def test_min_length_with_post_send(self): hello_gen = fuzz_padding(ClientHelloGenerator(), min_length=200) unmodified_hello = hello_gen.generate(self.state) self.assertEqual(len(unmodified_hello.write()), 43) self.state.msg_sock.sendMessageBlocking(unmodified_hello) self.assertEqual(len(self.socket.sent), 1) self.assertEqual(len(self.socket.sent[0]), 1 + # record layer type 2 + # protocol version 2 + # record payload length field 43 + # length of ClientHello 160 // 8 + # length of HMAC 1 + # size of length tag of padding (0) 208) # minimal length of padding greater than 200 hello_gen.post_send(self.state) clean_hello_gen = ClientHelloGenerator() clean_hello = clean_hello_gen.generate(self.state) self.state.msg_sock.sendMessageBlocking(clean_hello) self.assertEqual(len(self.socket.sent), 2) self.assertEqual(len(self.socket.sent[1]), 1 + # record layer type 2 + # protocol version 2 + # record payload length field 43 + # length of ClientHello 160 // 8 + # length of HMAC 1 + # size of length tag of padding (0) 0) # minimal length of padding
class TestHandshakePadding(unittest.TestCase): def setUp(self): self.state = ConnectionState() self.hello_gen = ClientHelloGenerator() self.vanilla_hello = self.hello_gen.generate(self.state).write() def test_no_option(self): self.assertEqual(len(self.vanilla_hello), 43) hello_gen = pad_handshake(ClientHelloGenerator()) unmodified_hello = hello_gen.generate(self.state).write() self.assertEqual(len(unmodified_hello), 43) self.assertEqual(self.vanilla_hello, unmodified_hello) def test_add_padding(self): hello_gen = pad_handshake(ClientHelloGenerator(), 1) padded_hello = hello_gen.generate(self.state).write() self.assertEqual(len(padded_hello), 44) # skip the first 4 bytes as they have different length self.assertEqual(self.vanilla_hello[4:] + bytearray(1), padded_hello[4:]) def test_add_specific_padding(self): hello_gen = pad_handshake(ClientHelloGenerator(), 2, 0xab) padded_hello = hello_gen.generate(self.state).write() self.assertEqual(len(padded_hello), 45) # skip the first 4 bytes as they have different length self.assertEqual(self.vanilla_hello[4:] + bytearray(b'\xab\xab'), padded_hello[4:]) def test_pad_with_data(self): pad = bytearray(b'\xff\x01\x00\x01\x00') hello_gen = pad_handshake(ClientHelloGenerator(), pad=pad) padded_hello = hello_gen.generate(self.state).write() self.assertEqual(len(padded_hello), len(self.vanilla_hello) + len(pad)) self.assertEqual(self.vanilla_hello[4:] + pad, padded_hello[4:]) self.assertNotEqual(self.vanilla_hello[:4], padded_hello[:4]) def test_truncate(self): hello_gen = truncate_handshake(ClientHelloGenerator(), 1) padded_hello = hello_gen.generate(self.state).write() self.assertEqual(len(padded_hello), 42) # skip the first 4 bytes as they have different length self.assertEqual(self.vanilla_hello[4:-1], padded_hello[4:])
class TestHandshakePadding(unittest.TestCase): def setUp(self): self.state = ConnectionState() self.hello_gen = ClientHelloGenerator() self.vanilla_hello = self.hello_gen.generate(self.state).write() def test_no_option(self): self.assertEqual(len(self.vanilla_hello), 43) hello_gen = pad_handshake(ClientHelloGenerator()) unmodified_hello = hello_gen.generate(self.state).write() self.assertEqual(len(unmodified_hello), 43) self.assertEqual(self.vanilla_hello, unmodified_hello) def test_add_padding(self): hello_gen = pad_handshake(ClientHelloGenerator(), 1) padded_hello = hello_gen.generate(self.state).write() self.assertEqual(len(padded_hello), 44) # skip the first 4 bytes as they have different length self.assertEqual(self.vanilla_hello[4:] + bytearray(1), padded_hello[4:]) def test_add_specific_padding(self): hello_gen = pad_handshake(ClientHelloGenerator(), 2, 0xAB) padded_hello = hello_gen.generate(self.state).write() self.assertEqual(len(padded_hello), 45) # skip the first 4 bytes as they have different length self.assertEqual(self.vanilla_hello[4:] + bytearray(b"\xab\xab"), padded_hello[4:]) def test_pad_with_data(self): pad = bytearray(b"\xff\x01\x00\x01\x00") hello_gen = pad_handshake(ClientHelloGenerator(), pad=pad) padded_hello = hello_gen.generate(self.state).write() self.assertEqual(len(padded_hello), len(self.vanilla_hello) + len(pad)) self.assertEqual(self.vanilla_hello[4:] + pad, padded_hello[4:]) self.assertNotEqual(self.vanilla_hello[:4], padded_hello[:4]) def test_truncate(self): hello_gen = truncate_handshake(ClientHelloGenerator(), 1) padded_hello = hello_gen.generate(self.state).write() self.assertEqual(len(padded_hello), 42) # skip the first 4 bytes as they have different length self.assertEqual(self.vanilla_hello[4:-1], padded_hello[4:])
def test_generate_extensions_with_garbage_extension(self): state = ConnectionState() ext = "some weird non-extension" chg = ClientHelloGenerator(extensions={0x1234:ext}) return_val = mock.MagicMock() return_val.write = mock.MagicMock(return_value=bytearray(10)) with mock.patch.object(messages.ClientHello, 'create', return_value=return_val) as mock_method: with self.assertRaises(ValueError): ch = chg.generate(state)
