def test_padding_extension_with_hello_over_256(self): sock = self.prepare_mock_socket_with_handshake_failure() conn = TLSConnection(sock) # create hostname extension with self.assertRaises(TLSRemoteAlert): # use serverName with 252 bytes settings = HandshakeSettings() settings.maxVersion = (3, 3) settings.keyShares = [] conn.handshakeClientCert( settings=settings, serverName='aaaaaaaaaabbbbbbbbbbccccccccccdddddddddd.' + 'eeeeeeeeeeffffffffffgggggggggghhhhhhhhhh.' + 'iiiiiiiiiijjjjjjjjjjkkkkkkkkkkllllllllll.' + 'mmmmmmmmmmnnnnnnnnnnoooooooooopppppppppp.' + 'qqqqqqqqqqrrrrrrrrrrsssssssssstttttttttt.' + 'uuuuuuuuuuvvvvvvvvvvwwwwwwwwwwxxxxxxxxxx.' + 'y.com') self.assertEqual(len(sock.sent), 1) # check for version and content type (handshake) self.assertEqual(sock.sent[0][0:3], bytearray(b'\x16' + b'\x03\x03')) # check for handshake message type (client_hello) self.assertEqual(sock.sent[0][5:6], bytearray(b'\x01')) self.assertEqual(sock.sent[0][5:9], bytearray(b'\x01\x00\x02\x00')) # 5 bytes is record layer header, 4 bytes is handshake protocol header self.assertEqual(len(sock.sent[0]) - 5 - 4, 512)
def test_not_matching_keyShares(self): hs = HandshakeSettings() hs.keyShares = ["x25519"] hs.eccCurves = ["x448"] with self.assertRaises(ValueError) as e: hs.validate() self.assertIn("x25519", str(e.exception))
def test_not_matching_ffdhe_keyShares(self): hs = HandshakeSettings() hs.keyShares = ["ffdhe2048", "x25519"] hs.dhGroups = ["ffdhe4096"] with self.assertRaises(ValueError) as e: hs.validate() self.assertIn("ffdhe2048", str(e.exception))
def test_invalid_keyShares_name(self): hs = HandshakeSettings() hs.keyShares = ["ffdhe1024"] with self.assertRaises(ValueError): hs.validate()