OLD | NEW |
1 diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlsl
ite/constants.py | 1 diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlsl
ite/constants.py |
2 index 52c20ac..feca423 100644 | 2 index 1a1ace9..d2d50c5 100644 |
3 --- a/third_party/tlslite/tlslite/constants.py | 3 --- a/third_party/tlslite/tlslite/constants.py |
4 +++ b/third_party/tlslite/tlslite/constants.py | 4 +++ b/third_party/tlslite/tlslite/constants.py |
5 @@ -143,6 +143,10 @@ class CipherSuite: | 5 @@ -54,6 +54,20 @@ class ExtensionType: # RFC 6066 / 4366 |
| 6 tack = 0xF300 |
| 7 supports_npn = 13172 |
| 8 channel_id = 30032 |
| 9 + |
| 10 +class HashAlgorithm: |
| 11 + none = 0 |
| 12 + md5 = 1 |
| 13 + sha1 = 2 |
| 14 + sha224 = 3 |
| 15 + sha256 = 4 |
| 16 + sha384 = 5 |
| 17 + |
| 18 +class SignatureAlgorithm: |
| 19 + anonymous = 0 |
| 20 + rsa = 1 |
| 21 + dsa = 2 |
| 22 + ecdsa = 3 |
| 23 |
| 24 class NameType: |
| 25 host_name = 0 |
| 26 @@ -144,30 +158,42 @@ class CipherSuite: |
6 | 27 |
7 TLS_RSA_WITH_RC4_128_MD5 = 0x0004 | 28 TLS_RSA_WITH_RC4_128_MD5 = 0x0004 |
8 | 29 |
9 + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016 | 30 + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016 |
10 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 | 31 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 |
11 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 | 32 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 |
12 + | 33 + |
13 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 | 34 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 |
14 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A | 35 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A |
15 | 36 |
16 @@ -150,17 +154,20 @@ class CipherSuite: | 37 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C |
| 38 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D |
| 39 |
| 40 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067 |
| 41 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B |
| 42 + |
| 43 tripleDESSuites = [] |
17 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) | 44 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) |
18 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) | 45 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) |
19 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) | 46 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) |
20 + tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) | 47 + tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) |
21 | 48 |
22 aes128Suites = [] | 49 aes128Suites = [] |
23 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) | 50 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) |
24 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) | 51 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) |
25 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA) | 52 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA) |
26 + aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) | 53 + aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) |
27 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) | 54 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) |
| 55 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) |
| 56 + aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) |
28 | 57 |
29 aes256Suites = [] | 58 aes256Suites = [] |
30 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) | 59 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) |
31 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) | 60 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) |
32 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA) | 61 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA) |
| 62 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) |
33 + aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) | 63 + aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) |
34 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) | 64 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) |
| 65 + aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) |
35 | 66 |
36 rc4Suites = [] | 67 rc4Suites = [] |
37 @@ -178,6 +185,9 @@ class CipherSuite: | 68 rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA) |
| 69 @@ -184,12 +210,18 @@ class CipherSuite: |
38 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) | 70 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) |
39 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) | 71 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) |
40 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA) | 72 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA) |
