Home | Trees | Indices | Help |
---|
|
1 # Authors: 2 # Trevor Perrin 3 # Google - defining ClientCertificateType 4 # Google (adapted by Sam Rushing) - NPN support 5 # Dimitris Moraitis - Anon ciphersuites 6 # Dave Baggett (Arcode Corporation) - canonicalCipherName 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 8 # 9 # See the LICENSE file for legal information regarding use of this file. 10 11 """Constants used in various places."""14 """Base class for different enums of TLS IDs""" 15 16 @classmethod49 53 5918 """Call vars recursively on base classes""" 19 fields = dict() 20 for basecls in klass.__bases__: 21 fields.update(cls._recursiveVars(basecls)) 22 fields.update(dict(vars(klass))) 23 return fields24 25 @classmethod27 """ 28 Convert numeric type to string representation 29 30 name if found, None otherwise 31 """ 32 fields = cls._recursiveVars(cls) 33 if blacklist is None: 34 blacklist = [] 35 return next((key for key, val in fields.items() \ 36 if key not in ('__weakref__', '__dict__', '__doc__', 37 '__module__') and \ 38 key not in blacklist and \ 39 val == value), None)40 41 @classmethod43 """Convert numeric type to human-readable string if possible""" 44 ret = cls.toRepr(value, blacklist) 45 if ret is not None: 46 return ret 47 else: 48 return '{0}'.format(value)61 """SSL2 Handshake Protocol message types""" 62 error = 0 63 client_hello = 1 64 client_master_key = 2 65 client_finished = 3 66 server_hello = 4 67 server_verify = 5 68 server_finished = 6 69 request_certificate = 7 70 client_certificate = 87174 """SSL2 Handshake protocol error message descriptions""" 75 76 no_cipher = 0x0001 77 no_certificate = 0x0002 78 bad_certificate = 0x0004 79 unsupported_certificate_type = 0x00068083 """Message types in TLS Handshake protocol""" 84 85 hello_request = 0 86 client_hello = 1 87 server_hello = 2 88 certificate = 11 89 server_key_exchange = 12 90 certificate_request = 13 91 server_hello_done = 14 92 certificate_verify = 15 93 client_key_exchange = 16 94 finished = 20 95 next_protocol = 679698 """TLS record layer content types of payloads""" 99 100 change_cipher_spec = 20 101 alert = 21 102 handshake = 22 103 application_data = 23 104 all = (20, 21, 22, 23) 105 106 @classmethod113 115 server_name = 0 # RFC 6066 / 4366 116 cert_type = 9 # RFC 6091 117 supported_groups = 10 # RFC 4492, RFC-ietf-tls-negotiated-ff-dhe-10 118 ec_point_formats = 11 # RFC 4492 119 srp = 12 # RFC 5054 120 signature_algorithms = 13 # RFC 5246 121 client_hello_padding = 21 # RFC 7685 122 encrypt_then_mac = 22 # RFC 7366 123 extended_master_secret = 23 # RFC 7627 124 tack = 0xF300 125 supports_npn = 13172 126 renegotiation_info = 0xff01 127108 """Convert numeric type to name representation""" 109 if blacklist is None: 110 blacklist = [] 111 blacklist.append('all') 112 return super(ContentType, cls).toRepr(value, blacklist)129 """Hash algorithm IDs used in TLSv1.2""" 130 131 none = 0 132 md5 = 1 133 sha1 = 2 134 sha224 = 3 135 sha256 = 4 136 sha384 = 5 137 sha512 = 6138140 """Signing algorithms used in TLSv1.2""" 141 142 anonymous = 0 143 rsa = 1 144 dsa = 2 145 ecdsa = 3146148 """Name of groups supported for (EC)DH key exchange""" 149 150 # RFC4492 151 sect163k1 = 1 152 sect163r1 = 2 153 sect163r2 = 3 154 sect193r1 = 4 155 sect193r2 = 5 156 sect233k1 = 6 157 sect233r1 = 7 158 sect239k1 = 8 159 sect283k1 = 9 160 sect283r1 = 10 161 sect409k1 = 11 162 sect409r1 = 12 163 sect571k1 = 13 164 sect571r1 = 14 165 secp160k1 = 15 166 secp160r1 = 16 167 secp160r2 = 17 168 secp192k1 = 18 169 secp192r1 = 19 170 secp224k1 = 20 171 secp224r1 = 21 172 secp256k1 = 22 173 secp256r1 = 23 174 secp384r1 = 24 175 secp521r1 = 25 176 allEC = list(range(1, 26)) 177 178 # RFC7027 179 brainpoolP256r1 = 26 180 brainpoolP384r1 = 27 181 brainpoolP512r1 = 28 182 allEC.extend(list(range(26, 29))) 183 184 # RFC-ietf-tls-negotiated-ff-dhe-10 185 ffdhe2048 = 256 186 ffdhe3072 = 257 187 ffdhe4096 = 258 188 ffdhe6144 = 259 189 ffdhe8192 = 260 190 allFF = list(range(256, 261)) 191 192 all = allEC + allFF 193 194 @classmethod201203 204 """Names and ID's of supported EC point formats""" 205 206 uncompressed = 0 207 ansiX962_compressed_prime = 1 208 ansiX962_compressed_char2 = 2 209 210 all = [uncompressed, 211 ansiX962_compressed_prime, 212 ansiX962_compressed_char2]213215 """Types of ECC curves supported in TLS from RFC4492""" 216 217 explicit_prime = 1 218 explicit_char2 = 2 219 named_curve = 3220222 host_name = 0223 229231 """ 232 @cvar bad_record_mac: A TLS record failed to decrypt properly. 