1
2
3 """
4 Nicely formatted cipher suite definitions for TLS
5
6 A list of cipher suites in the form of CipherSuite objects.
7 These are supposed to be immutable; don't mess with them.
8 """
12 """
13 Encapsulates a cipher suite.
14
15 Members/args:
16 * code: two-byte ID code, as int
17 * name: as in 'TLS_RSA_WITH_RC4_40_MD5'
18 * kx: key exchange algorithm, string
19 * auth: authentication algorithm, string
20 * encoding: encoding algorithm
21 * mac: message authentication code algorithm
22 """
23
24 - def __init__(self, code, name, kx, auth, encoding, mac):
25 self.code = code
26 self.name = name
27 self.kx = kx
28 self.auth = auth
29 self.encoding = encoding
30 self.mac = mac
31
33 return 'CipherSuite(%s)' % self.name
34
35 MAC_SIZES = {
36 'MD5': 16,
37 'SHA': 20,
38 'SHA256': 32,
39 }
40
41 BLOCK_SIZES = {
42 'AES_256_CBC': 16,
43 }
44
45 @property
47 """In bytes. Default to 0."""
48 return self.MAC_SIZES.get(self.mac, 0)
49
50 @property
52 """In bytes. Default to 1."""
53 return self.BLOCK_SIZES.get(self.encoding, 1)
54
55
56
57 CIPHERSUITES = [
58
59 CipherSuite(0xff, 'TLS_EMPTY_RENEGOTIATION_INFO',
60 'NULL', 'NULL', 'NULL', 'NULL'),
61 CipherSuite(0x00, 'TLS_NULL_WITH_NULL_NULL',
62 'NULL', 'NULL', 'NULL', 'NULL'),
63 CipherSuite(0x01, 'TLS_RSA_WITH_NULL_MD5', 'RSA', 'RSA', 'NULL', 'MD5'),
64 CipherSuite(0x02, 'TLS_RSA_WITH_NULL_SHA', 'RSA', 'RSA', 'NULL', 'SHA'),
65 CipherSuite(0x0039, 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA',
66 'DHE', 'RSA', 'AES_256_CBC', 'SHA'),
67 CipherSuite(0xffff, 'UNKNOWN_CIPHER', '', '', '', '')
68 ]
69
70 BY_CODE = dict(
71 (cipher.code, cipher) for cipher in CIPHERSUITES)
72
73 BY_NAME = dict(
74 (suite.name, suite) for suite in CIPHERSUITES)
75
76 NULL_SUITE = BY_CODE[0x00]
77