def test_fixed_crypto_data_matches_verify_data(self):
client_verify_data = "e23f73911909a86be9e93fdb"
server_verify_data = "c83b8eb028d3c4a8d82c1c17"
tls_ctx = tlsc.TLSSessionCtx()
# tls_ctx.rsa_load_keys(self.pem_priv_key)
client_hello = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(gmt_unix_time=1234,
random_bytes="A" * 28)
# Hello Request should be ignored in verify_data calculation
tls_ctx.insert(tls.TLSHelloRequest())
tls_ctx.insert(client_hello)
tls_ctx.premaster_secret = "B" * 48
epms = "C" * 256
server_hello = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello(gmt_unix_time=1234,
session_id="",
random_bytes="A" * 28)
tls_ctx.insert(server_hello)
client_kex = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientKeyExchange() /\
tls.TLSClientRSAParams(data=epms)
tls_ctx.insert(client_kex)
self.assertEqual(client_verify_data, binascii.hexlify(tls_ctx.get_verify_data()))
# Make sure that client finish is included in server finish calculation
tls_ctx.set_mode(server=True)
client_finish = tls.TLSRecord() / tls.TLSHandshake() / tls.tls_to_raw(
tls.TLSFinished(data=tls_ctx.get_verify_data()), tls_ctx)
tls_ctx.insert(client_finish)
self.assertEqual(server_verify_data, binascii.hexlify(tls_ctx.get_verify_data()))
def _do_kex(self, version):
self.pem_priv_key = """-----BEGIN PRIVATE KEY-----
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDDLrmt4lKRpm6P
2blptwJsa1EBuxuuAayLjwNqKGvm5c1CAUEa/NtEpUMM8WYKRDwxzakUIGI/BdP3
NOEMphcs5+OekgJLhzoSdtAIrXPy8JIidENZE6FzCJ2b6fHU5O4hoNvv1Bx5yoZr
HVaWJIZMRRocJJ0Nf9oMaU8IE6m6OdBzQHEwcnL2/a8Q3VxstHufzjILmaZD9WL+
6AESlQMKZPNQ+Xd7d4nvnVkY4ZV46tA+KvADGuotgovQwG+uiyQoGRrQUms21vHF
zIvd3G9OCiyCTCHSyfsE3g7tks33NZ8O8gF8xa9OmU9TQPwwAyUr6JQXz0CW77o7
Cr9LpHuNAgMBAAECggEBAJRbMbtfqc8XqDYjEfGur2Lld19Pb0yl7RbvD3NjYhDR
X2DqPyhaRfg5fWubGSp4jyBz6C5qJwMsVN80DFNm83qoj7T52lC6aoOaV6og3V8t
SIZzxLUyXKdpRxM5kR13HSHmeQYkPbi9HcrRM/1PqdzTMXNuyQl3wq9oZDAJchsf
fmoh080htkaxhEb1bMXa2Lj7j2OIkHOsQeIu6BdbxIKRPIT+zrcklE6ocW8fTWAS
Qi3IZ1FYLL+fs6TTxjx0VkC8QLaxWxY0pqTiwS7ndZiZKc3l3ARuvRk8buP+X3Jg
BD86FQ18OXZC9boMbDbzv2cOLtdkq5pS3lJE4F9gjYECgYEA69ukU2pNWot2OPwK
PuPwAXWNrvnvFzQgIc0qOiCmgKJU6wqunlop4Bx5XmetHExVyJVBEhaHoDr0F3Rs
gt8IclKDsWGXoVcgfu3llMimiZ05hOf/XtcGTCZwZenMQ30cFh4ZRuUu7WCZ9tqO
28P8jCXB3IcaRpRnNvVvmCr5NXECgYEA09nUzRW993SlohceRW2C9fT9HZ4BaPWO
5wVlnoo5mlUfAyzl+AGT/WlKmrn/1gAHIznQJ8ZIABQvPaBXhvkANXZP5Ie0lObw
jA7qFuKt7yV4GGlDnU1MOLh+acABMQBGSx8BJDaomH7glTiPEPTZjoP6wfAsd1uv
Knjt7jH2ad0CgYEAx9ghknRd+rx0fbBBVix4riPW20324ihOmZVnlD0aF6B0Z3tz
ncUz+irmQ7GBIpsjjIO60QK6BHAvZrhFQVaNp6B26ZORkSlr5WDZyImDYtMPa6fP
36I+OcPQNOo3I3Acnjj+ne2PJ59Ula92oIudr3pGmv72qpsQIacw2TSAWGECgYEA
sdNAN+HPMn68ZaGoLDjvW8uIB6tQnay5hhvWn8yA65YV0RGH+7Q/Z9BQ6i3EnPor
A5uMqUZbu4011jHYJpiuXzHvf/GVWAO92KLQReOCgqHd/Aen1MtEdrwOiG+90Ebd
ukLNL3ud61tc4oS2OlJ8p48LFm2mtY3FLA6UEYPoxhUCgYEAtsfWIGnBh7XC+HwI
2higSgN92VpJHSPOyOi0aG/u5AEQ+fsCUIi3KakxzvmiGMAEvWItkKyz2Gu8smtn
2HVsGxI5UW7aLw9s3qe8kyMSfUk6pGamVhJUQmDr77+5zEzykPBxwGwDwdeR43CR
xVgf/Neb/avXgIgi6drj8dp1fWA=
-----END PRIVATE KEY-----
"""
rsa_priv_key = RSA.importKey(self.pem_priv_key)
self.priv_key = PKCS1_v1_5.new(rsa_priv_key)
self.pub_key = PKCS1_v1_5.new(rsa_priv_key.publickey())
self.tls_ctx = tlsc.TLSSessionCtx()
self.tls_ctx.rsa_load_keys(self.pem_priv_key)
# SSLv2
self.record_version = 0x0002
self.version = version
# RSA_WITH_AES_128_SHA
self.cipher_suite = tls.TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA
# DEFLATE
self.comp_method = tls.TLSCompressionMethod.NULL
self.client_hello = tls.TLSRecord(
version=self.record_version) / tls.TLSHandshake(
) / tls.TLSClientHello(version=version,
compression_methods=[self.comp_method],
cipher_suites=[self.cipher_suite])
self.tls_ctx.insert(self.client_hello)
self.server_hello = tls.TLSRecord(
version=self.version) / tls.TLSHandshake() / tls.TLSServerHello(
version=version,
compression_method=self.comp_method,
cipher_suite=self.cipher_suite)
self.tls_ctx.insert(self.server_hello)
# Build method to generate EPMS automatically in TLSSessionCtx
self.client_kex = tls.TLSRecord(
version=self.version) / tls.TLSHandshake(
) / tls.TLSClientKeyExchange(data=self.tls_ctx.get_encrypted_pms())
self.tls_ctx.insert(self.client_kex)
def test_decrypted_pms_matches_generated_pms(self):
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.server_ctx.load_rsa_keys(self.pem_priv_key)
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello()
tls_ctx.insert(pkt)
epms = tls_ctx.get_encrypted_pms()
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello()
tls_ctx.insert(pkt)
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientKeyExchange() / tls.TLSClientRSAParams(data=epms)
tls_ctx.insert(pkt)
self.assertEqual(tls_ctx.encrypted_premaster_secret, epms)
self.assertEqual(tls_ctx.premaster_secret, self.priv_key.decrypt(epms, None))
def test_encrypted_handshake_which_fails_decryption_throws_error(self):
tls_ctx = self._static_tls_handshake()
client_kex = tls.TLS.from_records([
tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientKeyExchange() /
tls_ctx.get_encrypted_pms(),
tls.TLSRecord() / tls.TLSChangeCipherSpec()
], tls_ctx)
tls_ctx.insert(client_kex)
tls_ctx.insert(tls.to_raw(tls.TLSFinished(), tls_ctx))
handshake = tls.TLSRecord() / tls.TLSHandshake() / "C" * 5
with self.assertRaises(ValueError):
tls.TLS(str(handshake), ctx=tls_ctx)
def setUp(self):
self.pkt = tls.TLSRecord()/ \
tls.TLSHandshake()/ \
tls.TLSClientHello(extensions=[ \
tls.TLSExtension()/ \
tls.TLSExtServerNameIndication(server_names=[tls.TLSServerName(data="www.github.com"),
tls.TLSServerName(data="github.com")]), \
tls.TLSExtension()/ \
tls.TLSExtALPN(protocol_name_list=[tls.TLSALPNProtocol(data="http/1.1"),
tls.TLSALPNProtocol(data="http/1.0")]),
tls.TLSExtension()/ \
tls.TLSExtALPN(protocol_name_list=[tls.TLSALPNProtocol(data="http/2.0"),]),
tls.TLSExtension()/ \
tls.TLSExtMaxFragmentLength(fragment_length=0x03),
tls.TLSExtension()/ \
tls.TLSExtCertificateURL(certificate_urls=[tls.TLSURLAndOptionalHash(url="http://www.github.com/tintinweb")]),
tls.TLSExtension()/ \
tls.TLSExtECPointsFormat(ec_point_formats=[tls.TLSEcPointFormat.ANSIX962_COMPRESSED_CHAR2]),
tls.TLSExtension()/ \
tls.TLSExtEllipticCurves(elliptic_curves=[tls.TLSEllipticCurve.SECT571R1,]),
tls.TLSExtension()/ \
tls.TLSExtHeartbeat(mode=tls.TLSHeartbeatMode.PEER_NOT_ALLOWED_TO_SEND),
tls.TLSExtension()/ \
tls.TLSExtSessionTicketTLS(data="myticket"),
tls.TLSExtension()/ \
tls.TLSExtRenegotiationInfo(data="myreneginfo"),
],)
unittest.TestCase.setUp(self)
def test_encrypted_pms_is_only_available_after_server_certificate_is_presented(
self):
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello()
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.insert(pkt)
with self.assertRaises(ValueError):
