def test_process_with_not_matching_signature_algorithms(self):
exp = ExpectServerKeyExchange(
valid_sig_algs=[(HashAlgorithm.sha256, SignatureAlgorithm.rsa)])
state = ConnectionState()
state.cipher = CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA
cert = Certificate(CertificateType.x509).\
create(X509CertChain([X509().parse(srv_raw_certificate)]))
private_key = parsePEMKey(srv_raw_key, private=True)
client_hello = ClientHello()
client_hello.client_version = (3, 3)
client_hello.random = bytearray(32)
state.client_random = client_hello.random
state.handshake_messages.append(client_hello)
server_hello = ServerHello()
server_hello.server_version = (3, 3)
server_hello.random = bytearray(32)
state.server_random = server_hello.random
# server hello is not necessary for the test to work
#state.handshake_messages.append(server_hello)
state.handshake_messages.append(cert)
srv_key_exchange = DHE_RSAKeyExchange(\
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
client_hello,
server_hello,
private_key)
msg = srv_key_exchange.makeServerKeyExchange('sha1')
with self.assertRaises(TLSIllegalParameterException):
exp.process(state, msg)
def test_process_with_rcf7919_groups_required_not_provided(self):
exp = ExpectServerKeyExchange(valid_groups=[256])
state = ConnectionState()
state.cipher = CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA
cert = Certificate(CertificateType.x509).\
create(X509CertChain([X509().parse(srv_raw_certificate)]))
private_key = parsePEMKey(srv_raw_key, private=True)
client_hello = ClientHello()
client_hello.client_version = (3, 3)
client_hello.random = bytearray(32)
client_hello.extensions = [SupportedGroupsExtension().create([256])]
state.client_random = client_hello.random
state.handshake_messages.append(client_hello)
server_hello = ServerHello()
server_hello.server_version = (3, 3)
server_hello.random = bytearray(32)
state.server_random = server_hello.random
# server hello is not necessary for the test to work
#state.handshake_messages.append(server_hello)
state.handshake_messages.append(cert)
srv_key_exchange = DHE_RSAKeyExchange(\
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
client_hello,
server_hello,
private_key,
dhGroups=None)
msg = srv_key_exchange.makeServerKeyExchange('sha1')
with self.assertRaises(AssertionError):
exp.process(state, msg)
def test_process_with_not_matching_signature_algorithms(self):
exp = ExpectServerKeyExchange(valid_sig_algs=[(HashAlgorithm.sha256,
SignatureAlgorithm.rsa)])
state = ConnectionState()
state.cipher = CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA
cert = Certificate(CertificateType.x509).\
create(X509CertChain([X509().parse(srv_raw_certificate)]))
private_key = parsePEMKey(srv_raw_key, private=True)
client_hello = ClientHello()
client_hello.client_version = (3, 3)
client_hello.random = bytearray(32)
state.client_random = client_hello.random
state.handshake_messages.append(client_hello)
server_hello = ServerHello()
server_hello.server_version = (3, 3)
server_hello.random = bytearray(32)
state.server_random = server_hello.random
# server hello is not necessary for the test to work
#state.handshake_messages.append(server_hello)
state.handshake_messages.append(cert)
srv_key_exchange = DHE_RSAKeyExchange(\
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
client_hello,
server_hello,
private_key)
msg = srv_key_exchange.makeServerKeyExchange('sha1')
with self.assertRaises(TLSIllegalParameterException):
exp.process(state, msg)
class TestDHE_RSAKeyExchange(unittest.TestCase):
def setUp(self):
self.srv_private_key = parsePEMKey(srv_raw_key, private=True)
srv_chain = X509CertChain([X509().parse(srv_raw_certificate)])
self.srv_pub_key = srv_chain.getEndEntityPublicKey()
self.cipher_suite = CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA
self.client_hello = ClientHello().create((3, 3),
bytearray(32),
bytearray(0),
[])
self.server_hello = ServerHello().create((3, 3),
bytearray(32),
bytearray(0),
self.cipher_suite)
self.keyExchange = DHE_RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
