def test_min_length_with_post_send(self):
hello_gen = fuzz_padding(ClientHelloGenerator(),
min_length=200)
unmodified_hello = hello_gen.generate(self.state)
self.assertEqual(len(unmodified_hello.write()), 43)
self.state.msg_sock.sendMessageBlocking(unmodified_hello)
self.assertEqual(len(self.socket.sent), 1)
self.assertEqual(len(self.socket.sent[0]),
1 + # record layer type
2 + # protocol version
2 + # record payload length field
43 + # length of ClientHello
160 // 8 + # length of HMAC
1 + # size of length tag of padding (0)
208) # minimal length of padding greater than 200
hello_gen.post_send(self.state)
clean_hello_gen = ClientHelloGenerator()
clean_hello = clean_hello_gen.generate(self.state)
self.state.msg_sock.sendMessageBlocking(clean_hello)
self.assertEqual(len(self.socket.sent), 2)
self.assertEqual(len(self.socket.sent[1]),
1 + # record layer type
2 + # protocol version
2 + # record payload length field
43 + # length of ClientHello
160 // 8 + # length of HMAC
1 + # size of length tag of padding (0)
0) # minimal length of padding
class TestHandshakePadding(unittest.TestCase):
def setUp(self):
self.state = ConnectionState()
self.hello_gen = ClientHelloGenerator()
self.vanilla_hello = self.hello_gen.generate(self.state).write()
def test_no_option(self):
self.assertEqual(len(self.vanilla_hello), 43)
hello_gen = pad_handshake(ClientHelloGenerator())
unmodified_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(unmodified_hello), 43)
self.assertEqual(self.vanilla_hello, unmodified_hello)
def test_add_padding(self):
hello_gen = pad_handshake(ClientHelloGenerator(), 1)
padded_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(padded_hello), 44)
# skip the first 4 bytes as they have different length
self.assertEqual(self.vanilla_hello[4:] + bytearray(1),
padded_hello[4:])
def test_add_specific_padding(self):
hello_gen = pad_handshake(ClientHelloGenerator(), 2, 0xab)
padded_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(padded_hello), 45)
# skip the first 4 bytes as they have different length
self.assertEqual(self.vanilla_hello[4:] + bytearray(b'\xab\xab'),
padded_hello[4:])
def test_pad_with_data(self):
pad = bytearray(b'\xff\x01\x00\x01\x00')
hello_gen = pad_handshake(ClientHelloGenerator(), pad=pad)
padded_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(padded_hello), len(self.vanilla_hello) + len(pad))
self.assertEqual(self.vanilla_hello[4:] + pad, padded_hello[4:])
self.assertNotEqual(self.vanilla_hello[:4], padded_hello[:4])
def test_truncate(self):
hello_gen = truncate_handshake(ClientHelloGenerator(), 1)
padded_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(padded_hello), 42)
# skip the first 4 bytes as they have different length
self.assertEqual(self.vanilla_hello[4:-1], padded_hello[4:])
class TestHandshakePadding(unittest.TestCase):
def setUp(self):
self.state = ConnectionState()
self.hello_gen = ClientHelloGenerator()
self.vanilla_hello = self.hello_gen.generate(self.state).write()
def test_no_option(self):
self.assertEqual(len(self.vanilla_hello), 43)
hello_gen = pad_handshake(ClientHelloGenerator())
unmodified_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(unmodified_hello), 43)
self.assertEqual(self.vanilla_hello, unmodified_hello)
def test_add_padding(self):
hello_gen = pad_handshake(ClientHelloGenerator(), 1)
padded_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(padded_hello), 44)
# skip the first 4 bytes as they have different length
self.assertEqual(self.vanilla_hello[4:] + bytearray(1), padded_hello[4:])
def test_add_specific_padding(self):
hello_gen = pad_handshake(ClientHelloGenerator(), 2, 0xAB)
padded_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(padded_hello), 45)
# skip the first 4 bytes as they have different length
self.assertEqual(self.vanilla_hello[4:] + bytearray(b"\xab\xab"), padded_hello[4:])
def test_pad_with_data(self):
pad = bytearray(b"\xff\x01\x00\x01\x00")
hello_gen = pad_handshake(ClientHelloGenerator(), pad=pad)
padded_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(padded_hello), len(self.vanilla_hello) + len(pad))
self.assertEqual(self.vanilla_hello[4:] + pad, padded_hello[4:])
self.assertNotEqual(self.vanilla_hello[:4], padded_hello[:4])
def test_truncate(self):
hello_gen = truncate_handshake(ClientHelloGenerator(), 1)
padded_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(padded_hello), 42)
# skip the first 4 bytes as they have different length
self.assertEqual(self.vanilla_hello[4:-1], padded_hello[4:])
def test_generate_extensions_with_garbage_extension(self):
state = ConnectionState()
ext = "some weird non-extension"
chg = ClientHelloGenerator(extensions={0x1234:ext})
return_val = mock.MagicMock()
return_val.write = mock.MagicMock(return_value=bytearray(10))
with mock.patch.object(messages.ClientHello, 'create',
return_value=return_val) as mock_method:
with self.assertRaises(ValueError):
ch = chg.generate(state)
def test_generate(self):
state = ConnectionState()
chg = ClientHelloGenerator()
return_val = mock.MagicMock()
return_val.write = mock.MagicMock(return_value=bytearray(10))
