def test_no_such_cipher(self): self.args = self.args + ['-cipher', 'AES128-SHA'] pid = self.start_server(self.args) try: ctx = SSL.Context() s = SSL.Connection(ctx) s.set_cipher_list('EXP-RC2-MD5') with six.assertRaisesRegex(self, SSL.SSLError, 'no ciphers available'): s.connect(self.srv_addr) s.close() finally: self.stop_server(pid)
def test_tls1_nok(self): self.args.append('-no_tls1') pid = self.start_server(self.args) try: ctx = SSL.Context('tlsv1') s = SSL.Connection(ctx) with six.assertRaisesRegex(self, SSL.SSLError, r'wrong version number|unexpected eof'): s.connect(self.srv_addr) s.close() finally: self.stop_server(pid)
def test_cipher_mismatch(self): self.args = self.args + ['-cipher', 'AES256-SHA'] pid = self.start_server(self.args) try: ctx = SSL.Context() s = SSL.Connection(ctx) s.set_cipher_list('AES128-SHA') with six.assertRaisesRegex(self, SSL.SSLError, 'sslv3 alert handshake failure'): s.connect(self.srv_addr) s.close() finally: self.stop_server(pid)
def test_tls1_nok(self): self.args.append('-no_tls1') pid = self.start_server(self.args) try: with warnings.catch_warnings(): warnings.simplefilter('ignore', DeprecationWarning) ctx = SSL.Context('tlsv1') s = SSL.Connection(ctx) with six.assertRaisesRegex(self, SSL.SSLError, r'version|unexpected eof'): s.connect(self.srv_addr) s.close() finally: self.stop_server(pid)
def test_public_encrypt(self): priv = RSA.load_key(self.privkey) # pkcs1_padding, pkcs1_oaep_padding for padding in self.e_padding_ok: p = getattr(RSA, padding) ctxt = priv.public_encrypt(self.data, p) ptxt = priv.private_decrypt(ctxt, p) self.assertEqual(ptxt, self.data) # no_padding with six.assertRaisesRegex(self, RSA.RSAError, 'data too small'): priv.public_encrypt(self.data, RSA.no_padding) # Type-check the data to be encrypted. with self.assertRaises(TypeError): priv.public_encrypt(self.gen_callback, RSA.pkcs1_padding)