Example #1
0
 def test_parse_client_hello_cipher_suites(self):
     """
     :py:func:`tls.hello_message.ClientHello` fails to parse a
     packet whose ``cipher_suites`` is too short.
     """
     with pytest.raises(ValidationError) as exc_info:
         ClientHello.from_bytes(self.cipher_suites_too_short_packet)
     assert exc_info.value.args == ('invalid object', 0)
Example #2
0
 def test_parse_client_hello_cipher_suites(self):
     """
     :py:func:`tls.hello_message.ClientHello` fails to parse a
     packet whose ``cipher_suites`` is too short.
     """
     with pytest.raises(ValidationError) as exc_info:
         ClientHello.from_bytes(self.cipher_suites_too_short_packet)
     assert exc_info.value.args == ('invalid object', 0)
Example #3
0
 def test_as_bytes_cert_status_request_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello.as_bytes` serializes a message
     containing the STATUS_REQUEST extension.
     """
     record = ClientHello.from_bytes(self.client_hello_with_cert_status_ext)
     assert record.as_bytes() == self.client_hello_with_cert_status_ext
Example #4
0
    def test_hello_from_bytes_with_unsupported_extension(self):
        """
        :py:func:`tls.hello_message.ClientHello` does not parse a packet
        with an unsupported extension, and raises an error.
        """
        server_certificate_type_extension_data = (
            b'\x00\x14'  # Extension Type: Server Certificate Type
            b'\x00\x00'  # Length
            b''  # Data
        )

        client_hello_packet = self.common_client_hello_data + (
            b'\x00\x04') + server_certificate_type_extension_data

        with pytest.raises(UnsupportedExtensionException):
            ClientHello.from_bytes(client_hello_packet)
Example #5
0
 def test_as_bytes_client_certificate_url_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` serializes a message
     containing the CLIENT_CERTIFICATE_URL extension.
     """
     record = ClientHello.from_bytes(
         self.client_hello_packet_with_client_certificate_url_extension)
     assert (record.as_bytes() ==
             self.client_hello_packet_with_client_certificate_url_extension)
Example #6
0
 def test_as_bytes_client_hello_cipher_suites(self):
     """
     :py:func:`tls.hello_message.ClientHello` fails to construct a
     packet whose ``cipher_suites`` would be too short.
     """
     record = ClientHello.from_bytes(self.no_extensions_packet)
     record.cipher_suites = []
     with pytest.raises(ValidationError) as exc_info:
         record.as_bytes()
     assert exc_info.value.args == ('invalid object', 0)
Example #7
0
    def test_hello_from_bytes_with_unsupported_extension(self):
        """
        :py:func:`tls.hello_message.ClientHello` does not parse a packet
        with an unsupported extension, and raises an error.
        """
        server_certificate_type_extension_data = (
            b'\x00\x14'  # Extension Type: Server Certificate Type
            b'\x00\x00'  # Length
            b''  # Data
        )

        client_hello_packet = self.common_client_hello_data + (
            b'\x00\x04'
        ) + server_certificate_type_extension_data

        with pytest.raises(UnsupportedExtensionException):
            ClientHello.from_bytes(
                client_hello_packet
            )
Example #8
0
 def test_as_bytes_client_hello_cipher_suites(self):
     """
     :py:func:`tls.hello_message.ClientHello` fails to construct a
     packet whose ``cipher_suites`` would be too short.
     """
     record = ClientHello.from_bytes(self.no_extensions_packet)
     record.cipher_suites = []
     with pytest.raises(ValidationError) as exc_info:
         record.as_bytes()
     assert exc_info.value.args == ('invalid object', 0)
Example #9
0
 def test_as_bytes_cert_status_request_zero_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello.as_bytes` serializes a message
     containing the STATUS_REQUEST extension with zero length
     responder_id_list and request_extensions.
     """
     record = ClientHello.from_bytes(
         self.client_hello_with_status_req_zero_ext
     )
     assert record.as_bytes() == self.client_hello_with_status_req_zero_ext
Example #10
0
 def test_as_bytes_trusted_ca_keys_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` serializes a message
     containing the TRUSTED_CA_KEYS extension.
     """
     record = ClientHello.from_bytes(
         self.client_hello_with_trusted_ca_keys_ext
     )
     assert (record.as_bytes() ==
             self.client_hello_with_trusted_ca_keys_ext)
Example #11
0
 def test_as_bytes_client_certificate_url_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` serializes a message
     containing the CLIENT_CERTIFICATE_URL extension.
     """
     record = ClientHello.from_bytes(
         self.client_hello_packet_with_client_certificate_url_extension
     )
     assert (record.as_bytes() ==
             self.client_hello_packet_with_client_certificate_url_extension)
Example #12
0
 def test_from_bytes_with_truncated_hmac_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` parses a packet with a
     truncated_hmac extension.
     """
     record = ClientHello.from_bytes(
         self.client_hello_with_truncated_hmac_ext)
     assert len(record.extensions) == 1
     assert record.extensions[0].type == enums.ExtensionType.TRUNCATED_HMAC
     assert record.extensions[0].data == Container()
Example #13
0
 def test_parse_client_certificate_url_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` parses a packet with
     CLIENT_CERTIFICATE_URL extension.
     """
     record = ClientHello.from_bytes(
         self.client_hello_packet_with_client_certificate_url_extension)
     assert len(record.extensions) == 1
     assert (record.extensions[0].type ==
             enums.ExtensionType.CLIENT_CERTIFICATE_URL)
     assert record.extensions[0].data == Container()
Example #14
0
 def test_from_bytes_with_truncated_hmac_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` parses a packet with a
     truncated_hmac extension.
     """
     record = ClientHello.from_bytes(
         self.client_hello_with_truncated_hmac_ext
     )
     assert len(record.extensions) == 1
     assert record.extensions[0].type == enums.ExtensionType.TRUNCATED_HMAC
     assert record.extensions[0].data == Container()
Example #15
0
    def test_client_hello_with_maximum_fragment_length_extension(self):
        """
        :py:func:`tls.hello_message.ClientHello` parses a packet with
        a `maximum_fragment_length` extension.
        """
        record = ClientHello.from_bytes(
            self.client_hello_packet_with_maximum_fragment_length_ext)
        assert len(record.extensions) == 1
        [extension] = record.extensions

