def test_clienthello_has_extensions(self):
from protocol_extensions import ExtensionType
from protocol_ext_supportedgroups import NamedGroupList, NamedGroups, NamedGroup
ch = ClientHello(
random=Random(bytes.fromhex('AA' * 32)),
legacy_session_id=OpaqueUint8(bytes.fromhex('BB' * 32)),
cipher_suites=CipherSuites([
CipherSuite.TLS_AES_256_GCM_SHA384,
CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV
]),
legacy_compression_methods=OpaqueUint8(b'\x00'),
extensions=Extensions([
Extension(extension_type=ExtensionType.supported_groups,
extension_data=NamedGroupList(
named_group_list=NamedGroups([
NamedGroup.x25519,
NamedGroup.secp256r1,
]))),
Extension(extension_type=ExtensionType.supported_groups,
extension_data=NamedGroupList(
named_group_list=NamedGroups([
NamedGroup.x25519,
NamedGroup.secp256r1,
]))),
]),
)
self.assertEqual(ClientHello.from_bytes(bytes(ch)), ch)
def test_clienthello(self):
ch = ClientHello(
random=Random(bytes.fromhex('AA' * 32)),
legacy_session_id=OpaqueUint8(bytes.fromhex('BB' * 32)),
cipher_suites=CipherSuites([
CipherSuite.TLS_AES_256_GCM_SHA384,
CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
CipherSuite.TLS_AES_128_GCM_SHA256,
CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV
]),
legacy_compression_methods=OpaqueUint8(b'\x00'),
extensions=Extensions([]),
)
expected = bytes.fromhex(
'03 03 AA AA AA AA AA AA AA AA AA AA AA AA AA AA'
'AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA'
'AA AA 20 BB BB BB BB BB BB BB BB BB BB BB BB BB'
'BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB'
'BB BB BB 00 08 13 02 13 03 13 01 00 FF 01 00 00'
'00 ')
self.assertEqual(bytes(ch), expected)
self.assertEqual(ClientHello.from_bytes(bytes(ch)), ch)
def test_certificate(self):
c = Certificate(
certificate_request_context=OpaqueUint8(b'\xaa\xaa'),
certificate_list=CertificateEntrys([
CertificateEntry(
cert_data=OpaqueUint24(b'\xbb\xbb'),
extensions=Extensions([])),
CertificateEntry(
cert_data=OpaqueUint24(b'\xcc\xcc'),
extensions=Extensions([])),
])
)
c_bytes = bytes.fromhex('''
02 AA AA 00 00 0E 00 00 02 BB BB 00 00 00 00 02
CC CC 00 00
''')
self.assertEqual(bytes(c), c_bytes)
self.assertEqual(Certificate.from_bytes(bytes(c)), c)
def test_handshake(self):
h = Handshake(msg_type=HandshakeType.client_hello,
msg=ClientHello(
random=Random(bytes.fromhex('AA' * 32)),
legacy_session_id=OpaqueUint8(
bytes.fromhex('BB' * 32)),
cipher_suites=CipherSuites([
CipherSuite.TLS_AES_256_GCM_SHA384,
CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV
]),
legacy_compression_methods=OpaqueUint8(b'\x00'),
extensions=Extensions([]),
))
h2 = Handshake.from_bytes(bytes(h))
self.assertEqual(h2, h)
def test_serverhello(self):
sh = ServerHello(
random=Random(bytes.fromhex('AA' * 32)),
legacy_session_id_echo=OpaqueUint8(bytes.fromhex('BB' * 32)),
cipher_suite=CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
legacy_compression_method=Opaque1(b'\x00'),
extensions=Extensions([]),
)
expected = bytes.fromhex(
'03 03 AA AA AA AA AA AA AA AA AA AA AA AA AA AA'
'AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA'
'AA AA 20 BB BB BB BB BB BB BB BB BB BB BB BB BB'
'BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB'
'BB BB BB 13 03 00 00 00 ')
self.assertEqual(bytes(sh), expected)
self.assertEqual(ServerHello.from_bytes(bytes(sh)), sh)
def test_handshake_has_ext_version(self):
from protocol_ext_version import \
SupportedVersions, ProtocolVersions, ProtocolVersion
h = Handshake(
msg_type=HandshakeType.client_hello,
msg=ClientHello(
random=Random(bytes.fromhex('AA' * 32)),
legacy_session_id=OpaqueUint8(bytes.fromhex('BB' * 32)),
cipher_suites=CipherSuites(
[CipherSuite.TLS_AES_256_GCM_SHA384]),
legacy_compression_methods=OpaqueUint8(b'\x00'),
extensions=Extensions([
Extension(
extension_type=ExtensionType.supported_versions,
extension_data=SupportedVersions(
versions=ProtocolVersions([
ProtocolVersion.TLS13,
ProtocolVersion.TLS12
]))),
])))
self.assertEqual(Handshake.from_bytes(bytes(h)), h)
sys.exit(0) # 本来ならAlertメッセージで終了しないといけない
server_hello = Handshake(
msg_type=HandshakeType.server_hello,
msg=ServerHello(
cipher_suite=CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
legacy_session_id_echo=client_hello.msg.legacy_session_id,
extensions=Extensions([
Extension(
extension_type=ExtensionType.supported_versions,
extension_data=SupportedVersions(
versions=ProtocolVersion.TLS13
)
),
Extension(
extension_type=ExtensionType.key_share,
extension_data=KeyShareHello(
shares=KeyShareEntry(
group=NamedGroup.x25519,
key_exchange=OpaqueUint16(public_key)
)
)
)
])
)
)
ctx.append_msg(server_hello)
print(server_hello)
# Key Schedule
ctx.set_key_exchange(dhkex_class, secret_key)
msg_type=HandshakeType.client_hello,
msg=ClientHello(
cipher_suites=CipherSuites([
CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV
]),
extensions=Extensions([
Extension(extension_type=ExtensionType.supported_versions,
extension_data=SupportedVersions(
versions=ProtocolVersions([ProtocolVersion.TLS13]))),
Extension(extension_type=ExtensionType.supported_groups,
extension_data=NamedGroupList(
named_group_list=NamedGroups([NamedGroup.x25519]))),
Extension(extension_type=ExtensionType.signature_algorithms,
extension_data=SignatureSchemeList(
supported_signature_algorithms=SignatureSchemes([
SignatureScheme.rsa_pss_rsae_sha256,
SignatureScheme.rsa_pss_rsae_sha384,
SignatureScheme.rsa_pss_rsae_sha512,
]))),
Extension(extension_type=ExtensionType.key_share,
extension_data=KeyShareHello(shares=KeyShareEntrys([
KeyShareEntry(group=NamedGroup.x25519,
key_exchange=OpaqueUint16(public_key))
])))
])))
ctx.append_msg(client_hello)
tlsplaintext = TLSPlaintext.create(ContentType.handshake, client_hello)
print(tlsplaintext)
print('[>>>] Send:')
print(hexdump(bytes(tlsplaintext)))