Home | Trees | Indices | Help |
---|
|
1 # Authors: 2 # Trevor Perrin 3 # Google - defining ClientCertificateType 4 # Google (adapted by Sam Rushing) - NPN support 5 # Dimitris Moraitis - Anon ciphersuites 6 # Dave Baggett (Arcode Corporation) - canonicalCipherName 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 8 # 9 # See the LICENSE file for legal information regarding use of this file. 10 11 """Constants used in various places."""14 """Base class for different enums of TLS IDs""" 15 16 @classmethod49 53 5918 """Call vars recursively on base classes""" 19 fields = dict() 20 for basecls in klass.__bases__: 21 fields.update(cls._recursiveVars(basecls)) 22 fields.update(dict(vars(klass))) 23 return fields24 25 @classmethod27 """ 28 Convert numeric type to string representation 29 30 name if found, None otherwise 31 """ 32 fields = cls._recursiveVars(cls) 33 if blacklist is None: 34 blacklist = [] 35 return next((key for key, val in fields.items() \ 36 if key not in ('__weakref__', '__dict__', '__doc__', 37 '__module__') and \ 38 key not in blacklist and \ 39 val == value), None)40 41 @classmethod43 """Convert numeric type to human-readable string if possible""" 44 ret = cls.toRepr(value, blacklist) 45 if ret is not None: 46 return ret 47 else: 48 return '{0}'.format(value)61 """SSL2 Handshake Protocol message types""" 62 error = 0 63 client_hello = 1 64 client_master_key = 2 65 client_finished = 3 66 server_hello = 4 67 server_verify = 5 68 server_finished = 6 69 request_certificate = 7 70 client_certificate = 87174 """SSL2 Handshake protocol error message descriptions""" 75 76 no_cipher = 0x0001 77 no_certificate = 0x0002 78 bad_certificate = 0x0004 79 unsupported_certificate_type = 0x00068083 """Message types in TLS Handshake protocol""" 84 85 hello_request = 0 86 client_hello = 1 87 server_hello = 2 88 certificate = 11 89 server_key_exchange = 12 90 certificate_request = 13 91 server_hello_done = 14 92 certificate_verify = 15 93 client_key_exchange = 16 94 finished = 20 95 next_protocol = 679698 """TLS record layer content types of payloads""" 99 100 change_cipher_spec = 20 101 alert = 21 102 handshake = 22 103 application_data = 23 104 all = (20, 21, 22, 23) 105 106 @classmethod113 115 server_name = 0 # RFC 6066 / 4366 116 cert_type = 9 # RFC 6091 117 supported_groups = 10 # RFC 4492, RFC-ietf-tls-negotiated-ff-dhe-10 118 ec_point_formats = 11 # RFC 4492 119 srp = 12 # RFC 5054 120 signature_algorithms = 13 # RFC 5246 121 alpn = 16 # RFC 7301 122 client_hello_padding = 21 # RFC 7685 123 encrypt_then_mac = 22 # RFC 7366 124 extended_master_secret = 23 # RFC 7627 125 tack = 0xF300 126 supports_npn = 13172 127 renegotiation_info = 0xff01 128108 """Convert numeric type to name representation""" 109 if blacklist is None: 110 blacklist = [] 111 blacklist.append('all') 112 return super(ContentType, cls).toRepr(value, blacklist)130 """Hash algorithm IDs used in TLSv1.2""" 131 132 none = 0 133 md5 = 1 134 sha1 = 2 135 sha224 = 3 136 sha256 = 4 137 sha384 = 5 138 sha512 = 6139141 """Signing algorithms used in TLSv1.2""" 142 143 anonymous = 0 144 rsa = 1 145 dsa = 2 146 ecdsa = 3147149 """Name of groups supported for (EC)DH key exchange""" 150 151 # RFC4492 152 sect163k1 = 1 153 sect163r1 = 2 154 sect163r2 = 3 155 sect193r1 = 4 156 sect193r2 = 5 157 sect233k1 = 6 158 sect233r1 = 7 159 sect239k1 = 8 160 sect283k1 = 9 161 sect283r1 = 10 162 sect409k1 = 11 163 sect409r1 = 12 164 sect571k1 = 13 165 sect571r1 = 14 166 secp160k1 = 15 167 secp160r1 = 16 168 secp160r2 = 17 169 secp192k1 = 18 170 secp192r1 = 19 171 secp224k1 = 20 172 secp224r1 = 21 173 secp256k1 = 22 174 secp256r1 = 23 175 secp384r1 = 24 176 secp521r1 = 25 177 allEC = list(range(1, 26)) 178 179 # RFC7027 180 brainpoolP256r1 = 26 181 brainpoolP384r1 = 27 182 brainpoolP512r1 = 28 183 allEC.extend(list(range(26, 29))) 184 185 # RFC-ietf-tls-negotiated-ff-dhe-10 186 ffdhe2048 = 256 187 ffdhe3072 = 257 188 ffdhe4096 = 258 189 ffdhe6144 = 259 190 ffdhe8192 = 260 191 allFF = list(range(256, 261)) 192 193 all = allEC + allFF 194 195 @classmethod202204 205 """Names and ID's of supported EC point formats""" 206 207 uncompressed = 0 208 ansiX962_compressed_prime = 1 209 ansiX962_compressed_char2 = 2 210 211 all = [uncompressed, 212 ansiX962_compressed_prime, 213 ansiX962_compressed_char2]214216 """Types of ECC curves supported in TLS from RFC4492""" 217 218 explicit_prime = 1 219 explicit_char2 = 2 220 named_curve = 3221223 host_name = 0224 230232 """ 233 @cvar bad_record_mac: A TLS record failed to decrypt properly. 