def post_send(self, status): cipher_suite = status.cipher if self.extended_master_secret is None: self.extended_master_secret = status.extended_master_secret if not status.resuming: if self.extended_master_secret: master_secret = \ calcExtendedMasterSecret(status.version, cipher_suite, status.premaster_secret, status.handshake_hashes) else: master_secret = calcMasterSecret(status.version, cipher_suite, status.premaster_secret, status.client_random, status.server_random) status.master_secret = master_secret # in case of resumption, the pending states are generated # during receive of server sent CCS calc_pending_states(status) status.msg_sock.changeWriteState()
def post_send(self, status): """Generate new encryption keys for connection.""" cipher_suite = status.cipher status.msg_sock.encryptThenMAC = status.encrypt_then_mac if self.extended_master_secret is None: self.extended_master_secret = status.extended_master_secret if not status.resuming: if self.extended_master_secret: # in case client certificates are used, we need to omit # certificate verify message hh = status.certificate_verify_handshake_hashes if not hh: hh = status.handshake_hashes master_secret = \ calcExtendedMasterSecret(status.version, cipher_suite, status.premaster_secret, hh) else: master_secret = calcMasterSecret(status.version, cipher_suite, status.premaster_secret, status.client_random, status.server_random) status.master_secret = master_secret # in case of resumption, the pending states are generated # during receive of server sent CCS calc_pending_states(status) status.msg_sock.changeWriteState()
def test_with_TLS_1_2(self): ret = calcExtendedMasterSecret((3, 3), 0, bytearray(48), self.handshakeHashes) self.assertEqual( ret, bytearray( b'\x03\xc93Yx\xcbjSEmz*\x0b\xc3\xc04G\xf3\xe3{\xee\x13\x8b\xac' b'\xd7\xb7\xe6\xbaY\x86\xd5\xf2o?\x8f\xc6\xf2\x19\x1d\x06\xe0N' b'\xb5\xcaJX\xe8\x1d'))
def test_with_TLS_1_0(self): ret = calcExtendedMasterSecret((3, 1), 0, bytearray(48), self.handshakeHashes) self.assertEqual( ret, bytearray( b'/\xe9\x86\xda\xda\xa9)\x1eyJ\xc9\x13E\xe4\xfc\xe7\x842m7(\xb4' b'\x98\xb7\xbc\xa5\xda\x1d\xf3\x15\xea\xdf:i\xeb\x9bA\x8f\xe7' b'\xd4<\xe0\xe8\x1d\xa0\xf0\x10\x83'))
def test_with_TLS_1_2(self): ret = calcExtendedMasterSecret((3, 3), 0, bytearray(48), self.handshakeHashes) self.assertEqual(ret, bytearray( b'\x03\xc93Yx\xcbjSEmz*\x0b\xc3\xc04G\xf3\xe3{\xee\x13\x8b\xac' b'\xd7\xb7\xe6\xbaY\x86\xd5\xf2o?\x8f\xc6\xf2\x19\x1d\x06\xe0N' b'\xb5\xcaJX\xe8\x1d' ))
def test_with_TLS_1_0(self): ret = calcExtendedMasterSecret((3, 1), 0, bytearray(48), self.handshakeHashes) self.assertEqual(ret, bytearray( b'/\xe9\x86\xda\xda\xa9)\x1eyJ\xc9\x13E\xe4\xfc\xe7\x842m7(\xb4' b'\x98\xb7\xbc\xa5\xda\x1d\xf3\x15\xea\xdf:i\xeb\x9bA\x8f\xe7' b'\xd4<\xe0\xe8\x1d\xa0\xf0\x10\x83' ))
def test_with_TLS_1_2_and_SHA384_PRF(self): ret = calcExtendedMasterSecret( (3, 3), CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, bytearray(48), self.handshakeHashes) self.assertEqual( ret, bytearray( b"\xd6\xed}K\xfbo\xb2\xdb\xa4\xee\xa1\x0f\x8f\x07*\x84w/\xbf_" b"\xbd\xc1U^\x93\xcf\xe8\xca\x82\xb7_B\xa3O\xd9V\x86\x12\xfd\x08" b"$\x92\'L\xae\xc0@\x01"))
def test_with_TLS_1_2_and_SHA384_PRF(self): ret = calcExtendedMasterSecret((3, 3), CipherSuite. TLS_RSA_WITH_AES_256_GCM_SHA384, bytearray(48), self.handshakeHashes) self.assertEqual(ret, bytearray( b"\xd6\xed}K\xfbo\xb2\xdb\xa4\xee\xa1\x0f\x8f\x07*\x84w/\xbf_" b"\xbd\xc1U^\x93\xcf\xe8\xca\x82\xb7_B\xa3O\xd9V\x86\x12\xfd\x08" b"$\x92\'L\xae\xc0@\x01" ))