xref: /aosp_15_r20/external/scapy/test/tls.uts (revision 7dc08ffc4802948ccbc861daaf1e81c405c2c4bd)

% Tests for TLS module
#
# Try me with :
# bash test/run_tests -t test/tls.uts -F

~ crypto

###############################################################################
################################### Crypto ####################################
###############################################################################

###############################################################################
### HMAC                                                                    ###
###############################################################################

+ Test HMACs

= Crypto - Hmac_MD5 instantiation, parameter check
from scapy.layers.tls.crypto.h_mac import Hmac_MD5
a = Hmac_MD5("somekey")
a.key_len == 16 and a.hmac_len == 16

= Crypto - Hmac_MD5 behavior on test vectors from RFC 2202 (+ errata)
a = Hmac_MD5
t1 = a(b'\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b').digest("Hi There") == b'\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d'
t2 = a('Jefe').digest('what do ya want for nothing?') == b'\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38'
t3 = a(b'\xaa'*16).digest(b'\xdd'*50) == b'\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3\xf6'
t4 = a(b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19').digest(b'\xcd'*50) == b'\x69\x7e\xaf\x0a\xca\x3a\x3a\xea\x3a\x75\x16\x47\x46\xff\xaa\x79'
t5 = a(b'\x0c'*16).digest("Test With Truncation") == b'\x56\x46\x1e\xf2\x34\x2e\xdc\x00\xf9\xba\xb9\x95\x69\x0e\xfd\x4c'
t6 = a(b'\xaa'*80).digest("Test Using Larger Than Block-Size Key - Hash Key First") == b'\x6b\x1a\xb7\xfe\x4b\xd7\xbf\x8f\x0b\x62\xe6\xce\x61\xb9\xd0\xcd'
t7 = a(b'\xaa'*80).digest("Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data") == b'\x6f\x63\x0f\xad\x67\xcd\xa0\xee\x1f\xb1\xf5\x62\xdb\x3a\xa5\x3e'
t1 and t2 and t3 and t4 and t5 and t6 and t7


= Crypto - Hmac_SHA instantiation, parameter check
from scapy.layers.tls.crypto.h_mac import Hmac_SHA
a = Hmac_SHA("somekey")
a.key_len == 20 and a.hmac_len == 20

= Crypto - Hmac_SHA behavior on test vectors from RFC 2202 (+ errata)
a = Hmac_SHA
t1 = a(b'\x0b'*20).digest("Hi There") == b'\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00'
t2 = a('Jefe').digest("what do ya want for nothing?") == b'\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c\x25\x9a\x7c\x79'
t3 = a(b'\xaa'*20).digest(b'\xdd'*50) == b'\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f\x63\xf1\x75\xd3'
t4 = a(b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19').digest(b'\xcd'*50) == b'\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c\x2d\x72\x35\xda'
t5 = a(b'\x0c'*20).digest("Test With Truncation") == b'\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32\x4a\x9a\x5a\x04'
t6 = a(b'\xaa'*80).digest("Test Using Larger Than Block-Size Key - Hash Key First") == b'\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55\xed\x40\x21\x12'
t7 = a(b'\xaa'*80).digest("Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data") == b'\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08\xbb\xff\x1a\x91'
t1 and t2 and t3 and t4 and t5 and t6 and t7


= Crypto - Hmac_SHA2 behavior on test vectors from RFC 4231

class _hmac_test_case_1:
    Key          = (b'\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b'+
                    b'\x0b\x0b\x0b\x0b\x0b\x0b\x0b')
    Data         =  b'\x48\x69\x20\x54\x68\x65\x72\x65'
    HMAC_SHA_224 = (b'\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4'+
                    b'\x9d\xf3\x3f\x47\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68'+
                    b'\x4b\x22')
    HMAC_SHA_256 = (b'\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf'+
                    b'\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9'+
                    b'\x37\x6c\x2e\x32\xcf\xf7')
    HMAC_SHA_384 = (b'\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab'+
                    b'\x46\x90\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa'+
                    b'\x03\x4c\x7c\xeb\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde'+
                    b'\x7f\x4a\xf1\x52\xe8\xb2\xfa\x9c\xb6')
    HMAC_SHA_512 = (b'\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a'+
                    b'\x1d\x6c\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0'+
                    b'\xb3\x05\x45\xe1\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7'+
                    b'\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4\xbe\x9d\x91\x4e'+
                    b'\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54')

