Package tlslite :: Module constants
[hide private]
[frames] | no frames]

Source Code for Module tlslite.constants

  1  # Authors:  
  2  #   Trevor Perrin 
  3  #   Google - defining ClientCertificateType 
  4  #   Google (adapted by Sam Rushing) - NPN support 
  5  #   Dimitris Moraitis - Anon ciphersuites 
  6  #   Dave Baggett (Arcode Corporation) - canonicalCipherName 
  7  #   Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 
  8  # 
  9  # See the LICENSE file for legal information regarding use of this file. 
 10   
 11  """Constants used in various places.""" 
12 13 -class TLSEnum(object):
14 """Base class for different enums of TLS IDs""" 15 16 @classmethod
17 - def _recursiveVars(cls, klass):
18 """Call vars recursively on base classes""" 19 fields = dict() 20 for basecls in klass.__bases__: 21 fields.update(cls._recursiveVars(basecls)) 22 fields.update(dict(vars(klass))) 23 return fields
24 25 @classmethod
26 - def toRepr(cls, value, blacklist=None):
27 """ 28 Convert numeric type to string representation 29 30 name if found, None otherwise 31 """ 32 fields = cls._recursiveVars(cls) 33 if blacklist is None: 34 blacklist = [] 35 return next((key for key, val in fields.items() \ 36 if key not in ('__weakref__', '__dict__', '__doc__', 37 '__module__') and \ 38 key not in blacklist and \ 39 val == value), None)
40 41 @classmethod
42 - def toStr(cls, value, blacklist=None):
43 """Convert numeric type to human-readable string if possible""" 44 ret = cls.toRepr(value, blacklist) 45 if ret is not None: 46 return ret 47 else: 48 return '{0}'.format(value)
49
50 -class CertificateType:
51 x509 = 0 52 openpgp = 1
53
54 -class ClientCertificateType:
55 rsa_sign = 1 56 dss_sign = 2 57 rsa_fixed_dh = 3 58 dss_fixed_dh = 4
59
60 -class SSL2HandshakeType(TLSEnum):
61 """SSL2 Handshake Protocol message types""" 62 error = 0 63 client_hello = 1 64 client_master_key = 2 65 client_finished = 3 66 server_hello = 4 67 server_verify = 5 68 server_finished = 6 69 request_certificate = 7 70 client_certificate = 8
71
72 73 -class SSL2ErrorDescription(TLSEnum):
74 """SSL2 Handshake protocol error message descriptions""" 75 76 no_cipher = 0x0001 77 no_certificate = 0x0002 78 bad_certificate = 0x0004 79 unsupported_certificate_type = 0x0006
80
81 82 -class HandshakeType(TLSEnum):
83 """Message types in TLS Handshake protocol""" 84 85 hello_request = 0 86 client_hello = 1 87 server_hello = 2 88 certificate = 11 89 server_key_exchange = 12 90 certificate_request = 13 91 server_hello_done = 14 92 certificate_verify = 15 93 client_key_exchange = 16 94 finished = 20 95 next_protocol = 67
96
97 -class ContentType(TLSEnum):
98 """TLS record layer content types of payloads""" 99 100 change_cipher_spec = 20 101 alert = 21 102 handshake = 22 103 application_data = 23 104 all = (20, 21, 22, 23) 105 106 @classmethod
107 - def toRepr(cls, value, blacklist=None):
108 """Convert numeric type to name representation""" 109 if blacklist is None: 110 blacklist = [] 111 blacklist.append('all') 112 return super(ContentType, cls).toRepr(value, blacklist)
113
114 -class ExtensionType: # RFC 6066 / 4366
115 server_name = 0 # RFC 6066 / 4366 116 cert_type = 9 # RFC 6091 117 supported_groups = 10 # RFC 4492, RFC-ietf-tls-negotiated-ff-dhe-10 118 ec_point_formats = 11 # RFC 4492 119 srp = 12 # RFC 5054 120 signature_algorithms = 13 # RFC 5246 121 client_hello_padding = 21 # RFC 7685 122 encrypt_then_mac = 22 # RFC 7366 123 extended_master_secret = 23 # RFC 7627 124 tack = 0xF300 125 supports_npn = 13172 126 renegotiation_info = 0xff01 127
128 -class HashAlgorithm(TLSEnum):
129 """Hash algorithm IDs used in TLSv1.2""" 130 131 none = 0 132 md5 = 1 133 sha1 = 2 134 sha224 = 3 135 sha256 = 4 136 sha384 = 5 137 sha512 = 6
138
139 -class SignatureAlgorithm(TLSEnum):
140 """Signing algorithms used in TLSv1.2""" 141 142 anonymous = 0 143 rsa = 1 144 dsa = 2 145 ecdsa = 3
146
147 -class GroupName(TLSEnum):
148 """Name of groups supported for (EC)DH key exchange""" 149 150 # RFC4492 151 sect163k1 = 1 152 sect163r1 = 2 153 sect163r2 = 3 154 sect193r1 = 4 155 sect193r2 = 5 156 sect233k1 = 6 157 sect233r1 = 7 158 sect239k1 = 8 159 sect283k1 = 9 160 sect283r1 = 10 161 sect409k1 = 11 162 sect409r1 = 12 163 sect571k1 = 13 164 sect571r1 = 14 165 secp160k1 = 15 166 secp160r1 = 16 167 secp160r2 = 17 168 secp192k1 = 18 169 secp192r1 = 19 170 secp224k1 = 20 171 secp224r1 = 21 172 secp256k1 = 22 173 secp256r1 = 23 174 secp384r1 = 24 175 secp521r1 = 25 176 allEC = list(range(1, 26)) 177 178 # RFC7027 179 brainpoolP256r1 = 26 180 brainpoolP384r1 = 27 181 brainpoolP512r1 = 28 182 allEC.extend(list(range(26, 29))) 183 184 # RFC-ietf-tls-negotiated-ff-dhe-10 185 ffdhe2048 = 256 186 ffdhe3072 = 257 187 ffdhe4096 = 258 188 ffdhe6144 = 259 189 ffdhe8192 = 260 190 allFF = list(range(256, 261)) 191 192 all = allEC + allFF 193 194 @classmethod