def test_generate(self): state = ConnectionState() chg = ClientHelloGenerator() return_val = mock.MagicMock() return_val.write = mock.MagicMock(return_value=bytearray(10)) with mock.patch.object(messages.ClientHello, "create", return_value=return_val) as mock_method: ch = chg.generate(state) self.assertEqual(ch, return_val) mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=None)
def test_generate_extensions_with_empty_extensions(self): state = ConnectionState() chg = ClientHelloGenerator(extensions={0x1234: None}) return_val = mock.MagicMock() return_val.write = mock.MagicMock(return_value=bytearray(10)) with mock.patch.object(messages.ClientHello, "create", return_value=return_val) as mock_method: ch = chg.generate(state) self.assertEqual(ch, return_val) ext = extensions.TLSExtension().create(0x1234, bytearray(0)) mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=[ext])
def test_generate_extensions_with_renego_info_default_generator(self): state = ConnectionState() state.client_verify_data = bytearray(b"\xab\xcd") chg = ClientHelloGenerator(extensions={constants.ExtensionType.renegotiation_info: None}) return_val = mock.MagicMock() return_val.write = mock.MagicMock(return_value=bytearray(10)) with mock.patch.object(messages.ClientHello, "create", return_value=return_val) as mock_method: ch = chg.generate(state) self.assertEqual(ch, return_val) ext = RenegotiationInfoExtension().create(bytearray(b"\xab\xcd")) mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=[ext])
def test_generate(self): state = ConnectionState() chg = ClientHelloGenerator() return_val = mock.MagicMock() return_val.write = mock.MagicMock(return_value=bytearray(10)) with mock.patch.object(messages.ClientHello, 'create', return_value=return_val) as mock_method: ch = chg.generate(state) self.assertEqual(ch, return_val) mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=None)
def test_generate_extensions_with_empty_extensions(self): state = ConnectionState() chg = ClientHelloGenerator(extensions={0x1234: None}) return_val = mock.MagicMock() return_val.write = mock.MagicMock(return_value=bytearray(10)) with mock.patch.object(messages.ClientHello, 'create', return_value=return_val) as mock_method: ch = chg.generate(state) self.assertEqual(ch, return_val) ext = extensions.TLSExtension().create(0x1234, bytearray(0)) mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=[ext])
def test_generate_extensions_with_renego_info_default_generator(self): state = ConnectionState() state.client_verify_data = bytearray(b'\xab\xcd') chg = ClientHelloGenerator( extensions={constants.ExtensionType.renegotiation_info: None}) return_val = mock.MagicMock() return_val.write = mock.MagicMock(return_value=bytearray(10)) with mock.patch.object(messages.ClientHello, 'create', return_value=return_val) as mock_method: ch = chg.generate(state) self.assertEqual(ch, return_val) ext = RenegotiationInfoExtension().create(bytearray(b'\xab\xcd')) mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=[ext])
class TestFuzzMessage(unittest.TestCase): def setUp(self): self.state = ConnectionState() self.hello_gen = ClientHelloGenerator() self.vanilla_hello = self.hello_gen.generate(self.state).write() def test_no_options(self): self.assertEqual(len(self.vanilla_hello), 43) hello_gen = fuzz_message(ClientHelloGenerator()) unmodified_hello = hello_gen.generate(self.state).write() self.assertEqual(len(unmodified_hello), 43) self.assertEqual(self.vanilla_hello, unmodified_hello) def test_substitutions(self): hello_gen = fuzz_message(ClientHelloGenerator(), substitutions={4: 0xff}) modified_hello = hello_gen.generate(self.state).write() self.assertNotEqual(self.vanilla_hello, modified_hello) self.vanilla_hello[4] = 0xff self.assertEqual(self.vanilla_hello, modified_hello) def test_xors(self): hello_gen = fuzz_message(ClientHelloGenerator(), xors={4: 0xff}) modified_hello = hello_gen.generate(self.state).write() self.assertNotEqual(self.vanilla_hello, modified_hello) self.vanilla_hello[4] ^= 0xff self.assertEqual(self.vanilla_hello, modified_hello)
class TestFuzzMessage(unittest.TestCase): def setUp(self): self.state = ConnectionState() self.hello_gen = ClientHelloGenerator() self.vanilla_hello = self.hello_gen.generate(self.state).write() def test_no_options(self): self.assertEqual(len(self.vanilla_hello), 43) hello_gen = fuzz_message(ClientHelloGenerator()) unmodified_hello = hello_gen.generate(self.state).write() self.assertEqual(len(unmodified_hello), 43) self.assertEqual(self.vanilla_hello, unmodified_hello) def test_substitutions(self): hello_gen = fuzz_message(ClientHelloGenerator(), substitutions={4:0xff}) modified_hello = hello_gen.generate(self.state).write() self.assertNotEqual(self.vanilla_hello, modified_hello) self.vanilla_hello[4] = 0xff self.assertEqual(self.vanilla_hello, modified_hello) def test_xors(self): hello_gen = fuzz_message(ClientHelloGenerator(), xors={4:0xff}) modified_hello = hello_gen.generate(self.state).write() self.assertNotEqual(self.vanilla_hello, modified_hello) self.vanilla_hello[4] ^= 0xff self.assertEqual(self.vanilla_hello, modified_hello)