class _hmac_test_case_2:
    Key          = b'\x4a\x65\x66\x65'
    Data         = (b'\x77\x68\x61\x74\x20\x64\x6f\x20\x79\x61\x20\x77\x61'+
                    b'\x6e\x74\x20\x66\x6f\x72\x20\x6e\x6f\x74\x68\x69\x6e'+
                    b'\x67\x3f')
    HMAC_SHA_224 = (b'\xa3\x0e\x01\x09\x8b\xc6\xdb\xbf\x45\x69\x0f\x3a\x7e'+
                    b'\x9e\x6d\x0f\x8b\xbe\xa2\xa3\x9e\x61\x48\x00\x8f\xd0'+
                    b'\x5e\x44')
    HMAC_SHA_256 = (b'\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08'+
                    b'\x95\x75\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec'+
                    b'\x58\xb9\x64\xec\x38\x43')
    HMAC_SHA_384 = (b'\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5'+
                    b'\x8a\x6b\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e'+
                    b'\xc3\x73\x63\x22\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2'+
                    b'\xc7\x8b\x32\x39\xec\xfa\xb2\x16\x49')
    HMAC_SHA_512 = (b'\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b'+
                    b'\x56\xe0\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27'+
                    b'\x0c\xd7\xea\x25\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99'+
                    b'\x4a\x6d\x03\x4f\x65\xf8\xf0\xe6\xfd\xca\xea\xb1\xa3'+
                    b'\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a\x38\xbc\xe7\x37')

class _hmac_test_case_3:
    Key          = (b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa')
    Data         = (b'\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd'+
                    b'\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd'+
                    b'\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd'+
                    b'\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd')
    HMAC_SHA_224 = (b'\x7f\xb3\xcb\x35\x88\xc6\xc1\xf6\xff\xa9\x69\x4d\x7d'+
                    b'\x6a\xd2\x64\x93\x65\xb0\xc1\xf6\x5d\x69\xd1\xec\x83'+
                    b'\x33\xea')
    HMAC_SHA_256 = (b'\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0'+
                    b'\x91\x81\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63'+
                    b'\x55\x14\xce\xd5\x65\xfe')
    HMAC_SHA_384 = (b'\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14'+
                    b'\xc8\xa8\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e'+
                    b'\xf4\xe5\x59\x66\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14'+
                    b'\xb9\x4e\x3a\xb6\xe1\x01\xa3\x4f\x27')
    HMAC_SHA_512 = (b'\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c'+
                    b'\x89\x0b\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8'+
                    b'\x3e\x33\xb2\x27\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22'+
                    b'\xc8\x06\xb4\x85\xa4\x7e\x67\xc8\x07\xb9\x46\xa3\x37'+
                    b'\xbe\xe8\x94\x26\x74\x27\x88\x59\xe1\x32\x92\xfb')