tls_ctx.get_encrypted_pms()
def test_packet_does_not_contain_mac_or_padding_if_not_received_encrypted(
self):
pkt = tls.TLSRecord() / tls.TLSChangeCipherSpec()
records = tls.TLS(str(pkt))
with self.assertRaises(AttributeError):
records[tls.TLSChangeCipherSpec].mac
records[tls.TLSChangeCipherSpec].padding
def test_encrypting_pms_fails_if_no_certificate_in_connection(self):
tls_ctx = tlsc.TLSSessionCtx()
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(
version=0x0301)
tls_ctx.insert(pkt)
with self.assertRaises(ValueError):
tls_ctx.get_encrypted_pms()
def test_pkt_built_from_stacked_tls_records_is_identical(self):
self.assertEqual(len(str(self.server_hello)),
len(str(self.stacked_pkt.records[0])))
self.assertEqual(len(str(self.cert_list)),
len(str(self.stacked_pkt.records[1])))
self.assertEqual(len(str(self.server_hello_done)),
len(str(self.stacked_pkt.records[2])))
self.assertEqual(
len(str(self.server_hello)) - len(tls.TLSRecord()),
self.stacked_pkt.records[0][tls.TLSRecord].length)
self.assertEqual(
len(str(self.cert_list)) - len(tls.TLSRecord()),
self.stacked_pkt.records[1][tls.TLSRecord].length)
self.assertEqual(
len(str(self.server_hello_done)) - len(tls.TLSRecord()),
self.stacked_pkt.records[2][tls.TLSRecord].length)
def test_tls_certificate_x509_pubkey(self):
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSCertificateList(
certificates=[
tls.TLSCertificate(data=x509.X509Cert(self.der_cert))
])
# dissect and extract pubkey
pkt = tls.SSL(str(pkt))
pubkey_extract_from_der = tlsc.x509_extract_pubkey_from_der(
self.der_cert)
pubkey_extract_from_tls_certificate = tlsc.x509_extract_pubkey_from_der(
pkt[tls.TLSCertificate].data)
self.assertEqual(pubkey_extract_from_der,
pubkey_extract_from_tls_certificate)
self.assertTrue(pubkey_extract_from_der.can_encrypt())
self.assertTrue(pubkey_extract_from_der.can_sign())
self.assertTrue(pubkey_extract_from_tls_certificate.can_encrypt())
self.assertTrue(pubkey_extract_from_tls_certificate.can_sign())
plaintext = "-!-plaintext-!-" * 11
ciphertext = ''.join(
pubkey_extract_from_tls_certificate.encrypt(plaintext, None))
ciphertext_2 = ''.join(pubkey_extract_from_der.encrypt(
plaintext, None))
self.assertTrue(len(ciphertext))
self.assertEqual(ciphertext, ciphertext_2)
def test_fixed_crypto_data_matches_verify_data(self):
verify_data = "12003ac89553b7a233da64b9"
tls_ctx = tlsc.TLSSessionCtx()
# tls_ctx.rsa_load_keys(self.pem_priv_key)
client_hello = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(gmt_unix_time=1234,
random_bytes="A" * 28)
tls_ctx.insert(client_hello)
tls_ctx.crypto.session.premaster_secret = "B" * 48
epms = "C" * 256
server_hello = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello(gmt_unix_time=1234,
random_bytes="A" * 28)
tls_ctx.insert(server_hello)
client_kex = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientKeyExchange() /\
tls.TLSClientRSAParams(data=epms)
tls_ctx.insert(client_kex)
self.assertEqual(binascii.hexlify(tls_ctx.get_verify_data()), verify_data)
def test_cleartext_alert_is_not_decrypted_with_block_cipher(self):
tls_ctx = self._static_tls_handshake()
alert = tls.TLSRecord() / tls.TLSAlert(
level=tls.TLSAlertLevel.FATAL,
description=tls.TLSAlertDescription.HANDSHAKE_FAILURE)
record = tls.TLS(str(alert), ctx=tls_ctx)
self.assertTrue(record.haslayer(tls.TLSAlert))
self.assertEqual(record[tls.TLSAlert].level, tls.TLSAlertLevel.FATAL)