41 + shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) | 73 + shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) |
42 + shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) | 74 + shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) |
43 + shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) | 75 + shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) |
44 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) | 76 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) |
45 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) | 77 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) |
46 | 78 |
47 @@ -188,6 +198,7 @@ class CipherSuite: | 79 sha256Suites = [] |
| 80 sha256Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) |
| 81 sha256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) |
| 82 + sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) |
| 83 + sha256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) |
| 84 + |
| 85 |
| 86 md5Suites = [] |
| 87 md5Suites.append(TLS_RSA_WITH_RC4_128_MD5) |
| 88 @@ -198,6 +230,7 @@ class CipherSuite: |
48 def _filterSuites(suites, settings): | 89 def _filterSuites(suites, settings): |
49 macNames = settings.macNames | 90 macNames = settings.macNames |
50 cipherNames = settings.cipherNames | 91 cipherNames = settings.cipherNames |
51 + keyExchangeNames = settings.keyExchangeNames | 92 + keyExchangeNames = settings.keyExchangeNames |
52 macSuites = [] | 93 macSuites = [] |
53 if "sha" in macNames: | 94 if "sha" in macNames: |
54 macSuites += CipherSuite.shaSuites | 95 macSuites += CipherSuite.shaSuites |
55 @@ -204,7 +215,20 @@ class CipherSuite: | 96 @@ -216,7 +249,20 @@ class CipherSuite: |
56 if "rc4" in cipherNames: | 97 if "rc4" in cipherNames: |
57 cipherSuites += CipherSuite.rc4Suites | 98 cipherSuites += CipherSuite.rc4Suites |
58 | 99 |
59 - return [s for s in suites if s in macSuites and s in cipherSuites] | 100 - return [s for s in suites if s in macSuites and s in cipherSuites] |
60 + keyExchangeSuites = [] | 101 + keyExchangeSuites = [] |
61 + if "rsa" in keyExchangeNames: | 102 + if "rsa" in keyExchangeNames: |
62 + keyExchangeSuites += CipherSuite.certSuites | 103 + keyExchangeSuites += CipherSuite.certSuites |
63 + if "dhe_rsa" in keyExchangeNames: | 104 + if "dhe_rsa" in keyExchangeNames: |
64 + keyExchangeSuites += CipherSuite.dheCertSuites | 105 + keyExchangeSuites += CipherSuite.dheCertSuites |
65 + if "srp_sha" in keyExchangeNames: | 106 + if "srp_sha" in keyExchangeNames: |
66 + keyExchangeSuites += CipherSuite.srpSuites | 107 + keyExchangeSuites += CipherSuite.srpSuites |
67 + if "srp_sha_rsa" in keyExchangeNames: | 108 + if "srp_sha_rsa" in keyExchangeNames: |
68 + keyExchangeSuites += CipherSuite.srpCertSuites | 109 + keyExchangeSuites += CipherSuite.srpCertSuites |
69 + if "dh_anon" in keyExchangeNames: | 110 + if "dh_anon" in keyExchangeNames: |
70 + keyExchangeSuites += CipherSuite.anonSuites | 111 + keyExchangeSuites += CipherSuite.anonSuites |
71 + | 112 + |
72 + return [s for s in suites if s in macSuites and | 113 + return [s for s in suites if s in macSuites and |
73 + s in cipherSuites and s in keyExchangeSuites] | 114 + s in cipherSuites and s in keyExchangeSuites] |
74 | 115 |
75 srpSuites = [] | 116 srpSuites = [] |
76 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) | 117 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) |
77 @@ -236,12 +260,22 @@ class CipherSuite: | 118 @@ -250,12 +296,24 @@ class CipherSuite: |
78 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) | 119 certSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) |
79 certSuites.append(TLS_RSA_WITH_RC4_128_SHA) | 120 certSuites.append(TLS_RSA_WITH_RC4_128_SHA) |
80 certSuites.append(TLS_RSA_WITH_RC4_128_MD5) | 121 certSuites.append(TLS_RSA_WITH_RC4_128_MD5) |
81 - certAllSuites = srpCertSuites + certSuites | 122 - certAllSuites = srpCertSuites + certSuites |
82 | 123 |
83 @staticmethod | 124 @staticmethod |
84 def getCertSuites(settings): | 125 def getCertSuites(settings): |
85 return CipherSuite._filterSuites(CipherSuite.certSuites, settings) | 126 return CipherSuite._filterSuites(CipherSuite.certSuites, settings) |
86 | 127 |
87 + dheCertSuites = [] | 128 + dheCertSuites = [] |
| 129 + dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) |
| 130 + dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) |
| 131 + dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) |
| 132 + dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) |
