Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/tlslite/patches/channel_id.patch

Issue 858373002: Update third_party/tlslite to 0.4.8. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Finish fixing client auth Created 5 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/tlslite/patches/certificate_request.patch ('k') | third_party/tlslite/patches/client_cipher_preferences.patch » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlsl ite/constants.py 1 diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlsl ite/constants.py
2 index d52e596..79ad145 100755 2 index 4165de0..6429c66 100644
3 --- a/third_party/tlslite/tlslite/constants.py 3 --- a/third_party/tlslite/tlslite/constants.py
4 +++ b/third_party/tlslite/tlslite/constants.py 4 +++ b/third_party/tlslite/tlslite/constants.py
5 @@ -31,6 +31,7 @@ class HandshakeType: 5 @@ -32,6 +32,7 @@ class HandshakeType:
6 client_key_exchange = 16 6 client_key_exchange = 16
7 finished = 20 7 finished = 20
8 next_protocol = 67 8 next_protocol = 67
9 + encrypted_extensions = 203 9 + encrypted_extensions = 203
10 10
11 class ContentType: 11 class ContentType:
12 change_cipher_spec = 20 12 change_cipher_spec = 20
13 @@ -45,6 +46,7 @@ class ExtensionType: # RFC 6066 / 4366 13 @@ -46,6 +47,7 @@ class ExtensionType: # RFC 6066 / 4366
14 cert_type = 9 # RFC 6091 14 cert_type = 9 # RFC 6091
15 tack = 0xF300 15 tack = 0xF300
16 supports_npn = 13172 16 supports_npn = 13172
17 + channel_id = 30032 17 + channel_id = 30032
18 18
19 class NameType: 19 class NameType:
20 host_name = 0 20 host_name = 0
21 diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlsli te/messages.py 21 diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlsli te/messages.py
22 index 7ef4e3f..246082e 100755 22 index 2b3e518..4fa9d96 100644
23 --- a/third_party/tlslite/tlslite/messages.py 23 --- a/third_party/tlslite/tlslite/messages.py
24 +++ b/third_party/tlslite/tlslite/messages.py 24 +++ b/third_party/tlslite/tlslite/messages.py
25 @@ -112,6 +112,7 @@ class ClientHello(HandshakeMsg): 25 @@ -113,6 +113,7 @@ class ClientHello(HandshakeMsg):
26 self.tack = False 26 self.tack = False
27 self.supports_npn = False 27 self.supports_npn = False
28 self.server_name = bytearray(0) 28 self.server_name = bytearray(0)
29 + self.channel_id = False 29 + self.channel_id = False
30 30
31 def create(self, version, random, session_id, cipher_suites, 31 def create(self, version, random, session_id, cipher_suites,
32 certificate_types=None, srpUsername=None, 32 certificate_types=None, srpUsername=None,
33 @@ -179,6 +180,8 @@ class ClientHello(HandshakeMsg): 33 @@ -180,6 +181,8 @@ class ClientHello(HandshakeMsg):
34 if name_type == NameType.host_name: 34 if name_type == NameType.host_name:
35 self.server_name = hostNameBytes 35 self.server_name = hostNameBytes
36 break 36 break
37 + elif extType == ExtensionType.channel_id: 37 + elif extType == ExtensionType.channel_id:
38 + self.channel_id = True 38 + self.channel_id = True
39 else: 39 else:
40 _ = p.getFixBytes(extLength) 40 _ = p.getFixBytes(extLength)
41 index2 = p.index 41 index2 = p.index
42 @@ -243,6 +246,7 @@ class ServerHello(HandshakeMsg): 42 @@ -244,6 +247,7 @@ class ServerHello(HandshakeMsg):
43 self.tackExt = None 43 self.tackExt = None
44 self.next_protos_advertised = None 44 self.next_protos_advertised = None
45 self.next_protos = None 45 self.next_protos = None
46 + self.channel_id = False 46 + self.channel_id = False
47 47
48 def create(self, version, random, session_id, cipher_suite, 48 def create(self, version, random, session_id, cipher_suite,
