Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(476)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/tlslite/tlslite/constants.py

Issue 875683002: Implement AES-GCM in tlslite. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/tlslite/tests/tlstest.py ('k') | third_party/tlslite/tlslite/handshakesettings.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Authors: 1 # Authors:
2 # Trevor Perrin 2 # Trevor Perrin
3 # Google - defining ClientCertificateType 3 # Google - defining ClientCertificateType
4 # Google (adapted by Sam Rushing) - NPN support 4 # Google (adapted by Sam Rushing) - NPN support
5 # Dimitris Moraitis - Anon ciphersuites 5 # Dimitris Moraitis - Anon ciphersuites
6 # Dave Baggett (Arcode Corporation) - canonicalCipherName 6 # Dave Baggett (Arcode Corporation) - canonicalCipherName
7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
8 # 8 #
9 # See the LICENSE file for legal information regarding use of this file. 9 # See the LICENSE file for legal information regarding use of this file.
10 10
(...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after
168 168
169 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 169 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034
170 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A 170 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A
171 171
172 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C 172 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C
173 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D 173 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D
174 174
175 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067 175 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067
176 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B 176 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B
177 177
178 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C
179 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E
180
178 tripleDESSuites = [] 181 tripleDESSuites = []
179 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 182 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
180 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 183 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
181 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 184 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA)
182 tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 185 tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
183 186
184 aes128Suites = [] 187 aes128Suites = []
185 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 188 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA)
186 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 189 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA)
187 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 190 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA)
188 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 191 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
189 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 192 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
190 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 193 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256)
191 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 194 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256)
192 195
193 aes256Suites = [] 196 aes256Suites = []
194 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 197 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA)
195 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 198 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA)
196 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 199 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
197 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 200 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
198 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 201 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
199 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 202 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256)
200 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 203 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256)
201 204
205 aes128GcmSuites = []
206 aes128GcmSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256)
207 aes128GcmSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256)
208
202 rc4Suites = [] 209 rc4Suites = []
203 rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA) 210 rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA)
204 rc4Suites.append(TLS_RSA_WITH_RC4_128_MD5) 211 rc4Suites.append(TLS_RSA_WITH_RC4_128_MD5)
205 212
206 shaSuites = [] 213 shaSuites = []
207 shaSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 214 shaSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
208 shaSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 215 shaSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA)
209 shaSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 216 shaSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA)
210 shaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 217 shaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
211 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 218 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA)
212 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 219 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA)
213 shaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 220 shaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA)
214 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 221 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA)
215 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 222 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
216 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA) 223 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA)
217 shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 224 shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
218 shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 225 shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
219 shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 226 shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
220 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 227 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
221 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 228 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
222 229
223 sha256Suites = [] 230 sha256Suites = []
224 sha256Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 231 sha256Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256)
225 sha256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 232 sha256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256)
226 sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 233 sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256)
227 sha256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 234 sha256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256)
235 sha256Suites.append(TLS_RSA_WITH_AES_128_GCM_SHA256)
236 sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256)
237
238 aeadSuites = aes128GcmSuites
228 239
229 240
230 md5Suites = [] 241 md5Suites = []
231 md5Suites.append(TLS_RSA_WITH_RC4_128_MD5) 242 md5Suites.append(TLS_RSA_WITH_RC4_128_MD5)
232 243
233 @staticmethod 244 @staticmethod
234 def _filterSuites(suites, settings): 245 def _filterSuites(suites, settings, version=None):
246 if version is None:
247 version = settings.maxVersion
235 macNames = settings.macNames 248 macNames = settings.macNames
236 cipherNames = settings.cipherNames 249 cipherNames = settings.cipherNames
237 keyExchangeNames = settings.keyExchangeNames 250 keyExchangeNames = settings.keyExchangeNames
