def _generate_keys(self):
self._ms = prf256(self._pms, bytes("extended master secret", 'utf-8'),
hash256(self._hm), 2)[:48]
keys = prf256(self._ms, bytes("key expansion", 'utf-8'),
self._r_s + self._r_c,
int(ceil((4 * KEY_LENGTH + BLOCK_LENGTH) / 32)))
self._k_read_mac_s = keys[:KEY_LENGTH]
self._k_write_mac_s = keys[KEY_LENGTH:2 * KEY_LENGTH]
self._k_read_enc_s = keys[2 * KEY_LENGTH:3 * KEY_LENGTH]
self._k_write_enc_s = keys[3 * KEY_LENGTH:4 * KEY_LENGTH]
self._iv_read_s = keys[4 * KEY_LENGTH:4 * KEY_LENGTH +
BLOCK_LENGTH // 2]
self._iv_write_s = keys[4 * KEY_LENGTH +
BLOCK_LENGTH // 2:4 * KEY_LENGTH +
BLOCK_LENGTH]
def _receive_finished(self):
bytes_str = self._receive()
finished_message = FINISHED_MESSAGE.parse_bytes(bytes_str)
client_verify_data = finished_message['verify_data']
expected_client_verify_data = prf256(self._ms,
bytes("server_finished", 'utf-8'),
hash256(self._hm), 1)
assert client_verify_data == expected_client_verify_data
self._hm += get_history_record(bytes_str)
def _send_finished(self):
server_verify_data = prf256(self._ms,
bytes("client_finished", 'utf-8'),
hash256(self._hm), 1)
self._send({'verify_data': server_verify_data}, FINISHED_MESSAGE)