Package tlslite :: Module handshakesettings
[hide private]
[frames] | no frames]

Source Code for Module tlslite.handshakesettings

  1  # Authors:  
  2  #   Trevor Perrin 
  3  #   Dave Baggett (Arcode Corporation) - cleanup handling of constants 
  4  #   Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 
  5  # 
  6  # See the LICENSE file for legal information regarding use of this file. 
  7   
  8  """Class for setting handshake parameters.""" 
  9   
 10  from .constants import CertificateType 
 11  from .utils import cryptomath 
 12  from .utils import cipherfactory 
 13   
 14  CIPHER_NAMES = ["chacha20-poly1305", 
 15                  "aes256gcm", "aes128gcm", 
 16                  "aes256", "aes128", 
 17                  "3des"] 
 18  ALL_CIPHER_NAMES = CIPHER_NAMES + ["rc4", "null"] 
 19  MAC_NAMES = ["sha", "sha256", "aead"] # Don't allow "md5" by default. 
 20  ALL_MAC_NAMES = MAC_NAMES + ["md5"] 
 21  KEY_EXCHANGE_NAMES = ["rsa", "dhe_rsa", "srp_sha", "srp_sha_rsa", "dh_anon"] 
 22  CIPHER_IMPLEMENTATIONS = ["openssl", "pycrypto", "python"] 
 23  CERTIFICATE_TYPES = ["x509"] 
 24   
25 -class HandshakeSettings(object):
26 """This class encapsulates various parameters that can be used with 27 a TLS handshake. 28 @sort: minKeySize, maxKeySize, cipherNames, macNames, certificateTypes, 29 minVersion, maxVersion 30 31 @type minKeySize: int 32 @ivar minKeySize: The minimum bit length for asymmetric keys. 33 34 If the other party tries to use SRP, RSA, or Diffie-Hellman 35 parameters smaller than this length, an alert will be 36 signalled. The default is 1023. 37 38 @type maxKeySize: int 39 @ivar maxKeySize: The maximum bit length for asymmetric keys. 40 41 If the other party tries to use SRP, RSA, or Diffie-Hellman 42 parameters larger than this length, an alert will be signalled. 43 The default is 8193. 44 45 @type cipherNames: list 46 @ivar cipherNames: The allowed ciphers. 47 48 The allowed values in this list are 'aes256', 'aes128', '3des', and 49 'rc4'. If these settings are used with a client handshake, they 50 determine the order of the ciphersuites offered in the ClientHello 51 message. 52 53 If these settings are used with a server handshake, the server will 54 choose whichever ciphersuite matches the earliest entry in this 55 list. 56 57 NOTE: If '3des' is used in this list, but TLS Lite can't find an 58 add-on library that supports 3DES, then '3des' will be silently 59 removed. 60 61 The default value is ['rc4', 'aes256', 'aes128', '3des']. 62 63 @type macNames: list 64 @ivar macNames: The allowed MAC algorithms. 65 66 The allowed values in this list are 'sha' and 'md5'. 67 68 The default value is ['sha']. 69 70 71 @type certificateTypes: list 72 @ivar certificateTypes: The allowed certificate types. 73 74 The only allowed certificate type is 'x509'. This list is only used with a 75 client handshake. The client will advertise to the server which certificate 76 types are supported, and will check that the server uses one of the 77 appropriate types. 78 79 80 @type minVersion: tuple 81 @ivar minVersion: The minimum allowed SSL/TLS version. 82 83 This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, (3,2) for 84 TLS 1.1, or (3,3) for TLS 1.2. If the other party wishes to use a lower 85 version, a protocol_version alert will be signalled. The default is (3,1). 86 87 @type maxVersion: tuple 88 @ivar maxVersion: The maximum allowed SSL/TLS version. 89 90 This variable can be set to (3,0) for SSL 3.0, (3,1) for TLS 1.0, (3,2) for 91 TLS 1.1, or (3,3) for TLS 1.2. If the other party wishes to use a higher 92 version, a protocol_version alert will be signalled. The default is (3,3). 93 (WARNING: Some servers may (improperly) reject clients which offer support 94 for TLS 1.1. In this case, try lowering maxVersion to (3,1)). 95 96 @type useExperimentalTackExtension: bool 97 @ivar useExperimentalTackExtension: Whether to enabled TACK support. 98 99 Note that TACK support is not standardized by IETF and uses a temporary 100 TLS Extension number, so should NOT be used in production software. 101 102 @type sendFallbackSCSV: bool 103 @ivar sendFallbackSCSV: Whether to, as a client, send FALLBACK_SCSV. 104 """
