def test_SRP_key_exchange_without_signature(self):
self.cipher_suite = CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA
self.keyExchange.cipherSuite = self.cipher_suite
self.server_hello.cipher_suite = self.cipher_suite
srv_key_ex = self.keyExchange.makeServerKeyExchange()
a = bytesToNumber(getRandomBytes(32))
A = powMod(srv_key_ex.srp_g,
a,
srv_key_ex.srp_N)
x = makeX(srv_key_ex.srp_s, bytearray(b'user'), bytearray(b'password'))
v = powMod(srv_key_ex.srp_g,
x,
srv_key_ex.srp_N)
u = makeU(srv_key_ex.srp_N,
A,
srv_key_ex.srp_B)
k = makeK(srv_key_ex.srp_N,
srv_key_ex.srp_g)
S = powMod((srv_key_ex.srp_B - (k*v)) % srv_key_ex.srp_N,
a+(u*x),
srv_key_ex.srp_N)
cln_premaster = numberToByteArray(S)
cln_key_ex = ClientKeyExchange(self.cipher_suite, (3, 3)).createSRP(A)
srv_premaster = self.keyExchange.processClientKeyExchange(cln_key_ex)
self.assertEqual(cln_premaster, srv_premaster)
def test_SRP_key_exchange(self):
srv_key_ex = self.keyExchange.makeServerKeyExchange('sha256')
KeyExchange.verifyServerKeyExchange(srv_key_ex,
self.srv_pub_key,
self.client_hello.random,
self.server_hello.random,
[(HashAlgorithm.sha256,
SignatureAlgorithm.rsa)])
a = bytesToNumber(getRandomBytes(32))
A = powMod(srv_key_ex.srp_g,
a,
srv_key_ex.srp_N)
x = makeX(srv_key_ex.srp_s, bytearray(b'user'), bytearray(b'password'))
v = powMod(srv_key_ex.srp_g,
x,
srv_key_ex.srp_N)
u = makeU(srv_key_ex.srp_N,
A,
srv_key_ex.srp_B)
k = makeK(srv_key_ex.srp_N,
srv_key_ex.srp_g)
S = powMod((srv_key_ex.srp_B - (k*v)) % srv_key_ex.srp_N,
a+(u*x),
srv_key_ex.srp_N)
cln_premaster = numberToByteArray(S)
cln_key_ex = ClientKeyExchange(self.cipher_suite, (3, 3)).createSRP(A)
srv_premaster = self.keyExchange.processClientKeyExchange(cln_key_ex)
self.assertEqual(cln_premaster, srv_premaster)
def test_SRP_key_exchange_without_signature(self):
self.cipher_suite = CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA
self.keyExchange.cipherSuite = self.cipher_suite
self.server_hello.cipher_suite = self.cipher_suite
srv_key_ex = self.keyExchange.makeServerKeyExchange()
a = bytesToNumber(getRandomBytes(32))
A = powMod(srv_key_ex.srp_g,
a,
srv_key_ex.srp_N)
x = makeX(srv_key_ex.srp_s, bytearray(b'user'), bytearray(b'password'))
v = powMod(srv_key_ex.srp_g,
x,
srv_key_ex.srp_N)
u = makeU(srv_key_ex.srp_N,
A,
srv_key_ex.srp_B)
k = makeK(srv_key_ex.srp_N,
srv_key_ex.srp_g)
S = powMod((srv_key_ex.srp_B - (k*v)) % srv_key_ex.srp_N,
a+(u*x),
srv_key_ex.srp_N)
cln_premaster = numberToByteArray(S)
cln_key_ex = ClientKeyExchange(self.cipher_suite, (3, 3)).createSRP(A)
srv_premaster = self.keyExchange.processClientKeyExchange(cln_key_ex)
self.assertEqual(cln_premaster, srv_premaster)
def test_SRP_key_exchange(self):
srv_key_ex = self.keyExchange.makeServerKeyExchange('sha256')
KeyExchange.verifyServerKeyExchange(srv_key_ex,
self.srv_pub_key,
self.client_hello.random,
self.server_hello.random,
[(HashAlgorithm.sha256,
SignatureAlgorithm.rsa)])
a = bytesToNumber(getRandomBytes(32))
A = powMod(srv_key_ex.srp_g,
a,
srv_key_ex.srp_N)
x = makeX(srv_key_ex.srp_s, bytearray(b'user'), bytearray(b'password'))
v = powMod(srv_key_ex.srp_g,
x,
srv_key_ex.srp_N)
u = makeU(srv_key_ex.srp_N,
A,
srv_key_ex.srp_B)
k = makeK(srv_key_ex.srp_N,
srv_key_ex.srp_g)
S = powMod((srv_key_ex.srp_B - (k*v)) % srv_key_ex.srp_N,
a+(u*x),
srv_key_ex.srp_N)
cln_premaster = numberToByteArray(S)
cln_key_ex = ClientKeyExchange(self.cipher_suite, (3, 3)).createSRP(A)
srv_premaster = self.keyExchange.processClientKeyExchange(cln_key_ex)
self.assertEqual(cln_premaster, srv_premaster)
def _checkItem(self, value, username, param):
(N, g, salt, verifier) = value
x = mathtls.makeX(salt, username, param)
v = powMod(g, x, N)
return (verifier == v)
def _checkItem(self, value, username, param):
(N, g, salt, verifier) = value
x = mathtls.makeX(salt, username, param)
v = powMod(g, x, N)
return (verifier == v)