def test_is_match(self): exp = ExpectServerHello() msg = Message(ContentType.handshake, bytearray([HandshakeType.server_hello])) self.assertTrue(exp.is_match(msg))
def test_is_match_with_unmatching_handshake_type(self): exp = ExpectServerHello() msg = Message(ContentType.handshake, bytearray([HandshakeType.client_hello])) self.assertFalse(exp.is_match(msg))
def test_is_match_with_unmatching_handshake_type(self): exp = ExpectServerHello() msg = Message(ContentType.handshake, bytearray([HandshakeType.client_hello])) self.assertFalse(exp.is_match(msg))
def test_is_match(self): exp = ExpectServerHello() msg = Message(ContentType.handshake, bytearray([HandshakeType.server_hello])) self.assertTrue(exp.is_match(msg))
def test_process_with_bad_extension(self): exps = {ExtensionType.renegotiation_info: None, ExtensionType.alpn: 'BAD_EXTENSION' } exp = ExpectServerHello(extensions=exps) state = ConnectionState() client_hello = ClientHello() client_hello.cipher_suites = [4] state.handshake_messages.append(client_hello) state.msg_sock = mock.MagicMock() exts = [] exts.append(RenegotiationInfoExtension().create(None)) exts.append(ALPNExtension().create([bytearray(b'http/1.1')])) msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4, extensions=exts) self.assertTrue(exp.is_match(msg)) with self.assertRaises(ValueError): exp.process(state, msg)
def test_is_match_with_unmatching_content_type(self): exp = ExpectServerHello() msg = Message(ContentType.application_data, bytearray([HandshakeType.server_hello])) self.assertFalse(exp.is_match(msg))
def test_is_match_with_unmatching_content_type(self): exp = ExpectServerHello() msg = Message(ContentType.application_data, bytearray([HandshakeType.server_hello])) self.assertFalse(exp.is_match(msg))
def test_process_with_incorrect_cipher(self): exp = ExpectServerHello(cipher=5) state = ConnectionState() state.msg_sock = mock.MagicMock() ext = RenegotiationInfoExtension().create() msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4) self.assertTrue(exp.is_match(msg)) with self.assertRaises(AssertionError): exp.process(state, msg)
def test_process_with_incorrect_version(self): extension_process = mock.MagicMock() exp = ExpectServerHello(version=(3, 3)) state = ConnectionState() state.msg_sock = mock.MagicMock() ext = RenegotiationInfoExtension().create() msg = ServerHello().create(version=(3, 2), random=bytearray(32), session_id=bytearray(0), cipher_suite=4) self.assertTrue(exp.is_match(msg)) with self.assertRaises(AssertionError): exp.process(state, msg)
def test_process_with_mandatory_resumption_but_wrong_id(self): exp = ExpectServerHello(resume=True) state = ConnectionState() state.msg_sock = mock.MagicMock() state.session_id = bytearray(b'\xaa\xaa\xaa') state.cipher = 4 self.assertFalse(state.resuming) msg = ServerHello() msg.create(version=(3, 3), random=bytearray(32), session_id=bytearray(b'\xbb\xbb\xbb'), cipher_suite=4) self.assertTrue(exp.is_match(msg)) with self.assertRaises(AssertionError): exp.process(state, msg)
def test_process_with_udefined_cipher(self): exp = ExpectServerHello() state = ConnectionState() client_hello = ClientHello() client_hello.cipher_suites = [4] state.handshake_messages.append(client_hello) state.msg_sock = mock.MagicMock() ext = RenegotiationInfoExtension().create(None) msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=0xfff0) self.assertTrue(exp.is_match(msg)) with self.assertRaises(AssertionError): exp.process(state, msg)
def test_process_with_unexpected_extensions(self): exp = ExpectServerHello(extensions={ExtensionType.renegotiation_info: None}) state = ConnectionState() state.msg_sock = mock.MagicMock() exts = [] exts.append(RenegotiationInfoExtension().create()) exts.append(SNIExtension().create()) msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4, extensions=exts) self.assertTrue(exp.is_match(msg)) with self.assertRaises(AssertionError): exp.process(state, msg)
def test_process_with_extended_master_secret(self): exp = ExpectServerHello( extensions={ExtensionType.extended_master_secret:None}) state = ConnectionState() state.msg_sock = mock.MagicMock() self.assertFalse(state.extended_master_secret) ext = TLSExtension(extType=ExtensionType.extended_master_secret) msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4, extensions=[ext]) self.assertTrue(exp.is_match(msg)) exp.process(state, msg) self.assertTrue(state.extended_master_secret)