233 234 If this occurs during a SRP handshake it most likely 235 indicates a bad password. It may also indicate an implementation 236 error, or some tampering with the data in transit. 237 238 This alert will be signalled by the server if the SRP password is bad. It 239 may also be signalled by the server if the SRP username is unknown to the 240 server, but it doesn't wish to reveal that fact. 241 242 243 @cvar handshake_failure: A problem occurred while handshaking. 244 245 This typically indicates a lack of common ciphersuites between client and 246 server, or some other disagreement (about SRP parameters or key sizes, 247 for example). 248 249 @cvar protocol_version: The other party's SSL/TLS version was unacceptable. 250 251 This indicates that the client and server couldn't agree on which version 252 of SSL or TLS to use. 253 254 @cvar user_canceled: The handshake is being cancelled for some reason. 255 256 """ 257 258 close_notify = 0 259 unexpected_message = 10 260 bad_record_mac = 20 261 decryption_failed = 21 262 record_overflow = 22 263 decompression_failure = 30 264 handshake_failure = 40 265 no_certificate = 41 #SSLv3 266 bad_certificate = 42 267 unsupported_certificate = 43 268 certificate_revoked = 44 269 certificate_expired = 45 270 certificate_unknown = 46 271 illegal_parameter = 47 272 unknown_ca = 48 273 access_denied = 49 274 decode_error = 50 275 decrypt_error = 51 276 export_restriction = 60 277 protocol_version = 70 278 insufficient_security = 71 279 internal_error = 80 280 inappropriate_fallback = 86 281 user_canceled = 90 282 no_renegotiation = 100 283 unsupported_extension = 110 # RFC 5246 284 unrecognized_name = 112 # RFC 6066 285 unknown_psk_identity = 115286289 290 """ 291 Numeric values of ciphersuites and ciphersuite types 292 293 @cvar tripleDESSuites: ciphersuties which use 3DES symmetric cipher in CBC 294 mode 295 @cvar aes128Suites: ciphersuites which use AES symmetric cipher in CBC mode 296 with 128 bit key 297 @cvar aes256Suites: ciphersuites which use AES symmetric cipher in CBC mode 298 with 128 bit key 299 @cvar rc4Suites: ciphersuites which use RC4 symmetric cipher with 128 bit 300 key 301 @cvar shaSuites: ciphersuites which use SHA-1 HMAC integrity mechanism 302 and protocol default Pseudo Random Function 303 @cvar sha256Suites: ciphersuites which use SHA-256 HMAC integrity mechanism 304 and SHA-256 Pseudo Random Function 305 @cvar md5Suites: ciphersuites which use MD-5 HMAC integrity mechanism and 306 protocol default Pseudo Random Function 307 @cvar srpSuites: ciphersuites which use Secure Remote Password (SRP) key 308 exchange protocol 309 @cvar srpCertSuites: ciphersuites which use Secure Remote Password (SRP) 310 key exchange protocol with RSA server authentication 311 @cvar srpAllSuites: all SRP ciphersuites, pure SRP and with RSA based 312 server authentication 313 @cvar certSuites: ciphersuites which use RSA key exchange with RSA server 314 authentication 315 @cvar certAllSuites: ciphersuites which use RSA server authentication 316 @cvar anonSuites: ciphersuites which use anonymous Finite Field 317 Diffie-Hellman key exchange 318 @cvar ietfNames: dictionary with string names of the ciphersuites 319 """ 320 321 ietfNames = {} 322 323 # the ciphesuite names come from IETF, we want to keep them 324 #pylint: disable = invalid-name 325 326 # SSLv2 from draft-hickman-netscape-ssl-00.txt 327 SSL_CK_RC4_128_WITH_MD5 = 0x010080 328 ietfNames[0x010080] = 'SSL_CK_RC4_128_WITH_MD5' 329 SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x020080 330 ietfNames[0x020080] = 'SSL_CK_RC4_128_EXPORT40_WITH_MD5' 331 SSL_CK_RC2_128_CBC_WITH_MD5 = 0x030080 332 ietfNames[0x030080] = 'SSL_CK_RC2_128_CBC_WITH_MD5' 333 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x040080 334 ietfNames[0x040080] = 'SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5' 335 SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x050080 336 ietfNames[0x050080] = 'SSL_CK_IDEA_128_CBC_WITH_MD5' 337 SSL_CK_DES_64_CBC_WITH_MD5 = 0x060040 338 ietfNames[0x060040] = 'SSL_CK_DES_64_CBC_WITH_MD5' 339 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x0700C0 340 ietfNames[0x0700C0] = 'SSL_CK_DES_192_EDE3_CBC_WITH_MD5' 341 342 # SSL2 ciphersuites which use RC4 symmetric cipher 343 ssl2rc4 = [] 344 ssl2rc4.append(SSL_CK_RC4_128_WITH_MD5) 345 ssl2rc4.