PageRenderTime 38ms CodeModel.GetById 16ms app.highlight 17ms RepoModel.GetById 2ms app.codeStats 0ms

/gdata/tlslite/constants.py

http://radioappz.googlecode.com/
Python | 225 lines | 153 code | 11 blank | 61 comment | 7 complexity | fa4fe78b4a02da37a20f6e180cfb987b MD5 | raw file
  1"""Constants used in various places."""
  2
  3class CertificateType:
  4    x509 = 0
  5    openpgp = 1
  6    cryptoID = 2
  7
  8class HandshakeType:
  9    hello_request = 0
 10    client_hello = 1
 11    server_hello = 2
 12    certificate = 11
 13    server_key_exchange = 12
 14    certificate_request = 13
 15    server_hello_done = 14
 16    certificate_verify = 15
 17    client_key_exchange = 16
 18    finished = 20
 19
 20class ContentType:
 21    change_cipher_spec = 20
 22    alert = 21
 23    handshake = 22
 24    application_data = 23
 25    all = (20,21,22,23)
 26
 27class AlertLevel:
 28    warning = 1
 29    fatal = 2
 30
 31class AlertDescription:
 32    """
 33    @cvar bad_record_mac: A TLS record failed to decrypt properly.
 34
 35    If this occurs during a shared-key or SRP handshake it most likely
 36    indicates a bad password.  It may also indicate an implementation
 37    error, or some tampering with the data in transit.
 38
 39    This alert will be signalled by the server if the SRP password is bad.  It
 40    may also be signalled by the server if the SRP username is unknown to the
 41    server, but it doesn't wish to reveal that fact.
 42
 43    This alert will be signalled by the client if the shared-key username is
 44    bad.
 45
 46    @cvar handshake_failure: A problem occurred while handshaking.
 47
 48    This typically indicates a lack of common ciphersuites between client and
 49    server, or some other disagreement (about SRP parameters or key sizes,
 50    for example).
 51
 52    @cvar protocol_version: The other party's SSL/TLS version was unacceptable.
 53
 54    This indicates that the client and server couldn't agree on which version
 55    of SSL or TLS to use.
 56
 57    @cvar user_canceled: The handshake is being cancelled for some reason.
 58
 59    """
 60
 61    close_notify = 0
 62    unexpected_message = 10
 63    bad_record_mac = 20
 64    decryption_failed = 21
 65    record_overflow = 22
 66    decompression_failure = 30
 67    handshake_failure = 40
 68    no_certificate = 41 #SSLv3
 69    bad_certificate = 42
 70    unsupported_certificate = 43
 71    certificate_revoked = 44
 72    certificate_expired = 45
 73    certificate_unknown = 46
 74    illegal_parameter = 47
 75    unknown_ca = 48
 76    access_denied = 49
 77    decode_error = 50
 78    decrypt_error = 51
 79    export_restriction = 60
 80    protocol_version = 70
 81    insufficient_security = 71
 82    internal_error = 80
 83    user_canceled = 90
 84    no_renegotiation = 100
 85    unknown_srp_username = 120
 86    missing_srp_username = 121
 87    untrusted_srp_parameters = 122
 88
 89class CipherSuite:
 90    TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA  = 0x0050
 91    TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0x0053
 92    TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0x0056
 93
 94    TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0x0051
 95    TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0x0054
 96    TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0x0057
 97
 98    TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A
 99    TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F
100    TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035
101    TLS_RSA_WITH_RC4_128_SHA = 0x0005
102
103    srpSuites = []
104    srpSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
105    srpSuites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA)
106    srpSuites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA)
107    def getSrpSuites(ciphers):
108        suites = []
109        for cipher in ciphers:
110            if cipher == "aes128":
111                suites.append(CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA)
112            elif cipher == "aes256":
113                suites.append(CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA)
114            elif cipher == "3des":
115                suites.append(CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
116        return suites
117    getSrpSuites = staticmethod(getSrpSuites)
118
