tls.test package¶
Submodules¶
tls.test._common module¶
Components that are common to tls
‘ test suite and importable. For
non-importable py.test extensions, such as fixtures, see
conftest.py
in the root directory.
tls.test.test_alert module¶
tls.test.test_ciphersuites module¶
-
tls.test.test_ciphersuites.
test_ciphersuites
()¶
-
tls.test.test_ciphersuites.
test_select_preferred_ciphersuite
()¶
-
tls.test.test_ciphersuites.
test_unsupported_ciphersuite
()¶
tls.test.test_hello_message module¶
-
class
tls.test.test_hello_message.
TestClientHello
¶ Bases:
object
Tests for the parsing of ClientHello messages.
-
cert_status_request_ext
= '\x00\x05\x00\x11\x01\x00\t\x00\x0212\x00\x03345\x00\x03678'¶
-
cert_status_request_zero_ext
= '\x00\x05\x00\x05\x01\x00\x00\x00\x00'¶
-
cipher_suites_too_short_packet
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567\x00\x00\x00\x01\x00\x00\x00'¶
-
client_certificate_url_extension
= '\x00\x02\x00\x00'¶
-
client_hello_packet_with_client_certificate_url_extension
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\x04\x00\x02\x00\x00'¶
-
client_hello_packet_with_maximum_fragment_length_ext
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\x05\x00\x01\x00\x01\x01'¶
-
client_hello_packet_with_server_name_ext
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\x12\x00\x00\x00\x0e\x00\x0c\x00\x00\tlocalhost'¶
-
client_hello_with_cert_status_ext
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\x15\x00\x05\x00\x11\x01\x00\t\x00\x0212\x00\x03345\x00\x03678'¶
-
client_hello_with_status_req_zero_ext
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\t\x00\x05\x00\x05\x01\x00\x00\x00\x00'¶
-
client_hello_with_truncated_hmac_ext
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\x04\x00\x04\x00\x00'¶
-
client_hello_with_trusted_ca_keys_ext
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\x1b\x00\x03\x00\x17\x00\x15\x01aaaaaaaaaaaaaaaaaaaa'¶
-
common_client_hello_data
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00'¶
-
compression_methods_too_short_packet
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567\x00\x00\x02\x00k\x00\x00\x1a\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'¶
-
extensions_packet
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\x1a\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'¶
-
maximum_fragment_length_data
= '\x00\x01\x00\x01\x01'¶
-
no_extensions_packet
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00\x02\x00k\x01\x00\x00\x00'¶
-
server_name_extension_data
= '\x00\x00\x00\x0e\x00\x0c\x00\x00\tlocalhost'¶
-
supported_signature_list_extension_data
= '\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'¶
-
test_as_bytes_cert_status_request_extension
()¶ tls.hello_message.ClientHello.as_bytes()
serializes a message containing the STATUS_REQUEST extension.
-
test_as_bytes_cert_status_request_zero_extension
()¶ tls.hello_message.ClientHello.as_bytes()
serializes a message containing the STATUS_REQUEST extension with zero length responder_id_list and request_extensions.
-
test_as_bytes_client_certificate_url_extension
()¶ tls.hello_message.ClientHello()
serializes a message containing the CLIENT_CERTIFICATE_URL extension.
-
test_as_bytes_client_hello_cipher_suites
()¶ tls.hello_message.ClientHello()
fails to construct a packet whosecipher_suites
would be too short.
-
test_as_bytes_client_hello_compression_methods_too_short
()¶ tls.hello_message.ClientHello()
fails to construct a packet whosecompression_methods
would be too short.
-
test_as_bytes_no_extensions
()¶ ClientHello.as_bytes()
returns the bytes it was created with
-
test_as_bytes_trusted_ca_keys_extension
()¶ tls.hello_message.ClientHello()
serializes a message containing the TRUSTED_CA_KEYS extension.
-
test_as_bytes_unsupported_extension
()¶ ClientHello.as_bytes()
fails to serialize a message that contains invalid extensions
-
test_as_bytes_with_extensions
()¶ ClientHello.as_bytes()
returns the bytes it was created with
-
test_as_bytes_with_truncated_hmac_extension
()¶
-
test_client_hello_maximum_fragment_length_extension_as_bytes
()¶
-
test_client_hello_with_maximum_fragment_length_extension
()¶ tls.hello_message.ClientHello()
parses a packet with a maximum_fragment_length extension.
