Merge pull request #418 from Stonemason5040/dsa-ciphers

DSA cipher definitions, signatures and certificates

Author: tomato42

tlslite/constants.py

@@ -237,6 +237,12 @@ class SignatureScheme(TLSEnum):
     rsa_pss_sha384 = (8, 5)
     rsa_pss_sha512 = (8, 6)
 
+    dsa_sha1 = (2, 2)
+    dsa_sha224 = (3, 2)
+    dsa_sha256 = (4, 2)
+    dsa_sha384 = (5, 2)
+    dsa_sha512 = (6, 2)
+
     @classmethod
     def toRepr(cls, value, blacklist=None):
         """Convert numeric type to name representation"""
@@ -337,6 +343,16 @@ class AlgorithmOID(TLSEnum):
             SignatureScheme.rsa_pss_rsae_sha384
     oid[bytes(a2b_hex('300b0609608648016503040203'))] = \
             SignatureScheme.rsa_pss_rsae_sha512
+    oid[bytes(a2b_hex('06072A8648CE380403'))] = \
+            SignatureScheme.dsa_sha1
+    oid[bytes(a2b_hex('0609608648016503040301'))] = \
+            SignatureScheme.dsa_sha224
+    oid[bytes(a2b_hex('0609608648016503040302'))] = \
+            SignatureScheme.dsa_sha256
+    oid[bytes(a2b_hex('0609608648016503040303'))] = \
+            SignatureScheme.dsa_sha384
+    oid[bytes(a2b_hex('0609608648016503040304'))] = \
+            SignatureScheme.dsa_sha512
 
 
 class GroupName(TLSEnum):
@@ -656,6 +672,10 @@ class CipherSuite:
     ietfNames[0x0005] = 'TLS_RSA_WITH_RC4_128_SHA'
     TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A
     ietfNames[0x000A] = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA'
+    TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D
+    ietfNames[0x000D] = 'TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA'
+    TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013
+    ietfNames[0x0013] = 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA'
     TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016
     ietfNames[0x0016] = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA'
     TLS_DH_ANON_WITH_RC4_128_MD5 = 0x0018
@@ -664,12 +684,20 @@ class CipherSuite:
     ietfNames[0x001B] = 'TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA'
     TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F
     ietfNames[0x002F] = 'TLS_RSA_WITH_AES_128_CBC_SHA'
+    TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030
+    ietfNames[0x0030] = 'TLS_DH_DSS_WITH_AES_128_CBC_SHA'
+    TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032
+    ietfNames[0x0032] = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA'
     TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033
     ietfNames[0x0033] = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'
     TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034
     ietfNames[0x0034] = 'TLS_DH_ANON_WITH_AES_128_CBC_SHA'
     TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035
     ietfNames[0x0035] = 'TLS_RSA_WITH_AES_256_CBC_SHA'
+    TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036
+    ietfNames[0x0036] = 'TLS_DH_DSS_WITH_AES_256_CBC_SHA'
+    TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038
+    ietfNames[0x0038] = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA'
     TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039
     ietfNames[0x0039] = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA'
     TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A
@@ -680,8 +708,16 @@ class CipherSuite:
     ietfNames[0x003C] = 'TLS_RSA_WITH_AES_128_CBC_SHA256'
     TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D
     ietfNames[0x003D] = 'TLS_RSA_WITH_AES_256_CBC_SHA256'
+    TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E
+    ietfNames[0x003E] = 'TLS_DH_DSS_WITH_AES_128_CBC_SHA256'
+    TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040
+    ietfNames[0x0040] = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256'
     TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067
     ietfNames[0x0067] = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256'
+    TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068
+    ietfNames[0x0068] = 'TLS_DH_DSS_WITH_AES_256_CBC_SHA256'
+    TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A
+    ietfNames[0x006A] = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256'
     TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B
     ietfNames[0x006B] = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256'
     TLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C
@@ -698,6 +734,14 @@ class CipherSuite:
     ietfNames[0x009E] = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256'
     TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F
     ietfNames[0x009F] = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384'
+    TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2
+    ietfNames[0x00A2] = 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256'
+    TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3
+    ietfNames[0x00A3] = 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384'
+    TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4
+    ietfNames[0x00A4] = 'TLS_DH_DSS_WITH_AES_128_GCM_SHA256'
+    TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5
+    ietfNames[0x00A5] = 'TLS_DH_DSS_WITH_AES_256_GCM_SHA384'
     TLS_DH_ANON_WITH_AES_128_GCM_SHA256 = 0x00A6
     ietfNames[0x00A6] = 'TLS_DH_ANON_WITH_AES_128_GCM_SHA256'
     TLS_DH_ANON_WITH_AES_256_GCM_SHA384 = 0x00A7
@@ -806,14 +850,20 @@ class CipherSuite:
     ietfNames[0xC01A] = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA'
     TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B
     ietfNames[0xC01B] = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA'
+    TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C
+    ietfNames[0xC01C] = 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA'
     TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D
     ietfNames[0xC01D] = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA'
     TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E
     ietfNames[0xC01E] = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA'
+    TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F
+    ietfNames[0xC01F] = 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA'
     TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020
     ietfNames[0xC020] = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA'
     TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021
     ietfNames[0xC021] = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA'
+    TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022
+    ietfNames[0xC022] = 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA'
 