with mock.patch.object(messages.ClientHello, "create", return_value=return_val) as mock_method:
ch = chg.generate(state)
self.assertEqual(ch, return_val)
mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=None)
def test_generate_extensions_with_empty_extensions(self):
state = ConnectionState()
chg = ClientHelloGenerator(extensions={0x1234: None})
return_val = mock.MagicMock()
return_val.write = mock.MagicMock(return_value=bytearray(10))
with mock.patch.object(messages.ClientHello, "create", return_value=return_val) as mock_method:
ch = chg.generate(state)
self.assertEqual(ch, return_val)
ext = extensions.TLSExtension().create(0x1234, bytearray(0))
mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=[ext])
def test_generate_extensions_with_renego_info_default_generator(self):
state = ConnectionState()
state.client_verify_data = bytearray(b"\xab\xcd")
chg = ClientHelloGenerator(extensions={constants.ExtensionType.renegotiation_info: None})
return_val = mock.MagicMock()
return_val.write = mock.MagicMock(return_value=bytearray(10))
with mock.patch.object(messages.ClientHello, "create", return_value=return_val) as mock_method:
ch = chg.generate(state)
self.assertEqual(ch, return_val)
ext = RenegotiationInfoExtension().create(bytearray(b"\xab\xcd"))
mock_method.assert_called_once_with((3, 3), bytearray(32), bytearray(0), [], extensions=[ext])
def test_generate(self):
state = ConnectionState()
chg = ClientHelloGenerator()
return_val = mock.MagicMock()
return_val.write = mock.MagicMock(return_value=bytearray(10))
with mock.patch.object(messages.ClientHello,
'create',
return_value=return_val) as mock_method:
ch = chg.generate(state)
self.assertEqual(ch, return_val)
mock_method.assert_called_once_with((3, 3),
bytearray(32),
bytearray(0), [],
extensions=None)
def test_generate_extensions_with_empty_extensions(self):
state = ConnectionState()
chg = ClientHelloGenerator(extensions={0x1234: None})
return_val = mock.MagicMock()
return_val.write = mock.MagicMock(return_value=bytearray(10))
with mock.patch.object(messages.ClientHello,
'create',
return_value=return_val) as mock_method:
ch = chg.generate(state)
self.assertEqual(ch, return_val)
ext = extensions.TLSExtension().create(0x1234, bytearray(0))
mock_method.assert_called_once_with((3, 3),
bytearray(32),
bytearray(0), [],
extensions=[ext])
def test_generate_extensions_with_renego_info_default_generator(self):
state = ConnectionState()
state.client_verify_data = bytearray(b'\xab\xcd')
chg = ClientHelloGenerator(
extensions={constants.ExtensionType.renegotiation_info: None})
return_val = mock.MagicMock()
return_val.write = mock.MagicMock(return_value=bytearray(10))
with mock.patch.object(messages.ClientHello,
'create',
return_value=return_val) as mock_method:
ch = chg.generate(state)
self.assertEqual(ch, return_val)
ext = RenegotiationInfoExtension().create(bytearray(b'\xab\xcd'))
mock_method.assert_called_once_with((3, 3),
bytearray(32),
bytearray(0), [],
extensions=[ext])
class TestFuzzMessage(unittest.TestCase):
def setUp(self):
self.state = ConnectionState()
self.hello_gen = ClientHelloGenerator()
self.vanilla_hello = self.hello_gen.generate(self.state).write()
def test_no_options(self):
self.assertEqual(len(self.vanilla_hello), 43)
hello_gen = fuzz_message(ClientHelloGenerator())
unmodified_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(unmodified_hello), 43)
self.assertEqual(self.vanilla_hello, unmodified_hello)
def test_substitutions(self):
hello_gen = fuzz_message(ClientHelloGenerator(),
substitutions={4: 0xff})
modified_hello = hello_gen.generate(self.state).write()
self.assertNotEqual(self.vanilla_hello, modified_hello)
self.vanilla_hello[4] = 0xff
self.assertEqual(self.vanilla_hello, modified_hello)
def test_xors(self):
hello_gen = fuzz_message(ClientHelloGenerator(), xors={4: 0xff})
modified_hello = hello_gen.generate(self.state).write()
self.assertNotEqual(self.vanilla_hello, modified_hello)
self.vanilla_hello[4] ^= 0xff
self.assertEqual(self.vanilla_hello, modified_hello)
class TestFuzzMessage(unittest.TestCase):
def setUp(self):
self.state = ConnectionState()
self.hello_gen = ClientHelloGenerator()
self.vanilla_hello = self.hello_gen.generate(self.state).write()
def test_no_options(self):
self.assertEqual(len(self.vanilla_hello), 43)
hello_gen = fuzz_message(ClientHelloGenerator())
unmodified_hello = hello_gen.generate(self.state).write()
self.assertEqual(len(unmodified_hello), 43)
self.assertEqual(self.vanilla_hello, unmodified_hello)
def test_substitutions(self):
hello_gen = fuzz_message(ClientHelloGenerator(), substitutions={4:0xff})
modified_hello = hello_gen.generate(self.state).write()
self.assertNotEqual(self.vanilla_hello, modified_hello)
self.vanilla_hello[4] = 0xff
self.assertEqual(self.vanilla_hello, modified_hello)
def test_xors(self):
hello_gen = fuzz_message(ClientHelloGenerator(), xors={4:0xff})
modified_hello = hello_gen.generate(self.state).write()
self.assertNotEqual(self.vanilla_hello, modified_hello)
self.vanilla_hello[4] ^= 0xff
self.assertEqual(self.vanilla_hello, modified_hello)
