def create_crypto(self, is_client, version=QuicProtocolVersion.DRAFT_23):
pair = CryptoPair()
pair.setup_initial(
cid=binascii.unhexlify("8394c8f03e515708"),
is_client=is_client,
version=version,
)
return pair
def create_crypto(self, is_client):
pair = CryptoPair()
pair.setup_initial(
cid=binascii.unhexlify("8394c8f03e515708"),
is_client=is_client,
version=PROTOCOL_VERSION,
)
return pair
def test_long_header_then_short_header(self):
builder = QuicPacketBuilder(
host_cid=bytes(8),
packet_number=0,
peer_cid=bytes(8),
peer_token=b"",
spin_bit=False,
version=QuicProtocolVersion.DRAFT_20,
)
crypto = CryptoPair()
crypto.setup_initial(bytes(8), is_client=True)
# INITIAL, fully padded
builder.start_packet(PACKET_TYPE_INITIAL, crypto)
self.assertEqual(builder.remaining_space, 1236)
builder.start_frame(QuicFrameType.CRYPTO)
builder.buffer.push_bytes(bytes(builder.remaining_space))
self.assertTrue(builder.end_packet())
self.assertEqual(builder.buffer.tell(), 1280)
# ONE_RTT, fully padded
builder.start_packet(PACKET_TYPE_ONE_RTT, crypto)
self.assertEqual(builder.remaining_space, 1253)
builder.start_frame(QuicFrameType.STREAM_BASE)
builder.buffer.push_bytes(bytes(builder.remaining_space))
self.assertTrue(builder.end_packet())
self.assertEqual(builder.buffer.tell(), 0)
# check datagrams
datagrams, packets = builder.flush()
self.assertEqual(len(datagrams), 2)
self.assertEqual(len(datagrams[0]), 1280)
self.assertEqual(len(datagrams[1]), 1280)
self.assertEqual(
packets,
[
QuicSentPacket(
epoch=Epoch.INITIAL,
in_flight=True,
is_ack_eliciting=True,
is_crypto_packet=True,
packet_number=0,
packet_type=PACKET_TYPE_INITIAL,
sent_bytes=1280,
),
QuicSentPacket(
epoch=Epoch.ONE_RTT,
in_flight=True,
is_ack_eliciting=True,
is_crypto_packet=False,
packet_number=1,
packet_type=PACKET_TYPE_ONE_RTT,
sent_bytes=1280,
),
],
)
def test_short_header_max_total_bytes_1(self):
"""
max_total_bytes doesn't allow any packets.
"""
builder = create_builder()
builder.max_total_bytes = 11
crypto = CryptoPair()
crypto.setup_initial(bytes(8), is_client=True)
with self.assertRaises(QuicPacketBuilderStop):
builder.start_packet(PACKET_TYPE_ONE_RTT, crypto)
def test_decrypt_short_server(self):
pair = CryptoPair()
pair.recv.setup(
INITIAL_CIPHER_SUITE,
binascii.unhexlify(
"310281977cb8c1c1c1212d784b2d29e5a6489e23de848d370a5a2f9537f3a100"
),
)
plain_header, plain_payload, packet_number = pair.decrypt_packet(
SHORT_SERVER_ENCRYPTED_PACKET, 9, 0)
self.assertEqual(plain_header, SHORT_SERVER_PLAIN_HEADER)
self.assertEqual(plain_payload, SHORT_SERVER_PLAIN_PAYLOAD)
self.assertEqual(packet_number, SHORT_SERVER_PACKET_NUMBER)
def test_decrypt_chacha20(self):
pair = CryptoPair()
pair.recv.setup(
CipherSuite.CHACHA20_POLY1305_SHA256,
binascii.unhexlify(
"b42772df33c9719a32820d302aa664d080d7f5ea7a71a330f87864cb289ae8c0"
),
)
plain_header, plain_payload, packet_number = pair.decrypt_packet(
CHACHA20_CLIENT_ENCRYPTED_PACKET, 25, 0)