88 + dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) | 133 + dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) |
89 + dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) | |
90 + dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) | |
91 + | 134 + |
92 + @staticmethod | 135 + @staticmethod |
93 + def getDheCertSuites(settings): | 136 + def getDheCertSuites(settings): |
94 + return CipherSuite._filterSuites(CipherSuite.dheCertSuites, settings) | 137 + return CipherSuite._filterSuites(CipherSuite.dheCertSuites, settings) |
95 + | 138 + |
96 + certAllSuites = srpCertSuites + certSuites + dheCertSuites | 139 + certAllSuites = srpCertSuites + certSuites + dheCertSuites |
97 + | 140 + |
98 anonSuites = [] | 141 anonSuites = [] |
| 142 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) |
99 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) | 143 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) |
100 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) | 144 @@ -264,6 +322,8 @@ class CipherSuite: |
101 @@ -250,6 +284,8 @@ class CipherSuite: | |
102 def getAnonSuites(settings): | 145 def getAnonSuites(settings): |
103 return CipherSuite._filterSuites(CipherSuite.anonSuites, settings) | 146 return CipherSuite._filterSuites(CipherSuite.anonSuites, settings) |
104 | 147 |
105 + dhAllSuites = dheCertSuites + anonSuites | 148 + dhAllSuites = dheCertSuites + anonSuites |
106 + | 149 + |
107 @staticmethod | 150 @staticmethod |
108 def canonicalCipherName(ciphersuite): | 151 def canonicalCipherName(ciphersuite): |
109 "Return the canonical name of the cipher whose number is provided." | 152 "Return the canonical name of the cipher whose number is provided." |
110 diff --git a/third_party/tlslite/tlslite/handshakesettings.py b/third_party/tlsl
ite/tlslite/handshakesettings.py | 153 diff --git a/third_party/tlslite/tlslite/handshakesettings.py b/third_party/tlsl
ite/tlslite/handshakesettings.py |
111 index 7a38ee2..e0bc0e6 100644 | 154 index ee37c30..7998e2e 100644 |
112 --- a/third_party/tlslite/tlslite/handshakesettings.py | 155 --- a/third_party/tlslite/tlslite/handshakesettings.py |
113 +++ b/third_party/tlslite/tlslite/handshakesettings.py | 156 +++ b/third_party/tlslite/tlslite/handshakesettings.py |
114 @@ -13,7 +13,9 @@ from .utils import cipherfactory | 157 @@ -14,7 +14,9 @@ from .utils import cipherfactory |
115 # RC4 is preferred as faster in Python, works in SSL3, and immune to CBC | 158 # RC4 is preferred as faster in Python, works in SSL3, and immune to CBC |
116 # issues such as timing attacks | 159 # issues such as timing attacks |
117 CIPHER_NAMES = ["rc4", "aes256", "aes128", "3des"] | 160 CIPHER_NAMES = ["rc4", "aes256", "aes128", "3des"] |
118 -MAC_NAMES = ["sha"] # "md5" is allowed | 161 -MAC_NAMES = ["sha", "sha256"] # "md5" is allowed |
119 +MAC_NAMES = ["sha"] # Don't allow "md5" by default. | 162 +MAC_NAMES = ["sha", "sha256"] # Don't allow "md5" by default. |
120 +ALL_MAC_NAMES = ["sha", "md5"] | 163 +ALL_MAC_NAMES = ["sha", "sha256", "md5"] |
121 +KEY_EXCHANGE_NAMES = ["rsa", "dhe_rsa", "srp_sha", "srp_sha_rsa", "dh_anon"] | 164 +KEY_EXCHANGE_NAMES = ["rsa", "dhe_rsa", "srp_sha", "srp_sha_rsa", "dh_anon"] |
122 CIPHER_IMPLEMENTATIONS = ["openssl", "pycrypto", "python"] | 165 CIPHER_IMPLEMENTATIONS = ["openssl", "pycrypto", "python"] |
123 CERTIFICATE_TYPES = ["x509"] | 166 CERTIFICATE_TYPES = ["x509"] |
124 | 167 |
125 @@ -102,6 +104,7 @@ class HandshakeSettings(object): | 168 @@ -101,6 +103,7 @@ class HandshakeSettings(object): |
126 self.maxKeySize = 8193 | 169 self.maxKeySize = 8193 |
127 self.cipherNames = CIPHER_NAMES | 170 self.cipherNames = CIPHER_NAMES |
128 self.macNames = MAC_NAMES | 171 self.macNames = MAC_NAMES |
129 + self.keyExchangeNames = KEY_EXCHANGE_NAMES | 172 + self.keyExchangeNames = KEY_EXCHANGE_NAMES |
130 self.cipherImplementations = CIPHER_IMPLEMENTATIONS | 173 self.cipherImplementations = CIPHER_IMPLEMENTATIONS |
131 self.certificateTypes = CERTIFICATE_TYPES | 174 self.certificateTypes = CERTIFICATE_TYPES |
132 self.minVersion = (3,0) | 175 self.minVersion = (3,1) |
133 @@ -116,6 +119,7 @@ class HandshakeSettings(object): | 176 @@ -115,6 +118,7 @@ class HandshakeSettings(object): |
134 other.maxKeySize = self.maxKeySize | 177 other.maxKeySize = self.maxKeySize |
135 other.cipherNames = self.cipherNames | 178 other.cipherNames = self.cipherNames |
136 other.macNames = self.macNames | 179 other.macNames = self.macNames |
137 + other.keyExchangeNames = self.keyExchangeNames | 180 + other.keyExchangeNames = self.keyExchangeNames |
138 other.cipherImplementations = self.cipherImplementations | 181 other.cipherImplementations = self.cipherImplementations |