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 346 347 # SSL2 ciphersuites which use RC2 symmetric cipher 348 ssl2rc2 = [] 349 ssl2rc2.append(SSL_CK_RC2_128_CBC_WITH_MD5) 350 ssl2rc2.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 351 352 # SSL2 ciphersuites which use IDEA symmetric cipher 353 ssl2idea = [SSL_CK_IDEA_128_CBC_WITH_MD5] 354 355 # SSL2 ciphersuites which use (single) DES symmetric cipher 356 ssl2des = [SSL_CK_DES_64_CBC_WITH_MD5] 357 358 # SSL2 ciphersuites which use 3DES symmetric cipher 359 ssl2_3des = [SSL_CK_DES_192_EDE3_CBC_WITH_MD5] 360 361 # SSL2 ciphersuites which encrypt only part (40 bits) of the key 362 ssl2export = [] 363 ssl2export.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 364 ssl2export.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 365 366 # SSL2 ciphersuties which use 128 bit key 367 ssl2_128Key = [] 368 ssl2_128Key.append(SSL_CK_RC4_128_WITH_MD5) 369 ssl2_128Key.append(SSL_CK_RC4_128_EXPORT40_WITH_MD5) 370 ssl2_128Key.append(SSL_CK_RC2_128_CBC_WITH_MD5) 371 ssl2_128Key.append(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5) 372 ssl2_128Key.append(SSL_CK_IDEA_128_CBC_WITH_MD5) 373 374 # SSL2 ciphersuites which use 64 bit key 375 ssl2_64Key = [SSL_CK_DES_64_CBC_WITH_MD5] 376 377 # SSL2 ciphersuites which use 192 bit key 378 ssl2_192Key = [SSL_CK_DES_192_EDE3_CBC_WITH_MD5] 379 380 # Weird pseudo-ciphersuite from RFC 5746 381 # Signals that "secure renegotiation" is supported 382 # We actually don't do any renegotiation, but this 383 # prevents renegotiation attacks 384 TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF 385 ietfNames[0x00FF] = 'TLS_EMPTY_RENEGOTIATION_INFO_SCSV' 386 387 # RFC 7507 - Fallback Signaling Cipher Suite Value for Preventing Protocol 388 # Downgrade Attacks 389 TLS_FALLBACK_SCSV = 0x5600 390 ietfNames[0x5600] = 'TLS_FALLBACK_SCSV' 391 392 # RFC 5054 - Secure Remote Password (SRP) Protocol for TLS Authentication 393 TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A 394 ietfNames[0xC01A] = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA' 395 TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D 396 ietfNames[0xC01D] = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA' 397 TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020 398 ietfNames[0xC020] = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA' 399 400 # RFC 5054 - Secure Remote Password (SRP) Protocol for TLS Authentication 401 TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B 402 ietfNames[0xC01B] = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA' 403 TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E 404 ietfNames[0xC01E] = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA' 405 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021 406 ietfNames[0xC021] = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA' 407 408 # RFC 5246 - TLS v1.2 Protocol 409 TLS_RSA_WITH_NULL_MD5 = 0x0001 410 ietfNames[0x0001] = 'TLS_RSA_WITH_NULL_MD5' 411 TLS_RSA_WITH_NULL_SHA = 0x0002 412 ietfNames[0x0002] = 'TLS_RSA_WITH_NULL_SHA' 413 TLS_RSA_WITH_NULL_SHA256 = 0x003B 414 ietfNames[0x003B] = 'TLS_RSA_WITH_NULL_SHA256' 415 416 # RFC 5246 - TLS v1.2 Protocol 417 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A 418 ietfNames[0x000A] = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA' 419 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F 420 ietfNames[0x002F] = 'TLS_RSA_WITH_AES_128_CBC_SHA' 421 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 422 ietfNames[0x0035] = 'TLS_RSA_WITH_AES_256_CBC_SHA' 423 TLS_RSA_WITH_RC4_128_SHA = 0x0005 424 ietfNames[0x0005] = 'TLS_RSA_WITH_RC4_128_SHA' 425 426 # RFC 5246 - TLS v1.2 Protocol 427 TLS_RSA_WITH_RC4_128_MD5 = 0x0004 428 ietfNames[0x0004] = 'TLS_RSA_WITH_RC4_128_MD5' 429 430 # RFC 5246 - TLS v1.2 Protocol 431 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016 432 ietfNames[0x0016] = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA' 433 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 434 ietfNames[0x0033] = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA' 435 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 436 ietfNames[0x0039] = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA' 437 438 # RFC 5246 - TLS v1.2 Protocol 439 TLS_DH_ANON_WITH_RC4_128_MD5 = 0x0018 440 ietfNames[0x0018] = 'TLS_DH_ANON_WITH_RC4_128_MD5' 441 TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA = 0x001B 442 ietfNames[0x001B] = 'TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA' 443 TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 444 ietfNames[0x0034] = 'TLS_DH_ANON_WITH_AES_128_CBC_SHA' 445 TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A 446 ietfNames[0x003A] = 'TLS_DH_ANON_WITH_AES_256_CBC_SHA' 447 TLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C 448 ietfNames[0x006C] = 'TLS_DH_ANON_WITH_AES_128_CBC_SHA256' 449 TLS_DH_ANON_WITH_AES_256_CBC_SHA256 = 0x006D 450 ietfNames[0x006D] = 'TLS_DH_ANON_WITH_AES_256_CBC_SHA256' 451 TLS_DH_ANON_WITH_AES_128_GCM_SHA256 = 0x00A6 452 ietfNames[0x00A6] = 'TLS_DH_ANON_WITH_AES_128_GCM_SHA256' 453 TLS_DH_ANON_WITH_AES_256_GCM_SHA384 = 0x00A7 454 ietfNames[0x00A7] = 'TLS_DH_ANON_WITH_AES_256_GCM_SHA384' 455 456 # RFC 5246 - TLS v1.2 Protocol 457 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C 458 ietfNames[0x003C] = 'TLS_RSA_WITH_AES_128_CBC_SHA256' 459 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D 460 ietfNames[0x003D] = 'TLS_RSA_WITH_AES_256_CBC_SHA256' 461 462 # RFC 5246 - TLS v1.2 463 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067 464 ietfNames[0x0067] = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256' 465 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B 466 ietfNames[0x006B] = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256' 467 468 # RFC 5288 - AES-GCM ciphers for TLSv1.2 469 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C 470 ietfNames[0x009C] = 'TLS_RSA_WITH_AES_128_GCM_SHA256' 471 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E 472 ietfNames[0x009E] = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256' 473 TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D 474 ietfNames[0x009D] = 'TLS_RSA_WITH_AES_256_GCM_SHA384' 475 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F 476 ietfNames[0x009F] = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384' 477 478 # RFC 4492 - ECC Cipher Suites for TLS 479 TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010 480 ietfNames[0xC010] = 'TLS_ECDHE_RSA_WITH_NULL_SHA' 481 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013 482 ietfNames[0xC013] = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA' 483 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014 484 ietfNames[0xC014] = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA' 485 TLS_ECDH_ANON_WITH_NULL_SHA = 0xC015 486 ietfNames[0xC015] = 'TLS_ECDH_ANON_WITH_NULL_SHA' 487 TLS_ECDH_ANON_WITH_RC4_128_SHA = 0xC016 488 ietfNames[0xC016] = 'TLS_ECDH_ANON_WITH_RC4_128_SHA' 489 TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA = 0xC017 490 ietfNames[0xC017] = 'TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA' 491 TLS_ECDH_ANON_WITH_AES_128_CBC_SHA = 0xC018 492 ietfNames[0xC018] = 'TLS_ECDH_ANON_WITH_AES_128_CBC_SHA' 493 TLS_ECDH_ANON_WITH_AES_256_CBC_SHA = 0xC019 494 ietfNames[0xC019] = 'TLS_ECDH_ANON_WITH_AES_256_CBC_SHA' 495 496 # draft-ietf-tls-chacha20-poly1305-00 497 # ChaCha20/Poly1305 based Cipher Suites for TLS1.2 498 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_draft_00 = 0xcca1 499 ietfNames[0xcca1] = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_draft_00' 500 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_draft_00 = 0xcca3 501 ietfNames[0xcca3] = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_draft_00' 502 503 # RFC 7905 - ChaCha20-Poly1305 Cipher Suites for TLS 504 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xcca8 505 ietfNames[0xcca8] = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256' 506 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xccaa 507 ietfNames[0xccaa] = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256' 508 509 # RFC 5289 - ECC Ciphers with SHA-256/SHA284 HMAC and AES-GCM 510 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027 511 ietfNames[0xC027] = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256' 512 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028 513 ietfNames[0xC028] = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384' 514 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F 515 ietfNames[0xC02F] = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256' 516 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030 