234 235 If this occurs during a SRP handshake it most likely 236 indicates a bad password. It may also indicate an implementation 237 error, or some tampering with the data in transit. 238 239 This alert will be signalled by the server if the SRP password is bad. It 240 may also be signalled by the server if the SRP username is unknown to the 241 server, but it doesn't wish to reveal that fact. 242 243 244 @cvar handshake_failure: A problem occurred while handshaking. 245 246 This typically indicates a lack of common ciphersuites between client and 247 server, or some other disagreement (about SRP parameters or key sizes, 248 for example). 249 250 @cvar protocol_version: The other party's SSL/TLS version was unacceptable. 251 252 This indicates that the client and server couldn't agree on which version 253 of SSL or TLS to use. 254 255 @cvar user_canceled: The handshake is being cancelled for some reason. 256 257 """ 258 259 close_notify = 0 260 unexpected_message = 10 261 bad_record_mac = 20 262 decryption_failed = 21 263 record_overflow = 22 264 decompression_failure = 30 265 handshake_failure = 40 266 no_certificate = 41 #SSLv3 267 bad_certificate = 42 268 unsupported_certificate = 43 269 certificate_revoked = 44 270 certificate_expired = 45 271 certificate_unknown = 46 272 illegal_parameter = 47 273 unknown_ca = 48 274 access_denied = 49 275 decode_error = 50 276 decrypt_error = 51 277 export_restriction = 60 278 protocol_version = 70 279 insufficient_security = 71 280 internal_error = 80 281 inappropriate_fallback = 86 282 user_canceled = 90 283 no_renegotiation = 100 284 unsupported_extension = 110 # RFC 5246 285 unrecognized_name = 112 # RFC 6066 286 unknown_psk_identity = 115 287 no_application_protocol = 120 # RFC 7301288291 292 """ 293 Numeric values of ciphersuites and ciphersuite types 294 295 @cvar tripleDESSuites: ciphersuties which use 3DES symmetric cipher in CBC 296 mode 297 @cvar aes128Suites: ciphersuites which use AES symmetric cipher in CBC mode 298 with 128 bit key 299 @cvar aes256Suites: ciphersuites which use AES symmetric cipher in CBC mode 300 with 128 bit key 301 @cvar rc4Suites: ciphersuites which use RC4 symmetric cipher with 128 bit 302 key 303 @cvar shaSuites: ciphersuites which use SHA-1 HMAC integrity mechanism 304 and protocol default Pseudo Random Function 305 @cvar sha256Suites: ciphersuites which use SHA-256 HMAC integrity mechanism 306 and SHA-256 Pseudo Random Function 307 @cvar md5Suites: ciphersuites which use MD-5 HMAC integrity mechanism and 308 protocol default Pseudo Random Function 309 @cvar srpSuites: ciphersuites which use Secure Remote Password (SRP) key 310 exchange protocol 311 @cvar srpCertSuites: ciphersuites which use Secure Remote Password (SRP) 312 key exchange protocol with RSA server authentication 313 @cvar srpAllSuites: all SRP ciphersuites, pure SRP and with RSA based 314 server authentication 315 @cvar certSuites: ciphersuites which use RSA key exchange with RSA server 316 authentication 317 @cvar certAllSuites: ciphersuites which use RSA server authentication 318 @cvar anonSuites: ciphersuites which use anonymous Finite Field 319 Diffie-Hellman key exchange 320 @cvar ietfNames: dictionary with string names of the ciphersuites 321 """ 322 323 ietfNames = {} 324 325 # the ciphesuite names come from IETF, we want to keep them 326 #pylint: disable = invalid-name 327 328 # SSLv2 from draft-hickman-netscape-ssl-00.txt 329 SSL_CK_RC4_128_WITH_MD5 = 0x010080 330 ietfNames[0x010080] = 'SSL_CK_RC4_128_WITH_MD5' 331 SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x020080 332 ietfNames[0x020080] = 'SSL_CK_RC4_128_EXPORT40_WITH_MD5' 333 SSL_CK_RC2_128_CBC_WITH_MD5 = 0x030080 334 ietfNames[0x030080] = 'SSL_CK_RC2_128_CBC_WITH_MD5' 335 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x040080 336 ietfNames[0x040080] = 'SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5' 337 SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x050080 338 ietfNames[0x050080] = 'SSL_CK_IDEA_128_CBC_WITH_MD5' 339 SSL_CK_DES_64_CBC_WITH_MD5 = 0x060040 340 ietfNames[0x060040] = 'SSL_CK_DES_64_CBC_WITH_MD5' 341 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x0700C0 342 ietfNames[0x0700C0] = 'SSL_CK_DES_192_EDE3_CBC_WITH_MD5' 343 344 # SSL2 ciphersuites which use RC4 symmetric cipher 345 ssl2rc4 = [] 346 ssl2rc4.append(SSL_CK_RC4_128_WITH_MD5) 347 ssl2rc4.