195 - def toRepr(cls, value, blacklist=None):
196 """Convert numeric type to name representation""" 197 if blacklist is None: 198 blacklist = [] 199 blacklist += ['all', 'allEC', 'allFF'] 200 return super(GroupName, cls).toRepr(value, blacklist)
201
202 -class ECPointFormat(object):
203 204 """Names and ID's of supported EC point formats""" 205 206 uncompressed = 0 207 ansiX962_compressed_prime = 1 208 ansiX962_compressed_char2 = 2 209 210 all = [uncompressed, 211 ansiX962_compressed_prime, 212 ansiX962_compressed_char2]
213
214 -class ECCurveType(TLSEnum):
215 """Types of ECC curves supported in TLS from RFC4492""" 216 217 explicit_prime = 1 218 explicit_char2 = 2 219 named_curve = 3
220
221 -class NameType:
222 host_name = 0
223
224 -class AlertLevel(TLSEnum):
225 """Enumeration of TLS Alert protocol levels""" 226 227 warning = 1 228 fatal = 2
229
230 -class AlertDescription(TLSEnum):
231 """ 232 @cvar bad_record_mac: A TLS record failed to decrypt properly. 233 234 If this occurs during a SRP handshake it most likely 235 indicates a bad password. It may also indicate an implementation 236 error, or some tampering with the data in transit. 237 238 This alert will be signalled by the server if the SRP password is bad. It 239 may also be signalled by the server if the SRP username is unknown to the 240 server, but it doesn't wish to reveal that fact. 241 242 243 @cvar handshake_failure: A problem occurred while handshaking. 244 245 This typically indicates a lack of common ciphersuites between client and 246 server, or some other disagreement (about SRP parameters or key sizes, 247 for example). 248 249 @cvar protocol_version: The other party's SSL/TLS version was unacceptable. 250 251 This indicates that the client and server couldn't agree on which version 252 of SSL or TLS to use. 253 254 @cvar user_canceled: The handshake is being cancelled for some reason. 255 256 """ 257 258 close_notify = 0 259 unexpected_message = 10 260 bad_record_mac = 20 261 decryption_failed = 21 262 record_overflow = 22 263 decompression_failure = 30 264 handshake_failure = 40 265 no_certificate = 41 #SSLv3 266 bad_certificate = 42 267 unsupported_certificate = 43 268 certificate_revoked = 44 269 certificate_expired = 45 270 certificate_unknown = 46 271 illegal_parameter = 47 272 unknown_ca = 48 273 access_denied = 49 274 decode_error = 50 275 decrypt_error = 51 276 export_restriction = 60 277 protocol_version = 70 278 insufficient_security = 71 279 internal_error = 80 280 inappropriate_fallback = 86 281 user_canceled = 90 282 no_renegotiation = 100 283 unsupported_extension = 110 # RFC 5246 284 unrecognized_name = 112 # RFC 6066 285 unknown_psk_identity = 115
286
287 288 -class CipherSuite:
289 290 """ 291 Numeric values of ciphersuites and ciphersuite types 292 293 @cvar tripleDESSuites: ciphersuties which use 3DES symmetric cipher in CBC 294 mode 295 @cvar aes128Suites: ciphersuites which use AES symmetric cipher in CBC mode 296 with 128 bit key 297 @cvar aes256Suites: ciphersuites which use AES symmetric cipher in CBC mode 298 with 128 bit key 299 @cvar rc4Suites: ciphersuites which use RC4 symmetric cipher with 128 bit 300 key 301 @cvar shaSuites: ciphersuites which use SHA-1 HMAC integrity mechanism 302 and protocol default Pseudo Random Function 303 @cvar sha256Suites: ciphersuites which use SHA-256 HMAC integrity mechanism 304 and SHA-256 Pseudo Random Function 305 @cvar md5Suites: ciphersuites which use MD-5 HMAC integrity mechanism and 306 protocol default Pseudo Random Function 307 @cvar srpSuites: ciphersuites which use Secure Remote Password (SRP) key 308 exchange protocol 309 @cvar srpCertSuites: ciphersuites which use Secure Remote Password (SRP) 310 key exchange protocol with RSA server authentication 311 @cvar srpAllSuites: all SRP ciphersuites, pure SRP and with RSA based 312 server authentication 313 @cvar certSuites: ciphersuites which use RSA key exchange with RSA server 314 authentication 315 @cvar certAllSuites: ciphersuites