def test_crypto_container_increments_sequence_number(self):
client_seq_num = self.tls_ctx.client_ctx.sequence
server_seq_num = self.tls_ctx.server_ctx.sequence
client_crypto_ctx = tlsc.CBCCryptoContext(self.tls_ctx, self.tls_ctx.client_ctx)
client_crypto_ctx.encrypt_data(b"")
client_seq_num += 1
self.assertEqual(self.tls_ctx.client_ctx.sequence, client_seq_num)
self.assertEqual(self.tls_ctx.server_ctx.sequence, server_seq_num)
self.tls_ctx.client = False
client_crypto_ctx = tlsc.CBCCryptoContext(self.tls_ctx, self.tls_ctx.server_ctx)
client_crypto_ctx.encrypt_data(b"")
self.assertEqual(self.tls_ctx.client_ctx.sequence, client_seq_num)
self.assertEqual(self.tls_ctx.server_ctx.sequence, server_seq_num + 1)
def test_tls_1_1_and_above_cbc_iv_is_null(self):
# RSA_WITH_AES_128_CBC_SHA
cipher_suite = 0x2f
sec_params = tlsc.TLSSecurityParameters.from_pre_master_secret(self.prf, cipher_suite, self.pre_master_secret,
self.client_random, self.server_random)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.negotiated.version = tls.TLSVersion.TLS_1_1
tls_ctx.requires_iv = True
tls_ctx.sec_params = sec_params
# Creating the CryptoContext will set the IV to null if required
tlsc.CBCCryptoContext(tls_ctx, tls_ctx.client_ctx)
tlsc.CBCCryptoContext(tls_ctx, tls_ctx.server_ctx)
self.assertEqual(tls_ctx.client_ctx.sym_keystore.iv, "\x00" * 16)
self.assertEqual(tls_ctx.server_ctx.sym_keystore.iv, "\x00" * 16)
def test_hmac_used_matches_selected_ciphersuite(self):
import struct
# RSA_WITH_3DES_EDE_CBC_SHA
cipher_suite = 0xa
plaintext = "a" * 32
sec_params = tlsc.TLSSecurityParameters.from_pre_master_secret(self.prf, cipher_suite, self.pre_master_secret,
self.client_random, self.server_random)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.negotiated.version = tls.TLSVersion.TLS_1_0
tls_ctx.sec_params = sec_params
tls_ctx.client_ctx.sym_keystore = sec_params.client_keystore
self.assertEqual(sec_params.master_secret, self.master_secret)
crypto_ctx = tlsc.CBCCryptoContext(tls_ctx, tls_ctx.client_ctx)
# Pycryptodome does not expose the mode attribute
# self.assertEqual(client_enc_cipher.mode, DES3.MODE_CBC)
crypto_data = tlsc.CryptoData.from_context(tls_ctx, tls_ctx.client_ctx, plaintext)
crypto_container = tlsc.CBCCryptoContainer.from_context(tls_ctx, tls_ctx.client_ctx, crypto_data)
sequence_ = struct.pack("!Q", crypto_data.sequence)
content_type_ = struct.pack("!B", crypto_data.content_type)
version_ = struct.pack("!H", crypto_data.version)
len_ = struct.pack("!H", crypto_data.data_len)
digest_input = "%s%s%s%s%s" % (sequence_, content_type_, version_, len_, plaintext)
self.assertEqual(crypto_container.mac,
HMAC.new(sec_params.client_keystore.hmac, digest_input, digestmod=SHA).digest())
decrypted = crypto_ctx.decrypt(crypto_ctx.encrypt(crypto_container))
self.assertEqual(str(crypto_container), decrypted)
self.assertTrue(str(crypto_container).startswith(plaintext))
def test_crypto_container_returns_ciphertext(self):
data = b"C" * 102
self.tls_ctx.client = False
crypto_container = tlsc.CBCCryptoContainer.from_data(self.tls_ctx, self.tls_ctx.server_ctx, data)
cleartext = str(crypto_container)
crypto_ctx = tlsc.CBCCryptoContext(self.tls_ctx, self.tls_ctx.server_ctx)
ciphertext = crypto_ctx.encrypt_data(data)
self.assertEqual(cleartext, crypto_ctx.decrypt(ciphertext))
def test_cleartext_message_matches_decrypted_message_with_block_cipher(self):
# RSA_WITH_AES_128_CBC_SHA
cipher_suite = 0x2f
plaintext = "a" * 32
sec_params = tlsc.TLSSecurityParameters.from_pre_master_secret(self.prf, cipher_suite, self.pre_master_secret,
self.client_random, self.server_random)
self.assertEqual(sec_params.master_secret, self.master_secret)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.negotiated.version = tls.TLSVersion.TLS_1_1
tls_ctx.requires_iv = True
tls_ctx.sec_params = sec_params
tls_ctx.client_ctx.sym_keystore = sec_params.client_keystore
tls_ctx.server_ctx.sym_keystore = sec_params.server_keystore
self.assertEqual(sec_params.master_secret, self.master_secret)
crypto_ctx = tlsc.CBCCryptoContext(tls_ctx, tls_ctx.client_ctx)
tls_ctx.client_ctx.crypto_ctx = crypto_ctx
crypto_container = tlsc.CBCCryptoContainer.from_data(tls_ctx, tls_ctx.client_ctx, plaintext)
decrypted = crypto_ctx.decrypt(crypto_ctx.encrypt(crypto_container))
self.assertEqual(str(crypto_container), decrypted)
self.assertFalse(str(crypto_container).startswith(plaintext))