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 348 349 # SSL2 ciphersuites which use RC2 symmetric cipher 350 ssl2rc2 = [] 351 ssl2rc2.append(SSL_CK_RC2_128_CBC_WITH_MD5) 352 ssl2rc2.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 353 354 # SSL2 ciphersuites which use IDEA symmetric cipher 355 ssl2idea = [SSL_CK_IDEA_128_CBC_WITH_MD5] 356 357 # SSL2 ciphersuites which use (single) DES symmetric cipher 358 ssl2des = [SSL_CK_DES_64_CBC_WITH_MD5] 359 360 # SSL2 ciphersuites which use 3DES symmetric cipher 361 ssl2_3des = [SSL_CK_DES_192_EDE3_CBC_WITH_MD5] 362 363 # SSL2 ciphersuites which encrypt only part (40 bits) of the key 364 ssl2export = [] 365 ssl2export.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 366 ssl2export.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 367 368 # SSL2 ciphersuties which use 128 bit key 369 ssl2_128Key = [] 370 ssl2_128Key.append(SSL_CK_RC4_128_WITH_MD5) 371 ssl2_128Key.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 372 ssl2_128Key.append(SSL_CK_RC2_128_CBC_WITH_MD5) 373 ssl2_128Key.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 374 ssl2_128Key.append(SSL_CK_IDEA_128_CBC_WITH_MD5) 375 376 # SSL2 ciphersuites which use 64 bit key 377 ssl2_64Key = [SSL_CK_DES_64_CBC_WITH_MD5] 378 379 # SSL2 ciphersuites which use 192 bit key 380 ssl2_192Key = [SSL_CK_DES_192_EDE3_CBC_WITH_MD5] 381 382 # Weird pseudo-ciphersuite from RFC 5746 383 # Signals that "secure renegotiation" is supported 384 # We actually don't do any renegotiation, but this 385 # prevents renegotiation attacks 386 TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF 387 ietfNames[0x00FF] = 'TLS_EMPTY_RENEGOTIATION_INFO_SCSV' 388 389 # RFC 7507 - Fallback Signaling Cipher Suite Value for Preventing Protocol 390 # Downgrade Attacks 391 TLS_FALLBACK_SCSV = 0x5600 392 ietfNames[0x5600] = 'TLS_FALLBACK_SCSV' 393 394 # RFC 5054 - Secure Remote Password (SRP) Protocol for TLS Authentication 395 TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A 396 ietfNames[0xC01A] = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA' 397 TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D 398 ietfNames[0xC01D] = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA' 399 TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020 400 ietfNames[0xC020] = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA' 401 402 # RFC 5054 - Secure Remote Password (SRP) Protocol for TLS Authentication 403 TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B 404 ietfNames[0xC01B] = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA' 405 TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E 406 ietfNames[0xC01E] = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA' 407 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021 408 ietfNames[0xC021] = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA' 409 410 # RFC 5246 - TLS v1.2 Protocol 411 TLS_RSA_WITH_NULL_MD5 = 0x0001 412 ietfNames[0x0001] = 'TLS_RSA_WITH_NULL_MD5' 413 TLS_RSA_WITH_NULL_SHA = 0x0002 414 ietfNames[0x0002] = 'TLS_RSA_WITH_NULL_SHA' 415 TLS_RSA_WITH_NULL_SHA256 = 0x003B 416 ietfNames[0x003B] = 'TLS_RSA_WITH_NULL_SHA256' 417 418 # RFC 5246 - TLS v1.2 Protocol 419 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A 420 ietfNames[0x000A] = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA' 421 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F 422 ietfNames[0x002F] = 'TLS_RSA_WITH_AES_128_CBC_SHA' 423 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 424 ietfNames[0x0035] = 'TLS_RSA_WITH_AES_256_CBC_SHA' 425 TLS_RSA_WITH_RC4_128_SHA = 0x0005 426 ietfNames[0x0005] = 'TLS_RSA_WITH_RC4_128_SHA' 427 428 # RFC 5246 - TLS v1.2 Protocol 429 TLS_RSA_WITH_RC4_128_MD5 = 0x0004 430 ietfNames[0x0004] = 'TLS_RSA_WITH_RC4_128_MD5' 431 432 # RFC 5246 - TLS v1.2 Protocol 433 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016 434 ietfNames[0x0016] = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA' 435 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 436 ietfNames[0x0033] = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA' 437 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 438 