self.assertEqual(plain_header, CHACHA20_CLIENT_PLAIN_HEADER)
self.assertEqual(plain_payload, CHACHA20_CLIENT_PLAIN_PAYLOAD)
self.assertEqual(packet_number, CHACHA20_CLIENT_PACKET_NUMBER)
def test_decrypt_chacha20(self):
pair = CryptoPair()
pair.recv.setup(
CipherSuite.CHACHA20_POLY1305_SHA256,
binascii.unhexlify(
"fcc211ac3ff1f3fe1b096a41e701e30033cbd899494ebabbbc009ee2626d987e"
),
)
plain_header, plain_payload, packet_number = pair.decrypt_packet(
CHACHA20_CLIENT_ENCRYPTED_PACKET, 34, 0)
self.assertEqual(plain_header, CHACHA20_CLIENT_PLAIN_HEADER)
self.assertEqual(plain_payload, CHACHA20_CLIENT_PLAIN_PAYLOAD)
self.assertEqual(packet_number, CHACHA20_CLIENT_PACKET_NUMBER)
def test_encrypt_chacha20(self):
pair = CryptoPair()
pair.send.setup(
CipherSuite.CHACHA20_POLY1305_SHA256,
binascii.unhexlify(
"b42772df33c9719a32820d302aa664d080d7f5ea7a71a330f87864cb289ae8c0"
),
)
packet = pair.encrypt_packet(
CHACHA20_CLIENT_PLAIN_HEADER,
CHACHA20_CLIENT_PLAIN_PAYLOAD,
CHACHA20_CLIENT_PACKET_NUMBER,
)
self.assertEqual(packet, CHACHA20_CLIENT_ENCRYPTED_PACKET)
def test_encrypt_chacha20(self):
pair = CryptoPair()
pair.send.setup(
CipherSuite.CHACHA20_POLY1305_SHA256,
binascii.unhexlify(
"fcc211ac3ff1f3fe1b096a41e701e30033cbd899494ebabbbc009ee2626d987e"
),
)
packet = pair.encrypt_packet(
CHACHA20_CLIENT_PLAIN_HEADER,
CHACHA20_CLIENT_PLAIN_PAYLOAD,
CHACHA20_CLIENT_PACKET_NUMBER,
)
self.assertEqual(packet, CHACHA20_CLIENT_ENCRYPTED_PACKET)
def test_decrypt_chacha20(self):
pair = CryptoPair()
pair.recv.setup(
cipher_suite=CipherSuite.CHACHA20_POLY1305_SHA256,
secret=binascii.unhexlify(
"9ac312a7f877468ebe69422748ad00a15443f18203a07d6060f688f30f21632b"
),
version=PROTOCOL_VERSION,
)
plain_header, plain_payload, packet_number = pair.decrypt_packet(
CHACHA20_CLIENT_ENCRYPTED_PACKET, 1, CHACHA20_CLIENT_PACKET_NUMBER)
self.assertEqual(plain_header, CHACHA20_CLIENT_PLAIN_HEADER)
self.assertEqual(plain_payload, CHACHA20_CLIENT_PLAIN_PAYLOAD)
self.assertEqual(packet_number, CHACHA20_CLIENT_PACKET_NUMBER)
def test_encrypt_short_server(self):
pair = CryptoPair()
pair.send.setup(
INITIAL_CIPHER_SUITE,
binascii.unhexlify(
"310281977cb8c1c1c1212d784b2d29e5a6489e23de848d370a5a2f9537f3a100"
),
)
packet = pair.encrypt_packet(
SHORT_SERVER_PLAIN_HEADER,
SHORT_SERVER_PLAIN_PAYLOAD,
SHORT_SERVER_PACKET_NUMBER,
)
self.assertEqual(packet, SHORT_SERVER_ENCRYPTED_PACKET)
def test_encrypt_chacha20(self):
pair = CryptoPair()
pair.send.setup(
cipher_suite=CipherSuite.CHACHA20_POLY1305_SHA256,
secret=binascii.unhexlify(
"9ac312a7f877468ebe69422748ad00a15443f18203a07d6060f688f30f21632b"
),
version=PROTOCOL_VERSION,
)
packet = pair.encrypt_packet(
CHACHA20_CLIENT_PLAIN_HEADER,
CHACHA20_CLIENT_PLAIN_PAYLOAD,
CHACHA20_CLIENT_PACKET_NUMBER,
)
self.assertEqual(packet, CHACHA20_CLIENT_ENCRYPTED_PACKET)
def test_short_header_max_total_bytes_2(self):
"""
max_total_bytes allows a short packet.