self.assertEqual(record[tls.TLSAlert].description,
tls.TLSAlertDescription.HANDSHAKE_FAILURE)
def test_negotiated_compression_method_is_used_in_context(self):
# DEFLATE
compression_method = 0x1
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello(gmt_unix_time=123456, random_bytes="A" * 28,
compression_method=compression_method)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.insert(pkt)
self.assertEqual(tls_ctx.params.negotiated.compression_algo,
tlsc.TLSCompressionParameters.comp_params[compression_method]["name"])
input_ = "some data" * 16
self.assertEqual(tls_ctx.compression.method.decompress(tls_ctx.compression.method.compress(input_)), input_)
def test_negotiated_cipher_is_used_in_context(self):
# RSA_WITH_NULL_MD5
cipher_suite = 0x1
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSServerHello(gmt_unix_time=123456, random_bytes="A" * 28,
cipher_suite=cipher_suite)
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.insert(pkt)
self.assertEqual(tls_ctx.negotiated.key_exchange,
tlsc.TLSSecurityParameters.crypto_params[cipher_suite]["key_exchange"]["name"])
self.assertEqual(tls_ctx.negotiated.mac,
tlsc.TLSSecurityParameters.crypto_params[cipher_suite]["hash"]["name"])
def test_keys_are_set_in_context_when_loaded(self):
tls_ctx = tlsc.TLSSessionCtx()
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(version=0x0301)
tls_ctx.insert(pkt)
tls_ctx.server_ctx.load_rsa_keys(self.pem_priv_key)
self.assertIsNotNone(tls_ctx.server_ctx.asym_keystore.private)
self.assertIsNotNone(tls_ctx.server_ctx.asym_keystore.public)
# Broken due to pycrypto bug: https://github.com/dlitz/pycrypto/issues/114
# Uncomment when fixed upstream
# self.assertTrue(tls_ctx.crypto.server.asym_keystore.private.can_decrypt())
# self.assertTrue(tls_ctx.crypto.server.asym_keystore.public.can_decrypt())
self.assertTrue(tls_ctx.server_ctx.asym_keystore.private.can_encrypt())
def test_tls_certificate_x509(self):
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSCertificateList(
certificates=[
tls.TLSCertificate(data=x509.X509Cert(self.der_cert))
])
self.assertEqual(str(pkt[tls.TLSCertificateList].certificates[0].data),
self.der_cert)
self.assertEqual(str(pkt[tls.TLSCertificate].data), self.der_cert)
try:
pkt[tls.TLSCertificate].data.pubkey
except AttributeError, ae:
self.fail(ae)
def setUp(self):
self.server_hello = tls.TLSRecord() / tls.TLSHandshake(
) / tls.TLSServerHello()
self.cert_list = tls.TLSRecord() / tls.TLSHandshake(
) / tls.TLSCertificateList()
self.server_hello_done = tls.TLSRecord() / tls.TLSHandshake(
) / tls.TLSServerHelloDone()
self.stacked_pkt = tls.TLS.from_records(
[self.server_hello, self.cert_list, self.server_hello_done])
# issue 28
der_cert = '0\x82\x03\xe70\x82\x02\xcf\xa0\x03\x02\x01\x02\x02\t\x00\xb9\xee\xd4\xd9U\xa5\x9e\xb30\r\x06\t*\x86H\x86\xf7\r\x01\x01\x05\x05\x000p1\x0b0\t\x06\x03U\x04\x06\x13\x02UK1\x160\x14\x06\x03U\x04\n\x0c\rOpenSSL Group1"0 \x06\x03U\x04\x0b\x0c\x19FOR TESTING PURPOSES ONLY1%0#\x06\x03U\x04\x03\x0c\x1cOpenSSL Test Intermediate CA0\x1e\x17\r111208140148Z\x17\r211016140148Z0d1\x0b0\t\x06\x03U\x04\x06\x13\x02UK1\x160\x14\x06\x03U\x04\n\x0c\rOpenSSL Group1"0 \x06\x03U\x04\x0b\x0c\x19FOR TESTING PURPOSES ONLY1\x190\x17\x06\x03U\x04\x03\x0c\x10Test Server Cert0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xf3\x84\xf3\x926\xdc\xb2F\xcafz\xe5)\xc5\xf3I("\xd3\xb9\xfe\xe0\xde\xe48\xce\xee"\x1c\xe9\x91;\x94\xd0r/\x87\x85YKf\xb1\xc5\xf5z\x85]\xc2\x0f\xd3.)X6\xccHk\xa2\xa2\xb5&\xceg\xe2G\xb6\xdfI\xd2?