139 other.certificateTypes = self.certificateTypes | 182 other.certificateTypes = self.certificateTypes |
140 other.minVersion = self.minVersion | 183 other.minVersion = self.minVersion |
141 @@ -148,6 +152,12 @@ class HandshakeSettings(object): | 184 @@ -147,6 +151,12 @@ class HandshakeSettings(object): |
142 for s in other.cipherNames: | 185 for s in other.cipherNames: |
143 if s not in CIPHER_NAMES: | 186 if s not in CIPHER_NAMES: |
144 raise ValueError("Unknown cipher name: '%s'" % s) | 187 raise ValueError("Unknown cipher name: '%s'" % s) |
145 + for s in other.macNames: | 188 + for s in other.macNames: |
146 + if s not in ALL_MAC_NAMES: | 189 + if s not in ALL_MAC_NAMES: |
147 + raise ValueError("Unknown MAC name: '%s'" % s) | 190 + raise ValueError("Unknown MAC name: '%s'" % s) |
148 + for s in other.keyExchangeNames: | 191 + for s in other.keyExchangeNames: |
149 + if s not in KEY_EXCHANGE_NAMES: | 192 + if s not in KEY_EXCHANGE_NAMES: |
150 + raise ValueError("Unknown key exchange name: '%s'" % s) | 193 + raise ValueError("Unknown key exchange name: '%s'" % s) |
151 for s in other.cipherImplementations: | 194 for s in other.cipherImplementations: |
152 if s not in CIPHER_IMPLEMENTATIONS: | 195 if s not in CIPHER_IMPLEMENTATIONS: |
153 raise ValueError("Unknown cipher implementation: '%s'" % s) | 196 raise ValueError("Unknown cipher implementation: '%s'" % s) |
154 diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlsli
te/messages.py | 197 diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlsli
te/messages.py |
155 index 532d86b..550b387 100644 | 198 index 9a8e5f6..8b77ee6 100644 |
156 --- a/third_party/tlslite/tlslite/messages.py | 199 --- a/third_party/tlslite/tlslite/messages.py |
157 +++ b/third_party/tlslite/tlslite/messages.py | 200 +++ b/third_party/tlslite/tlslite/messages.py |
158 @@ -533,31 +533,31 @@ class ServerKeyExchange(HandshakeMsg): | 201 @@ -500,9 +500,10 @@ class CertificateRequest(HandshakeMsg): |
| 202 return self.postWrite(w) |
| 203 |
| 204 class ServerKeyExchange(HandshakeMsg): |
| 205 - def __init__(self, cipherSuite): |
| 206 + def __init__(self, cipherSuite, version): |
| 207 HandshakeMsg.__init__(self, HandshakeType.server_key_exchange) |
| 208 self.cipherSuite = cipherSuite |
| 209 + self.version = version |
| 210 self.srp_N = 0 |
| 211 self.srp_g = 0 |
| 212 self.srp_s = bytearray(0) |
| 213 @@ -542,31 +543,38 @@ class ServerKeyExchange(HandshakeMsg): |
159 p.stopLengthCheck() | 214 p.stopLengthCheck() |
160 return self | 215 return self |
161 | 216 |
162 - def write(self): | 217 - def write(self): |
163 + def write_params(self): | 218 + def write_params(self): |
164 w = Writer() | 219 w = Writer() |
165 if self.cipherSuite in CipherSuite.srpAllSuites: | 220 if self.cipherSuite in CipherSuite.srpAllSuites: |
166 w.addVarSeq(numberToByteArray(self.srp_N), 1, 2) | 221 w.addVarSeq(numberToByteArray(self.srp_N), 1, 2) |
167 w.addVarSeq(numberToByteArray(self.srp_g), 1, 2) | 222 w.addVarSeq(numberToByteArray(self.srp_g), 1, 2) |
168 w.addVarSeq(self.srp_s, 1, 1) | 223 w.addVarSeq(self.srp_s, 1, 1) |
169 w.addVarSeq(numberToByteArray(self.srp_B), 1, 2) | 224 w.addVarSeq(numberToByteArray(self.srp_B), 1, 2) |
170 - if self.cipherSuite in CipherSuite.srpCertSuites: | 225 - if self.cipherSuite in CipherSuite.srpCertSuites: |
171 - w.addVarSeq(self.signature, 1, 2) | 226 - w.addVarSeq(self.signature, 1, 2) |
172 - elif self.cipherSuite in CipherSuite.anonSuites: | 227 - elif self.cipherSuite in CipherSuite.anonSuites: |
173 + elif self.cipherSuite in CipherSuite.dhAllSuites: | 228 + elif self.cipherSuite in CipherSuite.dhAllSuites: |
174 w.addVarSeq(numberToByteArray(self.dh_p), 1, 2) | 229 w.addVarSeq(numberToByteArray(self.dh_p), 1, 2) |
175 w.addVarSeq(numberToByteArray(self.dh_g), 1, 2) | 230 w.addVarSeq(numberToByteArray(self.dh_g), 1, 2) |
176 w.addVarSeq(numberToByteArray(self.dh_Ys), 1, 2) | 231 w.addVarSeq(numberToByteArray(self.dh_Ys), 1, 2) |
177 - if self.cipherSuite in []: # TODO support for signed_params | 232 - if self.cipherSuite in []: # TODO support for signed_params |
178 - w.addVarSeq(self.signature, 1, 2) | 233 - w.addVarSeq(self.signature, 1, 2) |
179 + else: | 234 + else: |
180 + assert(False) | 235 + assert(False) |
181 + return w.bytes | 236 + return w.bytes |
182 + | 237 + |
183 + def write(self): | 238 + def write(self): |
184 + w = Writer() | 239 + w = Writer() |
185 + w.bytes += self.write_params() | 240 + w.bytes += self.write_params() |
186 + if self.cipherSuite in CipherSuite.certAllSuites: | 241 + if self.cipherSuite in CipherSuite.certAllSuites: |