105 - def __init__(self):
106 self.minKeySize = 1023 107 self.maxKeySize = 8193 108 self.cipherNames = list(CIPHER_NAMES) 109 self.macNames = list(MAC_NAMES) 110 self.keyExchangeNames = list(KEY_EXCHANGE_NAMES) 111 self.cipherImplementations = list(CIPHER_IMPLEMENTATIONS) 112 self.certificateTypes = list(CERTIFICATE_TYPES) 113 self.minVersion = (3, 1) 114 self.maxVersion = (3, 3) 115 self.useExperimentalTackExtension = False 116 self.sendFallbackSCSV = False 117 self.useEncryptThenMAC = True
118
119 - def validate(self):
120 """ 121 Validate the settings, filter out unsupported ciphersuites and return 122 a copy of object. Does not modify the original object. 123 124 @rtype: HandshakeSettings 125 @return: a self-consistent copy of settings 126 @raise ValueError: when settings are invalid, insecure or unsupported. 127 """ 128 other = HandshakeSettings() 129 other.minKeySize = self.minKeySize 130 other.maxKeySize = self.maxKeySize 131 other.cipherNames = self.cipherNames 132 other.macNames = self.macNames 133 other.keyExchangeNames = self.keyExchangeNames 134 other.cipherImplementations = self.cipherImplementations 135 other.certificateTypes = self.certificateTypes 136 other.minVersion = self.minVersion 137 other.maxVersion = self.maxVersion 138 other.sendFallbackSCSV = self.sendFallbackSCSV 139 other.useEncryptThenMAC = self.useEncryptThenMAC 140 141 if not cipherfactory.tripleDESPresent: 142 other.cipherNames = [e for e in self.cipherNames if e != "3des"] 143 if len(other.cipherNames)==0: 144 raise ValueError("No supported ciphers") 145 if len(other.certificateTypes)==0: 146 raise ValueError("No supported certificate types") 147 148 if not cryptomath.m2cryptoLoaded: 149 other.cipherImplementations = \ 150 [e for e in other.cipherImplementations if e != "openssl"] 151 if not cryptomath.pycryptoLoaded: 152 other.cipherImplementations = \ 153 [e for e in other.cipherImplementations if e != "pycrypto"] 154 if len(other.cipherImplementations)==0: 155 raise ValueError("No supported cipher implementations") 156 157 if other.minKeySize<512: 158 raise ValueError("minKeySize too small") 159 if other.minKeySize>16384: 160 raise ValueError("minKeySize too large") 161 if other.maxKeySize<512: 162 raise ValueError("maxKeySize too small") 163 if other.maxKeySize>16384: 164 raise ValueError("maxKeySize too large") 165 if other.maxKeySize < other.minKeySize: 166 raise ValueError("maxKeySize smaller than minKeySize") 167 for s in other.cipherNames: 168 if s not in ALL_CIPHER_NAMES: 169 raise ValueError("Unknown cipher name: '%s'" % s) 170 for s in other.macNames: 171 if s not in ALL_MAC_NAMES: 172 raise ValueError("Unknown MAC name: '%s'" % s) 173 for s in other.keyExchangeNames: 174 if s not in KEY_EXCHANGE_NAMES: 175 raise ValueError("Unknown key exchange name: '%s'" % s) 176 for s in other.cipherImplementations: 177 if s not in CIPHER_IMPLEMENTATIONS: 178 raise ValueError("Unknown cipher implementation: '%s'" % s) 179 for s in other.certificateTypes: 180 if s not in CERTIFICATE_TYPES: 181 raise ValueError("Unknown certificate type: '%s'" % s) 182 183 if other.minVersion > other.maxVersion: 184 raise ValueError("Versions set incorrectly") 185 186 if not other.minVersion in ((3,0), (3,1), (3,2), (3,3)): 187 raise ValueError("minVersion set incorrectly") 188 189 if not other.maxVersion in ((3,0), (3,1), (3,2), (3,3)): 190 raise ValueError("maxVersion set incorrectly") 191 192 if other.maxVersion < (3,3): 193 # No sha-2 and AEAD pre TLS 1.2 194 other.macNames = [e for e in self.macNames if \ 195 e == "sha" or e == "md5"] 196 197 if other.useEncryptThenMAC not in (True, False): 198 raise ValueError("useEncryptThenMAC can only be True or False") 199 200 return other
201
202 - def getCertificateTypes(self):
203 """Get list of certificate types as IDs""" 204 ret = [] 205 for ct in self.certificateTypes: 206 if ct == "x509": 207 ret.append(CertificateType.x509) 208 else: 209 raise AssertionError() 210 return ret
211