| OLD | NEW |
|---|
| 1 # Authors: | 1 # Authors: |
| 2 # Trevor Perrin | 2 # Trevor Perrin |
| 3 # Google - defining ClientCertificateType | 3 # Google - defining ClientCertificateType |
| 4 # Google (adapted by Sam Rushing) - NPN support | 4 # Google (adapted by Sam Rushing) - NPN support |
| 5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
| 6 # Dave Baggett (Arcode Corporation) - canonicalCipherName | 6 # Dave Baggett (Arcode Corporation) - canonicalCipherName |
| 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
| 7 # | 8 # |
| 8 # See the LICENSE file for legal information regarding use of this file. | 9 # See the LICENSE file for legal information regarding use of this file. |
| 9 | 10 |
| 10 """Constants used in various places.""" | 11 """Constants used in various places.""" |
| 11 | 12 |
| 12 class CertificateType: | 13 class CertificateType: |
| 13 x509 = 0 | 14 x509 = 0 |
| 14 openpgp = 1 | 15 openpgp = 1 |
| 15 | 16 |
| 16 class ClientCertificateType: | 17 class ClientCertificateType: |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 50 | 51 |
| 51 class ExtensionType: # RFC 6066 / 4366 | 52 class ExtensionType: # RFC 6066 / 4366 |
| 52 server_name = 0 # RFC 6066 / 4366 | 53 server_name = 0 # RFC 6066 / 4366 |
| 53 status_request = 5 # RFC 6066 / 4366 | 54 status_request = 5 # RFC 6066 / 4366 |
| 54 srp = 12 # RFC 5054 | 55 srp = 12 # RFC 5054 |
| 55 cert_type = 9 # RFC 6091 | 56 cert_type = 9 # RFC 6091 |
| 56 signed_cert_timestamps = 18 # RFC 6962 | 57 signed_cert_timestamps = 18 # RFC 6962 |
| 57 tack = 0xF300 | 58 tack = 0xF300 |
| 58 supports_npn = 13172 | 59 supports_npn = 13172 |
| 59 channel_id = 30032 | 60 channel_id = 30032 |
| 61 |
| 62 class HashAlgorithm: |
| 63 none = 0 |
| 64 md5 = 1 |
| 65 sha1 = 2 |
| 66 sha224 = 3 |
| 67 sha256 = 4 |
| 68 sha384 = 5 |
| 69 |
| 70 class SignatureAlgorithm: |
| 71 anonymous = 0 |
| 72 rsa = 1 |
| 73 dsa = 2 |
| 74 ecdsa = 3 |
| 60 | 75 |
| 61 class NameType: | 76 class NameType: |
| 62 host_name = 0 | 77 host_name = 0 |
| 63 | 78 |
| 64 class AlertLevel: | 79 class AlertLevel: |
| 65 warning = 1 | 80 warning = 1 |
| 66 fatal = 2 | 81 fatal = 2 |
| 67 | 82 |
| 68 class AlertDescription: | 83 class AlertDescription: |
| 69 """ | 84 """ |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 121 unknown_psk_identity = 115 | 136 unknown_psk_identity = 115 |
| 122 | 137 |
| 123 | 138 |
| 124 class CipherSuite: | 139 class CipherSuite: |
| 125 # Weird pseudo-ciphersuite from RFC 5746 | 140 # Weird pseudo-ciphersuite from RFC 5746 |
| 126 # Signals that "secure renegotiation" is supported | 141 # Signals that "secure renegotiation" is supported |
| 127 # We actually don't do any renegotiation, but this | 142 # We actually don't do any renegotiation, but this |
| 128 # prevents renegotiation attacks | 143 # prevents renegotiation attacks |
| 129 TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF | 144 TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF |
| 130 | 145 |
| 131 # draft-bmoeller-tls-downgrade-scsv-01 | 146 # draft-ietf-tls-downgrade-scsv-03 |
| 132 TLS_FALLBACK_SCSV = 0x5600 | 147 TLS_FALLBACK_SCSV = 0x5600 |
| 133 | 148 |
| 134 TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A | 149 TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A |
| 135 TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D | 150 TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D |
| 136 TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020 | 151 TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020 |
| 137 | 152 |
| 138 TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B | 153 TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B |
| 139 TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E | 154 TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E |
| 140 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021 | 155 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021 |
| 141 | 156 |
| 142 | 157 |
| 143 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A | 158 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A |
| 144 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F | 159 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F |
| 145 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 | 160 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 |
| 146 TLS_RSA_WITH_RC4_128_SHA = 0x0005 | 161 TLS_RSA_WITH_RC4_128_SHA = 0x0005 |
| 147 | 162 |
| 148 TLS_RSA_WITH_RC4_128_MD5 = 0x0004 | 163 TLS_RSA_WITH_RC4_128_MD5 = 0x0004 |
| 149 | 164 |
| 150 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016 | 165 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016 |
| 151 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 | 166 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 |