517 ietfNames[0xC030] = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384' 518 519 #pylint: enable = invalid-name 520 # 521 # Define cipher suite families below 522 # 523 524 # 3DES CBC ciphers 525 tripleDESSuites = [] 526 tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 527 tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 528 tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 529 tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 530 tripleDESSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 531 tripleDESSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 532 533 # AES-128 CBC ciphers 534 aes128Suites = [] 535 aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 536 aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 537 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 538 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 539 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 540 aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 541 aes128Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 542 aes128Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 543 aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 544 aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 545 aes128Suites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 546 547 # AES-256 CBC ciphers 548 aes256Suites = [] 549 aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 550 aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 551 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 552 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 553 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 554 aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 555 aes256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 556 aes256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 557 aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 558 aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 559 aes256Suites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 560 561 # AES-128 GCM ciphers 562 aes128GcmSuites = [] 563 aes128GcmSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256) 564 aes128GcmSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) 565 aes128GcmSuites.append(TLS_DH_ANON_WITH_AES_128_GCM_SHA256) 566 aes128GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) 567 568 # AES-256-GCM ciphers (implicit SHA384, see sha384PrfSuites) 569 aes256GcmSuites = [] 570 aes256GcmSuites.append(TLS_RSA_WITH_AES_256_GCM_SHA384) 571 aes256GcmSuites.append(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) 572 aes256GcmSuites.append(TLS_DH_ANON_WITH_AES_256_GCM_SHA384) 573 aes256GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) 574 575 # CHACHA20 cipher, 00'th IETF draft (implicit POLY1305 authenticator) 576 chacha20draft00Suites = [] 577 chacha20draft00Suites.append(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_draft_00) 578 chacha20draft00Suites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_draft_00) 579 580 # CHACHA20 cipher (implicit POLY1305 authenticator, SHA256 PRF) 581 chacha20Suites = [] 582 chacha20Suites.append(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) 583 chacha20Suites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) 584 585 # RC4 128 stream cipher 586 rc4Suites = [] 587 rc4Suites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 588 rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA) 589 rc4Suites.append(TLS_RSA_WITH_RC4_128_MD5) 590 rc4Suites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 591 592 # no encryption 593 nullSuites = [] 594 nullSuites.append(TLS_RSA_WITH_NULL_MD5) 595 nullSuites.append(TLS_RSA_WITH_NULL_SHA) 596 nullSuites.append(TLS_RSA_WITH_NULL_SHA256) 597 nullSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 598 nullSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 599 600 # SHA-1 HMAC, protocol default PRF 601 shaSuites = [] 602 shaSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 603 shaSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 604 shaSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 605 shaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 606 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 607 shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 608 shaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 609 shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 610 shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 611 shaSuites.append(TLS_RSA_WITH_RC4_128_SHA) 612 shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 613 shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 614 shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 615 shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 616 shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 617 shaSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 618 shaSuites.append(TLS_RSA_WITH_NULL_SHA) 619 shaSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 620 shaSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 621 shaSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 622 shaSuites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 623 shaSuites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 624 shaSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 625 shaSuites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 626 shaSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 627 628 # SHA-256 HMAC, SHA-256 PRF 629 sha256Suites = [] 630 sha256Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 631 sha256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 632 sha256Suites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 633 sha256Suites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 634 sha256Suites.append(TLS_RSA_WITH_NULL_SHA256) 635 sha256Suites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 636 sha256Suites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 637 sha256Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 638 639 # SHA-384 HMAC, SHA-384 PRF 640 sha384Suites = [] 641 sha384Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 642 643 # stream cipher construction 644 streamSuites = [] 645 streamSuites.extend(rc4Suites) 646 streamSuites.extend(nullSuites) 647 648 # AEAD integrity, any PRF 649 aeadSuites = [] 650 aeadSuites.extend(aes128GcmSuites) 651 aeadSuites.extend(aes256GcmSuites) 652 aeadSuites.extend(chacha20Suites) 653 aeadSuites.extend(chacha20draft00Suites) 654 655 # TLS1.2 with SHA384 PRF 656 sha384PrfSuites = [] 657 sha384PrfSuites.extend(sha384Suites) 658 sha384PrfSuites.extend(aes256GcmSuites) 659 660 # MD-5 HMAC, protocol default PRF 661 md5Suites = [] 662 md5Suites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 663 md5Suites.append(TLS_RSA_WITH_RC4_128_MD5) 664 md5Suites.append(TLS_RSA_WITH_NULL_MD5) 665 666 # SSL3, TLS1.0, TLS1.1 and TLS1.2 compatible ciphers 667 ssl3Suites = [] 668 ssl3Suites.extend(shaSuites) 669 ssl3Suites.extend(md5Suites) 670 671 # TLS1.2 specific ciphersuites 672 tls12Suites = [] 673 tls12Suites.extend(sha256Suites) 674 tls12Suites.extend(sha384Suites) 675 tls12Suites.extend(aeadSuites) 676 677 @staticmethod901679 """Return a copy of suites without ciphers incompatible with version""" 680 includeSuites = set([]) 681 if (3, 0) <= minVersion <= (3, 3): 682 includeSuites.update(CipherSuite.ssl3Suites) 683 if maxVersion == (3, 3): 684 includeSuites.update(CipherSuite.tls12Suites) 685 return [s for s in suites if s in includeSuites]686 687 @staticmethod689 if version is None: 690 version = settings.maxVersion 691 macNames = settings.macNames 692 cipherNames = settings.cipherNames 693 keyExchangeNames = settings.keyExchangeNames 694 macSuites = [] 695 if "sha" in macNames: 696 macSuites += CipherSuite.shaSuites 697 if "sha256" in macNames and version >= (3, 3): 698 macSuites += CipherSuite.sha256Suites 699 if "sha384" in macNames and version >= (3, 3): 700 macSuites += CipherSuite.sha384Suites 701 if "md5" in macNames: 702 macSuites += CipherSuite.md5Suites 703 if "aead" in macNames and version >= (3, 3): 704 macSuites += CipherSuite.aeadSuites 705 706 cipherSuites = [] 707 if "chacha20-poly1305" in cipherNames and version >= (3, 3): 708 cipherSuites += CipherSuite.chacha20Suites 709 if "chacha20-poly1305_draft00" in cipherNames and version >= (3, 3): 710 cipherSuites += CipherSuite.chacha20draft00Suites 711 if "aes128gcm" in cipherNames and version >= (3, 3): 712 cipherSuites += CipherSuite.aes128GcmSuites 713 if "aes256gcm" in cipherNames and version >= (3, 3): 714 cipherSuites += CipherSuite.aes256GcmSuites 715 if "aes128" in cipherNames: 716 cipherSuites += CipherSuite.aes128Suites 717 if "aes256" in cipherNames: 718 cipherSuites += CipherSuite.aes256Suites 719 if "3des" in cipherNames: 720 cipherSuites += CipherSuite.tripleDESSuites 721 if "rc4" in cipherNames: 722 cipherSuites += CipherSuite.rc4Suites 723 if "null" in cipherNames: 724 cipherSuites += CipherSuite.nullSuites 725 726 keyExchangeSuites = [] 727 if "rsa" in keyExchangeNames: 728 keyExchangeSuites += CipherSuite.certSuites 729 if "dhe_rsa" in keyExchangeNames: 730 keyExchangeSuites += CipherSuite.dheCertSuites 731 if "ecdhe_rsa" in keyExchangeNames: 732 keyExchangeSuites += CipherSuite.ecdheCertSuites 733 if "srp_sha" in keyExchangeNames: 734 keyExchangeSuites += CipherSuite.srpSuites 735 if "srp_sha_rsa" in keyExchangeNames: 736 keyExchangeSuites += CipherSuite.srpCertSuites 737 if "dh_anon" in keyExchangeNames: 738 keyExchangeSuites += CipherSuite.anonSuites 739 if "ecdh_anon" in keyExchangeNames: 740 keyExchangeSuites += CipherSuite.ecdhAnonSuites 741 742 return [s for s in suites if s in macSuites and 743 s in cipherSuites and s in keyExchangeSuites]744 745 # SRP key exchange 746 srpSuites = [] 747 srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA) 748 srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA) 749 srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA) 750 751 @classmethod753 """Return SRP cipher suites matching settings""" 754 return cls._filterSuites(CipherSuite.srpSuites, settings, version)755 756 # SRP key exchange, RSA authentication 757 srpCertSuites = [] 758 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA) 759 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA) 760 srpCertSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA) 761 762 @classmethod764 """Return SRP cipher suites that use server certificates""" 765 return cls._filterSuites(CipherSuite.srpCertSuites, settings, version)766 767 srpAllSuites = srpSuites + srpCertSuites 768 769 @classmethod771 """Return all SRP cipher suites matching settings""" 772 return cls._filterSuites(CipherSuite.srpAllSuites, settings, version)773 774 # RSA key exchange, RSA authentication 775 certSuites = [] 776 certSuites.append(TLS_RSA_WITH_AES_256_GCM_SHA384) 777 certSuites.append(TLS_RSA_WITH_AES_128_GCM_SHA256) 778 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA256) 779 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA256) 780 certSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA) 781 certSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA) 782 certSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA) 783 certSuites.append(TLS_RSA_WITH_RC4_128_SHA) 784 certSuites.append(TLS_RSA_WITH_RC4_128_MD5) 785 certSuites.append(TLS_RSA_WITH_NULL_MD5) 786 certSuites.append(TLS_RSA_WITH_NULL_SHA) 787 certSuites.append(TLS_RSA_WITH_NULL_SHA256) 788 789 @classmethod791 """Return ciphers with RSA authentication matching settings""" 792 return cls._filterSuites(CipherSuite.certSuites, settings, version)793 794 # FFDHE key exchange, RSA authentication 795 dheCertSuites = [] 796 dheCertSuites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) 797 dheCertSuites.append(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_draft_00) 798 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384) 799 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) 800 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256) 801 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256) 802 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA) 803 dheCertSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA) 804 dheCertSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA) 805 806 @classmethod808 """Provide authenticated DHE ciphersuites matching settings""" 809 return cls._filterSuites(CipherSuite.dheCertSuites, settings, version)810 811 # ECDHE key exchange, RSA authentication 812 ecdheCertSuites = [] 813 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) 814 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_draft_00) 815 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) 816 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) 817 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) 818 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) 819 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 820 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) 821 ecdheCertSuites.append(TLS_ECDHE_RSA_WITH_NULL_SHA) 822 823 @classmethod825 """Provide authenticated ECDHE ciphersuites