def test_RSA_key_exchange_with_client(self): self.assertIsNone(self.keyExchange.makeServerKeyExchange()) client_keyExchange = RSAKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, None) client_premaster = client_keyExchange.processServerKeyExchange(\ self.srv_pub_key, None) clientKeyExchange = client_keyExchange.makeClientKeyExchange() server_premaster = self.keyExchange.processClientKeyExchange(\ clientKeyExchange) self.assertEqual(client_premaster, server_premaster)
def setUp(self): self.srv_private_key = parsePEMKey(srv_raw_key, private=True) srv_chain = X509CertChain([X509().parse(srv_raw_certificate)]) self.srv_pub_key = srv_chain.getEndEntityPublicKey() self.cipher_suite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA self.client_hello = ClientHello().create((3, 3), bytearray(32), bytearray(0), []) self.server_hello = ServerHello().create((3, 2), bytearray(32), bytearray(0), self.cipher_suite) self.keyExchange = RSAKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, self.srv_private_key)
class TestRSAKeyExchange(unittest.TestCase): def setUp(self): self.srv_private_key = parsePEMKey(srv_raw_key, private=True) srv_chain = X509CertChain([X509().parse(srv_raw_certificate)]) self.srv_pub_key = srv_chain.getEndEntityPublicKey() self.cipher_suite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA self.client_hello = ClientHello().create((3, 3), bytearray(32), bytearray(0), []) self.server_hello = ServerHello().create((3, 2), bytearray(32), bytearray(0), self.cipher_suite) self.keyExchange = RSAKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, self.srv_private_key) def test_RSA_key_exchange(self): self.assertIsNone(self.keyExchange.makeServerKeyExchange()) premaster_secret = bytearray(b'\xf0'*48) premaster_secret[0] = 3 premaster_secret[1] = 3 clientKeyExchange = ClientKeyExchange(self.cipher_suite, (3, 2)) clientKeyExchange.createRSA(self.srv_pub_key.encrypt(premaster_secret)) dec_premaster = self.keyExchange.processClientKeyExchange(\ clientKeyExchange) premaster_secret = bytearray(b'\xf0'*48) premaster_secret[0] = 3 premaster_secret[1] = 3 self.assertEqual(dec_premaster, premaster_secret) def test_RSA_key_exchange_with_client(self): self.assertIsNone(self.keyExchange.makeServerKeyExchange()) client_keyExchange = RSAKeyExchange(self.cipher_suite, self.client_hello, self.server_hello, None) client_premaster = client_keyExchange.processServerKeyExchange(\ self.srv_pub_key, None) clientKeyExchange = client_keyExchange.makeClientKeyExchange() server_premaster = self.keyExchange.processClientKeyExchange(\ clientKeyExchange) self.assertEqual(client_premaster, server_premaster) def test_RSA_with_invalid_encryption(self): self.assertIsNone(self.keyExchange.makeServerKeyExchange()) premaster_secret = bytearray(b'\xf0'*48) premaster_secret[0] = 3 premaster_secret[1] = 3 clientKeyExchange = ClientKeyExchange(self.cipher_suite, (3, 2)) enc_premaster = self.srv_pub_key.encrypt(premaster_secret) enc_premaster[-1] ^= 0x01 clientKeyExchange.createRSA(enc_premaster) dec_premaster = self.keyExchange.processClientKeyExchange(\ clientKeyExchange) premaster_secret = bytearray(b'\xf0'*48) premaster_secret[0] = 3 premaster_secret[1] = 3 self.assertNotEqual(dec_premaster, premaster_secret) def test_RSA_with_wrong_size_premaster(self): self.assertIsNone(self.keyExchange.makeServerKeyExchange()) premaster_secret = bytearray(b'\xf0'*47) premaster_secret[0] = 3 premaster_secret[1] = 3 clientKeyExchange = ClientKeyExchange(self.cipher_suite, (3, 2)) enc_premaster = self.srv_pub_key.encrypt(premaster_secret) clientKeyExchange.createRSA(enc_premaster) dec_premaster = self.keyExchange.processClientKeyExchange(\ clientKeyExchange) premaster_secret = bytearray(b'\xf0'*47) premaster_secret[0] = 3 premaster_secret[1] = 3 self.assertNotEqual(dec_premaster, premaster_secret) def test_RSA_with_wrong_version_in_IE(self): # Internet Explorer sends the version from Server Hello not Client Hello self.assertIsNone(self.keyExchange.makeServerKeyExchange()) premaster_secret = bytearray(b'\xf0'*48) premaster_secret[0] = 3 premaster_secret[1] = 2 clientKeyExchange = ClientKeyExchange(self.cipher_suite, (3, 2)) enc_premaster = self.srv_pub_key.encrypt(premaster_secret) clientKeyExchange.createRSA(enc_premaster) dec_premaster = self.keyExchange.processClientKeyExchange(\ clientKeyExchange) premaster_secret = bytearray(b'\xf0'*48) premaster_secret[0] = 3 premaster_secret[1] = 2 self.assertEqual(dec_premaster, premaster_secret) def test_RSA_with_wrong_version(self): self.assertIsNone(self.keyExchange.makeServerKeyExchange()) premaster_secret = bytearray(b'\xf0'*48) premaster_secret[0] = 3 premaster_secret[1] = 1 clientKeyExchange = ClientKeyExchange(self.cipher_suite, (3, 2)) clientKeyExchange.createRSA(self.srv_pub_key.encrypt(premaster_secret)) dec_premaster = self.keyExchange.processClientKeyExchange(\ clientKeyExchange) premaster_secret = bytearray(b'\xf0'*48) premaster_secret[0] = 3 premaster_secret[1] = 1 self.assertNotEqual(dec_premaster, premaster_secret)