def verify_hrr_random_data(server, client):
"""
This callback verifies a HelloRetryRequest was sent from the S2N
server. If the rest of the integration test passes as well, then
the handshake completed after the HelloRetryRequest was sent.
"""
result = Result()
result.status = Status.FAILED
# Start of HRR random data which will be printed in the
# client process output
marker_found = False
hello_count = 0
finished_count = 0
marker = b"cf 21 ad 74 e5 9a 61 11 be 1d"
for line in client.stdout:
if marker in line:
marker_found = True
if b'ClientHello' in line:
hello_count += 1
if b'], Finished' in line:
finished_count += 1
if marker_found and hello_count == 2 and finished_count == 2:
result.status = Status.PASSED
break
return result
def verify_hrr_random_data(server, client):
"""
This callback verifies a HelloRetryRequest was sent from the S2N
server. If the rest of the integration test passes as well, then
the handshake completed after the HelloRetryRequest was sent.
"""
result = Result()
result.status = Status.FAILED
# Start of HRR random data which will be printed in the
# client process output
marker = b"cf 21 ad 74 e5 9a 61 11 be 1d"
for line in client.stdout:
if marker in line:
result.status = Status.PASSED
break
return result
def key_update_test(server, client):
'''
This test proves that both a s2n server and an Openssl client can continue to encrypt and decrypt
messages after a key update. It tests both update_not_requested
and update_requested functionality described in RFC:
https://tools.ietf.org/html/rfc8446#section-4.6.3
'''
result = Result()
result.status = Status.PASSED
# 'K' triggers an update_requested message from Openssl
if not key_update_send_and_receive(client, server, 'K'):
result.status = Status.FAILED
return result
# 'k' triggers an update_not_requested message from Openssl
if not key_update_send_and_receive(client, server, 'k'):
result.status = Status.FAILED
return result
return result
def key_update_recv(server, client):
'''
This test checks that a key update can be processed by s2n. It runs three times to prove that s2n can
process several key updates in a row.
'''
result = Result()
result.status = Status.PASSED
for i in range(3):
msg = "Message:" + str(uuid.uuid4())
client.stdin.write(("k\n\n").encode("utf-8"))
client.stdin.flush()
line = ''
# Confirm that the keyupdate was sent
while ('KEYUPDATE' not in line):
line = client.stderr.readline().decode("utf-8")
client.stdin.write((msg + "\n\n").encode("utf-8"))
client.stdin.flush()
if not (wait_for_output(server, msg, 100)):
result.status = Status.FAILED
break
return result