예제 #1
0
    def test_parse_with_missing_data(self):
        alert = Alert()

        parser = Parser(bytearray(b'\x01'))  # level

        with self.assertRaises(SyntaxError):
            alert.parse(parser)
예제 #2
0
파일: expect.py 프로젝트: miradam/tlsfuzzer
    def process(self, state, msg):
        assert msg.contentType == ContentType.alert
        parser = Parser(msg.write())

        alert = Alert()
        alert.parse(parser)

        problem_desc = ""
        if self.level is not None and alert.level != self.level:
            problem_desc += "Alert level {0} != {1}".format(
                alert.level, self.level)
        if self.description is not None:
            # allow for multiple choice for description
            if not isinstance(self.description, collections.Iterable):
                self.description = tuple([self.description])

            if alert.description not in self.description:
                if problem_desc:
                    problem_desc += ", "
                descriptions = [
                    "\"{0}\"".format(AlertDescription.toStr(i))
                    for i in self.description
                ]
                expected = ", ".join(
                    itertools.chain(
                        (i for i in descriptions[:-2]),
                        [" or ".join(i for i in descriptions[-2:])]))
                received = AlertDescription.toStr(alert.description)
                problem_desc += ("Expected alert description {0} does not "
                                 "match received \"{1}\"".format(
                                     expected, received))
        if problem_desc:
            raise AssertionError(problem_desc)
예제 #3
0
    def test_parse_with_missing_data(self):
        alert = Alert()

        parser = Parser(bytearray(
            b'\x01'))           # level

        with self.assertRaises(SyntaxError):
            alert.parse(parser)
예제 #4
0
    def test_parse(self):
        alert = Alert()

        parser = Parser(bytearray(b'\x01' +  # level
                                  b'\x02'  # description
                                  ))

        alert = alert.parse(parser)

        self.assertEqual(alert.level, 1)
        self.assertEqual(alert.description, 2)
예제 #5
0
    def process(self, state, msg):
        assert msg.contentType == ContentType.alert
        parser = Parser(msg.write())

        alert = Alert()
        alert.parse(parser)

        if self.level is not None:
            assert alert.level == self.level

        if self.description is not None:
            assert alert.description == self.description
예제 #6
0
    def test_parse(self):
        alert = Alert()

        parser = Parser(bytearray(
            b'\x01' +           # level
            b'\x02'             # description
            ))

        alert = alert.parse(parser)

        self.assertEqual(alert.level, 1)
        self.assertEqual(alert.description, 2)
예제 #7
0
파일: expect.py 프로젝트: akokare/tlsfuzzer
    def process(self, state, msg):
        assert msg.contentType == ContentType.alert
        parser = Parser(msg.write())

        alert = Alert()
        alert.parse(parser)

        problem_desc = ""
        if self.level is not None and alert.level != self.level:
            problem_desc += "Alert level {0} != {1}".format(alert.level,
                                                            self.level)
        if self.description is not None \
            and alert.description != self.description:
            if problem_desc:
                problem_desc += ", "
            problem_desc += "Alert description {0} != {1}".format(\
                                        alert.description, self.description)
        if problem_desc:
            raise AssertionError(problem_desc)
예제 #8
0
    def process(self, state, msg):
        assert msg.contentType == ContentType.alert
        parser = Parser(msg.write())

        alert = Alert()
        alert.parse(parser)

        problem_desc = ""
        if self.level is not None and alert.level != self.level:
            problem_desc += "Alert level {0} != {1}".format(
                alert.level, self.level)
        if self.description is not None \
                and alert.description != self.description:
            if problem_desc:
                problem_desc += ", "
            problem_desc += ("Alert description {0} != {1}".format(
                alert.description, self.description))
        if problem_desc:
            raise AssertionError(problem_desc)
예제 #9
0
    def process(self, state, msg):
        assert msg.contentType == ContentType.alert
        parser = Parser(msg.write())

        alert = Alert()
        alert.parse(parser)

        problem_desc = ""
        if self.level is not None and alert.level != self.level:
            problem_desc += "Alert level {0} != {1}".format(
                alert.level, self.level)
        if self.description is not None:
            # allow for multiple choice for description
            if not isinstance(self.description, collections.Iterable):
                self.description = tuple([self.description])

