search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Dismiss autofill popup on screen orientation change.
[chromium-blink-merge.git] / third_party / tlslite / patches / channel_id.patch
blob472406edad71dd01311405f79d052f5214dafaf7
1 diff --git a/third_party/tlslite/tlslite/TLSConnection.py b/third_party/tlslite/tlslite/TLSConnection.py
2 index f8811a9..e882e2c 100644
3 --- a/third_party/tlslite/tlslite/TLSConnection.py
4 +++ b/third_party/tlslite/tlslite/TLSConnection.py
5 @@ -611,6 +611,8 @@ class TLSConnection(TLSRecordLayer):
6 settings.cipherImplementations)
7
8 #Exchange ChangeCipherSpec and Finished messages
9 + for result in self._getChangeCipherSpec():
10 + yield result
11 for result in self._getFinished():
12 yield result
13 for result in self._sendFinished():
14 @@ -920,6 +922,8 @@ class TLSConnection(TLSRecordLayer):
15 #Exchange ChangeCipherSpec and Finished messages
16 for result in self._sendFinished():
17 yield result
18 + for result in self._getChangeCipherSpec():
19 + yield result
20 for result in self._getFinished():
21 yield result
22
23 @@ -1089,6 +1093,7 @@ class TLSConnection(TLSRecordLayer):
24 clientCertChain = None
25 serverCertChain = None #We may set certChain to this later
26 postFinishedError = None
27 + doingChannelID = False
28
29 #Tentatively set version to most-desirable version, so if an error
30 #occurs parsing the ClientHello, this is what we'll use for the
31 @@ -1208,6 +1213,8 @@ class TLSConnection(TLSRecordLayer):
32 serverHello.create(self.version, serverRandom,
33 session.sessionID, session.cipherSuite,
34 certificateType)
35 + serverHello.channel_id = clientHello.channel_id
36 + doingChannelID = clientHello.channel_id
37 for result in self._sendMsg(serverHello):
38 yield result
39
40 @@ -1221,6 +1228,11 @@ class TLSConnection(TLSRecordLayer):
41 #Exchange ChangeCipherSpec and Finished messages
42 for result in self._sendFinished():
43 yield result
44 + for result in self._getChangeCipherSpec():
45 + yield result
46 + if doingChannelID:
47 + for result in self._getEncryptedExtensions():
48 + yield result
49 for result in self._getFinished():
50 yield result
51
52 @@ -1399,8 +1411,12 @@ class TLSConnection(TLSRecordLayer):
53 #Send ServerHello, Certificate[, CertificateRequest],
54 #ServerHelloDone
55 msgs = []
56 - msgs.append(ServerHello().create(self.version, serverRandom,
57 - sessionID, cipherSuite, certificateType))
58 + serverHello = ServerHello().create(
59 + self.version, serverRandom,
60 + sessionID, cipherSuite, certificateType)
61 + serverHello.channel_id = clientHello.channel_id
62 + doingChannelID = clientHello.channel_id
63 + msgs.append(serverHello)
64 msgs.append(Certificate(certificateType).create(serverCertChain))
65 if reqCert and reqCAs:
66 msgs.append(CertificateRequest().create([], reqCAs))
67 @@ -1528,6 +1544,11 @@ class TLSConnection(TLSRecordLayer):
68 settings.cipherImplementations)
69
70 #Exchange ChangeCipherSpec and Finished messages
71 + for result in self._getChangeCipherSpec():
72 + yield result
73 + if doingChannelID:
74 + for result in self._getEncryptedExtensions():
75 + yield result
76 for result in self._getFinished():
77 yield result
78
79 diff --git a/third_party/tlslite/tlslite/TLSRecordLayer.py b/third_party/tlslite/tlslite/TLSRecordLayer.py
80 index 1bbd09d..933b95a 100644
81 --- a/third_party/tlslite/tlslite/TLSRecordLayer.py
82 +++ b/third_party/tlslite/tlslite/TLSRecordLayer.py
83 @@ -714,6 +714,8 @@ class TLSRecordLayer:
84 self.version).parse(p)
85 elif subType == HandshakeType.finished:
86 yield Finished(self.version).parse(p)
87 + elif subType == HandshakeType.encrypted_extensions:
88 + yield EncryptedExtensions().parse(p)
89 else:
90 raise AssertionError()
91
92 @@ -1067,7 +1069,7 @@ class TLSRecordLayer:
93 for result in self._sendMsg(finished):
94 yield result
95
96 - def _getFinished(self):