class _hmac_test_case_4:
    Key          = (b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d'+
                    b'\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19')
    Data         = (b'\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd'+
                    b'\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd'+
                    b'\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd'+
                    b'\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd')
    HMAC_SHA_224 = (b'\x6c\x11\x50\x68\x74\x01\x3c\xac\x6a\x2a\xbc\x1b\xb3'+
                    b'\x82\x62\x7c\xec\x6a\x90\xd8\x6e\xfc\x01\x2d\xe7\xaf'+
                    b'\xec\x5a')
    HMAC_SHA_256 = (b'\x82\x55\x8a\x38\x9a\x44\x3c\x0e\xa4\xcc\x81\x98\x99'+
                    b'\xf2\x08\x3a\x85\xf0\xfa\xa3\xe5\x78\xf8\x07\x7a\x2e'+
                    b'\x3f\xf4\x67\x29\x66\x5b')
    HMAC_SHA_384 = (b'\x3e\x8a\x69\xb7\x78\x3c\x25\x85\x19\x33\xab\x62\x90'+
                    b'\xaf\x6c\xa7\x7a\x99\x81\x48\x08\x50\x00\x9c\xc5\x57'+
                    b'\x7c\x6e\x1f\x57\x3b\x4e\x68\x01\xdd\x23\xc4\xa7\xd6'+
                    b'\x79\xcc\xf8\xa3\x86\xc6\x74\xcf\xfb')
    HMAC_SHA_512 = (b'\xb0\xba\x46\x56\x37\x45\x8c\x69\x90\xe5\xa8\xc5\xf6'+
                    b'\x1d\x4a\xf7\xe5\x76\xd9\x7f\xf9\x4b\x87\x2d\xe7\x6f'+
                    b'\x80\x50\x36\x1e\xe3\xdb\xa9\x1c\xa5\xc1\x1a\xa2\x5e'+
                    b'\xb4\xd6\x79\x27\x5c\xc5\x78\x80\x63\xa5\xf1\x97\x41'+
                    b'\x12\x0c\x4f\x2d\xe2\xad\xeb\xeb\x10\xa2\x98\xdd')

class _hmac_test_case_5:
    Key          = (b'\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c'+
                    b'\x0c\x0c\x0c\x0c\x0c\x0c\x0c')
    Data         = (b'\x54\x65\x73\x74\x20\x57\x69\x74\x68\x20\x54\x72\x75'+
                    b'\x6e\x63\x61\x74\x69\x6f\x6e')
    HMAC_SHA_224 = (b'\x0e*\xeah\xa9\x0c\x8d7\xc9\x88\xbc\xdb\x9f\xcao\xa8'+
                    b'\t\x9c\xd8W\xc7\xecJ\x18\x15\xca\xc5L')
    HMAC_SHA_256 = (b'\xa3\xb6\x16ts\x10\x0e\xe0n\x0cyl)UU+\xfao|\nj\x8a'+
                    b'\xef\x8b\x93\xf8`\xaa\xb0\xcd \xc5')
    HMAC_SHA_384 = (b':\xbf4\xc3P;*#\xa4n\xfca\x9b\xae\xf8\x97\xf4\xc8\xe4'+
                    b',\x93L\xe5\\\xcb\xae\x97@\xfc\xbc\x1a\xf4\xcab&\x9e*'+
                    b'7\xcd\x88\xba\x92cA\xef\xe4\xae\xea')
    HMAC_SHA_512 = (b'A_\xadbqX\nS\x1dAy\xbc\x89\x1d\x87\xa6P\x18\x87\x07'+
                    b'\x92*O\xbb6f:\x1e\xb1m\xa0\x08q\x1c[P\xdd\xd0\xfc#P'+
                    b'\x84\xeb\x9d3d\xa1EO\xb2\xefg\xcd\x1d)\xfegs\x06\x8e'+
                    b'\xa2f\xe9k')