49 certificate_type, tackExt, next_protos_advertised): 49 certificate_type, tackExt, next_protos_advertised):
50 @@ -329,6 +333,9 @@ class ServerHello(HandshakeMsg): 50 @@ -330,6 +334,9 @@ class ServerHello(HandshakeMsg):
51 w2.add(ExtensionType.supports_npn, 2) 51 w2.add(ExtensionType.supports_npn, 2)
52 w2.add(len(encoded_next_protos_advertised), 2) 52 w2.add(len(encoded_next_protos_advertised), 2)
53 w2.addFixSeq(encoded_next_protos_advertised, 1) 53 w2.addFixSeq(encoded_next_protos_advertised, 1)
54 + if self.channel_id: 54 + if self.channel_id:
55 + w2.add(ExtensionType.channel_id, 2) 55 + w2.add(ExtensionType.channel_id, 2)
56 + w2.add(0, 2) 56 + w2.add(0, 2)
57 if len(w2.bytes): 57 if len(w2.bytes):
58 w.add(len(w2.bytes), 2) 58 w.add(len(w2.bytes), 2)
59 w.bytes += w2.bytes 59 w.bytes += w2.bytes
60 @@ -656,6 +663,28 @@ class Finished(HandshakeMsg): 60 @@ -665,6 +672,28 @@ class Finished(HandshakeMsg):
61 w.addFixSeq(self.verify_data, 1) 61 w.addFixSeq(self.verify_data, 1)
62 return self.postWrite(w) 62 return self.postWrite(w)
63 63
64 +class EncryptedExtensions(HandshakeMsg): 64 +class EncryptedExtensions(HandshakeMsg):
65 + def __init__(self): 65 + def __init__(self):
66 + self.channel_id_key = None 66 + self.channel_id_key = None
67 + self.channel_id_proof = None 67 + self.channel_id_proof = None
68 + 68 +
69 + def parse(self, p): 69 + def parse(self, p):
70 + p.startLengthCheck(3) 70 + p.startLengthCheck(3)
71 + soFar = 0 71 + soFar = 0
72 + while soFar != p.lengthCheck: 72 + while soFar != p.lengthCheck:
73 + extType = p.get(2) 73 + extType = p.get(2)
74 + extLength = p.get(2) 74 + extLength = p.get(2)
75 + if extType == ExtensionType.channel_id: 75 + if extType == ExtensionType.channel_id:
76 + if extLength != 32*4: 76 + if extLength != 32*4:
77 + raise SyntaxError() 77 + raise SyntaxError()
78 + self.channel_id_key = p.getFixBytes(64) 78 + self.channel_id_key = p.getFixBytes(64)
79 + self.channel_id_proof = p.getFixBytes(64) 79 + self.channel_id_proof = p.getFixBytes(64)
80 + else: 80 + else:
81 + p.getFixBytes(extLength) 81 + p.getFixBytes(extLength)
82 + soFar += 4 + extLength 82 + soFar += 4 + extLength
83 + p.stopLengthCheck() 83 + p.stopLengthCheck()
84 + return self 84 + return self
85 + 85 +
86 class ApplicationData(object): 86 class ApplicationData(object):
87 def __init__(self): 87 def __init__(self):
88 self.contentType = ContentType.application_data 88 self.contentType = ContentType.application_data
89 diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/ tlslite/tlsconnection.py 89 diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/ tlslite/tlsconnection.py
90 index 8415592..e7c5140 100755 90 index 0e78753..b0400f8 100644
91 --- a/third_party/tlslite/tlslite/tlsconnection.py 91 --- a/third_party/tlslite/tlslite/tlsconnection.py
92 +++ b/third_party/tlslite/tlslite/tlsconnection.py 92 +++ b/third_party/tlslite/tlslite/tlsconnection.py
93 @@ -1155,6 +1155,7 @@ class TLSConnection(TLSRecordLayer): 93 @@ -1158,6 +1158,7 @@ class TLSConnection(TLSRecordLayer):
94 serverHello.create(self.version, getRandomBytes(32), sessionID, \ 94 serverHello.create(self.version, getRandomBytes(32), sessionID, \
95 cipherSuite, CertificateType.x509, tackExt, 95 cipherSuite, CertificateType.x509, tackExt,
96 nextProtos) 96 nextProtos)
97 + serverHello.channel_id = clientHello.channel_id 97 + serverHello.channel_id = clientHello.channel_id
98 98
99 # Perform the SRP key exchange 99 # Perform the SRP key exchange
100 clientCertChain = None 100 clientCertChain = None