        assert extension.type == enums.ExtensionType.MAX_FRAGMENT_LENGTH
        assert extension.data == enums.MaxFragmentLength.TWO_TO_THE_9TH
Example #16
0
 def test_parse_client_certificate_url_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` parses a packet with
     CLIENT_CERTIFICATE_URL extension.
     """
     record = ClientHello.from_bytes(
         self.client_hello_packet_with_client_certificate_url_extension
     )
     assert len(record.extensions) == 1
     assert (record.extensions[0].type ==
             enums.ExtensionType.CLIENT_CERTIFICATE_URL)
     assert record.extensions[0].data == Container()
Example #17
0
 def test_client_hello_with_server_name_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` parses a packet with a
     server_name extension
     """
     record = ClientHello.from_bytes(
         self.client_hello_packet_with_server_name_ext)
     assert len(record.extensions) == 1
     assert record.extensions[0].type == enums.ExtensionType.SERVER_NAME
     assert len(record.extensions[0].data) == 1
     server_name_list = record.extensions[0].data
     assert server_name_list[0].name_type == enums.NameType.HOST_NAME
     assert server_name_list[0].name == b'localhost'
Example #18
0
    def test_from_bytes_cert_status_request_extension(self):
        """
        :py:func:`tls.hello_message.ClientHello.from_bytes` parses a packet
        with STATUS_REQUEST extension.
        """
        record = ClientHello.from_bytes(self.client_hello_with_cert_status_ext)

        assert len(record.extensions) == 1
        assert record.extensions[0].type == enums.ExtensionType.STATUS_REQUEST
        extension_data = record.extensions[0].data
        assert extension_data.status_type == enums.CertificateStatusType.OCSP
        assert extension_data.request.responder_id_list == [b'12', b'345']
        assert extension_data.request.request_extensions == b'678'
Example #19
0
    def test_client_hello_with_maximum_fragment_length_extension(self):
        """
        :py:func:`tls.hello_message.ClientHello` parses a packet with
        a `maximum_fragment_length` extension.
        """
        record = ClientHello.from_bytes(
            self.client_hello_packet_with_maximum_fragment_length_ext
        )
        assert len(record.extensions) == 1
        [extension] = record.extensions

        assert extension.type == enums.ExtensionType.MAX_FRAGMENT_LENGTH
        assert extension.data == enums.MaxFragmentLength.TWO_TO_THE_9TH
Example #20
0
 def test_client_hello_with_server_name_extension(self):
     """
     :py:func:`tls.hello_message.ClientHello` parses a packet with a
     server_name extension
     """
     record = ClientHello.from_bytes(
         self.client_hello_packet_with_server_name_ext
     )
     assert len(record.extensions) == 1
     assert record.extensions[0].type == enums.ExtensionType.SERVER_NAME
     assert len(record.extensions[0].data) == 1
     server_name_list = record.extensions[0].data
     assert server_name_list[0].name_type == enums.NameType.HOST_NAME
     assert server_name_list[0].name == b'localhost'
Example #21
0
 def test_resumption_no_extensions(self):
     """
     :func:`parse_client_hello` returns an instance of
     :class:`ClientHello`.
     """
     record = ClientHello.from_bytes(self.no_extensions_packet)
     assert isinstance(record, ClientHello)
     assert record.client_version.major == 3
     assert record.client_version.minor == 0
     assert record.random.gmt_unix_time == 16909060
     assert record.random.random_bytes == b'0123456789012345678901234567'
     assert record.session_id == b'01234567890123456789012345678901'
     assert record.cipher_suites == [0x006b]
     assert record.compression_methods == [0]
     assert len(record.extensions) == 0
Example #22
0
 def test_resumption_no_extensions(self):
     """
     :func:`parse_client_hello` returns an instance of
     :class:`ClientHello`.
     """
     record = ClientHello.from_bytes(self.no_extensions_packet)
     assert isinstance(record, ClientHello)
     assert record.client_version.major == 3
     assert record.client_version.minor == 0
     assert record.random.gmt_unix_time == 16909060
     assert record.random.random_bytes == b'0123456789012345678901234567'
     assert record.session_id == b'01234567890123456789012345678901'
     assert record.cipher_suites == [0x006b]
     assert record.compression_methods == [0]
     assert len(record.extensions) == 0
Example #23
0
    def test_parse_trusted_ca_keys_extension(self):
        """
        :py:func:`tls.hello_message.ClientHello` parses a packet with
        TRUSTED_CA_KEYS_EXT extension.
        """
        record = ClientHello.from_bytes(
            self.client_hello_with_trusted_ca_keys_ext
        )
        assert len(record.extensions) == 1
        assert (record.extensions[0].type ==
                enums.ExtensionType.TRUSTED_CA_KEYS)