238 macSuites = [] 251 macSuites = []
239 if "sha" in macNames: 252 if "sha" in macNames:
240 macSuites += CipherSuite.shaSuites 253 macSuites += CipherSuite.shaSuites
241 if "sha256" in macNames: 254 if "sha256" in macNames and version >= (3,3):
242 macSuites += CipherSuite.sha256Suites 255 macSuites += CipherSuite.sha256Suites
243 if "md5" in macNames: 256 if "md5" in macNames:
244 macSuites += CipherSuite.md5Suites 257 macSuites += CipherSuite.md5Suites
258 if "aead" in macNames and version >= (3,3):
259 macSuites += CipherSuite.aeadSuites
245 260
246 cipherSuites = [] 261 cipherSuites = []
262 if "aes128gcm" in cipherNames and version >= (3,3):
263 cipherSuites += CipherSuite.aes128GcmSuites
247 if "aes128" in cipherNames: 264 if "aes128" in cipherNames:
248 cipherSuites += CipherSuite.aes128Suites 265 cipherSuites += CipherSuite.aes128Suites
249 if "aes256" in cipherNames: 266 if "aes256" in cipherNames:
250 cipherSuites += CipherSuite.aes256Suites 267 cipherSuites += CipherSuite.aes256Suites
251 if "3des" in cipherNames: 268 if "3des" in cipherNames:
252 cipherSuites += CipherSuite.tripleDESSuites 269 cipherSuites += CipherSuite.tripleDESSuites
253 if "rc4" in cipherNames: 270 if "rc4" in cipherNames:
254 cipherSuites += CipherSuite.rc4Suites 271 cipherSuites += CipherSuite.rc4Suites
255 272
256 keyExchangeSuites = [] 273 keyExchangeSuites = []
(...skipping 10 matching lines...) Expand all
267 284
268 return [s for s in suites if s in macSuites and 285 return [s for s in suites if s in macSuites and
269 s in cipherSuites and s in keyExchangeSuites] 286 s in cipherSuites and s in keyExchangeSuites]
270 287
271 srpSuites = [] 288 srpSuites = []
272 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 289 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA)
273 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 290 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA)
274 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 291 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
275 292
276 @staticmethod 293 @staticmethod
277 def getSrpSuites(settings): 294 def getSrpSuites(settings, version=None):
278 return CipherSuite._filterSuites(CipherSuite.srpSuites, settings) 295 return CipherSuite._filterSuites(CipherSuite.srpSuites, settings, versio n)
279 296
280 srpCertSuites = [] 297 srpCertSuites = []
281 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 298 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA)
282 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 299 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA)
283 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 300 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
284 301
285 @staticmethod 302 @staticmethod
286 def getSrpCertSuites(settings): 303 def getSrpCertSuites(settings, version=None):
287 return CipherSuite._filterSuites(CipherSuite.srpCertSuites, settings) 304 return CipherSuite._filterSuites(CipherSuite.srpCertSuites, settings, ve rsion)
288 305
289 srpAllSuites = srpSuites + srpCertSuites 306 srpAllSuites = srpSuites + srpCertSuites
290 307
291 @staticmethod 308 @staticmethod
292 def getSrpAllSuites(settings): 309 def getSrpAllSuites(settings, version=None):
293 return CipherSuite._filterSuites(CipherSuite.srpAllSuites, settings) 310 return CipherSuite._filterSuites(CipherSuite.srpAllSuites, settings, ver sion)
294 311
295 certSuites = [] 312 certSuites = []
313 certSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256)
296 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 314 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA256)
297 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 315 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA256)
298 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 316 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
299 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 317 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA)
300 certSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 318 certSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA)
301 certSuites.append(TLS_RSA_WITH_RC4_128_SHA) 319 certSuites.append(TLS_RSA_WITH_RC4_128_SHA)
302 certSuites.append(TLS_RSA_WITH_RC4_128_MD5) 320 certSuites.append(TLS_RSA_WITH_RC4_128_MD5)
303 321
304 @staticmethod 322 @staticmethod
305 def getCertSuites(settings): 323 def getCertSuites(settings, version=None):
306 return CipherSuite._filterSuites(CipherSuite.certSuites, settings) 324 return CipherSuite._filterSuites(CipherSuite.certSuites, settings, versi on)
307 325
308 dheCertSuites = [] 326 dheCertSuites = []
327 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256)
309 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 328 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256)
310 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 329 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256)
311 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 330 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
312 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 331 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
313 dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 332 dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
314 333
315 @staticmethod 334 @staticmethod
316 def getDheCertSuites(settings): 335 def getDheCertSuites(settings, version=None):
317 return CipherSuite._filterSuites(CipherSuite.dheCertSuites, settings) 336 return CipherSuite._filterSuites(CipherSuite.dheCertSuites, settings, ve rsion)
318 337
319 certAllSuites = srpCertSuites + certSuites + dheCertSuites 338 certAllSuites = srpCertSuites + certSuites + dheCertSuites
320 339
321 anonSuites = [] 340 anonSuites = []
322 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 341 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
323 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 342 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
324 343
325 @staticmethod 344 @staticmethod
326 def getAnonSuites(settings): 345 def getAnonSuites(settings, version=None):
327 return CipherSuite._filterSuites(CipherSuite.anonSuites, settings) 346 return CipherSuite._filterSuites(CipherSuite.anonSuites, settings, versi on)
328 347
329 dhAllSuites = dheCertSuites + anonSuites 348 dhAllSuites = dheCertSuites + anonSuites
330 349
331 @staticmethod 350 @staticmethod
332 def canonicalCipherName(ciphersuite): 351 def canonicalCipherName(ciphersuite):
333 "Return the canonical name of the cipher whose number is provided." 352 "Return the canonical name of the cipher whose number is provided."
334 if ciphersuite in CipherSuite.aes128Suites: 353 if ciphersuite in CipherSuite.aes128Suites:
335 return "aes128" 354 return "aes128"
336 elif ciphersuite in CipherSuite.aes256Suites: 355 elif ciphersuite in CipherSuite.aes256Suites:
337 return "aes256" 356 return "aes256"
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
394 badUsername: "bad username",\ 413 badUsername: "bad username",\
395 badPassword: "bad password",\ 414 badPassword: "bad password",\
396 badA: "bad A",\ 415 badA: "bad A",\
397 badPremasterPadding: "bad premaster padding",\ 416 badPremasterPadding: "bad premaster padding",\
398 shortPremasterSecret: "short premaster secret",\ 417 shortPremasterSecret: "short premaster secret",\
399 badVerifyMessage: "bad verify message",\ 418 badVerifyMessage: "bad verify message",\
400 badFinished: "bad finished message",\ 419 badFinished: "bad finished message",\
401 badMAC: "bad MAC",\ 420 badMAC: "bad MAC",\
402 badPadding: "bad padding" 421 badPadding: "bad padding"
403 } 422 }
OLDNEW
« no previous file with comments | « third_party/tlslite/tests/tlstest.py ('k') | third_party/tlslite/tlslite/handshakesettings.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698