\xfa\xa2\x10\xb7\xc2\x97D~\x874mm\xf2\x8b\xb4U+\xd6!\xdeSK\x90\xea\xfd\xea\xf985+\xf4\xe6\x9a\x0e\xf6\xbb\x12\xab\x87!\xc3/\xbc\xf4\x06\xb8\x8f\x8e\x10\x07\'\x95\xe5B\xcb\xd1\xd5\x10\x8c\x92\xac\xee\x0f\xdc#H\x89\xc9\xc6\x93\x0c"\x02\xe7t\xe7%\x00\xab\xf8\x0f\\\x10\xb5\x85;f\x94\xf0\xfbMW\x06U!"%\xdb\xf3\xaa\xa9`\xbfM\xaay\xd1\xab\x92H\xba\x19\x8e\x12\xech\xd9\xc6\xba\xdf\xecZ\x1c\xd8C\xfe\xe7R\xc9\xcf\x02\xd0\xc7\x7f\xc9~\xb0\x94\xe3SDX\x0b.\xfd)t\xb5\x06\x9b\\D\x8d\xfb2u\xa4:\xa8g{\x872\nP\x8d\xe1\xa2\x13J%\xaf\xe6\x1c\xb1%\xbf\xb4\x99\xa2S\xd3\xa2\x02\xbf\x11\x02\x03\x01\x00\x01\xa3\x81\x8f0\x81\x8c0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xe00,\x06\t`\x86H\x01\x86\xf8B\x01\r\x04\x1f\x16\x1dOpenSSL Generated Certificate0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x82\xbc\xcf\x00\x00\x13\xd1\xf79%\x9a\'\xe7\xaf\xd2\xef \x1bn\xac0\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x146\xc3l\x88\xe7\x95\xfe\xb0\xbd\xec\xce>=\x86\xab!\x81\x87\xda\xda0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\xa9\xbdMW@t\xfe\x96\xe9+\xd6x\xfd\xb3c\xcc\xf4\x0bM\x12\xcaZt\x8d\x9b\xf2a\xe6\xfd\x06\x11C\x84\xfc\x17\xa0\xeccc6\xb9\x9e6j\xb1\x02Zj[?j\xa1\xea\x05e\xac~@\x1aHe\x88\xd19M\xd3Kw\xe9\xc8\xbb+\x9eZ\xf4\x0849G\xb9\x02\x081\x9a\xf1\xd9\x17\xc5\xe9\xa6\xa5\x96Km@\xa9[e(\xcb\xcb\x00\x03\x82c7\xd3\xad\xb1\x96;v\xf5\x17\x16\x02{\xbdSSFr4\xd6\x08d\x9d\xbbC\xfbd\xb1I\x07w\tazB\x17\x110\x0c\xd9\'\\\xf5q\xb6\xf0\x180\xf3~\xf1\x85?2~J\xaf\xb3\x10\xf7l\xc6\x85K-\'\xad\n \\\xfb\x8d\x19p4\xb9u_|\x87\xd5\xc3\xec\x93\x13A\xfcs\x03\xb9\x8d\x1a\xfe\xf7&\x86I\x03\xa9\xc5\x82?\x80\r)I\xb1\x8f\xed$\x1b\xfe\xcfX\x90F\xe7\xa8\x87\xd4\x1ey\xef\x99m\x18\x9f>\x8b\x82\x07\xc1C\xc7\xe0%\xb6\xf1\xd3\x00\xd7@\xabK\x7f+z>\xa6\x99LT'
stacked_handshake_layers = [
tls.TLSHandshake() / tls.TLSServerHello(),
tls.TLSHandshake() / tls.TLSCertificateList(certificates=[
tls.TLSCertificate(data=x509.X509Cert(der_cert))
]),
tls.TLSHandshake() / tls.TLSServerHelloDone()
]
self.stacked_handshake = tls.TLS(
str(
tls.TLSRecord(content_type="handshake") /
"".join(list(map(str, stacked_handshake_layers)))))
unittest.TestCase.setUp(self)
def test_encrypted_layer_is_decrypted_if_required(self):
tls_ctx = self._static_tls_handshake()
client_kex = tls.TLS.from_records([
tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientKeyExchange() /
tls_ctx.get_encrypted_pms(),
tls.TLSRecord() / tls.TLSChangeCipherSpec()
], tls_ctx)
tls_ctx.insert(client_kex)
tls_ctx.insert(tls.to_raw(tls.TLSFinished(), tls_ctx))
server_finished = binascii.unhexlify(
"14030100010116030100305b0241932c63c0cf1e4955e0cc65f751a3921fe8227c2bae045c66be327f7e68a39dc163b382c90d2caaf197ba0563a7"
)
server_finished_records = tls.TLS(server_finished, ctx=tls_ctx)
tls_ctx.insert(server_finished_records)
app_request = tls.to_raw(
tls.TLSPlaintext(data="GET / HTTP/1.1\r\nHOST: localhost\r\n\r\n"),
tls_ctx)
tls_ctx.insert(app_request)
app_response = binascii.unhexlify(