97 + def _getChangeCipherSpec(self):
98 #Get and check ChangeCipherSpec
99 for result in self._getMsg(ContentType.change_cipher_spec):
100 if result in (0,1):
101 @@ -1082,6 +1084,15 @@ class TLSRecordLayer:
102 #Switch to pending read state
103 self._changeReadState()
104
105 + def _getEncryptedExtensions(self):
106 + for result in self._getMsg(ContentType.handshake,
107 + HandshakeType.encrypted_extensions):
108 + if result in (0,1):
109 + yield result
110 + encrypted_extensions = result
111 + self.channel_id = encrypted_extensions.channel_id_key
112 +
113 + def _getFinished(self):
114 #Calculate verification data
115 verifyData = self._calcFinished(False)
116
117 diff --git a/third_party/tlslite/tlslite/constants.py b/third_party/tlslite/tlslite/constants.py
118 index 04302c0..e357dd0 100644
119 --- a/third_party/tlslite/tlslite/constants.py
120 +++ b/third_party/tlslite/tlslite/constants.py
121 @@ -22,6 +22,7 @@ class HandshakeType:
122 certificate_verify = 15
123 client_key_exchange = 16
124 finished = 20
125 + encrypted_extensions = 203
126
127 class ContentType:
128 change_cipher_spec = 20
129 @@ -30,6 +31,9 @@ class ContentType:
130 application_data = 23
131 all = (20,21,22,23)
132
133 +class ExtensionType:
134 + channel_id = 30031
135 +
136 class AlertLevel:
137 warning = 1
138 fatal = 2
139 diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlslite/messages.py
140 index dc6ed32..fa4d817 100644
141 --- a/third_party/tlslite/tlslite/messages.py
142 +++ b/third_party/tlslite/tlslite/messages.py
143 @@ -130,6 +130,7 @@ class ClientHello(HandshakeMsg):
144 self.certificate_types = [CertificateType.x509]
145 self.compression_methods = [] # a list of 8-bit values
146 self.srp_username = None # a string
147 + self.channel_id = False
148
149 def create(self, version, random, session_id, cipher_suites,
150 certificate_types=None, srp_username=None):
151 @@ -174,6 +175,8 @@ class ClientHello(HandshakeMsg):
152 self.srp_username = bytesToString(p.getVarBytes(1))
153 elif extType == 7:
154 self.certificate_types = p.getVarList(1, 1)
155 + elif extType == ExtensionType.channel_id:
156 + self.channel_id = True
157 else:
158 p.getFixBytes(extLength)
159 soFar += 4 + extLength
160 @@ -220,6 +223,7 @@ class ServerHello(HandshakeMsg):
161 self.cipher_suite = 0
162 self.certificate_type = CertificateType.x509
163 self.compression_method = 0
164 + self.channel_id = False
165
166 def create(self, version, random, session_id, cipher_suite,
167 certificate_type):
168 @@ -266,6 +270,9 @@ class ServerHello(HandshakeMsg):
169 CertificateType.x509:
170 extLength += 5
171
172 + if self.channel_id:
173 + extLength += 4
174 +
175 if extLength != 0:
176 w.add(extLength, 2)
177
178 @@ -275,6 +282,10 @@ class ServerHello(HandshakeMsg):
179 w.add(1, 2)
180 w.add(self.certificate_type, 1)
181
182 + if self.channel_id:
183 + w.add(ExtensionType.channel_id, 2)
184 + w.add(0, 2)
185 +
186 return HandshakeMsg.postWrite(self, w, trial)
187
188 class Certificate(HandshakeMsg):
189 @@ -567,6 +578,28 @@ class Finished(HandshakeMsg):
190 w.addFixSeq(self.verify_data, 1)
191 return HandshakeMsg.postWrite(self, w, trial)
192
193 +class EncryptedExtensions(HandshakeMsg):
194 + def __init__(self):
195 + self.channel_id_key = None
196 + self.channel_id_proof = None
197 +
198 + def parse(self, p):
199 + p.startLengthCheck(3)
200 + soFar = 0
201 + while soFar != p.lengthCheck:
202 + extType = p.get(2)
203 + extLength = p.get(2)
204 + if extType == ExtensionType.channel_id:
205 + if extLength != 32*4:
206 + raise SyntaxError()
207 + self.channel_id_key = p.getFixBytes(64)
208 + self.channel_id_proof = p.getFixBytes(64)
209 + else:
210 + p.getFixBytes(extLength)
211 + soFar += 4 + extLength
212 + p.stopLengthCheck()
213 + return self
214 +
215 class ApplicationData(Msg):
216 def __init__(self):
217 self.contentType = ContentType.application_data