ietfNames[0x0039] = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA' 439 440 # RFC 5246 - TLS v1.2 Protocol 441 TLS_DH_ANON_WITH_RC4_128_MD5 = 0x0018 442 ietfNames[0x0018] = 'TLS_DH_ANON_WITH_RC4_128_MD5' 443 TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA = 0x001B 444 ietfNames[0x001B] = 'TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA' 445 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 446 ietfNames[0x0034] = 'TLS_DH_ANON_WITH_AES_128_CBC_SHA' 447 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A 448 ietfNames[0x003A] = 'TLS_DH_ANON_WITH_AES_256_CBC_SHA' 449 TLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C 450 ietfNames[0x006C] = 'TLS_DH_ANON_WITH_AES_128_CBC_SHA256' 451 TLS_DH_ANON_WITH_AES_256_CBC_SHA256 = 0x006D 452 ietfNames[0x006D] = 'TLS_DH_ANON_WITH_AES_256_CBC_SHA256' 453 TLS_DH_ANON_WITH_AES_128_GCM_SHA256 = 0x00A6 454 ietfNames[0x00A6] = 'TLS_DH_ANON_WITH_AES_128_GCM_SHA256' 455 TLS_DH_ANON_WITH_AES_256_GCM_SHA384 = 0x00A7 456 ietfNames[0x00A7] = 'TLS_DH_ANON_WITH_AES_256_GCM_SHA384' 457 458 # RFC 5246 - TLS v1.2 Protocol 459 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C 460 ietfNames[0x003C] = 'TLS_RSA_WITH_AES_128_CBC_SHA256' 461 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D 462 ietfNames[0x003D] = 'TLS_RSA_WITH_AES_256_CBC_SHA256' 463 464 # RFC 5246 - TLS v1.2 465 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067 466 ietfNames[0x0067] = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256' 467 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B 468 ietfNames[0x006B] = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256' 469 470 # RFC 5288 - AES-GCM ciphers for TLSv1.2 471 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C 472 ietfNames[0x009C] = 'TLS_RSA_WITH_AES_128_GCM_SHA256' 473 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E 474 ietfNames[0x009E] = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256' 475 TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D 476 ietfNames[0x009D] = 'TLS_RSA_WITH_AES_256_GCM_SHA384' 477 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F 478 ietfNames[0x009F] = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384' 479 480 # RFC 4492 - ECC Cipher Suites for TLS 481 TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010 482 ietfNames[0xC010] = 'TLS_ECDHE_RSA_WITH_NULL_SHA' 483 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013 484 ietfNames[0xC013] = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA' 485 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014 486 ietfNames[0xC014] = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA' 487 TLS_ECDH_ANON_WITH_NULL_SHA = 0xC015 488 ietfNames[0xC015] = 'TLS_ECDH_ANON_WITH_NULL_SHA' 489 TLS_ECDH_ANON_WITH_RC4_128_SHA = 0xC016 490 ietfNames[0xC016] = 'TLS_ECDH_ANON_WITH_RC4_128_SHA' 491 TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA = 0xC017 492 ietfNames[0xC017] = 'TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA' 493 TLS_ECDH_ANON_WITH_AES_128_CBC_SHA = 0xC018 494 ietfNames[0xC018] = 'TLS_ECDH_ANON_WITH_AES_128_CBC_SHA' 495 TLS_ECDH_ANON_WITH_AES_256_CBC_SHA = 0xC019 496 ietfNames[0xC019] = 'TLS_ECDH_ANON_WITH_AES_256_CBC_SHA' 497 498 # draft-ietf-tls-chacha20-poly1305-00 499 # ChaCha20/Poly1305 based Cipher Suites for TLS1.2 500 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_draft_00 = 0xcca1 501 ietfNames[0xcca1] = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_draft_00' 502 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_draft_00 = 0xcca3 503 ietfNames[0xcca3] = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_draft_00' 504 505 # RFC 7905 - ChaCha20-Poly1305 Cipher Suites for TLS 506 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xcca8 507 ietfNames[0xcca8] = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256' 508 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xccaa 509 ietfNames[0xccaa] = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256' 510 511 # RFC 5289 - ECC Ciphers with SHA-256/SHA284 HMAC and AES-GCM 512 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027 513 ietfNames[0xC027] = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256' 514 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028 515 ietfNames[0xC028] = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384' 516 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F 517 