1
2
3
4
5
6
7
8 """Class for setting handshake parameters."""
9
10 from .constants import CertificateType
11 from .utils import cryptomath
12 from .utils import cipherfactory
13
14 CIPHER_NAMES = ["chacha20-poly1305",
15 "aes256gcm", "aes128gcm",
16 "aes256", "aes128",
17 "3des"]
18 ALL_CIPHER_NAMES = CIPHER_NAMES + ["rc4", "null"]
19 MAC_NAMES = ["sha", "sha256", "aead"]
20 ALL_MAC_NAMES = MAC_NAMES + ["md5"]
21 KEY_EXCHANGE_NAMES = ["rsa", "dhe_rsa", "srp_sha", "srp_sha_rsa", "dh_anon"]
22 CIPHER_IMPLEMENTATIONS = ["openssl", "pycrypto", "python"]
23 CERTIFICATE_TYPES = ["x509"]
24
26 """This class encapsulates various parameters that can be used with
27 a TLS handshake.
28 @sort: minKeySize, maxKeySize, cipherNames, macNames, certificateTypes,
29 minVersion, maxVersion
30
31 @type minKeySize: int
32 @ivar minKeySize: The minimum bit length for asymmetric keys.
33
34 If the other party tries to use SRP, RSA, or Diffie-Hellman
35 parameters smaller than this length, an alert will be
36 signalled. The default is 1023.
37
38 @type maxKeySize: int
39 @ivar maxKeySize: The maximum bit length for asymmetric keys.
40
41 If the other party tries to use SRP, RSA, or Diffie-Hellman
42 parameters larger than this length, an alert will be signalled.
43 The default is 8193.
44
45 @type cipherNames: list
46 @ivar cipherNames: The allowed ciphers.
47
48 The allowed values in this list are 'aes256', 'aes128', '3des', and
49 'rc4'. If these settings are used with a client handshake, they
50 determine the order of the ciphersuites offered in the ClientHello
51 message.
52
53 If these settings are used with a server handshake, the server will
54 choose whichever ciphersuite matches the earliest entry in this
55 list.
56
57 NOTE: If '3des' is used in this list, but TLS Lite can't find an
58 add-on library that supports 3DES, then '3des' will be silently
59 removed.
60
61 The default value is ['rc4', 'aes256', 'aes128', '3des'].
62
63 @type macNames: list
64 @ivar macNames: The allowed MAC algorithms.
65
66 The allowed values in this list are 'sha' and 'md5'.
67
68 The default value is ['sha'].
69
70
71 @type certificateTypes: list
72 @ivar certificateTypes: The allowed certificate types.
73
74 The only allowed certificate type is 'x509'. This list is only used with a
75 client handshake. The client will advertise to the server which certificate
76 types are supported, and will check that the server uses one of the
77 appropriate types.
78
79
80 @type minVersion: tuple
81 @ivar minVersion: The minimum allowed SSL/TLS version.
82
83 This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, (3,2) for
84 TLS 1.1, or (3,3) for TLS 1.2. If the other party wishes to use a lower
85 version, a protocol_version alert will be signalled. The default is (3,1).
86
87 @type maxVersion: tuple
88 @ivar maxVersion: The maximum allowed SSL/TLS version.
89
90 This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, (3,2) for
91 TLS 1.1, or (3,3) for TLS 1.2. If the other party wishes to use a higher
92 version, a protocol_version alert will be signalled. The default is (3,3).
93 (WARNING: Some servers may (improperly) reject clients which offer support
94 for TLS 1.1. In this case, try lowering maxVersion to (3,1)).
95
96 @type useExperimentalTackExtension: bool
97 @ivar useExperimentalTackExtension: Whether to enabled TACK support.
98
99 Note that TACK support is not standardized by IETF and uses a temporary
100 TLS Extension number, so should NOT be used in production software.
101
102 @type sendFallbackSCSV: bool
103 @ivar sendFallbackSCSV: Whether to, as a client, send FALLBACK_SCSV.