class _hmac_test_case_6:
    Key          = (b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa')
    Data         = (b'\x54\x65\x73\x74\x20\x55\x73\x69\x6e\x67\x20\x4c\x61'+
                    b'\x72\x67\x65\x72\x20\x54\x68\x61\x6e\x20\x42\x6c\x6f'+
                    b'\x63\x6b\x2d\x53\x69\x7a\x65\x20\x4b\x65\x79\x20\x2d'+
                    b'\x20\x48\x61\x73\x68\x20\x4b\x65\x79\x20\x46\x69\x72'+
                    b'\x73\x74')
    HMAC_SHA_224 = (b'\x95\xe9\xa0\xdb\x96\x20\x95\xad\xae\xbe\x9b\x2d\x6f'+
                    b'\x0d\xbc\xe2\xd4\x99\xf1\x12\xf2\xd2\xb7\x27\x3f\xa6'+
                    b'\x87\x0e')
    HMAC_SHA_256 = (b'\x60\xe4\x31\x59\x1e\xe0\xb6\x7f\x0d\x8a\x26\xaa\xcb'+
                    b'\xf5\xb7\x7f\x8e\x0b\xc6\x21\x37\x28\xc5\x14\x05\x46'+
                    b'\x04\x0f\x0e\xe3\x7f\x54')
    HMAC_SHA_384 = (b'\x4e\xce\x08\x44\x85\x81\x3e\x90\x88\xd2\xc6\x3a\x04'+
                    b'\x1b\xc5\xb4\x4f\x9e\xf1\x01\x2a\x2b\x58\x8f\x3c\xd1'+
                    b'\x1f\x05\x03\x3a\xc4\xc6\x0c\x2e\xf6\xab\x40\x30\xfe'+
                    b'\x82\x96\x24\x8d\xf1\x63\xf4\x49\x52')
    HMAC_SHA_512 = (b'\x80\xb2\x42\x63\xc7\xc1\xa3\xeb\xb7\x14\x93\xc1\xdd'+
                    b'\x7b\xe8\xb4\x9b\x46\xd1\xf4\x1b\x4a\xee\xc1\x12\x1b'+
                    b'\x01\x37\x83\xf8\xf3\x52\x6b\x56\xd0\x37\xe0\x5f\x25'+
                    b'\x98\xbd\x0f\xd2\x21\x5d\x6a\x1e\x52\x95\xe6\x4f\x73'+
                    b'\xf6\x3f\x0a\xec\x8b\x91\x5a\x98\x5d\x78\x65\x98')

class _hmac_test_case_7:
    Key          = (b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa'+
                    b'\xaa')
    Data         = (b'\x54\x68\x69\x73\x20\x69\x73\x20\x61\x20\x74\x65\x73'+
                    b'\x74\x20\x75\x73\x69\x6e\x67\x20\x61\x20\x6c\x61\x72'+
                    b'\x67\x65\x72\x20\x74\x68\x61\x6e\x20\x62\x6c\x6f\x63'+
                    b'\x6b\x2d\x73\x69\x7a\x65\x20\x6b\x65\x79\x20\x61\x6e'+
                    b'\x64\x20\x61\x20\x6c\x61\x72\x67\x65\x72\x20\x74\x68'+
                    b'\x61\x6e\x20\x62\x6c\x6f\x63\x6b\x2d\x73\x69\x7a\x65'+
                    b'\x20\x64\x61\x74\x61\x2e\x20\x54\x68\x65\x20\x6b\x65'+
                    b'\x79\x20\x6e\x65\x65\x64\x73\x20\x74\x6f\x20\x62\x65'+
                    b'\x20\x68\x61\x73\x68\x65\x64\x20\x62\x65\x66\x6f\x72'+
                    b'\x65\x20\x62\x65\x69\x6e\x67\x20\x75\x73\x65\x64\x20'+
                    b'\x62\x79\x20\x74\x68\x65\x20\x48\x4d\x41\x43\x20\x61'+
                    b'\x6c\x67\x6f\x72\x69\x74\x68\x6d\x2e')
    HMAC_SHA_224 = (b'\x3a\x85\x41\x66\xac\x5d\x9f\x02\x3f\x54\xd5\x17\xd0'+
                    b'\xb3\x9d\xbd\x94\x67\x70\xdb\x9c\x2b\x95\xc9\xf6\xf5'+
                    b'\x65\xd1')
    HMAC_SHA_256 = (b'\x9b\x09\xff\xa7\x1b\x94\x2f\xcb\x27\x63\x5f\xbc\xd5'+
                    b'\xb0\xe9\x44\xbf\xdc\x63\x64\x4f\x07\x13\x93\x8a\x7f'+
                    b'\x51\x53\x5c\x3a\x35\xe2')
    HMAC_SHA_384 = (b'\x66\x17\x17\x8e\x94\x1f\x02\x0d\x35\x1e\x2f\x25\x4e'+
                    b'\x8f\xd3\x2c\x60\x24\x20\xfe\xb0\xb8\xfb\x9a\xdc\xce'+
                    b'\xbb\x82\x46\x1e\x99\xc5\xa6\x78\xcc\x31\xe7\x99\x17'+
                    b'\x6d\x38\x60\xe6\x11\x0c\x46\x52\x3e')
    HMAC_SHA_512 = (b'\xe3\x7b\x6a\x77\x5d\xc8\x7d\xba\xa4\xdf\xa9\xf9\x6e'+
                    b'\x5e\x3f\xfd\xde\xbd\x71\xf8\x86\x72\x89\x86\x5d\xf5'+
                    b'\xa3\x2d\x20\xcd\xc9\x44\xb6\x02\x2c\xac\x3c\x49\x82'+
                    b'\xb1\x0d\x5e\xeb\x55\xc3\xe4\xde\x15\x13\x46\x76\xfb'+
                    b'\x6d\xe0\x44\x60\x65\xc9\x74\x40\xfa\x8c\x6a\x58')