def test_process_with_extended_master_secret(self): exp = ExpectServerHello( extensions={ExtensionType.extended_master_secret: None}) state = ConnectionState() state.msg_sock = mock.MagicMock() self.assertFalse(state.extended_master_secret) ext = TLSExtension(extType=ExtensionType.extended_master_secret) msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4, extensions=[ext]) self.assertTrue(exp.is_match(msg)) exp.process(state, msg) self.assertTrue(state.extended_master_secret)
def test_process_with_mandatory_resumption_but_wrong_id(self): exp = ExpectServerHello(resume=True) state = ConnectionState() state.msg_sock = mock.MagicMock() state.session_id = bytearray(b'\xaa\xaa\xaa') state.cipher = 4 self.assertFalse(state.resuming) msg = ServerHello() msg.create(version=(3, 3), random=bytearray(32), session_id=bytearray(b'\xbb\xbb\xbb'), cipher_suite=4) self.assertTrue(exp.is_match(msg)) with self.assertRaises(AssertionError): exp.process(state, msg)
def test_process_with_unexpected_extensions(self): exp = ExpectServerHello( extensions={ExtensionType.renegotiation_info: None}) state = ConnectionState() state.msg_sock = mock.MagicMock() exts = [] exts.append(RenegotiationInfoExtension().create()) exts.append(SNIExtension().create()) msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4, extensions=exts) self.assertTrue(exp.is_match(msg)) with self.assertRaises(AssertionError): exp.process(state, msg)
def test_process_with_resumption(self): exp = ExpectServerHello() state = ConnectionState() state.msg_sock = mock.MagicMock() state.session_id = bytearray(b'\xaa\xaa\xaa') state.cipher = 4 self.assertFalse(state.resuming) msg = ServerHello() msg.create(version=(3, 3), random=bytearray(32), session_id=bytearray(b'\xaa\xaa\xaa'), cipher_suite=4) self.assertTrue(exp.is_match(msg)) exp.process(state, msg) self.assertTrue(state.resuming)
def test_process_with_resumption(self): exp = ExpectServerHello() state = ConnectionState() state.msg_sock = mock.MagicMock() state.session_id = bytearray(b'\xaa\xaa\xaa') state.cipher = 4 self.assertFalse(state.resuming) msg = ServerHello() msg.create(version=(3, 3), random=bytearray(32), session_id=bytearray(b'\xaa\xaa\xaa'), cipher_suite=4) self.assertTrue(exp.is_match(msg)) exp.process(state, msg) self.assertTrue(state.resuming)
def test_process_with_extensions(self): extension_process = mock.MagicMock() exp = ExpectServerHello(extensions={ExtensionType.renegotiation_info: extension_process}) state = ConnectionState() state.msg_sock = mock.MagicMock() ext = RenegotiationInfoExtension().create() msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4, extensions=[ext]) self.assertTrue(exp.is_match(msg)) exp.process(state, msg) extension_process.assert_called_once_with(state, ext)
def test_process_with_extensions(self): extension_process = mock.MagicMock() exp = ExpectServerHello( extensions={ExtensionType.renegotiation_info: extension_process}) state = ConnectionState() state.msg_sock = mock.MagicMock() ext = RenegotiationInfoExtension().create() msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4, extensions=[ext]) self.assertTrue(exp.is_match(msg)) exp.process(state, msg) extension_process.assert_called_once_with(state, ext)
def test_process_with_mandatory_resumption(self): exp = ExpectServerHello(resume=True) state = ConnectionState() client_hello = ClientHello() client_hello.cipher_suites = [4] state.handshake_messages.append(client_hello) state.msg_sock = mock.MagicMock() state.session_id = bytearray(b'\xaa\xaa\xaa') state.cipher = 4 self.assertFalse(state.resuming) msg = ServerHello() msg.create(version=(3, 3), random=bytearray(32), session_id=bytearray(b'\xaa\xaa\xaa'), cipher_suite=4) self.assertTrue(exp.is_match(msg)) exp.process(state, msg) self.assertTrue(state.resuming)
def test_process_with_matching_extension(self): exps = { ExtensionType.renegotiation_info: None, ExtensionType.alpn: ALPNExtension().create([bytearray(b'http/1.1')]) } exp = ExpectServerHello(extensions=exps) state = ConnectionState() state.msg_sock = mock.MagicMock() exts = [] exts.append(RenegotiationInfoExtension().create(None)) exts.append(ALPNExtension().create([bytearray(b'http/1.1')])) msg = ServerHello().create(version=(3, 3), random=bytearray(32), session_id=bytearray(0), cipher_suite=4, extensions=exts) self.assertTrue(exp.is_match(msg)) exp.process(state, msg) self.assertIsInstance(state.handshake_messages[0], ServerHello)