104 """
106 self.minKeySize = 1023
107 self.maxKeySize = 8193
108 self.cipherNames = list(CIPHER_NAMES)
109 self.macNames = list(MAC_NAMES)
110 self.keyExchangeNames = list(KEY_EXCHANGE_NAMES)
111 self.cipherImplementations = list(CIPHER_IMPLEMENTATIONS)
112 self.certificateTypes = list(CERTIFICATE_TYPES)
113 self.minVersion = (3, 1)
114 self.maxVersion = (3, 3)
115 self.useExperimentalTackExtension = False
116 self.sendFallbackSCSV = False
117 self.useEncryptThenMAC = True
118
120 """
121 Validate the settings, filter out unsupported ciphersuites and return
122 a copy of object. Does not modify the original object.
123
124 @rtype: HandshakeSettings
125 @return: a self-consistent copy of settings
126 @raise ValueError: when settings are invalid, insecure or unsupported.
127 """
128 other = HandshakeSettings()
129 other.minKeySize = self.minKeySize
130 other.maxKeySize = self.maxKeySize
131 other.cipherNames = self.cipherNames
132 other.macNames = self.macNames
133 other.keyExchangeNames = self.keyExchangeNames
134 other.cipherImplementations = self.cipherImplementations
135 other.certificateTypes = self.certificateTypes
136 other.minVersion = self.minVersion
137 other.maxVersion = self.maxVersion
138 other.sendFallbackSCSV = self.sendFallbackSCSV
139 other.useEncryptThenMAC = self.useEncryptThenMAC
140
141 if not cipherfactory.tripleDESPresent:
142 other.cipherNames = [e for e in self.cipherNames if e != "3des"]
143 if len(other.cipherNames)==0:
144 raise ValueError("No supported ciphers")
145 if len(other.certificateTypes)==0:
146 raise ValueError("No supported certificate types")
147
148 if not cryptomath.m2cryptoLoaded:
149 other.cipherImplementations = \
150 [e for e in other.cipherImplementations if e != "openssl"]
151 if not cryptomath.pycryptoLoaded:
152 other.cipherImplementations = \
153 [e for e in other.cipherImplementations if e != "pycrypto"]
154 if len(other.cipherImplementations)==0:
155 raise ValueError("No supported cipher implementations")
156
157 if other.minKeySize<512:
158 raise ValueError("minKeySize too small")
159 if other.minKeySize>16384:
160 raise ValueError("minKeySize too large")
161 if other.maxKeySize<512:
162 raise ValueError("maxKeySize too small")
163 if other.maxKeySize>16384:
164 raise ValueError("maxKeySize too large")
165 if other.maxKeySize < other.minKeySize:
166 raise ValueError("maxKeySize smaller than minKeySize")
167 for s in other.cipherNames:
168 if s not in ALL_CIPHER_NAMES:
169 raise ValueError("Unknown cipher name: '%s'" % s)
170 for s in other.macNames:
171 if s not in ALL_MAC_NAMES:
172 raise ValueError("Unknown MAC name: '%s'" % s)
173 for s in other.keyExchangeNames:
174 if s not in KEY_EXCHANGE_NAMES:
175 raise ValueError("Unknown key exchange name: '%s'" % s)
176 for s in other.cipherImplementations:
177 if s not in CIPHER_IMPLEMENTATIONS:
178 raise ValueError("Unknown cipher implementation: '%s'" % s)
179 for s in other.certificateTypes:
180 if s not in CERTIFICATE_TYPES:
181 raise ValueError("Unknown certificate type: '%s'" % s)
182
183 if other.minVersion > other.maxVersion:
184 raise ValueError("Versions set incorrectly")
185
186 if not other.minVersion in ((3,0), (3,1), (3,2), (3,3)):
187 raise ValueError("minVersion set incorrectly")
188
189 if not other.maxVersion in ((3,0), (3,1), (3,2), (3,3)):
190 raise ValueError("maxVersion set incorrectly")
191
192 if other.maxVersion < (3,3):
193
194 other.macNames = [e for e in self.macNames if \
195 e == "sha" or e == "md5"]
196
197 if other.useEncryptThenMAC not in (True, False):
198 raise ValueError("useEncryptThenMAC can only be True or False")
199
200 return other
201
203 """Get list of certificate types as IDs"""
204 ret = []
205 for ct in self.certificateTypes:
206 if ct == "x509":
207 ret.append(CertificateType.x509)
208 else:
209 raise AssertionError()
210 return ret
211