        extension_data = record.extensions[0].data
        assert extension_data == [Container(
            identifier_type=enums.TrustedAuthorityIdentifierType.KEY_SHA1_HASH,
            identifier=b'a' * 20,
        )]
Example #24
0
    def test_as_bytes_unsupported_extension(self):
        """
        :func:`ClientHello.as_bytes` fails to serialize a message that
        contains invalid extensions
        """
        extensions_data = (
            b'\x00\x04'
            b'\x00\x14'  # Extension Type: Server Certificate Type
            b'\x00\x00'  # Length
            b''  # Data
        )

        record = ClientHello.from_bytes(self.no_extensions_packet)
        extensions = _constructs.Extensions.parse(extensions_data)
        record.extensions = extensions
        with pytest.raises(UnsupportedExtensionException):
            record.as_bytes()
Example #25
0
    def test_as_bytes_unsupported_extension(self):
        """
        :py:func:`ClientHello.as_bytes` fails to serialize a message that
        contains invalid extensions
        """
        extensions_data = (
            b'\x00\x04'
            b'\x00\x14'  # Extension Type: Server Certificate Type
            b'\x00\x00'  # Length
            b''  # Data
        )

        record = ClientHello.from_bytes(self.no_extensions_packet)
        extensions = _constructs.Extensions.parse(extensions_data)
        record.extensions = extensions
        with pytest.raises(UnsupportedExtensionException):
            record.as_bytes()
Example #26
0
 def test_as_bytes_with_extensions(self):
     """
     :func:`ClientHello.as_bytes` returns the bytes it was created with
     """
     record = ClientHello.from_bytes(self.extensions_packet)
     assert record.as_bytes() == self.extensions_packet
Example #27
0
 def test_client_hello_maximum_fragment_length_extension_as_bytes(self):
     record = ClientHello.from_bytes(
         self.client_hello_packet_with_maximum_fragment_length_ext
     )
     assert record.as_bytes() == (
         self.client_hello_packet_with_maximum_fragment_length_ext)
Example #28
0
 def test_parse_client_hello_extensions(self):
     record = ClientHello.from_bytes(self.extensions_packet)
     assert len(record.extensions) == 1
     assert (record.extensions[0].type ==
             enums.ExtensionType.SIGNATURE_ALGORITHMS)
     assert len(record.extensions[0].data) == 10
Example #29
0
 def test_as_bytes_with_truncated_hmac_extension(self):
     record = ClientHello.from_bytes(
         self.client_hello_with_truncated_hmac_ext)
     assert record.as_bytes() == self.client_hello_with_truncated_hmac_ext
Example #30
0
 def test_as_bytes_with_truncated_hmac_extension(self):
     record = ClientHello.from_bytes(
         self.client_hello_with_truncated_hmac_ext
     )
     assert record.as_bytes() == self.client_hello_with_truncated_hmac_ext
Example #31
0
 def test_client_hello_maximum_fragment_length_extension_as_bytes(self):
     record = ClientHello.from_bytes(
         self.client_hello_packet_with_maximum_fragment_length_ext)
     assert record.as_bytes() == (
         self.client_hello_packet_with_maximum_fragment_length_ext)
Example #32
0
 def test_as_bytes_with_extensions(self):
     """
     :func:`ClientHello.as_bytes` returns the bytes it was created with
     """
     record = ClientHello.from_bytes(self.extensions_packet)
     assert record.as_bytes() == self.extensions_packet
Example #33
0
 def test_parse_client_hello_extensions(self):
     record = ClientHello.from_bytes(self.extensions_packet)
     assert len(record.extensions) == 1
     assert (record.extensions[0].type ==
             enums.ExtensionType.SIGNATURE_ALGORITHMS)
     assert len(record.extensions[0].data) == 10