     # RFC 5289 - ECC Ciphers with SHA-256/SHA-384 HMAC and AES-GCM
     # unsupported! - no support for ECDSA certificates
@@ -904,6 +954,9 @@ class CipherSuite:
     tripleDESSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
     tripleDESSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA)
     tripleDESSuites.append(TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA)
+    tripleDESSuites.append(TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA)    # unsupported
+    tripleDESSuites.append(TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA)   # unsupported
+    tripleDESSuites.append(TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA)   # unsupp
 
     #: AES-128 CBC ciphers
     aes128Suites = []
@@ -924,6 +977,11 @@ class CipherSuite:
     aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)
     aes128Suites.append(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256)
     aes128Suites.append(TLS_ECDH_ANON_WITH_AES_128_CBC_SHA)
+    aes128Suites.append(TLS_DH_DSS_WITH_AES_128_CBC_SHA)    # unsupported
+    aes128Suites.append(TLS_DHE_DSS_WITH_AES_128_CBC_SHA)   # unsupported
+    aes128Suites.append(TLS_DH_DSS_WITH_AES_128_CBC_SHA256) # unsupported
+    aes128Suites.append(TLS_DHE_DSS_WITH_AES_128_CBC_SHA256)    # unsupported
+    aes128Suites.append(TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA)   # unsupported
 
     #: AES-256 CBC ciphers
     aes256Suites = []
@@ -944,6 +1002,11 @@ class CipherSuite:
     aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
     aes256Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384)
     aes256Suites.append(TLS_ECDH_ANON_WITH_AES_256_CBC_SHA)
+    aes256Suites.append(TLS_DH_DSS_WITH_AES_256_CBC_SHA)    # unsupported
+    aes256Suites.append(TLS_DHE_DSS_WITH_AES_256_CBC_SHA)   # unsupported
+    aes256Suites.append(TLS_DH_DSS_WITH_AES_256_CBC_SHA256) # unsupported
+    aes256Suites.append(TLS_DHE_DSS_WITH_AES_256_CBC_SHA256)    # unsupported
+    aes256Suites.append(TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA)   # unsupported
 
     #: AES-128 GCM ciphers
     aes128GcmSuites = []
@@ -955,6 +1018,8 @@ class CipherSuite:
     aes128GcmSuites.append(TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256)  # unsupp
     aes128GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
     aes128GcmSuites.append(TLS_AES_128_GCM_SHA256)
+    aes128GcmSuites.append(TLS_DHE_DSS_WITH_AES_128_GCM_SHA256) # unsupported
+    aes128GcmSuites.append(TLS_DH_DSS_WITH_AES_128_GCM_SHA256)  # unsupported
 