101 @@ -1191,7 +1192,7 @@ class TLSConnection(TLSRecordLayer): 101 @@ -1194,7 +1195,7 @@ class TLSConnection(TLSRecordLayer):
102 for result in self._serverFinished(premasterSecret, 102 for result in self._serverFinished(premasterSecret,
103 clientHello.random, serverHello.random, 103 clientHello.random, serverHello.random,
104 cipherSuite, settings.cipherImplementations, 104 cipherSuite, settings.cipherImplementations,
105 - nextProtos): 105 - nextProtos):
106 + nextProtos, clientHello.channel_id): 106 + nextProtos, clientHello.channel_id):
107 if result in (0,1): yield result 107 if result in (0,1): yield result
108 else: break 108 else: break
109 masterSecret = result 109 masterSecret = result
110 @@ -1609,7 +1610,8 @@ class TLSConnection(TLSRecordLayer): 110 @@ -1614,7 +1615,8 @@ class TLSConnection(TLSRecordLayer):
111 111
112 112
113 def _serverFinished(self, premasterSecret, clientRandom, serverRandom, 113 def _serverFinished(self, premasterSecret, clientRandom, serverRandom,
114 - cipherSuite, cipherImplementations, nextProtos): 114 - cipherSuite, cipherImplementations, nextProtos):
115 + cipherSuite, cipherImplementations, nextProtos, 115 + cipherSuite, cipherImplementations, nextProtos,
116 + doingChannelID): 116 + doingChannelID):
117 masterSecret = calcMasterSecret(self.version, premasterSecret, 117 masterSecret = calcMasterSecret(self.version, premasterSecret,
118 clientRandom, serverRandom) 118 clientRandom, serverRandom)
119 119
120 @@ -1620,7 +1622,8 @@ class TLSConnection(TLSRecordLayer): 120 @@ -1625,7 +1627,8 @@ class TLSConnection(TLSRecordLayer):
121 121
122 #Exchange ChangeCipherSpec and Finished messages 122 #Exchange ChangeCipherSpec and Finished messages
123 for result in self._getFinished(masterSecret, 123 for result in self._getFinished(masterSecret,
124 - expect_next_protocol=nextProtos is not None): 124 - expect_next_protocol=nextProtos is not None):
125 + expect_next_protocol=nextProtos is not None, 125 + expect_next_protocol=nextProtos is not None,
126 + expect_channel_id=doingChannelID): 126 + expect_channel_id=doingChannelID):
127 yield result 127 yield result
128 128
129 for result in self._sendFinished(masterSecret): 129 for result in self._sendFinished(masterSecret):
130 @@ -1657,7 +1660,8 @@ class TLSConnection(TLSRecordLayer): 130 @@ -1662,7 +1665,8 @@ class TLSConnection(TLSRecordLayer):
131 for result in self._sendMsg(finished): 131 for result in self._sendMsg(finished):
132 yield result 132 yield result
133 133
134 - def _getFinished(self, masterSecret, expect_next_protocol=False, nextProto= None): 134 - def _getFinished(self, masterSecret, expect_next_protocol=False, nextProto= None):
135 + def _getFinished(self, masterSecret, expect_next_protocol=False, nextProto= None, 135 + def _getFinished(self, masterSecret, expect_next_protocol=False, nextProto= None,
136 + expect_channel_id=False): 136 + expect_channel_id=False):
137 #Get and check ChangeCipherSpec 137 #Get and check ChangeCipherSpec
138 for result in self._getMsg(ContentType.change_cipher_spec): 138 for result in self._getMsg(ContentType.change_cipher_spec):
139 if result in (0,1): 139 if result in (0,1):
140 @@ -1690,6 +1694,20 @@ class TLSConnection(TLSRecordLayer): 140 @@ -1695,6 +1699,20 @@ class TLSConnection(TLSRecordLayer):
141 if nextProto: 141 if nextProto:
142 self.next_proto = nextProto 142 self.next_proto = nextProto
143 143
144 + #Server Finish - Are we waiting for a EncryptedExtensions? 144 + #Server Finish - Are we waiting for a EncryptedExtensions?