which use RSA server authentication 316 @cvar anonSuites: ciphersuites which use anonymous Finite Field 317 Diffie-Hellman key exchange 318 @cvar ietfNames: dictionary with string names of the ciphersuites 319 """ 320 321 ietfNames = {} 322 323 # the ciphesuite names come from IETF, we want to keep them 324 #pylint: disable = invalid-name 325 326 # SSLv2 from draft-hickman-netscape-ssl-00.txt 327 SSL_CK_RC4_128_WITH_MD5 = 0x010080 328 ietfNames[0x010080] = 'SSL_CK_RC4_128_WITH_MD5' 329 SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x020080 330 ietfNames[0x020080] = 'SSL_CK_RC4_128_EXPORT40_WITH_MD5' 331 SSL_CK_RC2_128_CBC_WITH_MD5 = 0x030080 332 ietfNames[0x030080] = 'SSL_CK_RC2_128_CBC_WITH_MD5' 333 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x040080 334 ietfNames[0x040080] = 'SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5' 335 SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x050080 336 ietfNames[0x050080] = 'SSL_CK_IDEA_128_CBC_WITH_MD5' 337 SSL_CK_DES_64_CBC_WITH_MD5 = 0x060040 338 ietfNames[0x060040] = 'SSL_CK_DES_64_CBC_WITH_MD5' 339 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x0700C0 340 ietfNames[0x0700C0] = 'SSL_CK_DES_192_EDE3_CBC_WITH_MD5' 341 342 # SSL2 ciphersuites which use RC4 symmetric cipher 343 ssl2rc4 = [] 344 ssl2rc4.append(SSL_CK_RC4_128_WITH_MD5) 345 ssl2rc4.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 346 347 # SSL2 ciphersuites which use RC2 symmetric cipher 348 ssl2rc2 = [] 349 ssl2rc2.append(SSL_CK_RC2_128_CBC_WITH_MD5) 350 ssl2rc2.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 351 352 # SSL2 ciphersuites which use IDEA symmetric cipher 353 ssl2idea = [SSL_CK_IDEA_128_CBC_WITH_MD5] 354 355 # SSL2 ciphersuites which use (single) DES symmetric cipher 356 ssl2des = [SSL_CK_DES_64_CBC_WITH_MD5] 357 358 # SSL2 ciphersuites which use 3DES symmetric cipher 359 ssl2_3des = [SSL_CK_DES_192_EDE3_CBC_WITH_MD5] 360 361 # SSL2 ciphersuites which encrypt only part (40 bits) of the key 362 ssl2export = [] 363 ssl2export.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 364 ssl2export.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 365 366 # SSL2 ciphersuties which use 128 bit key 367 ssl2_128Key = [] 368 ssl2_128Key.append(SSL_CK_RC4_128_WITH_MD5) 369 ssl2_128Key.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 370 ssl2_128Key.append(SSL_CK_RC2_128_CBC_WITH_MD5) 371 ssl2_128Key.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 372 ssl2_128Key.append(SSL_CK_IDEA_128_CBC_WITH_MD5) 373 374 # SSL2 ciphersuites which use 64 bit key 375 ssl2_64Key = [SSL_CK_DES_64_CBC_WITH_MD5] 376 377 # SSL2 ciphersuites which use 192 bit key 378 ssl2_192Key = [SSL_CK_DES_192_EDE3_CBC_WITH_MD5] 379 380 # Weird pseudo-ciphersuite from RFC 5746 381 # Signals that "secure renegotiation" is supported 382 # We actually don't do any renegotiation, but this 383 # prevents renegotiation attacks 384 TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF 385 ietfNames[0x00FF] = 'TLS_EMPTY_RENEGOTIATION_INFO_SCSV' 386 387 # RFC 7507 - Fallback Signaling Cipher Suite Value for Preventing Protocol 388 # Downgrade Attacks 389 TLS_FALLBACK_SCSV = 0x5600 390 ietfNames[0x5600] = 'TLS_FALLBACK_SCSV' 391 392 # RFC 5054 - Secure Remote Password (SRP) Protocol for TLS Authentication 393 TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A 394 ietfNames[0xC01A] = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA' 395 TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D 396 ietfNames[0xC01D] = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA' 397 TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020 398 ietfNames[0xC020] = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA' 399 400 # RFC 5054 - Secure Remote Password (SRP) Protocol for TLS Authentication 401 TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B 402 ietfNames[0xC01B] = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA' 403 TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E 404 ietfNames[0xC01E] = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA' 405 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021 406 ietfNames[0xC021] = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA' 407 408 # RFC 5246 - TLS v1.2 Protocol 409 TLS_RSA_WITH_NULL_MD5 = 0x0001 410 ietfNames[0x0001] = 'TLS_RSA_WITH_NULL_MD5' 411 TLS_RSA_WITH_NULL_SHA = 0x0002 412 ietfNames[0x0002] = 'TLS_RSA_WITH_NULL_SHA' 413 