| 242 + if self.version >= (3,3): |
| 243 + # TODO: Signature algorithm negotiation not supported. |
| 244 + w.add(HashAlgorithm.sha1, 1) |
| 245 + w.add(SignatureAlgorithm.rsa, 1) |
187 + w.addVarSeq(self.signature, 1, 2) | 246 + w.addVarSeq(self.signature, 1, 2) |
188 return self.postWrite(w) | 247 return self.postWrite(w) |
189 | 248 |
190 def hash(self, clientRandom, serverRandom): | 249 def hash(self, clientRandom, serverRandom): |
191 - oldCipherSuite = self.cipherSuite | 250 - oldCipherSuite = self.cipherSuite |
192 - self.cipherSuite = None | 251 - self.cipherSuite = None |
193 - try: | 252 - try: |
194 - bytes = clientRandom + serverRandom + self.write()[4:] | 253 - bytes = clientRandom + serverRandom + self.write()[4:] |
195 - return MD5(bytes) + SHA1(bytes) | 254 - return MD5(bytes) + SHA1(bytes) |
196 - finally: | 255 - finally: |
197 - self.cipherSuite = oldCipherSuite | 256 - self.cipherSuite = oldCipherSuite |
198 + bytes = clientRandom + serverRandom + self.write_params() | 257 + bytes = clientRandom + serverRandom + self.write_params() |
| 258 + if self.version >= (3,3): |
| 259 + # TODO: Signature algorithm negotiation not supported. |
| 260 + return SHA1(bytes) |
199 + return MD5(bytes) + SHA1(bytes) | 261 + return MD5(bytes) + SHA1(bytes) |
200 | 262 |
201 class ServerHelloDone(HandshakeMsg): | 263 class ServerHelloDone(HandshakeMsg): |
202 def __init__(self): | 264 def __init__(self): |
203 @@ -607,7 +607,7 @@ class ClientKeyExchange(HandshakeMsg): | 265 @@ -616,7 +624,7 @@ class ClientKeyExchange(HandshakeMsg): |
204 p.getFixBytes(len(p.bytes)-p.index) | 266 p.getFixBytes(len(p.bytes)-p.index) |
205 else: | 267 else: |
206 raise AssertionError() | 268 raise AssertionError() |
207 - elif self.cipherSuite in CipherSuite.anonSuites: | 269 - elif self.cipherSuite in CipherSuite.anonSuites: |
208 + elif self.cipherSuite in CipherSuite.dhAllSuites: | 270 + elif self.cipherSuite in CipherSuite.dhAllSuites: |
209 self.dh_Yc = bytesToNumber(p.getVarBytes(2)) | 271 self.dh_Yc = bytesToNumber(p.getVarBytes(2)) |
210 else: | 272 else: |
211 raise AssertionError() | 273 raise AssertionError() |
212 diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/
tlslite/tlsconnection.py | 274 diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/
tlslite/tlsconnection.py |
213 index 20cd85b..e6f7820 100644 | 275 index 5d508ed..f6d13d4 100644 |
214 --- a/third_party/tlslite/tlslite/tlsconnection.py | 276 --- a/third_party/tlslite/tlslite/tlsconnection.py |
215 +++ b/third_party/tlslite/tlslite/tlsconnection.py | 277 +++ b/third_party/tlslite/tlslite/tlsconnection.py |
216 @@ -23,6 +23,103 @@ from .mathtls import * | 278 @@ -23,7 +23,109 @@ from .messages import * |
| 279 from .mathtls import * |
217 from .handshakesettings import HandshakeSettings | 280 from .handshakesettings import HandshakeSettings |
218 from .utils.tackwrapper import * | 281 from .utils.tackwrapper import * |
| 282 +from .utils.rsakey import RSAKey |
219 | 283 |
220 +class KeyExchange(object): | 284 +class KeyExchange(object): |
221 + def __init__(self, cipherSuite, clientHello, serverHello, privateKey): | 285 + def __init__(self, cipherSuite, clientHello, serverHello, privateKey): |
222 + """ | 286 + """ |
223 + Initializes the KeyExchange. privateKey is the signing private key. | 287 + Initializes the KeyExchange. privateKey is the signing private key. |
224 + """ | 288 + """ |
225 + self.cipherSuite = cipherSuite | 289 + self.cipherSuite = cipherSuite |
226 + self.clientHello = clientHello | 290 + self.clientHello = clientHello |
227 + self.serverHello = serverHello | 291 + self.serverHello = serverHello |
228 + self.privateKey = privateKey | 292 + self.privateKey = privateKey |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
289 + | 353 + |
290 + # RFC 3526, Section 8. | 354 + # RFC 3526, Section 8. |
291 + strength = 160 | 355 + strength = 160 |
292 + | 356 + |
293 + def makeServerKeyExchange(self): | 357 + def makeServerKeyExchange(self): |
294 + # Per RFC 3526, Section 1, the exponent should have double the entropy | 358 + # Per RFC 3526, Section 1, the exponent should have double the entropy |
295 + # of the strength of the curve. | 359 + # of the strength of the curve. |
296 + self.dh_Xs = bytesToNumber(getRandomBytes(self.strength * 2 / 8)) | 360 + self.dh_Xs = bytesToNumber(getRandomBytes(self.strength * 2 / 8)) |
297 + dh_Ys = powMod(self.dh_g, self.dh_Xs, self.dh_p) | 361 + dh_Ys = powMod(self.dh_g, self.dh_Xs, self.dh_p) |
298 + | 362 + |
299 + serverKeyExchange = ServerKeyExchange(self.cipherSuite) | 363 + version = self.serverHello.server_version |
