OLD | NEW |
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Dave Baggett (Arcode Corporation) - MD5 support for MAC_SSL | 3 # Dave Baggett (Arcode Corporation) - MD5 support for MAC_SSL |
| 4 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
4 # | 5 # |
5 # See the LICENSE file for legal information regarding use of this file. | 6 # See the LICENSE file for legal information regarding use of this file. |
6 | 7 |
7 """Miscellaneous helper functions.""" | 8 """Miscellaneous helper functions.""" |
8 | 9 |
9 from .utils.compat import * | 10 from .utils.compat import * |
10 from .utils.cryptomath import * | 11 from .utils.cryptomath import * |
11 | 12 |
12 import hmac | 13 import hmac |
13 | 14 |
(...skipping 28 matching lines...) Expand all Loading... |
42 | 43 |
43 #Run the left half through P_MD5 and the right half through P_SHA1 | 44 #Run the left half through P_MD5 and the right half through P_SHA1 |
44 p_md5 = P_hash(HMAC_MD5, S1, label + seed, length) | 45 p_md5 = P_hash(HMAC_MD5, S1, label + seed, length) |
45 p_sha1 = P_hash(HMAC_SHA1, S2, label + seed, length) | 46 p_sha1 = P_hash(HMAC_SHA1, S2, label + seed, length) |
46 | 47 |
47 #XOR the output values and return the result | 48 #XOR the output values and return the result |
48 for x in range(length): | 49 for x in range(length): |
49 p_md5[x] ^= p_sha1[x] | 50 p_md5[x] ^= p_sha1[x] |
50 return p_md5 | 51 return p_md5 |
51 | 52 |
| 53 def PRF_1_2(secret, label, seed, length): |
| 54 return P_hash(HMAC_SHA256, secret, label + seed, length) |
52 | 55 |
53 def PRF_SSL(secret, seed, length): | 56 def PRF_SSL(secret, seed, length): |
54 bytes = bytearray(length) | 57 bytes = bytearray(length) |
55 index = 0 | 58 index = 0 |
56 for x in range(26): | 59 for x in range(26): |
57 A = bytearray([ord('A')+x] * (x+1)) # 'A', 'BB', 'CCC', etc.. | 60 A = bytearray([ord('A')+x] * (x+1)) # 'A', 'BB', 'CCC', etc.. |
58 input = secret + SHA1(A + secret + seed) | 61 input = secret + SHA1(A + secret + seed) |
59 output = MD5(input) | 62 output = MD5(input) |
60 for c in output: | 63 for c in output: |
61 if index >= length: | 64 if index >= length: |
62 return bytes | 65 return bytes |
63 bytes[index] = c | 66 bytes[index] = c |
64 index += 1 | 67 index += 1 |
65 return bytes | 68 return bytes |
66 | 69 |
67 def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom): | 70 def calcMasterSecret(version, premasterSecret, clientRandom, serverRandom): |
68 if version == (3,0): | 71 if version == (3,0): |
69 masterSecret = PRF_SSL(premasterSecret, | 72 masterSecret = PRF_SSL(premasterSecret, |
70 clientRandom + serverRandom, 48) | 73 clientRandom + serverRandom, 48) |
71 elif version in ((3,1), (3,2)): | 74 elif version in ((3,1), (3,2)): |
72 masterSecret = PRF(premasterSecret, b"master secret", | 75 masterSecret = PRF(premasterSecret, b"master secret", |
73 clientRandom + serverRandom, 48) | 76 clientRandom + serverRandom, 48) |
| 77 elif version == (3,3): |
| 78 masterSecret = PRF_1_2(premasterSecret, b"master secret", |
| 79 clientRandom + serverRandom, 48) |
74 else: | 80 else: |
75 raise AssertionError() | 81 raise AssertionError() |
76 return masterSecret | 82 return masterSecret |
77 | 83 |
78 | 84 |
79 def makeX(salt, username, password): | 85 def makeX(salt, username, password): |
80 if len(username)>=256: | 86 if len(username)>=256: |
81 raise ValueError("username too long") | 87 raise ValueError("username too long") |
82 if len(salt)>=256: | 88 if len(salt)>=256: |
83 raise ValueError("salt too long") | 89 raise ValueError("salt too long") |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
136 new.ihash = self.ihash.copy() | 142 new.ihash = self.ihash.copy() |
137 new.ohash = self.ohash.copy() | 143 new.ohash = self.ohash.copy() |
138 new.digestmod = self.digestmod | 144 new.digestmod = self.digestmod |
139 new.digest_size = self.digest_size | 145 new.digest_size = self.digest_size |
140 return new | 146 return new |
141 | 147 |
142 def digest(self): | 148 def digest(self): |
143 ohash2 = self.ohash.copy() | 149 ohash2 = self.ohash.copy() |
144 ohash2.update(self.ihash.digest()) | 150 ohash2.update(self.ihash.digest()) |
145 return bytearray(ohash2.digest()) | 151 return bytearray(ohash2.digest()) |
OLD | NEW |