def test_with_TLS1_2_and_no_overlap(self):
certificate_request = CertificateRequest((3, 3))
certificate_request.create([CertificateType.x509],
[],
[(HashAlgorithm.sha256,
SignatureAlgorithm.rsa),
(HashAlgorithm.sha224,
SignatureAlgorithm.rsa)])
certVerify = KeyExchange.makeCertificateVerify((3, 3),
self.handshake_hashes,
[(HashAlgorithm.sha1,
SignatureAlgorithm.rsa),
(HashAlgorithm.sha512,
SignatureAlgorithm.rsa)],
self.clnt_private_key,
certificate_request,
None, None, None)
self.assertIsNotNone(certVerify)
self.assertEqual(certVerify.version, (3, 3))
# when there's no overlap, we select the most wanted from our side
self.assertEqual(certVerify.signatureAlgorithm, (HashAlgorithm.sha1,
SignatureAlgorithm.rsa))
self.assertEqual(certVerify.signature, bytearray(
b'.\x03\xa2\xf0\xa0\xfb\xbeUs\xdb\x9b\xea\xcc(\xa6:l\x84\x8e\x13'
b'\xa1\xaa\xdb1P\xe9\x06\x876\xbe+\xe92\x89\xaa\xa5EU\x07\x9a\xde'
b'\xd37\xafGCR\xdam\xa2v\xde\xceeFI\x80:ZtL\x96\xafZ\xe2\xe2\xce/'
b'\x9f\x82\xfe\xdb*\x94\xa8\xbd\xd9Hl\xdc\xc8\xbf\x9b=o\xda\x06'
b'\xfa\x9e\xbfB+05\xc6\xda\xdf\x05\xf2m[\x18\x11\xaf\x184\x12\x9d'
b'\xb4:\x9b\xc1U\x1c\xba\xa3\x05\xceOn\x0fY\xcaK*\x0b\x04\xa5'
))
def test_with_TLS1_2_and_no_overlap(self):
certificate_request = CertificateRequest((3, 3))
certificate_request.create([CertificateType.x509],
[],
[(HashAlgorithm.sha256,
SignatureAlgorithm.rsa),
(HashAlgorithm.sha224,
SignatureAlgorithm.rsa)])
certVerify = KeyExchange.makeCertificateVerify((3, 3),
self.handshake_hashes,
[(HashAlgorithm.sha1,
SignatureAlgorithm.rsa),
(HashAlgorithm.sha512,
SignatureAlgorithm.rsa)],
self.clnt_private_key,
certificate_request,
None, None, None)
self.assertIsNotNone(certVerify)
self.assertEqual(certVerify.version, (3, 3))
# when there's no overlap, we select the most wanted from our side
self.assertEqual(certVerify.signatureAlgorithm, (HashAlgorithm.sha1,
SignatureAlgorithm.rsa))
self.assertEqual(certVerify.signature, bytearray(
b'.\x03\xa2\xf0\xa0\xfb\xbeUs\xdb\x9b\xea\xcc(\xa6:l\x84\x8e\x13'
b'\xa1\xaa\xdb1P\xe9\x06\x876\xbe+\xe92\x89\xaa\xa5EU\x07\x9a\xde'
b'\xd37\xafGCR\xdam\xa2v\xde\xceeFI\x80:ZtL\x96\xafZ\xe2\xe2\xce/'
b'\x9f\x82\xfe\xdb*\x94\xa8\xbd\xd9Hl\xdc\xc8\xbf\x9b=o\xda\x06'
b'\xfa\x9e\xbfB+05\xc6\xda\xdf\x05\xf2m[\x18\x11\xaf\x184\x12\x9d'
b'\xb4:\x9b\xc1U\x1c\xba\xa3\x05\xceOn\x0fY\xcaK*\x0b\x04\xa5'
))
def test_with_TLS1_1(self):
certificate_request = CertificateRequest((3, 2))
certificate_request.create([CertificateType.x509],
[],
None)
certVerify = KeyExchange.makeCertificateVerify((3, 2),
self.handshake_hashes,
None,
self.clnt_private_key,
certificate_request,
None, None, None)
self.assertIsNotNone(certVerify)
self.assertEqual(certVerify.version, (3, 2))
self.assertIsNone(certVerify.signatureAlgorithm)
self.assertEqual(certVerify.signature, bytearray(
b'=X\x14\xf3\r6\x0b\x84\xde&J\x15\xa02M\xc8\xf1?\xa0\x10U\x1e\x0b'
b'\x95^\xa19\x14\xf5\xf1$\xe3U[\xb4/\xe7AY(\xee]\xff\x97H\xb8\xa9'
b'\x8b\x96n\xa6\xf5\x0f\xffd\r\x08/Hs6`wi8\xc4\x02\xa4}a\xcbS\x99'
b'\x01;\x0e\x88oj\x9a\x02\x98Y\xb5\x00$f@>\xd8\x0cS\x95\xa8\x9e'
b'\x14uU\\Z\xd0.\xe7\x01_y\x1d\xea\xad\x1b\xf8c\xa6\xc9@\xc6\x90'
b'\x19~&\xd9\xaa\xc2\t,s\xde\xb1'
))
def test_with_TLS1_1(self):
certificate_request = CertificateRequest((3, 2))
certificate_request.create([CertificateType.x509],
[],
None)
certVerify = KeyExchange.makeCertificateVerify((3, 2),
self.handshake_hashes,
None,
self.clnt_private_key,
certificate_request,
None, None, None)
self.assertIsNotNone(certVerify)
self.assertEqual(certVerify.version, (3, 2))
self.assertIsNone(certVerify.signatureAlgorithm)
self.assertEqual(certVerify.signature, bytearray(
b'=X\x14\xf3\r6\x0b\x84\xde&J\x15\xa02M\xc8\xf1?\xa0\x10U\x1e\x0b'
b'\x95^\xa19\x14\xf5\xf1$\xe3U[\xb4/\xe7AY(\xee]\xff\x97H\xb8\xa9'
b'\x8b\x96n\xa6\xf5\x0f\xffd\r\x08/Hs6`wi8\xc4\x02\xa4}a\xcbS\x99'
b'\x01;\x0e\x88oj\x9a\x02\x98Y\xb5\x00$f@>\xd8\x0cS\x95\xa8\x9e'
b'\x14uU\\Z\xd0.\xe7\x01_y\x1d\xea\xad\x1b\xf8c\xa6\xc9@\xc6\x90'
b'\x19~&\xd9\xaa\xc2\t,s\xde\xb1'
))