-
test_client_hello_with_server_name_extension
()¶ tls.hello_message.ClientHello()
parses a packet with a server_name extension
-
test_from_bytes_cert_status_request_extension
()¶ tls.hello_message.ClientHello.from_bytes()
parses a packet with STATUS_REQUEST extension.
-
test_from_bytes_cert_status_request_zero_extension
()¶ tls.hello_message.ClientHello.from_bytes()
parses a packet with STATUS_REQUEST extension with zero length responder_id_list and request_extensions.
-
test_from_bytes_with_truncated_hmac_extension
()¶ tls.hello_message.ClientHello()
parses a packet with a truncated_hmac extension.
-
test_hello_from_bytes_with_unsupported_extension
()¶ tls.hello_message.ClientHello()
does not parse a packet with an unsupported extension, and raises an error.
-
test_parse_client_certificate_url_extension
()¶ tls.hello_message.ClientHello()
parses a packet with CLIENT_CERTIFICATE_URL extension.
-
test_parse_client_hello_cipher_suites
()¶ tls.hello_message.ClientHello()
fails to parse a packet whosecipher_suites
is too short.
-
test_parse_client_hello_compression_methods_too_short
()¶ tls.hello_message.ClientHello()
fails to parse a packet whosecompression_methods
is too short.
-
test_parse_client_hello_extensions
()¶
-
test_parse_trusted_ca_keys_extension
()¶ tls.hello_message.ClientHello()
parses a packet with TRUSTED_CA_KEYS_EXT extension.
-
test_resumption_no_extensions
()¶ parse_client_hello()
returns an instance ofClientHello
.
-
truncated_hmac_ext_packet
= '\x00\x04\x00\x00'¶
-
trusted_ca_keys_ext
= '\x00\x03\x00\x17\x00\x15\x01aaaaaaaaaaaaaaaaaaaa'¶
-
-
class
tls.test.test_hello_message.
TestServerHello
¶ Bases:
object
Tests for the parsing of ServerHello messages.
-
common_server_hello_data
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00k\x00'¶
-
extensions_packet
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00k\x00\x00\x1a\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'¶
-
no_extensions_packet
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00k\x00\x00\x00'¶
-
server_hello_with_truncated_hmac_ext
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00k\x00\x00\x04\x00\x04\x00\x00'¶
-
supported_signature_list_extension_data
= '\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'¶
-
test_as_bytes_no_extensions
()¶ ServerHello.as_bytes()
returns the bytes it was created with
-
test_as_bytes_unsupported_extension
()¶ ServerHello.as_bytes()
fails to serialize a message that contains invalid extensions
-
test_as_bytes_with_truncated_hmac_extension
()¶
-
test_from_bytes_with_truncated_hmac_extension
()¶ tls.hello_message.ServerHello()
parses a packet with a truncated_hmac extension.
-
test_parse_server_hello
()¶ parse_server_hello()
returns an instance ofServerHello
.
-
test_parse_server_hello_extensions
()¶ parse_server_hello()
fails to parse when SIGNATURE_ALGORITHMS extension bytes are present in the packet
-
test_server_hello_fails_with_server_name_extension
()¶ tls.hello_message.ServerHello()
does not parse a packet with a server_name extension, and raises an error.
-
truncated_hmac_ext_packet
= '\x00\x04\x00\x00'¶
-
tls.test.test_message module¶
-
class
tls.test.test_message.
TestASN1CertificateSerialization
¶ Bases:
object
Tests for serializing
tls.message.ASN1Cert
-
test_as_bytes
()¶ tls.message.ASN1Cert.as_bytes()
constructs a valid packet.
-
test_as_bytes_too_long
()¶ tls.message.ASN1Cert.as_bytes()
fails to construct a packet whoseasn1_cert
would be too long.
-
test_as_bytes_too_short
()¶ tls.message.ASN1Cert.as_bytes()
fails to construct a packet whoseasn1_cert
would be too short.
-
-
class
tls.test.test_message.
TestCertificateParsing
¶ Bases:
object
Tests for parsing of
tls.message.Certificate
messages.-
certificates_too_short
= '\x00\x00\x00'¶
-
packet
= '\x00\x00\x06\x00\x00\x03ABC'¶
-
test_as_bytes
()¶ tls.message.Certificate.as_bytes()
returns a valid packet.