| 364 + serverKeyExchange = ServerKeyExchange(self.cipherSuite, version) |
300 + serverKeyExchange.createDH(self.dh_p, self.dh_g, dh_Ys) | 365 + serverKeyExchange.createDH(self.dh_p, self.dh_g, dh_Ys) |
301 + serverKeyExchange.signature = self.privateKey.sign( | 366 + hashBytes = serverKeyExchange.hash(self.clientHello.random, |
302 + serverKeyExchange.hash(self.clientHello.random, | 367 + self.serverHello.random) |
303 + self.serverHello.random)) | 368 + if version >= (3,3): |
| 369 + # TODO: Signature algorithm negotiation not supported. |
| 370 + hashBytes = RSAKey.addPKCS1SHA1Prefix(hashBytes) |
| 371 + serverKeyExchange.signature = self.privateKey.sign(hashBytes) |
304 + return serverKeyExchange | 372 + return serverKeyExchange |
305 + | 373 + |
306 + def processClientKeyExchange(self, clientKeyExchange): | 374 + def processClientKeyExchange(self, clientKeyExchange): |
307 + dh_Yc = clientKeyExchange.dh_Yc | 375 + dh_Yc = clientKeyExchange.dh_Yc |
308 + | 376 + |
309 + # First half of RFC 2631, Section 2.1.5. Validate the client's public | 377 + # First half of RFC 2631, Section 2.1.5. Validate the client's public |
310 + # key. | 378 + # key. |
311 + if not 2 <= dh_Yc <= self.dh_p - 1: | 379 + if not 2 <= dh_Yc <= self.dh_p - 1: |
312 + raise TLSLocalAlert(AlertDescription.illegal_parameter, | 380 + raise TLSLocalAlert(AlertDescription.illegal_parameter, |
313 + "Invalid dh_Yc value") | 381 + "Invalid dh_Yc value") |
314 + | 382 + |
315 + S = powMod(dh_Yc, self.dh_Xs, self.dh_p) | 383 + S = powMod(dh_Yc, self.dh_Xs, self.dh_p) |
316 + return numberToByteArray(S) | 384 + return numberToByteArray(S) |
317 | 385 |
318 class TLSConnection(TLSRecordLayer): | 386 class TLSConnection(TLSRecordLayer): |
319 """ | 387 """ |
320 @@ -500,6 +597,8 @@ class TLSConnection(TLSRecordLayer): | 388 @@ -500,6 +602,8 @@ class TLSConnection(TLSRecordLayer): |
| 389 if srpParams: |
321 cipherSuites += CipherSuite.getSrpAllSuites(settings) | 390 cipherSuites += CipherSuite.getSrpAllSuites(settings) |
322 elif certParams: | 391 elif certParams: |
323 cipherSuites += CipherSuite.getCertSuites(settings) | |
324 + # TODO: Client DHE_RSA not supported. | 392 + # TODO: Client DHE_RSA not supported. |
325 + # cipherSuites += CipherSuite.getDheCertSuites(settings) | 393 + # cipherSuites += CipherSuite.getDheCertSuites(settings) |
| 394 cipherSuites += CipherSuite.getCertSuites(settings) |
326 elif anonParams: | 395 elif anonParams: |
327 cipherSuites += CipherSuite.getAnonSuites(settings) | 396 cipherSuites += CipherSuite.getAnonSuites(settings) |
328 else: | 397 @@ -1207,10 +1311,23 @@ class TLSConnection(TLSRecordLayer): |
329 @@ -1204,10 +1303,23 @@ class TLSConnection(TLSRecordLayer): | |
330 else: break | 398 else: break |
331 premasterSecret = result | 399 premasterSecret = result |
332 | 400 |
333 - # Perform the RSA key exchange | 401 - # Perform the RSA key exchange |
334 - elif cipherSuite in CipherSuite.certSuites: | 402 - elif cipherSuite in CipherSuite.certSuites: |
335 + # Perform the RSA or DHE_RSA key exchange | 403 + # Perform the RSA or DHE_RSA key exchange |
336 + elif (cipherSuite in CipherSuite.certSuites or | 404 + elif (cipherSuite in CipherSuite.certSuites or |
337 + cipherSuite in CipherSuite.dheCertSuites): | 405 + cipherSuite in CipherSuite.dheCertSuites): |
338 + if cipherSuite in CipherSuite.certSuites: | 406 + if cipherSuite in CipherSuite.certSuites: |
339 + keyExchange = RSAKeyExchange(cipherSuite, | 407 + keyExchange = RSAKeyExchange(cipherSuite, |
340 + clientHello, | 408 + clientHello, |
341 + serverHello, | 409 + serverHello, |
342 + privateKey) | 410 + privateKey) |
343 + elif cipherSuite in CipherSuite.dheCertSuites: | 411 + elif cipherSuite in CipherSuite.dheCertSuites: |
344 + keyExchange = DHE_RSAKeyExchange(cipherSuite, | 412 + keyExchange = DHE_RSAKeyExchange(cipherSuite, |
345 + clientHello, | 413 + clientHello, |
346 + serverHello, | 414 + serverHello, |
347 + privateKey) | 415 + privateKey) |
348 + else: | 416 + else: |
349 + assert(False) | 417 + assert(False) |
350 for result in self._serverCertKeyExchange(clientHello, serverHello,
| 418 for result in self._serverCertKeyExchange(clientHello, serverHello,
|
351 - certChain, privateKey, | 419 - certChain, privateKey, |
352 + certChain, keyExchange, | 420 + certChain, keyExchange, |
353 reqCert, reqCAs, cipherSuite, | 421 reqCert, reqCAs, cipherSuite, |
354 settings, ocspResponse): | 422 settings, ocspResponse): |
355 if result in (0,1): yield result | 423 if result in (0,1): yield result |