TLS_RSA_WITH_NULL_SHA256 = 0x003B 414 ietfNames[0x003B] = 'TLS_RSA_WITH_NULL_SHA256' 415 416 # RFC 5246 - TLS v1.2 Protocol 417 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A 418 ietfNames[0x000A] = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA' 419 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F 420 ietfNames[0x002F] = 'TLS_RSA_WITH_AES_128_CBC_SHA' 421 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 422 ietfNames[0x0035] = 'TLS_RSA_WITH_AES_256_CBC_SHA' 423 TLS_RSA_WITH_RC4_128_SHA = 0x0005 424 ietfNames[0x0005] = 'TLS_RSA_WITH_RC4_128_SHA' 425 426 # RFC 5246 - TLS v1.2 Protocol 427 TLS_RSA_WITH_RC4_128_MD5 = 0x0004 428 ietfNames[0x0004] = 'TLS_RSA_WITH_RC4_128_MD5' 429 430 # RFC 5246 - TLS v1.2 Protocol 431 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016 432 ietfNames[0x0016] = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA' 433 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 434 ietfNames[0x0033] = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA' 435 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 436 ietfNames[0x0039] = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA' 437 438 # RFC 5246 - TLS v1.2 Protocol 439 TLS_DH_ANON_WITH_RC4_128_MD5 = 0x0018 440 ietfNames[0x0018] = 'TLS_DH_ANON_WITH_RC4_128_MD5' 441 TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA = 0x001B 442 ietfNames[0x001B] = 'TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA' 443 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 444 ietfNames[0x0034] = 'TLS_DH_ANON_WITH_AES_128_CBC_SHA' 445 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A 446 ietfNames[0x003A] = 'TLS_DH_ANON_WITH_AES_256_CBC_SHA' 447 TLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C 448 ietfNames[0x006C] = 'TLS_DH_ANON_WITH_AES_128_CBC_SHA256' 449 TLS_DH_ANON_WITH_AES_256_CBC_SHA256 = 0x006D 450 ietfNames[0x006D] = 'TLS_DH_ANON_WITH_AES_256_CBC_SHA256' 451 TLS_DH_ANON_WITH_AES_128_GCM_SHA256 = 0x00A6 452 ietfNames[0x00A6] = 'TLS_DH_ANON_WITH_AES_128_GCM_SHA256' 453 TLS_DH_ANON_WITH_AES_256_GCM_SHA384 = 0x00A7 454 ietfNames[0x00A7] = 'TLS_DH_ANON_WITH_AES_256_GCM_SHA384' 455 456 # RFC 5246 - TLS v1.2 Protocol 457 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C 458 ietfNames[0x003C] = 'TLS_RSA_WITH_AES_128_CBC_SHA256' 459 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D 460 ietfNames[0x003D] = 'TLS_RSA_WITH_AES_256_CBC_SHA256' 461 462 # RFC 5246 - TLS v1.2 463 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067 464 ietfNames[0x0067] = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256' 465 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B 466 ietfNames[0x006B] = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256' 467 468 # RFC 5288 - AES-GCM ciphers for TLSv1.2 469 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C 470 ietfNames[0x009C] = 'TLS_RSA_WITH_AES_128_GCM_SHA256' 471 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E 472 ietfNames[0x009E] = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256' 473 TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D 474 ietfNames[0x009D] = 'TLS_RSA_WITH_AES_256_GCM_SHA384' 475 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F 476 ietfNames[0x009F] = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384' 477 478 # RFC 4492 - ECC Cipher Suites for TLS 479 TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010 480 ietfNames[0xC010] = 'TLS_ECDHE_RSA_WITH_NULL_SHA' 481 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013 482 ietfNames[0xC013] = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA' 483 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014 484 ietfNames[0xC014] = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA' 485 TLS_ECDH_ANON_WITH_NULL_SHA = 0xC015 486 ietfNames[0xC015] = 'TLS_ECDH_ANON_WITH_NULL_SHA' 487 TLS_ECDH_ANON_WITH_RC4_128_SHA = 0xC016 488 ietfNames[0xC016] = 'TLS_ECDH_ANON_WITH_RC4_128_SHA' 489 TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA = 0xC017 490 ietfNames[0xC017] = 'TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA' 491 TLS_ECDH_ANON_WITH_AES_128_CBC_SHA = 0xC018 492 ietfNames[0xC018] = 'TLS_ECDH_ANON_WITH_AES_128_CBC_SHA' 493 TLS_ECDH_ANON_WITH_AES_256_CBC_SHA = 0xC019 494 ietfNames[0xC019] = 'TLS_ECDH_ANON_WITH_AES_256_CBC_SHA' 495 496 # draft-ietf-tls-chacha20-poly1305-00 497 # ChaCha20/Poly1305 based Cipher Suites for TLS1.2 498 TLS_DHE_RSA_WITH_CHACHA20_POLY1305 = 0xcca3 