def test_clienthello_has_extensions(self): from protocol_extensions import ExtensionType from protocol_ext_supportedgroups import NamedGroupList, NamedGroups, NamedGroup ch = ClientHello( random=Random(bytes.fromhex('AA' * 32)), legacy_session_id=OpaqueUint8(bytes.fromhex('BB' * 32)), cipher_suites=CipherSuites([ CipherSuite.TLS_AES_256_GCM_SHA384, CipherSuite.TLS_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV ]), legacy_compression_methods=OpaqueUint8(b'\x00'), extensions=Extensions([ Extension(extension_type=ExtensionType.supported_groups, extension_data=NamedGroupList( named_group_list=NamedGroups([ NamedGroup.x25519, NamedGroup.secp256r1, ]))), Extension(extension_type=ExtensionType.supported_groups, extension_data=NamedGroupList( named_group_list=NamedGroups([ NamedGroup.x25519, NamedGroup.secp256r1, ]))), ]), ) self.assertEqual(ClientHello.from_bytes(bytes(ch)), ch)
def test_clienthello(self): ch = ClientHello( random=Random(bytes.fromhex('AA' * 32)), legacy_session_id=OpaqueUint8(bytes.fromhex('BB' * 32)), cipher_suites=CipherSuites([ CipherSuite.TLS_AES_256_GCM_SHA384, CipherSuite.TLS_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_AES_128_GCM_SHA256, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV ]), legacy_compression_methods=OpaqueUint8(b'\x00'), extensions=Extensions([]), ) expected = bytes.fromhex( '03 03 AA AA AA AA AA AA AA AA AA AA AA AA AA AA' 'AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA' 'AA AA 20 BB BB BB BB BB BB BB BB BB BB BB BB BB' 'BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB' 'BB BB BB 00 08 13 02 13 03 13 01 00 FF 01 00 00' '00 ') self.assertEqual(bytes(ch), expected) self.assertEqual(ClientHello.from_bytes(bytes(ch)), ch)
def test_certificate(self): c = Certificate( certificate_request_context=OpaqueUint8(b'\xaa\xaa'), certificate_list=CertificateEntrys([ CertificateEntry( cert_data=OpaqueUint24(b'\xbb\xbb'), extensions=Extensions([])), CertificateEntry( cert_data=OpaqueUint24(b'\xcc\xcc'), extensions=Extensions([])), ]) ) c_bytes = bytes.fromhex(''' 02 AA AA 00 00 0E 00 00 02 BB BB 00 00 00 00 02 CC CC 00 00 ''') self.assertEqual(bytes(c), c_bytes) self.assertEqual(Certificate.from_bytes(bytes(c)), c)
def test_handshake(self): h = Handshake(msg_type=HandshakeType.client_hello, msg=ClientHello( random=Random(bytes.fromhex('AA' * 32)), legacy_session_id=OpaqueUint8( bytes.fromhex('BB' * 32)), cipher_suites=CipherSuites([ CipherSuite.TLS_AES_256_GCM_SHA384, CipherSuite.TLS_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV ]), legacy_compression_methods=OpaqueUint8(b'\x00'), extensions=Extensions([]), )) h2 = Handshake.from_bytes(bytes(h)) self.assertEqual(h2, h)
def test_serverhello(self): sh = ServerHello( random=Random(bytes.fromhex('AA' * 32)), legacy_session_id_echo=OpaqueUint8(bytes.fromhex('BB' * 32)), cipher_suite=CipherSuite.TLS_CHACHA20_POLY1305_SHA256, legacy_compression_method=Opaque1(b'\x00'), extensions=Extensions([]), ) expected = bytes.fromhex( '03 03 AA AA AA AA AA AA AA AA AA AA AA AA AA AA' 'AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA' 'AA AA 20 BB BB BB BB BB BB BB BB BB BB BB BB BB' 'BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB BB' 'BB BB BB 13 03 00 00 00 ') self.assertEqual(bytes(sh), expected) self.assertEqual(ServerHello.from_bytes(bytes(sh)), sh)
def test_handshake_has_ext_version(self): from protocol_ext_version import \ SupportedVersions, ProtocolVersions, ProtocolVersion h = Handshake( msg_type=HandshakeType.client_hello, msg=ClientHello( random=Random(bytes.fromhex('AA' * 32)), legacy_session_id=OpaqueUint8(bytes.fromhex('BB' * 32)), cipher_suites=CipherSuites( [CipherSuite.TLS_AES_256_GCM_SHA384]), legacy_compression_methods=OpaqueUint8(b'\x00'), extensions=Extensions([ Extension( extension_type=ExtensionType.supported_versions, extension_data=SupportedVersions( versions=ProtocolVersions([ ProtocolVersion.TLS13, ProtocolVersion.TLS12 ]))), ]))) self.assertEqual(Handshake.from_bytes(bytes(h)), h)
sys.exit(0) # 本来ならAlertメッセージで終了しないといけない server_hello = Handshake( msg_type=HandshakeType.server_hello, msg=ServerHello( cipher_suite=CipherSuite.TLS_CHACHA20_POLY1305_SHA256, legacy_session_id_echo=client_hello.msg.legacy_session_id, extensions=Extensions([ Extension( extension_type=ExtensionType.supported_versions, extension_data=SupportedVersions( versions=ProtocolVersion.TLS13 ) ), Extension( extension_type=ExtensionType.key_share, extension_data=KeyShareHello( shares=KeyShareEntry( group=NamedGroup.x25519, key_exchange=OpaqueUint16(public_key) ) ) ) ]) ) ) ctx.append_msg(server_hello) print(server_hello) # Key Schedule ctx.set_key_exchange(dhkex_class, secret_key)
msg_type=HandshakeType.client_hello, msg=ClientHello( cipher_suites=CipherSuites([ CipherSuite.TLS_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV ]), extensions=Extensions([ Extension(extension_type=ExtensionType.supported_versions, extension_data=SupportedVersions( versions=ProtocolVersions([ProtocolVersion.TLS13]))), Extension(extension_type=ExtensionType.supported_groups, extension_data=NamedGroupList( named_group_list=NamedGroups([NamedGroup.x25519]))), Extension(extension_type=ExtensionType.signature_algorithms, extension_data=SignatureSchemeList( supported_signature_algorithms=SignatureSchemes([ SignatureScheme.rsa_pss_rsae_sha256, SignatureScheme.rsa_pss_rsae_sha384, SignatureScheme.rsa_pss_rsae_sha512, ]))), Extension(extension_type=ExtensionType.key_share, extension_data=KeyShareHello(shares=KeyShareEntrys([ KeyShareEntry(group=NamedGroup.x25519, key_exchange=OpaqueUint16(public_key)) ]))) ]))) ctx.append_msg(client_hello) tlsplaintext = TLSPlaintext.create(ContentType.handshake, client_hello) print(tlsplaintext) print('[>>>] Send:') print(hexdump(bytes(tlsplaintext)))