119    srpRsaSuites = []
120    srpRsaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
121    srpRsaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA)
122    srpRsaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA)
123    def getSrpRsaSuites(ciphers):
124        suites = []
125        for cipher in ciphers:
126            if cipher == "aes128":
127                suites.append(CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA)
128            elif cipher == "aes256":
129                suites.append(CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA)
130            elif cipher == "3des":
131                suites.append(CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
132        return suites
133    getSrpRsaSuites = staticmethod(getSrpRsaSuites)
134
135    rsaSuites = []
136    rsaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA)
137    rsaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA)
138    rsaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
139    rsaSuites.append(TLS_RSA_WITH_RC4_128_SHA)
140    def getRsaSuites(ciphers):
141        suites = []
142        for cipher in ciphers:
143            if cipher == "aes128":
144                suites.append(CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA)
145            elif cipher == "aes256":
146                suites.append(CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA)
147            elif cipher == "rc4":
148                suites.append(CipherSuite.TLS_RSA_WITH_RC4_128_SHA)
149            elif cipher == "3des":
150                suites.append(CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA)
151        return suites
152    getRsaSuites = staticmethod(getRsaSuites)
153
154    tripleDESSuites = []
155    tripleDESSuites.append(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA)
156    tripleDESSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
157    tripleDESSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA)
158
159    aes128Suites = []
160    aes128Suites.append(TLS_SRP_SHA_WITH_AES_128_CBC_SHA)
161    aes128Suites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA)
162    aes128Suites.append(TLS_RSA_WITH_AES_128_CBC_SHA)
163
164    aes256Suites = []
165    aes256Suites.append(TLS_SRP_SHA_WITH_AES_256_CBC_SHA)
166    aes256Suites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA)
167    aes256Suites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
168
169    rc4Suites = []
170    rc4Suites.append(TLS_RSA_WITH_RC4_128_SHA)
171
172
173class Fault:
174    badUsername = 101
175    badPassword = 102
176    badA = 103
177    clientSrpFaults = range(101,104)
178
179    badVerifyMessage = 601
180    clientCertFaults = range(601,602)
181
182    badPremasterPadding = 501
183    shortPremasterSecret = 502
184    clientNoAuthFaults = range(501,503)
185
186    badIdentifier = 401
187    badSharedKey = 402
188    clientSharedKeyFaults = range(401,403)
189
190    badB = 201
191    serverFaults = range(201,202)
192
193    badFinished = 300
194    badMAC = 301
195    badPadding = 302
196    genericFaults = range(300,303)
197
198    faultAlerts = {\
199        badUsername: (AlertDescription.unknown_srp_username, \
200                      AlertDescription.bad_record_mac),\
201        badPassword: (AlertDescription.bad_record_mac,),\
202        badA: (AlertDescription.illegal_parameter,),\
203        badIdentifier: (AlertDescription.handshake_failure,),\
204        badSharedKey: (AlertDescription.bad_record_mac,),\
205        badPremasterPadding: (AlertDescription.bad_record_mac,),\
206        shortPremasterSecret: (AlertDescription.bad_record_mac,),\
207        badVerifyMessage: (AlertDescription.decrypt_error,),\
208        badFinished: (AlertDescription.decrypt_error,),\
209        badMAC: (AlertDescription.bad_record_mac,),\
210        badPadding: (AlertDescription.bad_record_mac,)
211        }
212
213    faultNames = {\
214        badUsername: "bad username",\
215        badPassword: "bad password",\
216        badA: "bad A",\
217        badIdentifier: "bad identifier",\
218        badSharedKey: "bad sharedkey",\
219        badPremasterPadding: "bad premaster padding",\
220        shortPremasterSecret: "short premaster secret",\
221        badVerifyMessage: "bad verify message",\
222        badFinished: "bad finished message",\
223        badMAC: "bad MAC",\
224        badPadding: "bad padding"
225        }