499 ietfNames[0xcca3] = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305' 500 501 502 # RFC 5289 - ECC Ciphers with SHA-256/SHA284 HMAC and AES-GCM 503 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027 504 ietfNames[0xC027] = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256' 505 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028 506 ietfNames[0xC028] = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384' 507 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F 508 ietfNames[0xC02F] = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256' 509 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030 510 ietfNames[0xC030] = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384' 511 512 #pylint: enable = invalid-name 513 # 514 # Define cipher suite families below 515 # 516 517 # 3DES CBC ciphers 518 tripleDESSuites = [] 519 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 520 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 521 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 522 tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 523 tripleDESSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 524 tripleDESSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 525 526 # AES-128 CBC ciphers 527 aes128Suites = [] 528 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 529 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 530 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 531 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 532 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 533 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 534 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 535 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 536 aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 537 aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 538 aes128Suites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 539 540 # AES-256 CBC ciphers 541 aes256Suites = [] 542 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 543 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 544 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 545 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 546 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 547 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 548 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 549 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 550 aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 551 aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 552 aes256Suites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 553 554 # AES-128 GCM ciphers 555 aes128GcmSuites = [] 556 aes128GcmSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256) 557 aes128GcmSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) 558 aes128GcmSuites.append(TLS_DH_ANON_WITH_AES_128_GCM_SHA256) 559 aes128GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) 560 561 # AES-256-GCM ciphers (implicit SHA384, see sha384PrfSuites) 562 aes256GcmSuites = [] 563 aes256GcmSuites.append(TLS_RSA_WITH_AES_256_GCM_SHA384) 564 aes256GcmSuites.append(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) 565 aes256GcmSuites.append(TLS_DH_ANON_WITH_AES_256_GCM_SHA384) 566 aes256GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) 567 568 # CHACHA20 cipher (implicit POLY1305 authenticator) 569 chacha20Suites = [] 570 chacha20Suites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305) 571 572 # RC4 128 stream cipher 573 rc4Suites = [] 574 rc4Suites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 575 rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA) 576 rc4Suites.append(TLS_RSA_WITH_RC4_128_MD5) 577 rc4Suites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 578 579 # no encryption 580 nullSuites = [] 581 nullSuites.append(TLS_RSA_WITH_NULL_MD5) 582 nullSuites.append(TLS_RSA_WITH_NULL_SHA) 583 nullSuites.append(TLS_RSA_WITH_NULL_SHA256) 584 nullSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 585 nullSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 586 587 # SHA-1 HMAC, protocol default PRF 588 shaSuites = [] 589 shaSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 590 shaSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 591 shaSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 592 shaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 593 