"1703010020d691f8104d8fd877e7a7a7f3729936a92272c6fa93999f37a3a4b2355454a26617030107e04c7017bec4bb802bf713f815f692a50d1d911d8d78d8edc14b0e2dfde876b3da4ce748a0c6c1917490f73ba5d04fe61d250f5478416987904aa45461bc64848c3bdc573e6c99338634d9f374cba9b847b06e1f8c56039bda3b1fd5bf0007372472fa45333ccd907cec08d2e1d1beb6e1bbf7f155e09e71e480a32104873c60162d873fb0310d91261b120f51f5a7b75084d6c4bb6ba11ba59334343c96ad849e39ff09e356dcc34ef7b9857112b6a3530b85c17ac2093439e980cc1d3a78d5708ed0aea96e74fdeed11e1a2dd5dbce67f85554706a32b5b98a3a7f0752dcfe30dd1726f28d37d7eea7282efc3db3273e93cb30cec75bd200128372488b74213360ec885e720e8876cdd4a6ff0e4cd34e8726b3ce6e04e1462981f2d5acf00a4b9a478f1a6d39b3c66884364ee7b2c5294380ca140aa41d99af4b809abba5a613e690782b3ea1b09fe0daaadc32a2ca2023e19d07fa1f68d2e1268a4be72f1695676285567111cbfd89360a92227f1b7f3c2cbc92f329f02aee9b45868a11517419e7d70da2ca4709d174b5014e7d823e24d3e29ee8c62dbe7c2f1a631a5aa2571e5c5f23f2c7d78997c41eeabc91f413c90806736438c8d34f8114dfe595a0e22febab37fe04ad2966416ad0c307426dd9d3627b0642be021c5703ec40279115d11415e59dd86102ca018e8a4aed7c1988c8e53a36699fa8e55f903489bbcc9d281bd3822a927ac1536695c9419d87c30653c60b7f4b65647e4b1900b6b3963b5fc981bea5d131f1f92d81570f3dfd52287d6e7171107f2bda5f219eb2cb43d965b46ed425624b527d9c2a8ec0391144c7e9a67fead45d3cc7f0fbaeae21dd0297ecd00eea103675cf843ee7c545c611d41776adc90ddf6a4d4ff0c8fc8899b3eb76c79dbcac0d9f9b6c0e8a334a8bddff6f4f90b5b4004619bc50b65b309048c9b68d610033f2eb73dd2061e418826892494eff8df1adf5dc1b6968f620645c765507b49d48d734dd618c1dac32f28ab99f6dab2e401a8bbf8c19abf1181f8c1b98c7c06179fa096cbba3610710539b50c8f6c39fa92fe50635497dea7a4359a8dc1987ec329b3e06076ee2fa3e55fcc41f01c4c953587f60a14645850bf77675a78c6ac2cdb8a0bcf2eaf7a8f0ec154a6dc75f5c53c8ce8c733ad236b4d635fa49b6210b24a9d18326dcdac12bfff5551636306bdbbbe4190530e5a0704e9fb8f30ef7b1730686eb395c3d11c966caaeb14ee4138e8bcfe8f73119a0fab734eed3443944c6d8800124b6eeed36d530dcafa71d91657d97069b1604e7922094604aacecbf42cd487b15e2de25819fd4179ca615404307127640aa80eb8283e5462fe1abd5f9ebab03f6e95ba2bf2e8ba3e96170aed26565cde86777367e4b2193dfaceb350e1371394109e1f408c994f3c7dcc5eae506263834618a727c919f6e76898214c931f8d0d1b0200fb14a7d46e78d8634cbd918cc560e58cf2516498ecc55af46471ae01ba385727e262afe16510d54516d0c011ce678271f14a007d4c7f314cd5ae51ada413e315f85e3990b1686a8c3f9c06fe0d63e6c3438aa5b31ab526989d1f3577139eed35afdafdeb968fd88f15a670523db921a82428fac13a3cf67584e3bca1d3e7ac52ea6cf8a49992fceab78b837ed1d26cf3ce3aab33c85ac392e0e4baff9b63777f9339bfb8821759c8b4632e4ff41569fd5dda7cdadb44f1efc1dd5e19f76bff4bc9ea3b65dd0ba35cad76de5f075cb2a969a79b24c73ce8c40a2c72eb39c321404f784bd30c09073be67ed7fddcb5e1cecf78258d1b7d75dbc575c693ee045a44e09b020ca11fd62b72c5d5d5a0aa81936db25c400615c6a802bb3d218ec4cf135f27c288ba34db438902073b55e1dcd3afcef4d608d0ba63c1aecec0ea851de52931a6ccb3054a1f37a6cc2d62342226ea5249583aadd87f3bf308f5355d4d349772b14a6dba9076fa8a32cdc72cc2ee8c59bbdf2980192e8de69694d49cb81eb3e32770c477035130593c29288a10d67e0a261352c1d60c1565180c41c4ee7f3e07d4a5fb6f4d6c5ef087741ce6078ed8fecb1cf2894efb0b72d62119934831aab0d93ce7609b1d7b2e3d2b0fc0099e2ef70cd56a8cad09a4407ec34090d138b30adc2b872e286ddd22102ad8149fdb4b69266ba476aad1cc27fa4ca7170f2ac1e36c3800c6109e3e59007a681a2f22f836c1e75d86df4760959475a55e360503481adac9ad89b2f183f3366f8f71436a8717eb8b40ceb1b57e247b6aa79d88372fc45cfec9d26de12b4eb71bd2b322ccb49131b799ef5bfc240c2c6b0c4de812a0458865e85ea4b3738a164b845c82084dee165d0cfe88e96570f7f0eff3acbbcaeede932e2c3329349eae0e6f5b2eac5fe137f7a4ee5896b9dfa3f22e6b7f02868e3ca45be16f6df6f164e43ea4b57d1c2d9929336b0cc1c1267c0828d0e22b22481ab2a2a34824c2cd4408e663d16cf1111f13ddae650c5859da944f18892ff75997dd245c6e728670a5afd485002560b6e2e79cd43d08dbd31994ccbc6b0b222aaa415583cd2f3d12025db6c8bba2eeea56f9b806760c58eead3f71477987019c75d409e0ff1f99a0cb8910c818173823ab0f53f2f94bc8b054fc0bfd5f95e328c0d73fe4e2b9383be452c14d9d6882e371cd76e375d44aecb2e134cd86fdbaa367554f996b7918b4d32f83824a2486a2dafa83e5c0de439253083823311d07963ffb7b17edaa490acd07488868bf4a03eea544787d0eeae87c2079a2c4b0b860717637938660d6cbc4cf65f3e9f8b0eeb09ba8b2fab43fd074da31cc0c13692ea72f377aec89a77babb545b6da2f09a32"