def _all_hmac_sha2_tests():
    from scapy.layers.tls.crypto.h_mac import (Hmac_SHA224, Hmac_SHA256,
                                               Hmac_SHA384, Hmac_SHA512)
    res = True
    for t in [_hmac_test_case_1, _hmac_test_case_2, _hmac_test_case_3,
              _hmac_test_case_4, _hmac_test_case_5, _hmac_test_case_6,
              _hmac_test_case_7 ]:
        tmp = ((Hmac_SHA224(t.Key).digest(t.Data) == t.HMAC_SHA_224) and
               (Hmac_SHA256(t.Key).digest(t.Data) == t.HMAC_SHA_256) and
               (Hmac_SHA384(t.Key).digest(t.Data) == t.HMAC_SHA_384) and
               (Hmac_SHA512(t.Key).digest(t.Data) == t.HMAC_SHA_512))
        res = res and tmp
    return res

_all_hmac_sha2_tests()


###############################################################################
### PRF                                                                     ###
###############################################################################

+ Test PRFs and associated methods

= Crypto - _tls_P_MD5 behavior on test vectors borrowed from RFC 2202 (+ errata)
from scapy.layers.tls.crypto.prf import _tls_P_MD5
t1 = _tls_P_MD5(b'\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b', "Hi There", 64) == b'8\x99\xc0\xb8!\xd7}RI\xb2\xbb\x8e\xbe\xf8\x97Y\xcc\xffL\xae\xc3I\x8f\x7f .\x81\xe0\xce\x1a\x82\xbd\x19\xa0\x16\x10P}\xf0\xda\xdc\xa0>\xc4,\xa1\xcfS`\x85\xc5\x084+QN31b\xd7%L\x9d\xdc'
t2 = _tls_P_MD5(b"Jefe", b"what do ya want for nothing?", 64) == b"\xec\x99'|,\xd5gj\x82\xb9\xa0\x12\xdb\x83\xd3\xa3\x93\x19\xa6N\x89g\x99\xc2!9\xd8\xcf\xc1WTi\xc4D \x19l\x03\xa8PCo\x10`-\x98\xd0\xe1\xbc\xefAJkx\x95\x0c\x08*\xd6C\x8fS\x0e\xd9"
t3 = _tls_P_MD5(b'\xaa'*16,b'\xdd'*50, 64) == b'\xe5_\xe8.l\xee\xd8AP\xfc$$\xda\tX\x93O\xa7\xd2\xe2\xa2\xa9\x02\xa1\x07t\x19\xd1\xe3%\x80\x19\rV\x19\x0f\xfa\x01\xce\x0eJ\x7fN\xdf\xed\xb5lS\x06\xb5|\x96\xa6\x1cc)h\x88\x8d\x0c@\xfdX\xaa'
