 for result in self._getMsg(ContentType.handshake, |
1706 HandshakeType.certificate_verify): | 1719 HandshakeType.certificate_verify): |
1707 if result in (0,1): yield result | 1720 if result in (0,1): yield result |
1708 else: break | 1721 else: break |
1709 certificateVerify = result | 1722 certificateVerify = result |
1710 publicKey = clientCertChain.getEndEntityPublicKey() | 1723 publicKey = clientCertChain.getEndEntityPublicKey() |
1711 if len(publicKey) < settings.minKeySize: | 1724 if len(publicKey) < settings.minKeySize: |
1712 for result in self._sendError(\ | 1725 for result in self._sendError(\ |
1713 AlertDescription.handshake_failure, | 1726 AlertDescription.handshake_failure, |
1714 "Client's public key too small: %d" % len(publicKey)): | 1727 "Client's public key too small: %d" % len(publicKey)): |
(...skipping 15 matching lines...) Expand all Loading... | |
1730 | 1743 |
1731 def _serverAnonKeyExchange(self, clientHello, serverHello, cipherSuite, | 1744 def _serverAnonKeyExchange(self, clientHello, serverHello, cipherSuite, |
1732 settings): | 1745 settings): |
1733 # Calculate DH p, g, Xs, Ys | 1746 # Calculate DH p, g, Xs, Ys |
1734 dh_p = getRandomSafePrime(32, False) | 1747 dh_p = getRandomSafePrime(32, False) |
1735 dh_g = getRandomNumber(2, dh_p) | 1748 dh_g = getRandomNumber(2, dh_p) |
1736 dh_Xs = bytesToNumber(getRandomBytes(32)) | 1749 dh_Xs = bytesToNumber(getRandomBytes(32)) |
1737 dh_Ys = powMod(dh_g, dh_Xs, dh_p) | 1750 dh_Ys = powMod(dh_g, dh_Xs, dh_p) |
1738 | 1751 |
1739 #Create ServerKeyExchange | 1752 #Create ServerKeyExchange |
1740 serverKeyExchange = ServerKeyExchange(cipherSuite) | 1753 serverKeyExchange = ServerKeyExchange(cipherSuite, self.version) |
1741 serverKeyExchange.createDH(dh_p, dh_g, dh_Ys) | 1754 serverKeyExchange.createDH(dh_p, dh_g, dh_Ys) |
1742 | 1755 |
1743 #Send ServerHello[, Certificate], ServerKeyExchange, | 1756 #Send ServerHello[, Certificate], ServerKeyExchange, |
1744 #ServerHelloDone | 1757 #ServerHelloDone |
1745 msgs = [] | 1758 msgs = [] |
1746 msgs.append(serverHello) | 1759 msgs.append(serverHello) |
1747 msgs.append(serverKeyExchange) | 1760 msgs.append(serverKeyExchange) |
1748 msgs.append(ServerHelloDone()) | 1761 msgs.append(ServerHelloDone()) |
1749 for result in self._sendMsgs(msgs): | 1762 for result in self._sendMsgs(msgs): |
1750 yield result | 1763 yield result |
(...skipping 151 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1902 elif self.version in ((3,1), (3,2)): | 1915 elif self.version in ((3,1), (3,2)): |
1903 if (self._client and send) or (not self._client and not send): | 1916 if (self._client and send) or (not self._client and not send): |
1904 label = b"client finished" | 1917 label = b"client finished" |
1905 else: | 1918 else: |
1906 label = b"server finished" | 1919 label = b"server finished" |
1907 | 1920 |
1908 handshakeHashes = self._handshake_md5.digest() + \ | 1921 handshakeHashes = self._handshake_md5.digest() + \ |
1909 self._handshake_sha.digest() | 1922 self._handshake_sha.digest() |
1910 verifyData = PRF(masterSecret, label, handshakeHashes, 12) | 1923 verifyData = PRF(masterSecret, label, handshakeHashes, 12) |
1911 return verifyData | 1924 return verifyData |
1925 elif self.version == (3,3): | |
1926 if (self._client and send) or (not self._client and not send): | |
1927 label = b"client finished" | |
1928 else: | |
1929 label = b"server finished" | |
1930 | |
1931 handshakeHashes = self._handshake_sha256.digest() | |
1932 verifyData = PRF_1_2(masterSecret, label, handshakeHashes, 12) | |
1933 return verifyData | |
1912 else: | 1934 else: |
1913 raise AssertionError() | 1935 raise AssertionError() |
1914 | 1936 |
1915 | 1937 |
1916 def _handshakeWrapperAsync(self, handshaker, checker): | 1938 def _handshakeWrapperAsync(self, handshaker, checker): |
1917 if not self.fault: | 1939 if not self.fault: |
1918 try: | 1940 try: |
1919 for result in handshaker: | 1941 for result in handshaker: |
1920 yield result | 1942 yield result |
1921 if checker: | 1943 if checker: |
(...skipping 10 matching lines...) Expand all Loading... | |
1932 except TLSAlert as alert: | 1954 except TLSAlert as alert: |
1933 if not self.fault: | 1955 if not self.fault: |
1934 raise | 1956 raise |
1935 if alert.description not in Fault.faultAlerts[self.fault]: | 1957 if alert.description not in Fault.faultAlerts[self.fault]: |
1936 raise TLSFaultError(str(alert)) | 1958 raise TLSFaultError(str(alert)) |
1937 else: | 1959 else: |
1938 pass | 1960 pass |
1939 except: | 1961 except: |
1940 self._shutdown(False) | 1962 self._shutdown(False) |
1941 raise | 1963 raise |
OLD | NEW |