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 594 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 595 shaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 596 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 597 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 598 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA) 599 shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 600 shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 601 shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 602 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 603 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 604 shaSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 605 shaSuites.append(TLS_RSA_WITH_NULL_SHA) 606 shaSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 607 shaSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 608 shaSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 609 shaSuites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 610 shaSuites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 611 shaSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 612 shaSuites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 613 shaSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 614 615 # SHA-256 HMAC, SHA-256 PRF 616 sha256Suites = [] 617 sha256Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 618 sha256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 619 sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 620 sha256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 621 sha256Suites.append(TLS_RSA_WITH_NULL_SHA256) 622 sha256Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 623 sha256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 624 sha256Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 625 626 # SHA-384 HMAC, SHA-384 PRF 627 sha384Suites = [] 628 sha384Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 629 630 # stream cipher construction 631 streamSuites = [] 632 streamSuites.extend(rc4Suites) 633 streamSuites.extend(nullSuites) 634 635 # AEAD integrity, any PRF 636 aeadSuites = [] 637 aeadSuites.extend(aes128GcmSuites) 638 aeadSuites.extend(aes256GcmSuites) 639 aeadSuites.extend(chacha20Suites) 640 641 # TLS1.2 with SHA384 PRF 642 sha384PrfSuites = [] 643 sha384PrfSuites.extend(sha384Suites) 644 sha384PrfSuites.extend(aes256GcmSuites) 645 646 # MD-5 HMAC, protocol default PRF 647 md5Suites = [] 648 md5Suites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 649 md5Suites.append(TLS_RSA_WITH_RC4_128_MD5) 650 md5Suites.append(TLS_RSA_WITH_NULL_MD5) 651 652 # SSL3, TLS1.0, TLS1.1 and TLS1.2 compatible ciphers 653 ssl3Suites = [] 654 ssl3Suites.extend(shaSuites) 655 ssl3Suites.extend(md5Suites) 656 657 # TLS1.2 specific ciphersuites 658 tls12Suites = [] 659 tls12Suites.extend(sha256Suites) 660 tls12Suites.extend(sha384Suites) 661 tls12Suites.extend(aeadSuites) 662 663 @staticmethod
664 - def filterForVersion(suites, minVersion, maxVersion):
665 """Return a copy of suites without ciphers incompatible with version""" 666 includeSuites = set([]) 667 if (3, 0) <= minVersion <= (3, 3): 668 includeSuites.update(CipherSuite.ssl3Suites) 669 if maxVersion == (3, 3): 670 includeSuites.update(CipherSuite.tls12Suites) 671 return [s for s in suites if s in includeSuites]
672 673 @staticmethod
674 - def _filterSuites(suites, settings, version=None):
675 if version is None: 676 version = settings.maxVersion 677 macNames = settings.macNames 678 cipherNames = settings.cipherNames 679 keyExchangeNames = settings.keyExchangeNames 680 macSuites = [] 681 if "sha" in macNames: 682 macSuites += CipherSuite.shaSuites 683 if "sha256" in macNames and version >= (3, 3): 684 macSuites += CipherSuite.sha256Suites 685 if "sha384" in macNames and version >= (3, 3): 686 macSuites += CipherSuite.sha384Suites 687 if "md5" in macNames: 688 macSuites += CipherSuite.md5Suites 689 if "aead" in macNames and version >= (3, 3): 690 macSuites += CipherSuite.aeadSuites 691 692 cipherSuites = [] 693 if "chacha20-poly1305" in cipherNames and version >= (3, 3): 694 cipherSuites += CipherSuite.chacha20Suites 695 if "aes128gcm" in cipherNames and version >= (3, 3): 696 cipherSuites += CipherSuite.aes128GcmSuites 697 if "aes256gcm" in cipherNames and version >= (3, 3): 698 cipherSuites += CipherSuite.aes256GcmSuites 699 if "aes128" in cipherNames: 700 cipherSuites += CipherSuite.aes128Suites 701 if "aes256" in