)
app_response_records = tls.TLS(app_response, ctx=tls_ctx)
tls_ctx.insert(app_response_records)
# Test decryption against given states
self.assertTrue(server_finished_records.haslayer(tls.TLSPlaintext))
self.assertEqual(server_finished_records[tls.TLSPlaintext].padding_len,
ord("\x0b"))
self.assertEqual(server_finished_records[tls.TLSPlaintext].padding,
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b")
self.assertEqual(
server_finished_records[tls.TLSPlaintext].mac,
"\xac'\x9a\x94\xf6t'\x18E\x03nD\x0b\xf4\xf7\xf5T\xce\x05q")
self.assertEqual(server_finished_records[tls.TLSPlaintext].data,
"\x14\x00\x00\x0c3\x13V\xac\x90.6\x89~7\x13\xbd")
self.assertTrue(app_response_records.haslayer(tls.TLSPlaintext))
self.assertTrue(
app_response_records[3][tls.TLSPlaintext].data.startswith("HTTP"))
def test_tls_certificate_multiple_x509(self):
# issue #27
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSCertificateList(
certificates=[
tls.TLSCertificate(data=x509.X509Cert(self.der_cert)),
tls.TLSCertificate(data=x509.X509Cert(self.der_cert)),
tls.TLSCertificate(data=x509.X509Cert(self.der_cert))
])
self.assertEqual(len(pkt[tls.TLSCertificateList].certificates), 3)
for tlscert in pkt[tls.TLSCertificateList].certificates:
self.assertEqual(str(tlscert.data), self.der_cert)
try:
tlscert.data.pubkey
except AttributeError, ae:
self.fail(ae)
def _static_tls_handshake(self):
# Setup static parameters, so PRF output is reproducible
tls_ctx = tlsc.TLSSessionCtx()
tls_ctx.crypto.session.premaster_secret = "\x03\x01" + "C" * 46
client_hello = tls.TLSRecord(
version="TLS_1_0") / tls.TLSHandshake() / tls.TLSClientHello(
version="TLS_1_0",
gmt_unix_time=1234,
random_bytes="A" * 28,
session_id="",
compression_methods=[0],
cipher_suites=(tls.TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA))
tls_ctx.insert(client_hello)
server_hello = binascii.unhexlify(
"160301004a02000046030155662cd45fade845839a3c8dba0e46f1abcd2fd941f4e95e75ab6d61811abcf420960ccadc00abc7043cca458d9a1df1cb877a5005b53f754ac80d392990fae3c7002f00160301047c0b0004780004750004723082046e30820356a003020102020900d1e1f53a9203251a300d06092a864886f70d0101050500308180310b3009060355040613025553311330110603550408130a536f6d652d53746174653112301006035504071309536f6d652d6369747931153013060355040a130c536f6d652d636f6d70616e793110300e060355040b1307536f6d652d4f55311f301d06035504031316736f6d652d7365727665722e736f6d652e7768657265301e170d3135303532323139313631325a170d3235303531393139313631325a308180310b3009060355040613025553311330110603550408130a536f6d652d53746174653112301006035504071309536f6d652d6369747931153013060355040a130c536f6d652d636f6d70616e793110300e060355040b1307536f6d652d4f55311f301d06035504031316736f6d652d7365727665722e736f6d652e776865726530820122300d06092a864886f70d01010105000382010f003082010a0282010100cd7b7165ee7528f107cf666edc673eedc863544ebe8cc3741346015eea182a73a9e18e26f6f1553d83843