mydreambei-ai/demo_tls.py

## demo_tls.py
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat

# ----------------------------

# 1. 客户端生成 ECDH ephemeral key

# ----------------------------

client_private_key = ec.generate_private_key(ec.SECP256R1())
client_public_key = client_private_key.public_key()

# ----------------------------

# 2. 服务器生成 ECDH ephemeral key

# ----------------------------

server_private_key = ec.generate_private_key(ec.SECP256R1())
server_public_key = server_private_key.public_key()

# ----------------------------

# 3. 交换公钥（在真实 TLS 中通过明文 ServerHello/ClientHello）

# ----------------------------

client_pub_bytes = client_public_key.public_bytes(Encoding.X962, PublicFormat.UncompressedPoint)
server_pub_bytes = server_public_key.public_bytes(Encoding.X962, PublicFormat.UncompressedPoint)

# ----------------------------

# 4. 客户端计算 shared secret

# ----------------------------

peer_server_pub = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), server_pub_bytes)
shared_secret_client = client_private_key.exchange(ec.ECDH(), peer_server_pub)

# ----------------------------

# 5. 服务器计算 shared secret

# ----------------------------

peer_client_pub = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), client_pub_bytes)
shared_secret_server = server_private_key.exchange(ec.ECDH(), peer_client_pub)

assert shared_secret_client == shared_secret_server  # 确认共享密钥一致

# ----------------------------

# 6. 派生 handshake keys（HKDF）

# ----------------------------

# 模拟 TLS 1.3: early_secret = 0 (无 PSK)

early_secret = b'\x00' * hashes.SHA256().digest_size

# handshake_secret = HKDF-Extract(early_secret, shared_secret)

hkdf_extract = HKDF(
algorithm=hashes.SHA256(),
length=32,
salt=early_secret,
info=None,
)
handshake_secret = hkdf_extract.derive(shared_secret_client)

# 派生 client/server handshake traffic key

client_hs_key = HKDF(
algorithm=hashes.SHA256(),
length=32,
salt=None,
info=b"c hs traffic",
).derive(handshake_secret)

server_hs_key = HKDF(
algorithm=hashes.SHA256(),
length=32,
salt=None,
info=b"s hs traffic",
).derive(handshake_secret)

print("Client handshake key:", client_hs_key.hex())
print("Server handshake key:", server_hs_key.hex())
	from cryptography.hazmat.primitives.asymmetric import ec
	from cryptography.hazmat.primitives.kdf.hkdf import HKDF
	from cryptography.hazmat.primitives import hashes
	from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat

	# ----------------------------

	# 1. 客户端生成 ECDH ephemeral key

	# ----------------------------

	client_private_key = ec.generate_private_key(ec.SECP256R1())
	client_public_key = client_private_key.public_key()

	# ----------------------------

	# 2. 服务器生成 ECDH ephemeral key

	# ----------------------------

	server_private_key = ec.generate_private_key(ec.SECP256R1())
	server_public_key = server_private_key.public_key()

	# ----------------------------

	# 3. 交换公钥（在真实 TLS 中通过明文 ServerHello/ClientHello）

	# ----------------------------

	client_pub_bytes = client_public_key.public_bytes(Encoding.X962, PublicFormat.UncompressedPoint)
	server_pub_bytes = server_public_key.public_bytes(Encoding.X962, PublicFormat.UncompressedPoint)

	# ----------------------------

	# 4. 客户端计算 shared secret

	# ----------------------------

	peer_server_pub = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), server_pub_bytes)
	shared_secret_client = client_private_key.exchange(ec.ECDH(), peer_server_pub)

	# ----------------------------

	# 5. 服务器计算 shared secret

	# ----------------------------

	peer_client_pub = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), client_pub_bytes)
	shared_secret_server = server_private_key.exchange(ec.ECDH(), peer_client_pub)

	assert shared_secret_client == shared_secret_server # 确认共享密钥一致

	# ----------------------------

	# 6. 派生 handshake keys（HKDF）

	# ----------------------------

	# 模拟 TLS 1.3: early_secret = 0 (无 PSK)

	early_secret = b'\x00' * hashes.SHA256().digest_size

	# handshake_secret = HKDF-Extract(early_secret, shared_secret)

	hkdf_extract = HKDF(
	algorithm=hashes.SHA256(),
	length=32,
	salt=early_secret,
	info=None,
	)
	handshake_secret = hkdf_extract.derive(shared_secret_client)

	# 派生 client/server handshake traffic key

	client_hs_key = HKDF(
	algorithm=hashes.SHA256(),
	length=32,
	salt=None,
	info=b"c hs traffic",
	).derive(handshake_secret)

	server_hs_key = HKDF(
	algorithm=hashes.SHA256(),
	length=32,
	salt=None,
	info=b"s hs traffic",
	).derive(handshake_secret)

	print("Client handshake key:", client_hs_key.hex())
	print("Server handshake key:", server_hs_key.hex())
No results found