def test_RSA_key_exchange_with_client(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
client_keyExchange = RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
None)
client_premaster = client_keyExchange.processServerKeyExchange(\
self.srv_pub_key,
None)
clientKeyExchange = client_keyExchange.makeClientKeyExchange()
server_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
self.assertEqual(client_premaster, server_premaster)
def test_RSA_key_exchange_with_client(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
client_keyExchange = RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
None)
client_premaster = client_keyExchange.processServerKeyExchange(\
self.srv_pub_key,
None)
clientKeyExchange = client_keyExchange.makeClientKeyExchange()
server_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
self.assertEqual(client_premaster, server_premaster)
def setUp(self):
self.srv_private_key = parsePEMKey(srv_raw_key, private=True)
srv_chain = X509CertChain([X509().parse(srv_raw_certificate)])
self.srv_pub_key = srv_chain.getEndEntityPublicKey()
self.cipher_suite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA
self.client_hello = ClientHello().create((3, 3),
bytearray(32),
bytearray(0),
[])
self.server_hello = ServerHello().create((3, 2),
bytearray(32),
bytearray(0),
self.cipher_suite)
self.keyExchange = RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
self.srv_private_key)
def setUp(self):
self.srv_private_key = parsePEMKey(srv_raw_key, private=True)
srv_chain = X509CertChain([X509().parse(srv_raw_certificate)])
self.srv_pub_key = srv_chain.getEndEntityPublicKey()
self.cipher_suite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA
self.client_hello = ClientHello().create((3, 3),
bytearray(32),
bytearray(0),
[])
self.server_hello = ServerHello().create((3, 2),
bytearray(32),
bytearray(0),
self.cipher_suite)
self.keyExchange = RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
self.srv_private_key)
class TestRSAKeyExchange(unittest.TestCase):
def setUp(self):
self.srv_private_key = parsePEMKey(srv_raw_key, private=True)
srv_chain = X509CertChain([X509().parse(srv_raw_certificate)])
self.srv_pub_key = srv_chain.getEndEntityPublicKey()
self.cipher_suite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA
self.client_hello = ClientHello().create((3, 3),
bytearray(32),
bytearray(0),
[])
self.server_hello = ServerHello().create((3, 2),
bytearray(32),
bytearray(0),
self.cipher_suite)
self.keyExchange = RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
self.srv_private_key)
def test_RSA_key_exchange(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 3
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
clientKeyExchange.createRSA(self.srv_pub_key.encrypt(premaster_secret))
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 3
self.assertEqual(dec_premaster, premaster_secret)
def test_RSA_key_exchange_with_client(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
client_keyExchange = RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
None)
client_premaster = client_keyExchange.processServerKeyExchange(\
self.srv_pub_key,
None)
clientKeyExchange = client_keyExchange.makeClientKeyExchange()
server_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
self.assertEqual(client_premaster, server_premaster)
def test_RSA_with_invalid_encryption(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 3
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
enc_premaster = self.srv_pub_key.encrypt(premaster_secret)
enc_premaster[-1] ^= 0x01
clientKeyExchange.createRSA(enc_premaster)
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 3
self.assertNotEqual(dec_premaster, premaster_secret)
def test_RSA_with_wrong_size_premaster(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*47)
premaster_secret[0] = 3
premaster_secret[1] = 3
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
enc_premaster = self.srv_pub_key.encrypt(premaster_secret)
clientKeyExchange.createRSA(enc_premaster)
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*47)
premaster_secret[0] = 3
premaster_secret[1] = 3
self.assertNotEqual(dec_premaster, premaster_secret)
def test_RSA_with_wrong_version_in_IE(self):
# Internet Explorer sends the version from Server Hello not Client Hello
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 2
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
enc_premaster = self.srv_pub_key.encrypt(premaster_secret)
clientKeyExchange.createRSA(enc_premaster)
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 2
self.assertEqual(dec_premaster, premaster_secret)
def test_RSA_with_wrong_version(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 1
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
clientKeyExchange.createRSA(self.srv_pub_key.encrypt(premaster_secret))
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 1
self.assertNotEqual(dec_premaster, premaster_secret)
class TestRSAKeyExchange(unittest.TestCase):
def setUp(self):
self.srv_private_key = parsePEMKey(srv_raw_key, private=True)
srv_chain = X509CertChain([X509().parse(srv_raw_certificate)])
self.srv_pub_key = srv_chain.getEndEntityPublicKey()
self.cipher_suite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA
self.client_hello = ClientHello().create((3, 3),
bytearray(32),
bytearray(0),
[])
self.server_hello = ServerHello().create((3, 2),
bytearray(32),
bytearray(0),
self.cipher_suite)
self.keyExchange = RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
self.srv_private_key)
def test_RSA_key_exchange(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 3
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
clientKeyExchange.createRSA(self.srv_pub_key.encrypt(premaster_secret))
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 3
self.assertEqual(dec_premaster, premaster_secret)
def test_RSA_key_exchange_with_client(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
client_keyExchange = RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
None)
client_premaster = client_keyExchange.processServerKeyExchange(\
self.srv_pub_key,
None)
clientKeyExchange = client_keyExchange.makeClientKeyExchange()
server_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
self.assertEqual(client_premaster, server_premaster)
def test_RSA_with_invalid_encryption(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 3
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
enc_premaster = self.srv_pub_key.encrypt(premaster_secret)
enc_premaster[-1] ^= 0x01
clientKeyExchange.createRSA(enc_premaster)
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 3
self.assertNotEqual(dec_premaster, premaster_secret)
def test_RSA_with_wrong_size_premaster(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*47)
premaster_secret[0] = 3
premaster_secret[1] = 3
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
enc_premaster = self.srv_pub_key.encrypt(premaster_secret)
clientKeyExchange.createRSA(enc_premaster)
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*47)
premaster_secret[0] = 3
premaster_secret[1] = 3
self.assertNotEqual(dec_premaster, premaster_secret)
def test_RSA_with_wrong_version_in_IE(self):
# Internet Explorer sends the version from Server Hello not Client Hello
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 2
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
enc_premaster = self.srv_pub_key.encrypt(premaster_secret)
clientKeyExchange.createRSA(enc_premaster)
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 2
self.assertEqual(dec_premaster, premaster_secret)
def test_RSA_with_wrong_version(self):
self.assertIsNone(self.keyExchange.makeServerKeyExchange())
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 1
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 2))
clientKeyExchange.createRSA(self.srv_pub_key.encrypt(premaster_secret))
dec_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
premaster_secret = bytearray(b'\xf0'*48)
premaster_secret[0] = 3
premaster_secret[1] = 1
self.assertNotEqual(dec_premaster, premaster_secret)