     #: AES-256-GCM ciphers (implicit SHA384, see sha384PrfSuites)
     aes256GcmSuites = []
@@ -966,6 +1031,8 @@ class CipherSuite:
     aes256GcmSuites.append(TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384)  # unsupported
     aes256GcmSuites.append(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384)
     aes256GcmSuites.append(TLS_AES_256_GCM_SHA384)
+    aes256GcmSuites.append(TLS_DHE_DSS_WITH_AES_256_GCM_SHA384) # unsupported
+    aes256GcmSuites.append(TLS_DH_DSS_WITH_AES_256_GCM_SHA384)  # unsupported
 
     #: AES-128 CCM_8 ciphers
     aes128Ccm_8Suites = []
@@ -1037,16 +1104,25 @@ class CipherSuite:
     shaSuites.append(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA)
     shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA)
     shaSuites.append(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA)
+    shaSuites.append(TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA) # unsupported
+    shaSuites.append(TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA)  # unsupported
+    shaSuites.append(TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA)  # unsupported
     shaSuites.append(TLS_RSA_WITH_3DES_EDE_CBC_SHA)
     shaSuites.append(TLS_RSA_WITH_AES_128_CBC_SHA)
     shaSuites.append(TLS_RSA_WITH_AES_256_CBC_SHA)
     shaSuites.append(TLS_RSA_WITH_RC4_128_SHA)
     shaSuites.append(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA)
     shaSuites.append(TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
     shaSuites.append(TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
+    shaSuites.append(TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA) # unsupported
+    shaSuites.append(TLS_DHE_DSS_WITH_AES_128_CBC_SHA)  # unsupported
+    shaSuites.append(TLS_DHE_DSS_WITH_AES_256_CBC_SHA)  # unsupported
     shaSuites.append(TLS_DH_ANON_WITH_AES_128_CBC_SHA)
     shaSuites.append(TLS_DH_ANON_WITH_AES_256_CBC_SHA)
     shaSuites.append(TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA)
+    shaSuites.append(TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA)  # unsupported
+    shaSuites.append(TLS_DH_DSS_WITH_AES_128_CBC_SHA)   # unsupported
+    shaSuites.append(TLS_DH_DSS_WITH_AES_256_CBC_SHA)   # unsupported
     shaSuites.append(TLS_RSA_WITH_NULL_SHA)
     shaSuites.append(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA)
     shaSuites.append(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA)
@@ -1094,6 +1170,8 @@ class CipherSuite:
     sha384Suites.append(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384)  # unsupported
     sha384Suites.append(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384)  # unsupported
     sha384Suites.append(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384)
+    sha384Suites.append(TLS_DHE_DSS_WITH_AES_256_GCM_SHA384)    # unsupported
+    sha384Suites.append(TLS_DH_DSS_WITH_AES_256_GCM_SHA384) # unsupported
 
     #: stream cipher construction
     streamSuites = []

tlslite/utils/__init__.py

@@ -22,6 +22,7 @@
            "python_aes",
            "python_rc4",
            "python_rsakey",
+           "python_dsakey",
            "rc4",
            "rijndael",
            "rsakey",

