1
2
3
4
5
6
7
8 """Class for setting handshake parameters."""
9
10 from .constants import CertificateType
11 from .utils import cryptomath
12 from .utils import cipherfactory
13
14 CIPHER_NAMES = ["aes256gcm", "aes128gcm", "aes256", "aes128", "3des"]
15 ALL_CIPHER_NAMES = CIPHER_NAMES + ["rc4", "null"]
16 MAC_NAMES = ["sha", "sha256", "aead"]
17 ALL_MAC_NAMES = MAC_NAMES + ["md5"]
18 KEY_EXCHANGE_NAMES = ["rsa", "dhe_rsa", "srp_sha", "srp_sha_rsa", "dh_anon"]
19 CIPHER_IMPLEMENTATIONS = ["openssl", "pycrypto", "python"]
20 CERTIFICATE_TYPES = ["x509"]
21
23 """This class encapsulates various parameters that can be used with
24 a TLS handshake.
25 @sort: minKeySize, maxKeySize, cipherNames, macNames, certificateTypes,
26 minVersion, maxVersion
27
28 @type minKeySize: int
29 @ivar minKeySize: The minimum bit length for asymmetric keys.
30
31 If the other party tries to use SRP, RSA, or Diffie-Hellman
32 parameters smaller than this length, an alert will be
33 signalled. The default is 1023.
34
35 @type maxKeySize: int
36 @ivar maxKeySize: The maximum bit length for asymmetric keys.
37
38 If the other party tries to use SRP, RSA, or Diffie-Hellman
39 parameters larger than this length, an alert will be signalled.
40 The default is 8193.
41
42 @type cipherNames: list
43 @ivar cipherNames: The allowed ciphers.
44
45 The allowed values in this list are 'aes256', 'aes128', '3des', and
46 'rc4'. If these settings are used with a client handshake, they
47 determine the order of the ciphersuites offered in the ClientHello
48 message.
49
50 If these settings are used with a server handshake, the server will
51 choose whichever ciphersuite matches the earliest entry in this
52 list.
53
54 NOTE: If '3des' is used in this list, but TLS Lite can't find an
55 add-on library that supports 3DES, then '3des' will be silently
56 removed.
57
58 The default value is ['rc4', 'aes256', 'aes128', '3des'].
59
60 @type macNames: list
61 @ivar macNames: The allowed MAC algorithms.
62
63 The allowed values in this list are 'sha' and 'md5'.
64
65 The default value is ['sha'].
66
67
68 @type certificateTypes: list
69 @ivar certificateTypes: The allowed certificate types.
70
71 The only allowed certificate type is 'x509'. This list is only used with a
72 client handshake. The client will advertise to the server which certificate
73 types are supported, and will check that the server uses one of the
74 appropriate types.
75
76
77 @type minVersion: tuple
78 @ivar minVersion: The minimum allowed SSL/TLS version.
79
80 This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, (3,2) for
81 TLS 1.1, or (3,3) for TLS 1.2. If the other party wishes to use a lower
82 version, a protocol_version alert will be signalled. The default is (3,1).
83
84 @type maxVersion: tuple
85 @ivar maxVersion: The maximum allowed SSL/TLS version.
86
87 This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, (3,2) for
88 TLS 1.1, or (3,3) for TLS 1.2. If the other party wishes to use a higher
89 version, a protocol_version alert will be signalled. The default is (3,3).
90 (WARNING: Some servers may (improperly) reject clients which offer support
91 for TLS 1.1. In this case, try lowering maxVersion to (3,1)).
92
93 @type useExperimentalTackExtension: bool
94 @ivar useExperimentalTackExtension: Whether to enabled TACK support.
95
96 Note that TACK support is not standardized by IETF and uses a temporary
97 TLS Extension number, so should NOT be used in production software.
98
99 @type sendFallbackSCSV: bool
100 @ivar sendFallbackSCSV: Whether to, as a client, send FALLBACK_SCSV.