matching settings""" 826 return cls._filterSuites(CipherSuite.ecdheCertSuites, settings, version)827 828 # RSA authentication 829 certAllSuites = srpCertSuites + certSuites + dheCertSuites + ecdheCertSuites 830 831 # anon FFDHE key exchange 832 anonSuites = [] 833 anonSuites.append(TLS_DH_ANON_WITH_AES_256_GCM_SHA384) 834 anonSuites.append(TLS_DH_ANON_WITH_AES_128_GCM_SHA256) 835 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA256) 836 anonSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA) 837 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA256) 838 anonSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA) 839 anonSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA) 840 anonSuites.append(TLS_DH_ANON_WITH_RC4_128_MD5) 841 842 @classmethod844 """Provide anonymous DH ciphersuites matching settings""" 845 return cls._filterSuites(CipherSuite.anonSuites, settings, version)846 847 dhAllSuites = dheCertSuites + anonSuites 848 849 # anon ECDHE key exchange 850 ecdhAnonSuites = [] 851 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA) 852 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA) 853 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA) 854 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_RC4_128_SHA) 855 ecdhAnonSuites.append(TLS_ECDH_ANON_WITH_NULL_SHA) 856 857 @classmethod859 """Provide anonymous ECDH ciphersuites matching settings""" 860 return cls._filterSuites(CipherSuite.ecdhAnonSuites, settings, version)861 862 ecdhAllSuites = ecdheCertSuites + ecdhAnonSuites 863 864 @staticmethod866 """Return the canonical name of the cipher whose number is provided.""" 867 if ciphersuite in CipherSuite.aes128GcmSuites: 868 return "aes128gcm" 869 elif ciphersuite in CipherSuite.aes256GcmSuites: 870 return "aes256gcm" 871 elif ciphersuite in CipherSuite.aes128Suites: 872 return "aes128" 873 elif ciphersuite in CipherSuite.aes256Suites: 874 return "aes256" 875 elif ciphersuite in CipherSuite.rc4Suites: 876 return "rc4" 877 elif ciphersuite in CipherSuite.tripleDESSuites: 878 return "3des" 879 elif ciphersuite in CipherSuite.nullSuites: 880 return "null" 881 elif ciphersuite in CipherSuite.chacha20draft00Suites: 882 return "chacha20-poly1305_draft00" 883 elif ciphersuite in CipherSuite.chacha20Suites: 884 return "chacha20-poly1305" 885 else: 886 return None887 888 @staticmethod890 """Return the canonical name of the MAC whose number is provided.""" 891 if ciphersuite in CipherSuite.sha384Suites: 892 return "sha384" 893 elif ciphersuite in CipherSuite.sha256Suites: 894 return "sha256" 895 elif ciphersuite in CipherSuite.shaSuites: 896 return "sha" 897 elif ciphersuite in CipherSuite.md5Suites: 898 return "md5" 899 else: 900 return None902 903 # The following faults are induced as part of testing. The faultAlerts 904 # dictionary describes the allowed alerts that may be triggered by these 905 # faults. 906 -class Fault:907 badUsername = 101 908 badPassword = 102 909 badA = 103 910 clientSrpFaults = list(range(101,104)) 911 912 badVerifyMessage = 601 913 clientCertFaults = list(range(601,602)) 914 915 badPremasterPadding = 501 916 shortPremasterSecret = 502 917 clientNoAuthFaults = list(range(501,503)) 918 919 badB = 201 920 serverFaults = list(range(201,202)) 921 922 badFinished = 300 923 badMAC = 301 924 badPadding = 302 925 genericFaults = list(range(300,303)) 926 927 faultAlerts = {\ 928 badUsername: (AlertDescription.unknown_psk_identity, \ 929 AlertDescription.bad_record_mac),\ 930 badPassword: (AlertDescription.bad_record_mac,),\ 931 badA: (AlertDescription.illegal_parameter,),\ 932 badPremasterPadding: (AlertDescription.bad_record_mac,),\ 933 shortPremasterSecret: (AlertDescription.bad_record_mac,),\ 934 badVerifyMessage: (AlertDescription.decrypt_error,),\ 935 badFinished: (AlertDescription.decrypt_error,),\ 936 badMAC: (AlertDescription.bad_record_mac,),\ 937 badPadding: (AlertDescription.bad_record_mac,) 938 } 939 940 faultNames = {\ 941 badUsername: "bad username",\ 942 badPassword: "bad password",\ 943 badA: "bad A",\ 944 badPremasterPadding: "bad premaster padding",\ 945 shortPremasterSecret: "short premaster secret",\ 946 badVerifyMessage: "bad verify message",\ 947 badFinished: "bad finished message",\ 948 badMAC: "bad MAC",\ 949 badPadding: "bad padding" 950 }951
Home | Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 | http://epydoc.sourceforge.net |