tlslite/utils/dsakey.py

@@ -0,0 +1,108 @@
+"""Abstract class for DSA."""
+
+class DSAKey(object):
+    """This is an abstract base class for DSA keys.
+
+    Particular implementations of DSA keys, such as
+    :py:class:`~.python_dsakey.Python_DSAKey`
+    ... more coming
+    inherit from this.
+
+    To create or parse an DSA key, don't use one of these classes
+    directly.  Instead, use the factory functions in
+    :py:class:`~tlslite.utils.keyfactory`.
+    """
+
+    def __init__(self, p, q, g, x, y):
+        """Create a new DSA key.
+        :type p: int
+        :param p: domain parameter, prime num defining Gaolis Field
+        :type q: int
+        :param q: domain parameter, prime factor of p-1
+        :type g: int
+        :param g: domain parameter, generator of q-order cyclic group GP(p)
+        :type x: int
+        :param x: private key
+        :type y: int
+        :param y: public key
+        """
+        raise NotImplementedError()
+
+    def __len__(self):
+        """Return the size of the order of the curve of this key, in bits.
+
+        :rtype: int
+        """
+        raise NotImplementedError()
+
+    def hasPrivateKey(self):
+        """Return whether or not this key has a private component.
+
+        :rtype: bool
+        """
+        raise NotImplementedError()
+
+    def hashAndSign(self, data, hAlg):
+        """Hash and sign the passed-in bytes.
+
+        This requires the key to have a private component and
+        global parameters. It performs a signature on the passed-in data
+        with selected hash algorithm.
+
+        :type data: str
+        :param data: The data which will be hashed and signed.
+
+        :type hAlg: str
+        :param hAlg: The hash algorithm that will be used to hash data
+
+        :rtype: bytearray
+        :returns: An DSA signature on the passed-in data.
+        """
+        raise NotImplementedError()
+
+    def hashAndVerify(self, signature, data, hAlg="sha1"):
+        """Hash and verify the passed-in bytes with signature.
+
+        :type signature: ASN1 bytearray
+        :param signature: the r, s dsa signature
+
+        :type data: str
+        :param data: The data which will be hashed and verified.
+
+        :type hAlg: str
+        :param hAlg: The hash algorithm that will be used to hash data
+
+        :rtype: bool
+        :returns: return True if verification is OK.
+        """
+        raise NotImplementedError()
+
+    @staticmethod
+    def generate(L, N):
+        """Generate new key given by bit lengths L, N.
+
+        :type L: int
+        :param L: length of parameter p in bits
+
+        :type N: int
+        :param N: length of parameter q in bits
+
+        :rtype: DSAkey
+        :returns: DSAkey(domain parameters, private key, public key)
+        """
+        raise NotImplementedError()
+
+    @staticmethod
+    def generate_qp(L, N):
+        """Generate new (p, q) given by bit lengths L, N.
+
+        :type L: int
+        :param L: length of parameter p in bits
+
+        :type N: int
+        :param N: length of parameter q in bits
+
+        :rtype: (int, int)
+        :returns: new p and q key parameters
+        """
+        raise NotImplementedError()

tlslite/utils/keyfactory.py

@@ -8,6 +8,7 @@
 from .rsakey import RSAKey
 from .python_rsakey import Python_RSAKey
 from .python_ecdsakey import Python_ECDSAKey
+from .python_dsakey import Python_DSAKey
 from tlslite.utils import cryptomath
 
 if cryptomath.m2cryptoLoaded:
@@ -233,3 +234,28 @@ def _create_public_ecdsa_key(point_x, point_y, curve_name,
         if impl == "python":
             return Python_ECDSAKey(point_x, point_y, curve_name)
     raise ValueError("No acceptable implementation")
+
+def _create_public_dsa_key(p, q, g, y,
+                           implementations=("python",)):
+    """
+    Convert public key parameters into concrete implementation of verifier.
+
+    The public key in DSA consists of four integers.
+
+    :type p: int
+    :param p: domain parameter, prime num defining Gaolis Field
+    :type q: int
+    :param q: domain parameter, prime factor of p-1
+    :type g: int
+    :param g: domain parameter, generator of q-order cyclic group GP(p)
+    :type y: int
+    :param y: public key
+    :type implementations: iterable of str
+    :param implementations: list of implementations that can be used as the
+        concrete implementation of the verifying key (only 'python' is
+        supported currently)
+    """
+    for impl in implementations:
+        if impl == "python":
+            return Python_DSAKey(p=p, q=q, g=g, y=y)
+    raise ValueError("No acceptable implementation")