cipherNames: 702 cipherSuites += CipherSuite.aes256Suites 703 if "3des" in cipherNames: 704 cipherSuites += CipherSuite.tripleDESSuites 705 if "rc4" in cipherNames: 706 cipherSuites += CipherSuite.rc4Suites 707 if "null" in cipherNames: 708 cipherSuites += CipherSuite.nullSuites 709 710 keyExchangeSuites = [] 711 if "rsa" in keyExchangeNames: 712 keyExchangeSuites += CipherSuite.certSuites 713 if "dhe_rsa" in keyExchangeNames: 714 keyExchangeSuites += CipherSuite.dheCertSuites 715 if "ecdhe_rsa" in keyExchangeNames: 716 keyExchangeSuites += CipherSuite.ecdheCertSuites 717 if "srp_sha" in keyExchangeNames: 718 keyExchangeSuites += CipherSuite.srpSuites 719 if "srp_sha_rsa" in keyExchangeNames: 720 keyExchangeSuites += CipherSuite.srpCertSuites 721 if "dh_anon" in keyExchangeNames: 722 keyExchangeSuites += CipherSuite.anonSuites 723 if "ecdh_anon" in keyExchangeNames: 724 keyExchangeSuites += CipherSuite.ecdhAnonSuites 725 726 return [s for s in suites if s in macSuites and 727 s in cipherSuites and s in keyExchangeSuites]
728 729 # SRP key exchange 730 srpSuites = [] 731 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 732 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 733 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 734 735 @classmethod
736 - def getSrpSuites(cls, settings, version=None):
737 """Return SRP cipher suites matching settings""" 738 return cls._filterSuites(CipherSuite.srpSuites, settings, version)
739 740 # SRP key exchange, RSA authentication 741 srpCertSuites = [] 742 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 743 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 744 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 745 746 @classmethod
747 - def getSrpCertSuites(cls, settings, version=None):
748 """Return SRP cipher suites that use server certificates""" 749 return cls._filterSuites(CipherSuite.srpCertSuites, settings, version)
750 751 srpAllSuites = srpSuites + srpCertSuites 752 753 @classmethod
754 - def getSrpAllSuites(cls, settings, version=None):
755 """Return all SRP cipher suites matching settings""" 756 return cls._filterSuites(CipherSuite.srpAllSuites, settings, version)
757 758 # RSA key exchange, RSA authentication 759 certSuites = [] 760 certSuites.append(TLS_RSA_WITH_AES_256_GCM_SHA384) 761 certSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256) 762 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 763 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 764 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 765 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 766 certSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 767 certSuites.append(TLS_RSA_WITH_RC4_128_SHA) 768 certSuites.append(TLS_RSA_WITH_RC4_128_MD5) 769 certSuites.append(TLS_RSA_WITH_NULL_MD5) 770 certSuites.append(TLS_RSA_WITH_NULL_SHA) 771 certSuites.append(TLS_RSA_WITH_NULL_SHA256) 772 773 @classmethod
774 - def getCertSuites(cls, settings, version=None):
775 """Return ciphers with RSA authentication matching settings""" 776 return cls._filterSuites(CipherSuite.certSuites, settings, version)
777 778 # FFDHE key exchange, RSA authentication 779 dheCertSuites = [] 780 dheCertSuites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305) 781 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) 782 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) 783 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 784 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 785 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 786 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 787 dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 788 789 @classmethod
790 - def getDheCertSuites(cls, settings, version=None):
791 """Provide authenticated DHE ciphersuites matching settings""" 792 return cls._filterSuites(CipherSuite.dheCertSuites, settings, version)
793 794 # ECDHE key exchange, RSA authentication 795 ecdheCertSuites = [] 796 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) 797 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) 798 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 799 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 800 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 801 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 802 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 803 804 @classmethod
805 - def getEcdheCertSuites(cls, settings, version=None):
