def test_padding_extension_with_hello_over_256(self):
sock = self.prepare_mock_socket_with_handshake_failure()
conn = TLSConnection(sock)
# create hostname extension
with self.assertRaises(TLSRemoteAlert):
# use serverName with 252 bytes
settings = HandshakeSettings()
settings.maxVersion = (3, 3)
settings.keyShares = []
conn.handshakeClientCert(
settings=settings,
serverName='aaaaaaaaaabbbbbbbbbbccccccccccdddddddddd.' +
'eeeeeeeeeeffffffffffgggggggggghhhhhhhhhh.' +
'iiiiiiiiiijjjjjjjjjjkkkkkkkkkkllllllllll.' +
'mmmmmmmmmmnnnnnnnnnnoooooooooopppppppppp.' +
'qqqqqqqqqqrrrrrrrrrrsssssssssstttttttttt.' +
'uuuuuuuuuuvvvvvvvvvvwwwwwwwwwwxxxxxxxxxx.' + 'y.com')
self.assertEqual(len(sock.sent), 1)
# check for version and content type (handshake)
self.assertEqual(sock.sent[0][0:3], bytearray(b'\x16' + b'\x03\x03'))
# check for handshake message type (client_hello)
self.assertEqual(sock.sent[0][5:6], bytearray(b'\x01'))
self.assertEqual(sock.sent[0][5:9], bytearray(b'\x01\x00\x02\x00'))
# 5 bytes is record layer header, 4 bytes is handshake protocol header
self.assertEqual(len(sock.sent[0]) - 5 - 4, 512)
def test_not_matching_keyShares(self):
hs = HandshakeSettings()
hs.keyShares = ["x25519"]
hs.eccCurves = ["x448"]
with self.assertRaises(ValueError) as e:
hs.validate()
self.assertIn("x25519", str(e.exception))
def test_not_matching_ffdhe_keyShares(self):
hs = HandshakeSettings()
hs.keyShares = ["ffdhe2048", "x25519"]
hs.dhGroups = ["ffdhe4096"]
with self.assertRaises(ValueError) as e:
hs.validate()
self.assertIn("ffdhe2048", str(e.exception))
def test_invalid_keyShares_name(self):
hs = HandshakeSettings()
hs.keyShares = ["ffdhe1024"]
with self.assertRaises(ValueError):
hs.validate()