ietfNames[0xC02F] = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256' 518 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030 519 ietfNames[0xC030] = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384' 520 521 #pylint: enable = invalid-name 522 # 523 # Define cipher suite families below 524 # 525 526 # 3DES CBC ciphers 527 tripleDESSuites = [] 528 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 529 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 530 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 531 tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 532 tripleDESSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 533 tripleDESSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 534 535 # AES-128 CBC ciphers 536 aes128Suites = [] 537 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 538 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 539 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 540 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 541 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 542 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 543 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 544 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 545 aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 546 aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 547 aes128Suites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 548 549 # AES-256 CBC ciphers 550 aes256Suites = [] 551 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 552 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 553 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 554 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 555 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 556 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 557 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 558 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 559 aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 560 aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 561 aes256Suites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 562 563 # AES-128 GCM ciphers 564 aes128GcmSuites = [] 565 aes128GcmSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256) 566 aes128GcmSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) 567 aes128GcmSuites.append(TLS_DH_ANON_WITH_AES_128_GCM_SHA256) 568 aes128GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) 569 570 # AES-256-GCM ciphers (implicit SHA384, see sha384PrfSuites) 571 aes256GcmSuites = [] 572 aes256GcmSuites.append(TLS_RSA_WITH_AES_256_GCM_SHA384) 573 aes256GcmSuites.append(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) 574 aes256GcmSuites.append(TLS_DH_ANON_WITH_AES_256_GCM_SHA384) 575 aes256GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) 576 577 # CHACHA20 cipher, 00'th IETF draft (implicit POLY1305 authenticator) 578 chacha20draft00Suites = [] 579 chacha20draft00Suites.append(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_draft_00) 580 chacha20draft00Suites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_draft_00) 581 582 # CHACHA20 cipher (implicit POLY1305 authenticator, SHA256 PRF) 583 chacha20Suites = [] 584 chacha20Suites.append(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) 585 chacha20Suites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) 586 587 # RC4 128 stream cipher 588 rc4Suites = [] 589 rc4Suites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 590 rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA) 591 rc4Suites.append(TLS_RSA_WITH_RC4_128_MD5) 592 rc4Suites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 593 594 # no encryption 595 nullSuites = [] 596 nullSuites.append(TLS_RSA_WITH_NULL_MD5) 597 nullSuites.append(TLS_RSA_WITH_NULL_SHA) 598 nullSuites.append(TLS_RSA_WITH_NULL_SHA256) 599 nullSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 600 nullSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 601 602 # SHA-1 HMAC, protocol default PRF 603 shaSuites = [] 604 shaSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 605 shaSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 606 shaSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 607 shaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 608 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 609 