| 152 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 | 167 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 |
| 153 | 168 |
| 154 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 | 169 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 |
| 155 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A | 170 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A |
| 156 | 171 |
| 172 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C |
| 173 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D |
| 174 |
| 175 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067 |
| 176 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B |
| 177 |
| 157 tripleDESSuites = [] | 178 tripleDESSuites = [] |
| 158 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) | 179 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) |
| 159 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) | 180 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) |
| 160 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) | 181 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) |
| 161 tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) | 182 tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) |
| 162 | 183 |
| 163 aes128Suites = [] | 184 aes128Suites = [] |
| 164 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) | 185 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) |
| 165 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) | 186 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) |
| 166 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA) | 187 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA) |
| 167 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) | 188 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) |
| 168 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) | 189 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) |
| 190 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) |
| 191 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) |
| 169 | 192 |
| 170 aes256Suites = [] | 193 aes256Suites = [] |
| 171 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) | 194 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) |
| 172 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) | 195 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) |
| 173 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA) | 196 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA) |
| 197 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) |
| 174 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) | 198 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) |
| 175 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) | 199 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) |
| 200 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) |
| 176 | 201 |
| 177 rc4Suites = [] | 202 rc4Suites = [] |
| 178 rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA) | 203 rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA) |
| 179 rc4Suites.append(TLS_RSA_WITH_RC4_128_MD5) | 204 rc4Suites.append(TLS_RSA_WITH_RC4_128_MD5) |
| 180 | 205 |
| 181 shaSuites = [] | 206 shaSuites = [] |
| 182 shaSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) | 207 shaSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) |
| 183 shaSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) | 208 shaSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) |
| 184 shaSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) | 209 shaSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) |
| 185 shaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) | 210 shaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) |
| 186 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) | 211 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) |
| 187 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) | 212 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) |
| 188 shaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) | 213 shaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) |
| 189 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) | 214 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) |
| 190 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) | 215 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) |
| 191 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA) | 216 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA) |
| 192 shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) | 217 shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) |
| 193 shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) | 218 shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) |