            if alert.description not in self.description:
                if problem_desc:
                    problem_desc += ", "
                problem_desc += ("Alert description {0} != {1}".format(
                    alert.description, self.description))
        if problem_desc:
            raise AssertionError(problem_desc)
예제 #10
0
    def test___repr__(self):
        alert = Alert().create(AlertDescription.record_overflow,
                               AlertLevel.fatal)

        self.assertEqual("Alert(level=2, description=22)", repr(alert))
예제 #11
0
 def generate(self, status):
     alert = Alert().create(self.description, self.level)
     return alert
예제 #12
0
    def scan(self):
        """Perform a scan on server."""
        defragger = Defragmenter()
        defragger.addStaticSize(ContentType.change_cipher_spec, 1)
        defragger.addStaticSize(ContentType.alert, 2)
        defragger.addDynamicSize(ContentType.handshake, 1, 3)

        try:
            raw_sock = socket.create_connection((self.host, self.port), 5)
        except socket.error as e:
            return [e]

        sock = MessageSocket(raw_sock, defragger)

        if self.hostname is not None:
            client_hello = self.hello_gen(bytearray(self.hostname, 'utf-8'))
        else:
            client_hello = self.hello_gen(None)

        # record layer version - TLSv1.x
        # use the version from configuration, if present, or default to the
        # RFC recommended (3, 1) for TLS and (3, 0) for SSLv3
        if hasattr(client_hello, 'record_version'):
            sock.version = client_hello.record_version
        elif hasattr(self.hello_gen, 'record_version'):
            sock.version = self.hello_gen.record_version
        elif client_hello.client_version > (3, 1):  # TLS1.0
            sock.version = (3, 1)
        else:
            sock.version = client_hello.client_version

        # we don't want to send invalid messages (SSLv2 hello in SSL record
        # layer), so set the record layer version to SSLv2 if the hello is
        # of SSLv2 format
        if client_hello.ssl2:
            sock.version = (0, 2)

        # save the record version used in the end for later analysis
        client_hello.record_version = sock.version

        messages = [client_hello]

        handshake_parser = HandshakeParser()

        try:
            sock.sendMessageBlocking(client_hello)
        except socket.error as e:
            messages.append(e)
            return messages
        except TLSAbruptCloseError as e:
            sock.sock.close()
            messages.append(e)
            return messages

        # get all the server messages that affect connection, abort as soon
        # as they've been read
        try:
            while True:
                header, parser = sock.recvMessageBlocking()

                if header.type == ContentType.alert:
                    alert = Alert()
                    alert.parse(parser)
                    alert.record_version = header.version
                    messages += [alert]
                elif header.type == ContentType.handshake:
                    msg = handshake_parser.parse(parser)
                    msg.record_version = header.version
                    messages += [msg]
                    if isinstance(msg, ServerHelloDone):
                        return messages
                else:
                    raise TypeError("Unknown content type: {0}".format(
                        header.type))
        except (TLSAbruptCloseError, TLSIllegalParameterException, ValueError,
                TypeError, socket.error, SyntaxError) as e:
            messages += [e]
            return messages
        finally:
            try:
                sock.sock.close()
            except (socket.error, OSError):
                pass
예제 #13
0
    def process(self, state, msg):
        assert msg.contentType == ContentType.alert
        parser = Parser(msg.write())

        alert = Alert()
        alert.parse(parser)
예제 #14
0
    def process(self, state, msg):
        assert msg.contentType == ContentType.alert
        parser = Parser(msg.write())

        alert = Alert()
        alert.parse(parser)
예제 #15
0
    def test_write(self):
        alert = Alert().create(AlertDescription.record_overflow)

        self.assertEqual(bytearray(
            b'\x02\x16'), alert.write())
예제 #16
0
    def test_write(self):
        alert = Alert().create(AlertDescription.record_overflow)

        self.assertEqual(bytearray(b'\x02\x16'), alert.write())
예제 #17
0
    def test___init__(self):
        alert = Alert()

