def _generate_keys(self): self._ms = prf256(self._pms, bytes("extended master secret", 'utf-8'), hash256(self._hm), 2)[:48] keys = prf256(self._ms, bytes("key expansion", 'utf-8'), self._r_s + self._r_c, int(ceil((4 * KEY_LENGTH + BLOCK_LENGTH) / 32))) self._k_read_mac_s = keys[:KEY_LENGTH] self._k_write_mac_s = keys[KEY_LENGTH:2 * KEY_LENGTH] self._k_read_enc_s = keys[2 * KEY_LENGTH:3 * KEY_LENGTH] self._k_write_enc_s = keys[3 * KEY_LENGTH:4 * KEY_LENGTH] self._iv_read_s = keys[4 * KEY_LENGTH:4 * KEY_LENGTH + BLOCK_LENGTH // 2] self._iv_write_s = keys[4 * KEY_LENGTH + BLOCK_LENGTH // 2:4 * KEY_LENGTH + BLOCK_LENGTH]
def _receive_finished(self): bytes_str = self._receive() finished_message = FINISHED_MESSAGE.parse_bytes(bytes_str) client_verify_data = finished_message['verify_data'] expected_client_verify_data = prf256(self._ms, bytes("server_finished", 'utf-8'), hash256(self._hm), 1) assert client_verify_data == expected_client_verify_data self._hm += get_history_record(bytes_str)
def _send_finished(self): server_verify_data = prf256(self._ms, bytes("client_finished", 'utf-8'), hash256(self._hm), 1) self._send({'verify_data': server_verify_data}, FINISHED_MESSAGE)