356 @@ -1268,6 +1380,7 @@ class TLSConnection(TLSRecordLayer): | 424 @@ -1270,6 +1387,7 @@ class TLSConnection(TLSRecordLayer): |
| 425 CipherSuite.getSrpCertSuites(settings) |
357 cipherSuites += CipherSuite.getSrpSuites(settings) | 426 cipherSuites += CipherSuite.getSrpSuites(settings) |
358 elif certChain: | 427 elif certChain: |
| 428 + cipherSuites += CipherSuite.getDheCertSuites(settings) |
359 cipherSuites += CipherSuite.getCertSuites(settings) | 429 cipherSuites += CipherSuite.getCertSuites(settings) |
360 + cipherSuites += CipherSuite.getDheCertSuites(settings) | |
361 elif anon: | 430 elif anon: |
362 cipherSuites += CipherSuite.getAnonSuites(settings) | 431 cipherSuites += CipherSuite.getAnonSuites(settings) |
363 else: | 432 @@ -1440,7 +1558,7 @@ class TLSConnection(TLSRecordLayer): |
364 @@ -1483,11 +1596,11 @@ class TLSConnection(TLSRecordLayer): | 433 B = (powMod(g, b, N) + (k*v)) % N |
| 434 |
| 435 #Create ServerKeyExchange, signing it if necessary |
| 436 - serverKeyExchange = ServerKeyExchange(cipherSuite) |
| 437 + serverKeyExchange = ServerKeyExchange(cipherSuite, self.version) |
| 438 serverKeyExchange.createSRP(N, g, s, B) |
| 439 if cipherSuite in CipherSuite.srpCertSuites: |
| 440 hashBytes = serverKeyExchange.hash(clientHello.random, |
| 441 @@ -1488,11 +1606,11 @@ class TLSConnection(TLSRecordLayer): |
365 | 442 |
366 | 443 |
367 def _serverCertKeyExchange(self, clientHello, serverHello, | 444 def _serverCertKeyExchange(self, clientHello, serverHello, |
368 - serverCertChain, privateKey, | 445 - serverCertChain, privateKey, |
369 + serverCertChain, keyExchange, | 446 + serverCertChain, keyExchange, |
370 reqCert, reqCAs, cipherSuite, | 447 reqCert, reqCAs, cipherSuite, |
371 settings, ocspResponse): | 448 settings, ocspResponse): |
372 - #Send ServerHello, Certificate[, CertificateRequest], | 449 - #Send ServerHello, Certificate[, CertificateRequest], |
373 - #ServerHelloDone | 450 - #ServerHelloDone |
374 + #Send ServerHello, Certificate[, ServerKeyExchange] | 451 + #Send ServerHello, Certificate[, ServerKeyExchange] |
375 + #[, CertificateRequest], ServerHelloDone | 452 + #[, CertificateRequest], ServerHelloDone |
376 msgs = [] | 453 msgs = [] |
377 | 454 |
378 # If we verify a client cert chain, return it | 455 # If we verify a client cert chain, return it |
379 @@ -1497,6 +1610,9 @@ class TLSConnection(TLSRecordLayer): | 456 @@ -1502,6 +1620,9 @@ class TLSConnection(TLSRecordLayer): |
380 msgs.append(Certificate(CertificateType.x509).create(serverCertChain)) | 457 msgs.append(Certificate(CertificateType.x509).create(serverCertChain)) |
381 if serverHello.status_request: | 458 if serverHello.status_request: |
382 msgs.append(CertificateStatus().create(ocspResponse)) | 459 msgs.append(CertificateStatus().create(ocspResponse)) |
383 + serverKeyExchange = keyExchange.makeServerKeyExchange() | 460 + serverKeyExchange = keyExchange.makeServerKeyExchange() |
384 + if serverKeyExchange is not None: | 461 + if serverKeyExchange is not None: |
385 + msgs.append(serverKeyExchange) | 462 + msgs.append(serverKeyExchange) |
386 if reqCert and reqCAs: | 463 if reqCert and reqCAs: |
387 msgs.append(CertificateRequest().create(\ | 464 msgs.append(CertificateRequest().create(\ |
388 [ClientCertificateType.rsa_sign], reqCAs)) | 465 [ClientCertificateType.rsa_sign], reqCAs)) |
389 @@ -1555,21 +1671,13 @@ class TLSConnection(TLSRecordLayer): | 466 @@ -1560,21 +1681,13 @@ class TLSConnection(TLSRecordLayer): |
390 else: break | 467 else: break |
391 clientKeyExchange = result | 468 clientKeyExchange = result |
392 | 469 |
393 - #Decrypt ClientKeyExchange | 470 - #Decrypt ClientKeyExchange |
394 - premasterSecret = privateKey.decrypt(\ | 471 - premasterSecret = privateKey.decrypt(\ |
395 - clientKeyExchange.encryptedPreMasterSecret) | 472 - clientKeyExchange.encryptedPreMasterSecret) |
396 - | 473 - |
397 - # On decryption failure randomize premaster secret to avoid | 474 - # On decryption failure randomize premaster secret to avoid |
398 - # Bleichenbacher's "million message" attack | 475 - # Bleichenbacher's "million message" attack |
399 - randomPreMasterSecret = getRandomBytes(48) | 476 - randomPreMasterSecret = getRandomBytes(48) |
400 - versionCheck = (premasterSecret[0], premasterSecret[1]) | 477 - versionCheck = (premasterSecret[0], premasterSecret[1]) |
401 - if not premasterSecret: | 478 - if not premasterSecret: |
402 - premasterSecret = randomPreMasterSecret | 479 - premasterSecret = randomPreMasterSecret |
403 - elif len(premasterSecret)!=48: | 480 - elif len(premasterSecret)!=48: |
404 - premasterSecret = randomPreMasterSecret | 481 - premasterSecret = randomPreMasterSecret |