101 """
103 self.minKeySize = 1023
104 self.maxKeySize = 8193
105 self.cipherNames = list(CIPHER_NAMES)
106 self.macNames = list(MAC_NAMES)
107 self.keyExchangeNames = list(KEY_EXCHANGE_NAMES)
108 self.cipherImplementations = list(CIPHER_IMPLEMENTATIONS)
109 self.certificateTypes = list(CERTIFICATE_TYPES)
110 self.minVersion = (3, 1)
111 self.maxVersion = (3, 3)
112 self.useExperimentalTackExtension = False
113 self.sendFallbackSCSV = False
114 self.useEncryptThenMAC = True
115
117 """
118 Validate the settings, filter out unsupported ciphersuites and return
119 a copy of object. Does not modify the original object.
120
121 @rtype: HandshakeSettings
122 @return: a self-consistent copy of settings
123 @raise ValueError: when settings are invalid, insecure or unsupported.
124 """
125 other = HandshakeSettings()
126 other.minKeySize = self.minKeySize
127 other.maxKeySize = self.maxKeySize
128 other.cipherNames = self.cipherNames
129 other.macNames = self.macNames
130 other.keyExchangeNames = self.keyExchangeNames
131 other.cipherImplementations = self.cipherImplementations
132 other.certificateTypes = self.certificateTypes
133 other.minVersion = self.minVersion
134 other.maxVersion = self.maxVersion
135 other.sendFallbackSCSV = self.sendFallbackSCSV
136 other.useEncryptThenMAC = self.useEncryptThenMAC
137
138 if not cipherfactory.tripleDESPresent:
139 other.cipherNames = [e for e in self.cipherNames if e != "3des"]
140 if len(other.cipherNames)==0:
141 raise ValueError("No supported ciphers")
142 if len(other.certificateTypes)==0:
143 raise ValueError("No supported certificate types")
144
145 if not cryptomath.m2cryptoLoaded:
146 other.cipherImplementations = \
147 [e for e in other.cipherImplementations if e != "openssl"]
148 if not cryptomath.pycryptoLoaded:
149 other.cipherImplementations = \
150 [e for e in other.cipherImplementations if e != "pycrypto"]
151 if len(other.cipherImplementations)==0:
152 raise ValueError("No supported cipher implementations")
153
154 if other.minKeySize<512:
155 raise ValueError("minKeySize too small")
156 if other.minKeySize>16384:
157 raise ValueError("minKeySize too large")
158 if other.maxKeySize<512:
159 raise ValueError("maxKeySize too small")
160 if other.maxKeySize>16384:
161 raise ValueError("maxKeySize too large")
162 if other.maxKeySize < other.minKeySize:
163 raise ValueError("maxKeySize smaller than minKeySize")
164 for s in other.cipherNames:
165 if s not in ALL_CIPHER_NAMES:
166 raise ValueError("Unknown cipher name: '%s'" % s)
167 for s in other.macNames:
168 if s not in ALL_MAC_NAMES:
169 raise ValueError("Unknown MAC name: '%s'" % s)
170 for s in other.keyExchangeNames:
171 if s not in KEY_EXCHANGE_NAMES:
172 raise ValueError("Unknown key exchange name: '%s'" % s)
173 for s in other.cipherImplementations:
174 if s not in CIPHER_IMPLEMENTATIONS:
175 raise ValueError("Unknown cipher implementation: '%s'" % s)
176 for s in other.certificateTypes:
177 if s not in CERTIFICATE_TYPES:
178 raise ValueError("Unknown certificate type: '%s'" % s)
179
180 if other.minVersion > other.maxVersion:
181 raise ValueError("Versions set incorrectly")
182
183 if not other.minVersion in ((3,0), (3,1), (3,2), (3,3)):
184 raise ValueError("minVersion set incorrectly")
185
186 if not other.maxVersion in ((3,0), (3,1), (3,2), (3,3)):
187 raise ValueError("maxVersion set incorrectly")
188
189 if other.maxVersion < (3,3):
190
191 other.macNames = [e for e in self.macNames if \
192 e == "sha" or e == "md5"]
193
194 if other.useEncryptThenMAC not in (True, False):
195 raise ValueError("useEncryptThenMAC can only be True or False")
196
197 return other
198
200 """Get list of certificate types as IDs"""
201 ret = []
202 for ct in self.certificateTypes:
203 if ct == "x509":
204 ret.append(CertificateType.x509)
205 else:
206 raise AssertionError()
207 return ret
208