コード例 #1
0
ファイル: ttls_client.py プロジェクト: danieljohnlewis/pisces
def do_handshake(sess):
    key = opts.getKeyPair()
    certs = opts.getChain(key)
    opts.store.close()
    if not certs:
        print "failed to get certificate chain"
        return 0

    msg = ttls.newClientHello()
    sess.setClientRandom(msg.rand)
    sess.send_sexp(msg)

    sendCert = 0
    serverKey = None
    svr = ttls.eval(sess.read_sexp())
    sess.setServerRandom(svr.rand)
    while 1:
        # still need to verify that these arrive in the right order
        msg = ttls.eval(sess.read_sexp())
        if isinstance(msg, ttls.ServerHelloDone):
            break
        if isinstance(msg, ttls.CertificateRequest):
            # server needs our certificate
            sendCert = 1
        if isinstance(msg, ttls.Certificate):
            if not msg.verify():
                # send error message
                msg = ttls.Error("bad server certificate chain")
                sess.send_sexp(msg)
                raise msg
            serverPrin = msg.getPrincipal()
            sess.setServerKey(opts.lookupKey(serverPrin))

    if sendCert:
        msg = ttls.newCertificate(certs)
        sess.send_sexp(msg)

    secret = ttls.newPreMasterSecret()
    sess.setPreMasterSecret(secret)
    msg = ttls.newClientKeyExchange(sess, secret)
    sess.send_sexp(msg)

    # in real TLS, wouldn't need CV for DH keys
    sig = key.priv.sign(sess.getMessages())
    msg = ttls.CertificateVerify(sig)
    sess.send_sexp(msg)

    # there is no change-cipher-spec message here, because we
    # always use the same cipher 

    sess.makeMasterSecret()
    msg = ttls.newFinished(sess.makeVerifyData())
    sess.send_sexp(msg)
    msg = ttls.eval(sess.read_sexp())
    if not sess.checkVerifyData(msg.verify):
	msg = ttls.Error("bad verify_data")
	sess.send_sexp(msg)
	raise msg
    return 1
コード例 #2
0
ファイル: ttls_server.py プロジェクト: danieljohnlewis/pisces
    def do_handshake(self):
        cli = ttls.eval(self.sess.read_sexp())
        if not isinstance(cli, ttls.ClientHello):
            raise ProtocolError, "expected client-hello"
        self.sess.setClientRandom(cli.rand)
        
        svr = ttls.newServerHello()
        self.sess.setServerRandom(svr.rand)
        self.sess.send_sexp(svr)

        msg = ttls.newCertificate(self.server.certs)
        self.sess.send_sexp(msg)
        msg = ttls.CertificateRequest()
        self.sess.send_sexp(msg)
        msg = ttls.ServerHelloDone()
        self.sess.send_sexp(msg)

	# since we sent a CertReq message, we must get one back
	msg = ttls.eval(self.sess.read_sexp())
	if not isinstance(msg, ttls.Certificate):
	    raise ProtocolError, "expected certificate message"
	cliPrin = msg.getPrincipal()
	self.sess.setClientKey(self.server.opts.lookupKey(cliPrin))

	# get the client-key exchange
	# XXX don't forget about the Bleichenbacher attack: if
	# something goes wrong with the PreMasterSecret, use invent a
	# new one instead of raising an error
	msg = ttls.eval(self.sess.read_sexp())
	secret = msg.decryptPreMasterSecret(self.server.key.priv)
	self.sess.setPreMasterSecret(secret.rand)

	# get the cert-verify message
	buf = self.sess.getMessages()
	msg = ttls.eval(self.sess.read_sexp())
	if not self.sess.verifyClient(buf, msg.sig):
	    raise ProtocolError, "bad certificate-verify message"

	# there is no change-cipher-spec message here, because we
	# always use the same cipher 

	self.sess.makeMasterSecret()
	msg = ttls.eval(self.sess.read_sexp())
	if not self.sess.checkVerifyData(msg.verify):
	    raise ProtocolError, "bad verify_data"
	msg = ttls.newFinished(self.sess.makeVerifyData())
        self.sess.send_sexp(msg)