405 - elif versionCheck != clientHello.client_version: | 482 - elif versionCheck != clientHello.client_version: |
406 - if versionCheck != self.version: #Tolerate buggy IE clients | 483 - if versionCheck != self.version: #Tolerate buggy IE clients |
407 - premasterSecret = randomPreMasterSecret | 484 - premasterSecret = randomPreMasterSecret |
408 + #Process ClientKeyExchange | 485 + #Process ClientKeyExchange |
409 + try: | 486 + try: |
410 + premasterSecret = \ | 487 + premasterSecret = \ |
411 + keyExchange.processClientKeyExchange(clientKeyExchange) | 488 + keyExchange.processClientKeyExchange(clientKeyExchange) |
412 + except TLSLocalAlert, alert: | 489 + except TLSLocalAlert, alert: |
413 + for result in self._sendError(alert.description, alert.message): | 490 + for result in self._sendError(alert.description, alert.message): |
414 + yield result | 491 + yield result |
415 | 492 |
416 #Get and check CertificateVerify, if relevant | 493 #Get and check CertificateVerify, if relevant |
417 if clientCertChain: | 494 if clientCertChain: |
| 495 @@ -1622,7 +1735,7 @@ class TLSConnection(TLSRecordLayer): |
| 496 dh_Ys = powMod(dh_g, dh_Xs, dh_p) |
| 497 |
| 498 #Create ServerKeyExchange |
| 499 - serverKeyExchange = ServerKeyExchange(cipherSuite) |
| 500 + serverKeyExchange = ServerKeyExchange(cipherSuite, self.version) |
| 501 serverKeyExchange.createDH(dh_p, dh_g, dh_Ys) |
| 502 |
| 503 #Send ServerHello[, Certificate], ServerKeyExchange, |
| 504 diff --git a/third_party/tlslite/tlslite/tlsrecordlayer.py b/third_party/tlslite
/tlslite/tlsrecordlayer.py |
| 505 index 01ff3e9..6ef3895 100644 |
| 506 --- a/third_party/tlslite/tlslite/tlsrecordlayer.py |
| 507 +++ b/third_party/tlslite/tlslite/tlsrecordlayer.py |
| 508 @@ -796,7 +796,8 @@ class TLSRecordLayer(object): |
| 509 elif subType == HandshakeType.certificate_verify: |
| 510 yield CertificateVerify().parse(p) |
| 511 elif subType == HandshakeType.server_key_exchange: |
| 512 - yield ServerKeyExchange(constructorType).parse(p) |
| 513 + yield ServerKeyExchange(constructorType, |
| 514 + self.version).parse(p) |
| 515 elif subType == HandshakeType.server_hello_done: |
| 516 yield ServerHelloDone().parse(p) |
| 517 elif subType == HandshakeType.client_key_exchange: |
| 518 diff --git a/third_party/tlslite/tlslite/utils/rsakey.py b/third_party/tlslite/t
lslite/utils/rsakey.py |
| 519 index 3f2100e..fb022cc 100644 |
| 520 --- a/third_party/tlslite/tlslite/utils/rsakey.py |
| 521 +++ b/third_party/tlslite/tlslite/utils/rsakey.py |
| 522 @@ -60,7 +60,7 @@ class RSAKey(object): |
| 523 @return: A PKCS1-SHA1 signature on the passed-in data. |
| 524 """ |
| 525 hashBytes = SHA1(bytearray(bytes)) |
| 526 - prefixedHashBytes = self._addPKCS1SHA1Prefix(hashBytes) |
| 527 + prefixedHashBytes = self.addPKCS1SHA1Prefix(hashBytes) |
| 528 sigBytes = self.sign(prefixedHashBytes) |
| 529 return sigBytes |
| 530 |
| 531 @@ -81,8 +81,8 @@ class RSAKey(object): |
| 532 hashBytes = SHA1(bytearray(bytes)) |
| 533 |
| 534 # Try it with/without the embedded NULL |
| 535 - prefixedHashBytes1 = self._addPKCS1SHA1Prefix(hashBytes, False) |
| 536 - prefixedHashBytes2 = self._addPKCS1SHA1Prefix(hashBytes, True) |
| 537 + prefixedHashBytes1 = self.addPKCS1SHA1Prefix(hashBytes, False) |
| 538 + prefixedHashBytes2 = self.addPKCS1SHA1Prefix(hashBytes, True) |
| 539 result1 = self.verify(sigBytes, prefixedHashBytes1) |
| 540 result2 = self.verify(sigBytes, prefixedHashBytes2) |
| 541 return (result1 or result2) |
| 542 @@ -221,7 +221,8 @@ class RSAKey(object): |
| 543 # Helper Functions for RSA Keys |
| 544 # *************************************************************************
* |
| 545 |
| 546 - def _addPKCS1SHA1Prefix(self, bytes, withNULL=True): |
| 547 + @staticmethod |
| 548 + def addPKCS1SHA1Prefix(bytes, withNULL=True): |
| 549 # There is a long history of confusion over whether the SHA1 |
| 550 # algorithmIdentifier should be encoded with a NULL parameter or |
| 551 # with the parameter omitted. While the original intention was |
| 552 @@ -229,8 +230,7 @@ class RSAKey(object): |
| 553 # specifies the NULL should be included, and this behavior is also |
| 554 # mandated in recent versions of PKCS #1, and is what tlslite has |
| 555 # always implemented. Anyways, verification code should probably |
| 556 - # accept both. However, nothing uses this code yet, so this is |
| 557 - # all fairly moot. |
| 558 + # accept both. |
| 559 if not withNULL: |
| 560 prefixBytes = bytearray(\ |
| 561 [0x30,0x1f,0x30,0x07,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x04,0x14])
|
OLD | NEW |