145 + if expect_channel_id: 145 + if expect_channel_id:
146 + for result in self._getMsg(ContentType.handshake, HandshakeType.enc rypted_extensions): 146 + for result in self._getMsg(ContentType.handshake, HandshakeType.enc rypted_extensions):
147 + if result in (0,1): 147 + if result in (0,1):
148 + yield result 148 + yield result
149 + if result is None: 149 + if result is None:
150 + for result in self._sendError(AlertDescription.unexpected_messa ge, 150 + for result in self._sendError(AlertDescription.unexpected_messa ge,
151 + "Didn't get EncryptedExtensions me ssage"): 151 + "Didn't get EncryptedExtensions me ssage"):
152 + yield result 152 + yield result
153 + encrypted_extensions = result 153 + encrypted_extensions = result
154 + self.channel_id = result.channel_id_key 154 + self.channel_id = result.channel_id_key
155 + else: 155 + else:
156 + self.channel_id = None 156 + self.channel_id = None
157 + 157 +
158 #Calculate verification data 158 #Calculate verification data
159 verifyData = self._calcFinished(masterSecret, False) 159 verifyData = self._calcFinished(masterSecret, False)
160 160
161 diff --git a/third_party/tlslite/tlslite/tlsrecordlayer.py b/third_party/tlslite /tlslite/tlsrecordlayer.py 161 diff --git a/third_party/tlslite/tlslite/tlsrecordlayer.py b/third_party/tlslite /tlslite/tlsrecordlayer.py
162 index b0833fe..ff08cbf 100755 162 index 5fe7410..f18fcf5 100644
163 --- a/third_party/tlslite/tlslite/tlsrecordlayer.py 163 --- a/third_party/tlslite/tlslite/tlsrecordlayer.py
164 +++ b/third_party/tlslite/tlslite/tlsrecordlayer.py 164 +++ b/third_party/tlslite/tlslite/tlsrecordlayer.py
165 @@ -800,6 +800,8 @@ class TLSRecordLayer(object): 165 @@ -806,6 +806,8 @@ class TLSRecordLayer(object):
166 yield Finished(self.version).parse(p) 166 yield Finished(self.version).parse(p)
167 elif subType == HandshakeType.next_protocol: 167 elif subType == HandshakeType.next_protocol:
168 yield NextProtocol().parse(p) 168 yield NextProtocol().parse(p)
169 + elif subType == HandshakeType.encrypted_extensions: 169 + elif subType == HandshakeType.encrypted_extensions:
170 + yield EncryptedExtensions().parse(p) 170 + yield EncryptedExtensions().parse(p)
171 else: 171 else:
172 raise AssertionError() 172 raise AssertionError()
173 173
OLDNEW
« no previous file with comments | « third_party/tlslite/patches/certificate_request.patch ('k') | third_party/tlslite/patches/client_cipher_preferences.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698