-
test_as_bytes_too_long
()¶ tls.message.Certificate.as_bytes()
fails to construct a packet whosecertificate_list
would be too short.
-
test_as_bytes_too_short
()¶ tls.message.Certificate.as_bytes()
fails to construct a packet whosecertificate_list
would be too long.
-
test_parse_certificate
()¶ tls.message.Certificate.from_bytes()
parses a valid packet.
-
test_parse_certificate_too_short
()¶ tls.message.Certificate.from_bytes()
rejects a packet whosecertificate_list
is too short.
-
-
class
tls.test.test_message.
TestCertificateRequestParsing
¶ Bases:
object
Tests for parsing of CertificateRequest messages.
-
certificate_types_too_short
= '\x00'¶
-
supported_signature_algorithms_too_short
= '\x01\x01\x00\x00'¶
-
test_as_bytes_certificate_types_too_short
()¶ tls.message.CertificateRequest()
fails to construct a certificate request packet whosecertificate_types
would be too short.
-
test_as_bytes_supported_signature_algorithms_too_short
()¶ CertificateRequest()
fails to construct a certificate request packet whosesupported_signature_algorithms
would be too short.
-
test_parse_certificate_request
()¶
-
test_parse_certificate_types_too_short
()¶ tls.message.CertificateRequest()
fails to parse a certificate request packet whosecertificate_types
is too short.
-
test_parse_supported_signature_algorithms_too_short
()¶ CertificateRequest()
fails to parse a certificate request packet whosesupported_signature_algorithms
is too short.
-
-
class
tls.test.test_message.
TestCertificateStatusParsing
¶ Bases:
object
Tests for parsing of
tls.message.CertificateStatus
structs.-
certificate_status
= '\x01\x00\x00\x0512345'¶
-
test_as_bytes
()¶ tls.message.CertificateStatus.as_bytes()
returns the bytes it was created with.
-
test_from_bytes
()¶ tls.message.CertificateStatus.from_bytes()
parses a valid packet.
-
-
class
tls.test.test_message.
TestCertificateURLParsing
¶ Bases:
object
Tests for parsing of
tls.message.CertificateURL
messages.-
certificate_url_packet
= "\x00\x00'\x00\x10cert.example.com\x01abcdefghijklmnopqrst"¶
-
test_as_bytes
()¶ tls.message.CertificateUrl.as_bytes()
returns a valid packet.
-
test_as_bytes_with_bad_padding
()¶ tls.message.CertificateURL.as_bytes()
fails to serialize a record whosepadding
is not 1.
-
test_incorrect_padding_parsing
()¶ tls._constructs.URLAndHash.parse()
rejects a packet whosepadding
is not 1.
-
test_parse_certificate_url
()¶ tls.message.CertificateURL.from_bytes()
parses a valid packet.
-
test_url_and_hash_list_too_short
()¶ tls._constructs.CertificateURL
rejects a record where length of url_and_hash_list is less than 1.
-
url_and_hash_list_bytes
= '\x00\x10cert.example.com\x01abcdefghijklmnopqrst'¶
-
-
class
tls.test.test_message.
TestHandshakeStructParsing
¶ Bases:
object
Tests for parsing of
tls.message.Handshake
structs.-
certificate_handshake_packet
= '\x0b\x00\x00\t\x00\x00\x06\x00\x00\x03ABC'¶
-
certificate_packet
= '\x00\x00\x06\x00\x00\x03ABC'¶
-
certificate_request_handshake
= '\r\x00\x00\x08\x01\x01\x00\x02\x01\x01\x00\x00'¶
-
certificate_request_packet
= '\x01\x01\x00\x02\x01\x01\x00\x00'¶
-
certificate_status
= '\x01\x00\x00\x0512345'¶
-
certificate_status_handshake
= '\x16\x00\x00\t\x01\x00\x00\x0512345'¶
-
certificate_url_handshake_packet
= "\x15\x00\x00*\x00\x00'\x00\x10cert.example.com\x01abcdefghijklmnopqrst"¶
-
certificate_url_packet
= "\x00\x00'\x00\x10cert.example.com\x01abcdefghijklmnopqrst"¶
-
client_hello_handshake_packet
= '\x01\x00\x00E\x03\x00\x01\x02\x03\x040123456789012345678901234567\x00\x00\x02\x00k\x01\x00\x00\x1a\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'¶
-
client_hello_packet
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567\x00\x00\x02\x00k\x01\x00\x00\x1a\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'¶
-
finished_handshake
= '\x14\x00\x00\x14some-encrypted-bytes'¶
-
hello_request_handshake
= '\x00\x00\x00\x00'¶
-
server_hello_done_handshake
= '\x0e\x00\x00\x00'¶
-
server_hello_handshake_packet
= '\x02\x00\x00H\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00k\x00\x00\x00'¶
-
server_hello_packet
= '\x03\x00\x01\x02\x03\x040123456789012345678901234567 01234567890123456789012345678901\x00k\x00\x00\x00'¶
-
server_key_exchange_handshake
= '\x0c\x00\x00\x00'¶
-
supported_signature_list_extension_data
= '\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'¶
-
test_as_bytes_certificate_packet
()¶
-
test_as_bytes_certificate_request_packet
()¶
-
test_as_bytes_certificate_status
()¶ tls.message.Handshake
serializes a record containing aCertificateStatus
message.