| 194 shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) | 219 shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) |
| 195 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) | 220 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) |
| 196 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) | 221 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) |
| 197 | 222 |
| 223 sha256Suites = [] |
| 224 sha256Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) |
| 225 sha256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) |
| 226 sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) |
| 227 sha256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) |
| 228 |
| 229 |
| 198 md5Suites = [] | 230 md5Suites = [] |
| 199 md5Suites.append(TLS_RSA_WITH_RC4_128_MD5) | 231 md5Suites.append(TLS_RSA_WITH_RC4_128_MD5) |
| 200 | 232 |
| 201 @staticmethod | 233 @staticmethod |
| 202 def _filterSuites(suites, settings): | 234 def _filterSuites(suites, settings): |
| 203 macNames = settings.macNames | 235 macNames = settings.macNames |
| 204 cipherNames = settings.cipherNames | 236 cipherNames = settings.cipherNames |
| 205 keyExchangeNames = settings.keyExchangeNames | 237 keyExchangeNames = settings.keyExchangeNames |
| 206 macSuites = [] | 238 macSuites = [] |
| 207 if "sha" in macNames: | 239 if "sha" in macNames: |
| 208 macSuites += CipherSuite.shaSuites | 240 macSuites += CipherSuite.shaSuites |
| 241 if "sha256" in macNames: |
| 242 macSuites += CipherSuite.sha256Suites |
| 209 if "md5" in macNames: | 243 if "md5" in macNames: |
| 210 macSuites += CipherSuite.md5Suites | 244 macSuites += CipherSuite.md5Suites |
| 211 | 245 |
| 212 cipherSuites = [] | 246 cipherSuites = [] |
| 213 if "aes128" in cipherNames: | 247 if "aes128" in cipherNames: |
| 214 cipherSuites += CipherSuite.aes128Suites | 248 cipherSuites += CipherSuite.aes128Suites |
| 215 if "aes256" in cipherNames: | 249 if "aes256" in cipherNames: |
| 216 cipherSuites += CipherSuite.aes256Suites | 250 cipherSuites += CipherSuite.aes256Suites |
| 217 if "3des" in cipherNames: | 251 if "3des" in cipherNames: |
| 218 cipherSuites += CipherSuite.tripleDESSuites | 252 cipherSuites += CipherSuite.tripleDESSuites |
| 219 if "rc4" in cipherNames: | 253 if "rc4" in cipherNames: |
| 220 cipherSuites += CipherSuite.rc4Suites | 254 cipherSuites += CipherSuite.rc4Suites |
| 221 | 255 |
| 222 keyExchangeSuites = [] | 256 keyExchangeSuites = [] |
| 223 if "rsa" in keyExchangeNames: | 257 if "rsa" in keyExchangeNames: |
| 224 keyExchangeSuites += CipherSuite.certSuites | 258 keyExchangeSuites += CipherSuite.certSuites |
| 225 if "dhe_rsa" in keyExchangeNames: | 259 if "dhe_rsa" in keyExchangeNames: |
| 226 keyExchangeSuites += CipherSuite.dheCertSuites | 260 keyExchangeSuites += CipherSuite.dheCertSuites |
| 227 if "srp_sha" in keyExchangeNames: | 261 if "srp_sha" in keyExchangeNames: |
| 228 keyExchangeSuites += CipherSuite.srpSuites | 262 keyExchangeSuites += CipherSuite.srpSuites |
| 229 if "srp_sha_rsa" in keyExchangeNames: | 263 if "srp_sha_rsa" in keyExchangeNames: |
| 230 keyExchangeSuites += CipherSuite.srpCertSuites | 264 keyExchangeSuites += CipherSuite.srpCertSuites |
| 231 if "dh_anon" in keyExchangeNames: | 265 if "dh_anon" in keyExchangeNames: |
| 232 keyExchangeSuites += CipherSuite.anonSuites | 266 keyExchangeSuites += CipherSuite.anonSuites |
| 233 | 267 |
| 234 return [s for s in suites if s in macSuites and | 268 return [s for s in suites if s in macSuites and |
| 235 s in cipherSuites and s in keyExchangeSuites] | 269 s in cipherSuites and s in keyExchangeSuites] |
| 236 | 270 |
| 237 srpSuites = [] | 271 srpSuites = [] |
| 272 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) |
| 273 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) |
| 238 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) | 274 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) |
| 239 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) | |
| 240 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) | |
| 241 | 275 |
| 242 @staticmethod | 276 @staticmethod |
| 243 def getSrpSuites(settings): | 277 def getSrpSuites(settings): |
| 244 return CipherSuite._filterSuites(CipherSuite.srpSuites, settings) | 278 return CipherSuite._filterSuites(CipherSuite.srpSuites, settings) |
| 245 | 279 |
| 246 srpCertSuites = [] | 280 srpCertSuites = [] |
| 281 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) |
| 282 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) |
| 247 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) | 283 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) |
| 248 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) | |