806 """Provide authenticated ECDHE ciphersuites matching settings""" 807 return cls._filterSuites(CipherSuite.ecdheCertSuites, settings, version)
808 809 # RSA authentication 810 certAllSuites = srpCertSuites + certSuites + dheCertSuites + ecdheCertSuites 811 812 # anon FFDHE key exchange 813 anonSuites = [] 814 anonSuites.append(TLS_DH_ANON_WITH_AES_256_GCM_SHA384) 815 anonSuites.append(TLS_DH_ANON_WITH_AES_128_GCM_SHA256) 816 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 817 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 818 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 819 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 820 anonSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 821 anonSuites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 822 823 @classmethod
824 - def getAnonSuites(cls, settings, version=None):
825 """Provide anonymous DH ciphersuites matching settings""" 826 return cls._filterSuites(CipherSuite.anonSuites, settings, version)
827 828 dhAllSuites = dheCertSuites + anonSuites 829 830 # anon ECDHE key exchange 831 ecdhAnonSuites = [] 832 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 833 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 834 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 835 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 836 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 837 838 @classmethod
839 - def getEcdhAnonSuites(cls, settings, version=None):
840 """Provide anonymous ECDH ciphersuites matching settings""" 841 return cls._filterSuites(CipherSuite.ecdhAnonSuites, settings, version)
842 843 ecdhAllSuites = ecdheCertSuites + ecdhAnonSuites 844 845 @staticmethod
846 - def canonicalCipherName(ciphersuite):
847 """Return the canonical name of the cipher whose number is provided.""" 848 if ciphersuite in CipherSuite.aes128GcmSuites: 849 return "aes128gcm" 850 elif ciphersuite in CipherSuite.aes256GcmSuites: 851 return "aes256gcm" 852 elif ciphersuite in CipherSuite.aes128Suites: 853 return "aes128" 854 elif ciphersuite in CipherSuite.aes256Suites: 855 return "aes256" 856 elif ciphersuite in CipherSuite.rc4Suites: 857 return "rc4" 858 elif ciphersuite in CipherSuite.tripleDESSuites: 859 return "3des" 860 elif ciphersuite in CipherSuite.nullSuites: 861 return "null" 862 elif ciphersuite in CipherSuite.chacha20Suites: 863 return "chacha20-poly1305" 864 else: 865 return None
866 867 @staticmethod
868 - def canonicalMacName(ciphersuite):
869 """Return the canonical name of the MAC whose number is provided.""" 870 if ciphersuite in CipherSuite.sha384Suites: 871 return "sha384" 872 elif ciphersuite in CipherSuite.sha256Suites: 873 return "sha256" 874 elif ciphersuite in CipherSuite.shaSuites: 875 return "sha" 876 elif ciphersuite in CipherSuite.md5Suites: 877 return "md5" 878 else: 879 return None
880
881 882 # The following faults are induced as part of testing. The faultAlerts 883 # dictionary describes the allowed alerts that may be triggered by these 884 # faults. 885 -class Fault:
886 badUsername = 101 887 badPassword = 102 888 badA = 103 889 clientSrpFaults = list(range(101,104)) 890 891 badVerifyMessage = 601 892 clientCertFaults = list(range(601,602)) 893 894 badPremasterPadding = 501 895 shortPremasterSecret = 502 896 clientNoAuthFaults = list(range(501,503)) 897 898 badB = 201 899 serverFaults = list(range(201,202)) 900 901 badFinished = 300 902 badMAC = 301 903 badPadding = 302 904 genericFaults = list(range(300,303)) 905 906 faultAlerts = {\ 907 badUsername: (AlertDescription.unknown_psk_identity, \ 908 AlertDescription.bad_record_mac),\ 909 badPassword: (AlertDescription.bad_record_mac,),\ 910 badA: (AlertDescription.illegal_parameter,),\ 911 badPremasterPadding: (AlertDescription.bad_record_mac,),\ 912 shortPremasterSecret: (AlertDescription.bad_record_mac,),\ 913 badVerifyMessage: (AlertDescription.decrypt_error,),\ 914 badFinished: (AlertDescription.decrypt_error,),\ 915 badMAC: (AlertDescription.bad_record_mac,),\ 916 badPadding: (AlertDescription.bad_record_mac,) 917 } 918 919 faultNames = {\ 920 badUsername: "bad username",\ 921 badPassword: "bad password",\ 922 badA: "bad A",\ 923 badPremasterPadding: "bad premaster padding",\ 924 shortPremasterSecret: "short premaster secret",\ 925 badVerifyMessage: "bad verify message",\ 926 badFinished: "bad finished message",\ 927 badMAC: "bad MAC",\ 928 badPadding: "bad padding" 929 }
930