d2bdacdd4501faec7b4f5446b8790053f152e23f70d121ca7f63a22a657536ee4b50b8777568ef469905ce05211178dd9ebe223b21246cce4baf351d0b81b464830e15fb7178cf5f39e7673de7779e5dbbd7a3d2ea98589b0d6003635447693ed2ec632c3dbb632ac254e3b8cd78e1ea160982627e2cd3a369c4bb43c486141b97fbbd9d3cb014b92e0ec6ecf46ded64749bbecfb6f98d0d2f459d5cf0054a6522280af961dfcbe1650937180f43decf2f8725b94eeec10248cdc70acad63bcc3cd5370d0dc0f3cba8d369909c6b917f243e5e5bc270203010001a381e83081e5301d0603551d0e041604143cc2f7fc85dbbe4b0566b35bde744484438ae83e3081b50603551d230481ad3081aa80143cc2f7fc85dbbe4b0566b35bde744484438ae83ea18186a48183308180310b3009060355040613025553311330110603550408130a536f6d652d53746174653112301006035504071309536f6d652d6369747931153013060355040a130c536f6d652d636f6d70616e793110300e060355040b1307536f6d652d4f55311f301d06035504031316736f6d652d7365727665722e736f6d652e7768657265820900d1e1f53a9203251a300c0603551d13040530030101ff300d06092a864886f70d0101050500038201010001738e2985692d8239fb1795e6ea0718755cf106cd739f7113afd3a074add07f981b06f34b9df3e1658c153355c5061b369d60d341eb4ccefdd98d6d6790be499cde8bd5705d1a8a89bb141599f3319914f8539e294848c106386218d8679da46ba90a2ce7587265cb55d6a629569b65581ee2e88ded264b81dff1c11e2c55728efe170dfe4f76706fbbda137b02e0fa987355b0cfdb3f8637e35473e4a6eccdcbc27d55d1f956a5f2c454e937df71d42e21d45d227477e26053b8be003fa527746b163b3d4b9a585d2860e5080ed9737d4c5fa5a32eee45a4e56d8a03542349619084580cc9c6c25b1ac7f3854b501423eafdd32896af92ce8ca6923947d77c16030100040e000000"
)
tls_ctx.insert(tls.TLS(server_hello))
return tls_ctx
def test_format_of_tls_finished_is_as_specified_in_rfc(self):
def encrypt(cleartext, mac, padding):
self.assertEqual(
cleartext,
"\x14\x00\x00\x0c%s" % self.tls_ctx.get_verify_data())
self.assertEqual(len(mac), SHA.digest_size)
self.assertEqual(len(padding), 11)
self.assertTrue(
all(map(lambda x: True if x == chr(11) else False, padding)))
return "A" * 48
client_finished = tls.TLSRecord(content_type=0x16) / tls.to_raw(
tls.TLSFinished(),
self.tls_ctx,
include_record=False,
encrypt_hook=encrypt)
pkt = tls.TLS(str(client_finished))
# 4 bytes of TLSHandshake header, 12 bytes of verify_data, 20 bytes of HMAC SHA1, 11 bytes of padding, 1 padding length byte
self.assertEqual(
pkt[tls.TLSRecord].length,
len(tls.TLSHandshake()) + 12 + SHA.digest_size + 11 + 1)
def test_random_pms_is_generated_on_client_hello(self):
tls_ctx = tlsc.TLSSessionCtx()
pkt = tls.TLSRecord() / tls.TLSHandshake() / tls.TLSClientHello(
version=0x0301)
tls_ctx.insert(pkt)
self.assertIsNotNone(tls_ctx.crypto.session.premaster_secret)
def test_cleartext_handshake_is_not_decrypted(self):
tls_ctx = self._static_tls_handshake()
handshake = tls.TLSRecord() / tls.TLSHandshake(
) / tls.TLSServerKeyExchange() / tls.TLSServerDHParams()
record = tls.TLS(str(handshake), ctx=tls_ctx)
self.assertTrue(record.haslayer(tls.TLSServerKeyExchange))
def test_session_context_is_removed_from_scapy_on_init(self):
pkt = tls.TLSRecord() / tls.TLSAlert()
records = tls.TLS(str(pkt), ctx=tlsc.TLSSessionCtx())
with self.assertRaises(KeyError):
records.fields["ctx"]
def test_record_payload_is_identical_to_raw_payload(self):
pkt = tls.TLSPlaintext(data=b"ABCD")
raw = tls.to_raw(pkt, self.tls_ctx, include_record=False)
record = tls.TLSRecord() / raw
self.assertEqual(len(record[tls.TLSRecord]) - 0x5, len(raw))
self.assertEqual(str(record[tls.TLSRecord].payload), raw)