"""
builder = create_builder()
builder.max_total_bytes = 800
crypto = CryptoPair()
crypto.setup_initial(bytes(8), is_client=True)
builder.start_packet(PACKET_TYPE_ONE_RTT, crypto)
self.assertEqual(builder.remaining_space, 773)
builder.buffer.push_bytes(bytes(builder.remaining_space))
self.assertTrue(builder.end_packet())
with self.assertRaises(QuicPacketBuilderStop):
builder.start_packet(PACKET_TYPE_ONE_RTT, crypto)
def test_long_header_empty(self):
builder = QuicPacketBuilder(
host_cid=bytes(8),
packet_number=0,
peer_cid=bytes(8),
peer_token=b"",
spin_bit=False,
version=QuicProtocolVersion.DRAFT_20,
)
crypto = CryptoPair()
builder.start_packet(PACKET_TYPE_INITIAL, crypto)
self.assertEqual(builder.remaining_space, 1236)
# nothing to write
self.assertFalse(builder.end_packet())
self.assertEqual(builder.buffer.tell(), 0)
self.assertEqual(builder.packet_number, 0)
datagrams, packets = builder.flush()
self.assertEqual(len(datagrams), 0)
self.assertEqual(packets, [])
def test_decrypt_no_key(self):
pair = CryptoPair()
with self.assertRaises(CryptoError):
pair.decrypt_packet(LONG_SERVER_ENCRYPTED_PACKET, 18, 0)
def create_crypto(self, is_client):
pair = CryptoPair()
pair.setup_initial(cid=binascii.unhexlify("8394c8f03e515708"),
is_client=is_client)
return pair
def create_crypto():
crypto = CryptoPair()
crypto.setup_initial(bytes(8),
is_client=True,
version=QuicProtocolVersion.DRAFT_28)
return crypto
def test_long_header_then_long_header(self):
builder = QuicPacketBuilder(
host_cid=bytes(8),
packet_number=0,
peer_cid=bytes(8),
peer_token=b"",
spin_bit=False,
version=QuicProtocolVersion.DRAFT_20,
)
crypto = CryptoPair()
crypto.setup_initial(bytes(8), is_client=True)
# INITIAL
builder.start_packet(PACKET_TYPE_INITIAL, crypto)
self.assertEqual(builder.remaining_space, 1236)
builder.start_frame(QuicFrameType.CRYPTO)
builder.buffer.push_bytes(bytes(199))
self.assertEqual(builder.buffer.tell(), 228)
self.assertTrue(builder.end_packet())
self.assertEqual(builder.buffer.tell(), 244)
# HANDSHAKE
builder.start_packet(PACKET_TYPE_HANDSHAKE, crypto)
self.assertEqual(builder.buffer.tell(), 271)
self.assertEqual(builder.remaining_space, 993)
builder.start_frame(QuicFrameType.CRYPTO)
builder.buffer.push_bytes(bytes(299))
self.assertEqual(builder.buffer.tell(), 571)
self.assertTrue(builder.end_packet())
self.assertEqual(builder.buffer.tell(), 587)
# ONE_RTT
builder.start_packet(PACKET_TYPE_ONE_RTT, crypto)
self.assertEqual(builder.remaining_space, 666)
builder.start_frame(QuicFrameType.CRYPTO)
builder.buffer.push_bytes(bytes(299))
self.assertTrue(builder.end_packet())
self.assertEqual(builder.buffer.tell(), 0)
# check datagrams
datagrams, packets = builder.flush()
self.assertEqual(len(datagrams), 1)
self.assertEqual(len(datagrams[0]), 914)
self.assertEqual(
packets,
[
QuicSentPacket(
epoch=Epoch.INITIAL,
in_flight=True,
is_ack_eliciting=True,
is_crypto_packet=True,
packet_number=0,
packet_type=PACKET_TYPE_INITIAL,
sent_bytes=244,
),
QuicSentPacket(
epoch=Epoch.HANDSHAKE,
in_flight=True,
is_ack_eliciting=True,
is_crypto_packet=True,
packet_number=1,
packet_type=PACKET_TYPE_HANDSHAKE,
sent_bytes=343,
),
QuicSentPacket(
epoch=Epoch.ONE_RTT,
in_flight=True,
is_ack_eliciting=True,
is_crypto_packet=True,
packet_number=2,
packet_type=PACKET_TYPE_ONE_RTT,
sent_bytes=327,
),
],
)