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 610 shaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 611 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 612 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 613 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA) 614 shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 615 shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 616 shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 617 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 618 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 619 shaSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 620 shaSuites.append(TLS_RSA_WITH_NULL_SHA) 621 shaSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 622 shaSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 623 shaSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 624 shaSuites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 625 shaSuites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 626 shaSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 627 shaSuites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 628 shaSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 629 630 # SHA-256 HMAC, SHA-256 PRF 631 sha256Suites = [] 632 sha256Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 633 sha256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 634 sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 635 sha256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 636 sha256Suites.append(TLS_RSA_WITH_NULL_SHA256) 637 sha256Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 638 sha256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 639 sha256Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 640 641 # SHA-384 HMAC, SHA-384 PRF 642 sha384Suites = [] 643 sha384Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 644 645 # stream cipher construction 646 streamSuites = [] 647 streamSuites.extend(rc4Suites) 648 streamSuites.extend(nullSuites) 649 650 # AEAD integrity, any PRF 651 aeadSuites = [] 652 aeadSuites.extend(aes128GcmSuites) 653 aeadSuites.extend(aes256GcmSuites) 654 aeadSuites.extend(chacha20Suites) 655 aeadSuites.extend(chacha20draft00Suites) 656 657 # TLS1.2 with SHA384 PRF 658 sha384PrfSuites = [] 659 sha384PrfSuites.extend(sha384Suites) 660 sha384PrfSuites.extend(aes256GcmSuites) 661 662 # MD-5 HMAC, protocol default PRF 663 md5Suites = [] 664 md5Suites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 665 md5Suites.append(TLS_RSA_WITH_RC4_128_MD5) 666 md5Suites.append(TLS_RSA_WITH_NULL_MD5) 667 668 # SSL3, TLS1.0, TLS1.1 and TLS1.2 compatible ciphers 669 ssl3Suites = [] 670 ssl3Suites.extend(shaSuites) 671 ssl3Suites.extend(md5Suites) 672 673 # TLS1.2 specific ciphersuites 674 tls12Suites = [] 675 tls12Suites.extend(sha256Suites) 676 tls12Suites.extend(sha384Suites) 677 tls12Suites.extend(aeadSuites) 678 679 @staticmethod903681 """Return a copy of suites without ciphers incompatible with version""" 682 includeSuites = set([]) 683 if (3, 0) <= minVersion <= (3, 3): 684 includeSuites.update(CipherSuite.ssl3Suites) 685 if maxVersion == (3, 3): 686 includeSuites.update(CipherSuite.tls12Suites) 687 return [s for s in suites if s in includeSuites]688 689 @staticmethod691 if version is None: 692 version = settings.maxVersion 693 macNames = settings.macNames 694 cipherNames = settings.cipherNames 695 keyExchangeNames = settings.keyExchangeNames 696 macSuites = [] 697 if "sha" in macNames: 698 macSuites += CipherSuite.shaSuites 699 if "sha256" in macNames and version >= (3, 3): 700 macSuites += CipherSuite.sha256Suites 701 if "sha384" in macNames and version >= (3, 3): 702 macSuites += CipherSuite.sha384Suites 703 if "md5" in macNames: 704 macSuites += CipherSuite.md5Suites 705 if "aead" in macNames and version >= (3, 3): 706 macSuites += CipherSuite.aeadSuites 707 708 cipherSuites = [] 709 if "chacha20-poly1305" in cipherNames and version >= (3, 3): 710 cipherSuites += CipherSuite.chacha20Suites 711 if "chacha20-poly1305_draft00" in cipherNames and version >= (3, 3): 712 cipherSuites += CipherSuite.chacha20draft00Suites 713 if "aes128gcm" in cipherNames and version >= (3, 3): 714 cipherSuites += CipherSuite.aes128GcmSuites 715 if "aes256gcm" in cipherNames and version >= (3, 3): 716 cipherSuites += CipherSuite.aes256GcmSuites 717 if "aes128" in cipherNames: 718 cipherSuites += CipherSuite.aes128Suites 719 if "aes256" in cipherNames: 720 cipherSuites += CipherSuite.aes256Suites 721 if "3des" in cipherNames: 722 cipherSuites += CipherSuite.tripleDESSuites 723 if "rc4" in cipherNames: 724 cipherSuites += CipherSuite.rc4Suites 725 if "null" in cipherNames: 726 cipherSuites += CipherSuite.nullSuites 727 728 keyExchangeSuites = [] 729 if "rsa" in keyExchangeNames: 730 keyExchangeSuites += CipherSuite.certSuites 731 if "dhe_rsa" in keyExchangeNames: 732 keyExchangeSuites += CipherSuite.dheCertSuites 733 if "ecdhe_rsa" in keyExchangeNames: 734 keyExchangeSuites += CipherSuite.ecdheCertSuites 735 if "srp_sha" in keyExchangeNames: 736 keyExchangeSuites += CipherSuite.srpSuites 737 if "srp_sha_rsa" in keyExchangeNames: 738 keyExchangeSuites += CipherSuite.srpCertSuites 739 if "dh_anon" in keyExchangeNames: 740 keyExchangeSuites += CipherSuite.anonSuites 741 if "ecdh_anon" in keyExchangeNames: 742 keyExchangeSuites += CipherSuite.ecdhAnonSuites 743 744 return [s for s in suites if s in macSuites and 745 s in cipherSuites and s in keyExchangeSuites]746 747 # SRP key exchange 748 srpSuites = [] 749 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 750 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 751 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 752 753 @classmethod755 """Return SRP cipher suites matching settings""" 756 return cls._filterSuites(CipherSuite.srpSuites, settings, version)757 758 # SRP key exchange, RSA authentication 759 srpCertSuites = [] 760 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 761 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 762 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 763 764 @classmethod766 """Return SRP cipher suites that use server certificates""" 767 return cls._filterSuites(CipherSuite.srpCertSuites, settings, version)768 769 srpAllSuites = srpSuites + srpCertSuites 770 771 @classmethod773 """Return all SRP cipher suites matching settings""" 774 return cls._filterSuites(CipherSuite.srpAllSuites, settings, version)775 776 # RSA key exchange, RSA authentication 777 certSuites = [] 778 certSuites.append(TLS_RSA_WITH_AES_256_GCM_SHA384) 779 certSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256) 780 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 781 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 782 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 783 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 784 certSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 785 certSuites.append(TLS_RSA_WITH_RC4_128_SHA) 786 certSuites.append(TLS_RSA_WITH_RC4_128_MD5) 787 certSuites.append(TLS_RSA_WITH_NULL_MD5) 788 certSuites.append(TLS_RSA_WITH_NULL_SHA) 789 certSuites.append(TLS_RSA_WITH_NULL_SHA256) 790 791 @classmethod793 """Return ciphers with RSA authentication matching settings""" 794 return cls._filterSuites(CipherSuite.certSuites, settings, version)795 796 # FFDHE key exchange, RSA authentication 797 dheCertSuites = [] 798 dheCertSuites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) 799 dheCertSuites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_draft_00) 800 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) 801 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) 802 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 803 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 804 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 805 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 806 dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 807 808 @classmethod810 """Provide authenticated DHE ciphersuites matching settings""" 811 return cls._filterSuites(CipherSuite.dheCertSuites, settings, version)812 813 # ECDHE key exchange, RSA authentication 814 ecdheCertSuites = [] 815 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) 816 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_draft_00) 817 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) 818 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) 819 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 820 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 821 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 822 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 823 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 824 825 @classmethod827 """Provide authenticated