def setUp(self): self.srv_private_key = parsePEMKey(srv_raw_key, private=True) srv_chain = X509CertChain([X509().parse(srv_raw_certificate)]) self.srv_pub_key = srv_chain.getEndEntityPublicKey() self.cipher_suite = CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA self.client_hello = ClientHello().create((3, 3), bytearray(32), bytearray(0), [], srpUsername='******') self.server_hello = ServerHello().create((3, 3), bytearray(32), bytearray(0), self.cipher_suite) verifierDB = VerifierDB() verifierDB.create() entry = verifierDB.makeVerifier('user', 'password', 2048) verifierDB['user'] = entry self.keyExchange = SRPKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, self.srv_private_key, verifierDB)
def test_client_SRP_key_exchange_with_unknown_params(self): keyExchange = ServerKeyExchange(self.cipher_suite, self.server_hello.server_version) keyExchange.createSRP(1, 2, 3, 4) client_keyExchange = SRPKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, None, None, srpUsername='******', password='******') with self.assertRaises(TLSInsufficientSecurity): client_keyExchange.processServerKeyExchange(None, keyExchange)
def test_client_SRP_key_exchange_with_invalid_params(self): keyExchange = self.keyExchange.makeServerKeyExchange('sha1') keyExchange.srp_B = keyExchange.srp_N settings = HandshakeSettings() client_keyExchange = SRPKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, None, None, srpUsername='******', password='******', settings=settings) with self.assertRaises(TLSIllegalParameterException): client_keyExchange.processServerKeyExchange(None, keyExchange)
def test_client_SRP_key_exchange_with_too_small_params(self): keyExchange = self.keyExchange.makeServerKeyExchange('sha1') settings = HandshakeSettings() settings.minKeySize = 3072 client_keyExchange = SRPKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, None, None, srpUsername='******', password='******', settings=settings) with self.assertRaises(TLSInsufficientSecurity): client_keyExchange.processServerKeyExchange(None, keyExchange)
def test_SRP_key_exchange_with_client(self): srv_key_ex = self.keyExchange.makeServerKeyExchange('sha1') client_keyExchange = SRPKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, None, None, srpUsername='******', password='******', settings=HandshakeSettings()) client_premaster = client_keyExchange.processServerKeyExchange(\ None, srv_key_ex) clientKeyExchange = client_keyExchange.makeClientKeyExchange() server_premaster = self.keyExchange.processClientKeyExchange(\ clientKeyExchange) self.assertEqual(client_premaster, server_premaster)