-
test_as_bytes_certificate_url
()¶ tls.message.Handshake.as_bytes()
returns a valid packet when the body contains aCertificateURL
message.
-
test_as_bytes_client_hello_packet
()¶
-
test_as_bytes_finished
()¶
-
test_as_bytes_hello_request
()¶
-
test_as_bytes_not_implemented
()¶
-
test_as_bytes_server_hello_done
()¶
-
test_as_bytes_server_hello_packet
()¶
-
test_finished
()¶
-
test_from_bytes_certificate_status
()¶ tls.message.Handshake
parses a valid packet withCertificateStatus
message.
-
test_from_bytes_certificate_url
()¶ tls.message.Handshake
parses a valid packet with aCertificateURL
message.
-
test_not_implemented
()¶
-
test_parse_certificate_in_handshake
()¶
-
test_parse_certificate_request_in_handshake
()¶
-
test_parse_client_hello_in_handshake
()¶
-
test_parse_hello_request
()¶
-
test_parse_server_hello_in_handshake
()¶
-
test_server_hello_done
()¶
-
tls.test.test_record module¶
-
class
tls.test.test_record.
TestTLSCiphertextParser
¶ Bases:
object
Tests for parsing of TLSCiphertext records.
-
test_fragment_too_long
()¶ TLSCiphertext()
rejects a packet containing a longer-than-allowed fragment.
-
test_parse_tls_ciphertext_handshake
()¶ TLSCiphertext
, which has attributes representing all the fields in the TLSCiphertext struct.
-
-
class
tls.test.test_record.
TestTLSCompressedParsing
¶ Bases:
object
Tests for parsing of TLSCompressed records.
-
test_fragment_too_long
()¶ tls.record.TLSCompressed()
rejects a packet containing a longer-than-allowed fragment.
-
test_incomplete_packet
()¶ Reject an incomplete packet
-
test_not_enough_data_to_fragment
()¶ Detect insufficient data to fragment.
-
test_parse_tls_compressed_handshake
()¶ TLSCompressed
, which has attributes representing all the fields in the TLSCompressed struct.
-
test_parse_tls_compressed_wrong_type
()¶ Raise an error when the type is not one of those defined in
enums.ContentType
.
-
-
class
tls.test.test_record.
TestTLSPlaintextParsing
¶ Bases:
object
Tests for parsing of TLSPlaintext records.
-
test_as_bytes
()¶ Construct a TLSPlaintext object as bytes.
-
test_as_bytes_fragment_too_long
()¶ tls.record.TLSPlaintext()
fails to construct a packet with a longer-than-allowed fragment.
-
test_incomplete_packet
()¶ Reject an incomplete packet
-
test_not_enough_data_to_fragment
()¶ Detect insufficient data to fragment.
-
test_parse_fragment_too_long
()¶ tls.record.TLSPlaintext()
fails to parse a packet containing a longer-than-allowed fragment.
-
test_parse_tls_plaintext_handshake
()¶ parse_tls_plaintext()
returns an instance ofTLSPlaintext
, which has attributes representing all the fields in the TLSPlaintext struct.
-
test_parse_tls_plaintext_wrong_type
()¶ Raise an error when the type is not one of those defined in
enums.ContentType
.
-