self.srv_private_key)
def test_DHE_RSA_key_exchange(self):
srv_key_ex = self.keyExchange.makeServerKeyExchange('sha1')
cln_X = bytesToNumber(getRandomBytes(32))
cln_Yc = powMod(srv_key_ex.dh_g,
cln_X,
srv_key_ex.dh_p)
cln_secret = numberToByteArray(powMod(srv_key_ex.dh_Ys,
cln_X,
srv_key_ex.dh_p))
cln_key_ex = ClientKeyExchange(self.cipher_suite, (3, 3))
cln_key_ex.createDH(cln_Yc)
srv_secret = self.keyExchange.processClientKeyExchange(cln_key_ex)
self.assertEqual(cln_secret, srv_secret)
def test_DHE_RSA_key_exchange_with_client(self):
srv_key_ex = self.keyExchange.makeServerKeyExchange('sha1')
client_keyExchange = DHE_RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
None)
client_premaster = client_keyExchange.processServerKeyExchange(\
None,
srv_key_ex)
clientKeyExchange = client_keyExchange.makeClientKeyExchange()
server_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
self.assertEqual(client_premaster, server_premaster)
def test_DHE_RSA_key_exchange_with_invalid_client_key_share(self):
clientKeyExchange = ClientKeyExchange(self.cipher_suite,
(3, 3))
clientKeyExchange.createDH(2**16000-1)
with self.assertRaises(TLSIllegalParameterException):
self.keyExchange.processClientKeyExchange(clientKeyExchange)
def test_DHE_RSA_key_exchange_with_small_prime(self):
client_keyExchange = DHE_RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
None)
srv_key_ex = ServerKeyExchange(self.cipher_suite,
self.server_hello.server_version)
srv_key_ex.createDH(2**768, 2, 2**512-1)
with self.assertRaises(TLSInsufficientSecurity):
client_keyExchange.processServerKeyExchange(None, srv_key_ex)
def test_DHE_RSA_key_exchange_empty_signature(self):
self.keyExchange.privateKey.sign = mock.Mock(return_value=bytearray(0))
with self.assertRaises(TLSInternalError):
self.keyExchange.makeServerKeyExchange('sha1')
def test_DHE_RSA_key_exchange_wrong_signature(self):
self.keyExchange.privateKey.sign = mock.Mock(return_value=bytearray(20))
with self.assertRaises(TLSInternalError):
self.keyExchange.makeServerKeyExchange('sha1')
class TestDHE_RSAKeyExchange(unittest.TestCase):
def setUp(self):
self.srv_private_key = parsePEMKey(srv_raw_key, private=True)
srv_chain = X509CertChain([X509().parse(srv_raw_certificate)])
self.srv_pub_key = srv_chain.getEndEntityPublicKey()
self.cipher_suite = CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA
self.client_hello = ClientHello().create((3, 3),
bytearray(32),
bytearray(0),
[])
self.server_hello = ServerHello().create((3, 3),
bytearray(32),
bytearray(0),
self.cipher_suite)
self.keyExchange = DHE_RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
self.srv_private_key)
def test_DHE_RSA_key_exchange(self):
srv_key_ex = self.keyExchange.makeServerKeyExchange('sha1')
cln_X = bytesToNumber(getRandomBytes(32))
cln_Yc = powMod(srv_key_ex.dh_g,
cln_X,
srv_key_ex.dh_p)
cln_secret = numberToByteArray(powMod(srv_key_ex.dh_Ys,
cln_X,
srv_key_ex.dh_p))
cln_key_ex = ClientKeyExchange(self.cipher_suite, (3, 3))
cln_key_ex.createDH(cln_Yc)
srv_secret = self.keyExchange.processClientKeyExchange(cln_key_ex)
self.assertEqual(cln_secret, srv_secret)
def test_DHE_RSA_key_exchange_with_client(self):
srv_key_ex = self.keyExchange.makeServerKeyExchange('sha1')
client_keyExchange = DHE_RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
None)
client_premaster = client_keyExchange.processServerKeyExchange(\
None,
srv_key_ex)
clientKeyExchange = client_keyExchange.makeClientKeyExchange()
server_premaster = self.keyExchange.processClientKeyExchange(\
clientKeyExchange)
self.assertEqual(client_premaster, server_premaster)
def test_DHE_RSA_key_exchange_with_small_prime(self):
client_keyExchange = DHE_RSAKeyExchange(self.cipher_suite,
self.client_hello,
self.server_hello,
None)
srv_key_ex = ServerKeyExchange(self.cipher_suite,
self.server_hello.server_version)
srv_key_ex.createDH(2**768, 2, 2**512-1)
with self.assertRaises(TLSInsufficientSecurity):
client_keyExchange.processServerKeyExchange(None, srv_key_ex)