        self.assertEqual(alert.contentType, ContentType.alert)
        self.assertEqual(alert.level, 0)
        self.assertEqual(alert.description, 0)
 def prepare_mock_socket_with_handshake_failure(self):
     alertObj = Alert().create(AlertDescription.handshake_failure)
     alert = alertObj.write()
     header = RecordHeader3().create((3, 3), ContentType.alert, len(alert))
     return MockSocket(header.write() + alert)
예제 #19
0
    def test_levelName_with_wrong_level(self):
        alert = Alert().create(AlertDescription.close_notify, 11)

        self.assertEqual("unknown(11)", alert.levelName)
예제 #20
0
    def test_descriptionName(self):
        alert = Alert().create(AlertDescription.record_overflow,
                               AlertLevel.fatal)

        self.assertEqual("record_overflow", alert.descriptionName)
예제 #21
0
    def test_descriptionName_with_wrong_id(self):
        alert = Alert().create(1)

        self.assertEqual("unknown(1)", alert.descriptionName)
예제 #22
0
 def generate(self, status):
     """Send the Alert to server."""
     alert = Alert().create(self.description, self.level)
     return alert
예제 #23
0
    def test___str__(self):
        alert = Alert().create(AlertDescription.record_overflow,
                               AlertLevel.fatal)

        self.assertEqual("Alert, level:fatal, description:record_overflow",
                         str(alert))
예제 #24
0
 def prepare_mock_socket_with_handshake_failure(self):
     alertObj = Alert().create(AlertDescription.handshake_failure)
     alert = alertObj.write()
     header = RecordHeader3().create((3, 3), ContentType.alert, len(alert))
     return MockSocket(header.write() + alert)
예제 #25
0
    def scan(self):
        """Perform a scan on server."""
        defragger = Defragmenter()
        defragger.addStaticSize(ContentType.change_cipher_spec, 1)
        defragger.addStaticSize(ContentType.alert, 2)
        defragger.addDynamicSize(ContentType.handshake, 1, 3)

        try:
            raw_sock = socket.create_connection((self.host, self.port), 5)
        except socket.error as e:
            return [e]

        sock = MessageSocket(raw_sock, defragger)

        if self.hostname is not None:
            client_hello = self.hello_gen(bytearray(self.hostname,
                                                    'utf-8'))
        else:
            client_hello = self.hello_gen(None)

        # record layer version - TLSv1.x
        # use the version from configuration, if present, or default to the
        # RFC recommended (3, 1) for TLS and (3, 0) for SSLv3
        if hasattr(client_hello, 'record_version'):
            sock.version = client_hello.record_version
        elif hasattr(self.hello_gen, 'record_version'):
            sock.version = self.hello_gen.record_version
        elif client_hello.client_version > (3, 1):  # TLS1.0
            sock.version = (3, 1)
        else:
            sock.version = client_hello.client_version

        # we don't want to send invalid messages (SSLv2 hello in SSL record
        # layer), so set the record layer version to SSLv2 if the hello is
        # of SSLv2 format
        if client_hello.ssl2:
            sock.version = (0, 2)

        # save the record version used in the end for later analysis
        client_hello.record_version = sock.version

        messages = [client_hello]

        handshake_parser = HandshakeParser()

        try:
            sock.sendMessageBlocking(client_hello)
        except socket.error as e:
            messages.append(e)
            return messages
        except TLSAbruptCloseError as e:
            sock.sock.close()
            messages.append(e)
            return messages

        # get all the server messages that affect connection, abort as soon
        # as they've been read
        try:
            while True:
                header, parser = sock.recvMessageBlocking()

                if header.type == ContentType.alert:
                    alert = Alert()
                    alert.parse(parser)
                    alert.record_version = header.version
                    messages += [alert]
                elif header.type == ContentType.handshake:
                    msg = handshake_parser.parse(parser)
                    msg.record_version = header.version
                    messages += [msg]
                    if isinstance(msg, ServerHelloDone):
                        return messages
                else:
                    raise TypeError("Unknown content type: {0}"
                                    .format(header.type))
        except (TLSAbruptCloseError, TLSIllegalParameterException,
                ValueError, TypeError, socket.error, SyntaxError) as e:
            messages += [e]
            return messages
        finally:
            try:
                sock.sock.close()
            except (socket.error, OSError):
                pass