| 249 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) | |
| 250 | 284 |
| 251 @staticmethod | 285 @staticmethod |
| 252 def getSrpCertSuites(settings): | 286 def getSrpCertSuites(settings): |
| 253 return CipherSuite._filterSuites(CipherSuite.srpCertSuites, settings) | 287 return CipherSuite._filterSuites(CipherSuite.srpCertSuites, settings) |
| 254 | 288 |
| 255 srpAllSuites = srpCertSuites + srpSuites | 289 srpAllSuites = srpSuites + srpCertSuites |
| 256 | 290 |
| 257 @staticmethod | 291 @staticmethod |
| 258 def getSrpAllSuites(settings): | 292 def getSrpAllSuites(settings): |
| 259 return CipherSuite._filterSuites(CipherSuite.srpAllSuites, settings) | 293 return CipherSuite._filterSuites(CipherSuite.srpAllSuites, settings) |
| 260 | 294 |
| 261 certSuites = [] | 295 certSuites = [] |
| 296 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) |
| 297 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) |
| 298 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) |
| 299 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) |
| 262 certSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) | 300 certSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) |
| 263 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) | |
| 264 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) | |
| 265 certSuites.append(TLS_RSA_WITH_RC4_128_SHA) | 301 certSuites.append(TLS_RSA_WITH_RC4_128_SHA) |
| 266 certSuites.append(TLS_RSA_WITH_RC4_128_MD5) | 302 certSuites.append(TLS_RSA_WITH_RC4_128_MD5) |
| 267 | 303 |
| 268 @staticmethod | 304 @staticmethod |
| 269 def getCertSuites(settings): | 305 def getCertSuites(settings): |
| 270 return CipherSuite._filterSuites(CipherSuite.certSuites, settings) | 306 return CipherSuite._filterSuites(CipherSuite.certSuites, settings) |
| 271 | 307 |
| 272 dheCertSuites = [] | 308 dheCertSuites = [] |
| 309 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) |
| 310 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) |
| 311 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) |
| 312 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) |
| 273 dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) | 313 dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) |
| 274 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) | |
| 275 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) | |
| 276 | 314 |
| 277 @staticmethod | 315 @staticmethod |
| 278 def getDheCertSuites(settings): | 316 def getDheCertSuites(settings): |
| 279 return CipherSuite._filterSuites(CipherSuite.dheCertSuites, settings) | 317 return CipherSuite._filterSuites(CipherSuite.dheCertSuites, settings) |
| 280 | 318 |
| 281 certAllSuites = srpCertSuites + certSuites + dheCertSuites | 319 certAllSuites = srpCertSuites + certSuites + dheCertSuites |
| 282 | 320 |
| 283 anonSuites = [] | 321 anonSuites = [] |
| 322 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) |
| 284 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) | 323 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) |
| 285 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) | |
| 286 | 324 |
| 287 @staticmethod | 325 @staticmethod |
| 288 def getAnonSuites(settings): | 326 def getAnonSuites(settings): |
| 289 return CipherSuite._filterSuites(CipherSuite.anonSuites, settings) | 327 return CipherSuite._filterSuites(CipherSuite.anonSuites, settings) |
| 290 | 328 |
| 291 dhAllSuites = dheCertSuites + anonSuites | 329 dhAllSuites = dheCertSuites + anonSuites |
| 292 | 330 |
| 293 @staticmethod | 331 @staticmethod |
| 294 def canonicalCipherName(ciphersuite): | 332 def canonicalCipherName(ciphersuite): |
| 295 "Return the canonical name of the cipher whose number is provided." | 333 "Return the canonical name of the cipher whose number is provided." |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 356 badUsername: "bad username",\ | 394 badUsername: "bad username",\ |
| 357 badPassword: "bad password",\ | 395 badPassword: "bad password",\ |
| 358 badA: "bad A",\ | 396 badA: "bad A",\ |
| 359 badPremasterPadding: "bad premaster padding",\ | 397 badPremasterPadding: "bad premaster padding",\ |
| 360 shortPremasterSecret: "short premaster secret",\ | 398 shortPremasterSecret: "short premaster secret",\ |
| 361 badVerifyMessage: "bad verify message",\ | 399 badVerifyMessage: "bad verify message",\ |
| 362 badFinished: "bad finished message",\ | 400 badFinished: "bad finished message",\ |
| 363 badMAC: "bad MAC",\ | 401 badMAC: "bad MAC",\ |
| 364 badPadding: "bad padding" | 402 badPadding: "bad padding" |
| 365 } | 403 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 858373002:
Update third_party/tlslite to 0.4.8. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master