ECDHE ciphersuites matching settings""" 828 return cls._filterSuites(CipherSuite.ecdheCertSuites, settings, version)829 830 # RSA authentication 831 certAllSuites = srpCertSuites + certSuites + dheCertSuites + ecdheCertSuites 832 833 # anon FFDHE key exchange 834 anonSuites = [] 835 anonSuites.append(TLS_DH_ANON_WITH_AES_256_GCM_SHA384) 836 anonSuites.append(TLS_DH_ANON_WITH_AES_128_GCM_SHA256) 837 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 838 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 839 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 840 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 841 anonSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 842 anonSuites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 843 844 @classmethod846 """Provide anonymous DH ciphersuites matching settings""" 847 return cls._filterSuites(CipherSuite.anonSuites, settings, version)848 849 dhAllSuites = dheCertSuites + anonSuites 850 851 # anon ECDHE key exchange 852 ecdhAnonSuites = [] 853 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 854 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 855 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 856 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 857 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 858 859 @classmethod861 """Provide anonymous ECDH ciphersuites matching settings""" 862 return cls._filterSuites(CipherSuite.ecdhAnonSuites, settings, version)863 864 ecdhAllSuites = ecdheCertSuites + ecdhAnonSuites 865 866 @staticmethod868 """Return the canonical name of the cipher whose number is provided.""" 869 if ciphersuite in CipherSuite.aes128GcmSuites: 870 return "aes128gcm" 871 elif ciphersuite in CipherSuite.aes256GcmSuites: 872 return "aes256gcm" 873 elif ciphersuite in CipherSuite.aes128Suites: 874 return "aes128" 875 elif ciphersuite in CipherSuite.aes256Suites: 876 return "aes256" 877 elif ciphersuite in CipherSuite.rc4Suites: 878 return "rc4" 879 elif ciphersuite in CipherSuite.tripleDESSuites: 880 return "3des" 881 elif ciphersuite in CipherSuite.nullSuites: 882 return "null" 883 elif ciphersuite in CipherSuite.chacha20draft00Suites: 884 return "chacha20-poly1305_draft00" 885 elif ciphersuite in CipherSuite.chacha20Suites: 886 return "chacha20-poly1305" 887 else: 888 return None889 890 @staticmethod892 """Return the canonical name of the MAC whose number is provided.""" 893 if ciphersuite in CipherSuite.sha384Suites: 894 return "sha384" 895 elif ciphersuite in CipherSuite.sha256Suites: 896 return "sha256" 897 elif ciphersuite in CipherSuite.shaSuites: 898 return "sha" 899 elif ciphersuite in CipherSuite.md5Suites: 900 return "md5" 901 else: 902 return None904 905 # The following faults are induced as part of testing. The faultAlerts 906 # dictionary describes the allowed alerts that may be triggered by these 907 # faults. 908 -class Fault:909 badUsername = 101 910 badPassword = 102 911 badA = 103 912 clientSrpFaults = list(range(101,104)) 913 914 badVerifyMessage = 601 915 clientCertFaults = list(range(601,602)) 916 917 badPremasterPadding = 501 918 shortPremasterSecret = 502 919 clientNoAuthFaults = list(range(501,503)) 920 921 badB = 201 922 serverFaults = list(range(201,202)) 923 924 badFinished = 300 925 badMAC = 301 926 badPadding = 302 927 genericFaults = list(range(300,303)) 928 929 faultAlerts = {\ 930 badUsername: (AlertDescription.unknown_psk_identity, \ 931 AlertDescription.bad_record_mac),\ 932 badPassword: (AlertDescription.bad_record_mac,),\ 933 badA: (AlertDescription.illegal_parameter,),\ 934 badPremasterPadding: (AlertDescription.bad_record_mac,),\ 935 shortPremasterSecret: (AlertDescription.bad_record_mac,),\ 936 badVerifyMessage: (AlertDescription.decrypt_error,),\ 937 badFinished: (AlertDescription.decrypt_error,),\ 938 badMAC: (AlertDescription.bad_record_mac,),\ 939 badPadding: (AlertDescription.bad_record_mac,) 940 } 941 942 faultNames = {\ 943 badUsername: "bad username",\ 944 badPassword: "bad password",\ 945 badA: "bad A",\ 946 badPremasterPadding: "bad premaster padding",\ 947 shortPremasterSecret: "short premaster secret",\ 948 badVerifyMessage: "bad verify message",\ 949 badFinished: "bad finished message",\ 950 badMAC: "bad MAC",\ 951 badPadding: "bad padding" 952 }953
Home | Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 | http://epydoc.sourceforge.net |