t4 = _tls_P_MD5(b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19', b'\xcd'*50, 64) == b'\x8e\xa6\x1f\x82\x1e\xad\xbe4q\x93\xf4\x1c\xb7\x87\xb3\x15\x13F\x8b\xfd\x89m\x0e\xa6\xdc\xe9\xceZ\xcdOc>gN\xa4\x9cK\xf89\xfc6\t%T=j\xf0\x0f\xfdl\xbf\xfbj\xc4$zR"\xf4\xa4=\x18\x8b\x8d'
t5 = _tls_P_MD5(b'\x0c'*16, b"Test With Truncation", 64) == b'\xb3>\xfaj\xc8\x95S\xcd\xdd\xea\x8b\xee7\xa5ru\xf4\x00\xd6\xed\xd5\x9aH\x1f,F\xb6\x93\r\xc3Z<"\x1e\xf7rx\xf0\xd7\x0f`zy\xe9\r\xb4\xf4}\xab2\xa5\xfe\xd0z@\x87\xc1c\x8b\xa0\xc8\xf5\x0bd'
t6 = _tls_P_MD5(b'\xaa'*80, b"Test Using Larger Than Block-Size Key - Hash Key First", 64) == b';\xcf\xa4\xd8\xccH\xa0\xa4\xf1\x10d\xfa\xd4\xb1\x7f\xda\x80\xf6\xe2\xb9\xf4\xd3WtS\x1c\x83\xb4(\x94\xfe\xa7\xb9\xc1\xcd\xf9\xe7\xae\xbc\x0c\x0f\xbae\xc3\x9e\x11\xe2+\x11\xe9\xd4\x8fK&\x99\xfe[\xfa\x02\x85\xb4\xd8\x8e\xdf'
t7 = _tls_P_MD5(b'\xaa'*80, b"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", 64) == b'\x12\x06EI1\x81fP\x8dn\xa6WC\xfb\xbf\x1e\xefC[|\x0f\x05w\x14@\xfc\xa5 \xeak\xc9\xb9\x1c&\x80\x81.\x85#\xa9\x0ff\xea\xaa\x01"v\'\xd8X"\xbd\xa2\x86\xbd\xe3?6\xc7|\xc6WNO'
t1 and t2 and t3 and t4 and t5 and t6 and t7


= Crypto - _tls_P_SHA1 behavior on test vectors borrowed from RFC 2202 (+ errata)
from scapy.layers.tls.crypto.prf import _tls_P_SHA1
t1 = _tls_P_SHA1(b'\x0b'*20, b"Hi There", 80) == b'\x13\r\x11Q7(\xc1\xad\x7f>%m\xfc\x08\xb6\xb9$\xb1MG\xe4\x9c\xcdY\x0e\\T\xd0\x8f\x1a-O@`\xd2\x9eV_\xfd\xed\x1f\x93V\xfb\x18\xb6\xbclq3A\xa2\x87\xb1u\xfc\xb3RQ\x19;#\n(\xd2o%lB\x8b\x01\x89\x1c6m"\xc3\xe2\xa0\xe7'
t2 = _tls_P_SHA1(b'Jefe', b"what do ya want for nothing?", 80) == b'\xba\xc4i\xf1\xa0\xc5eO\x844\xb6\xbd%L\xe1\xfe\xef\x08\x00\x1c^l\xaf\xbbN\x9f\xd8\xe5}\x87U\xc1\xd2&4zu\x9a1\xef\xd6M+\x1e\x84\xb4\xcb\xc9\xa7\n\x90f\x8aJ\xde\xd5\xa4\x8f,D\xe8.\x98\x9c)\xc7hlct\x1em(\xb73b[L\x96c'
t3 = _tls_P_SHA1(b'\xaa'*20, b'\xdd'*50, 80) == b'Lm\x848}\xe8?\x88\x82\x85\xc3\xe6\xc9\x1f\x80Z\xf5D\xeeI\xa1m\x08h)\xea<zk{\x9b\x9b\xe1;H\xa4\xf5\x93r\x87\x07J0\n\xb9\xdd\\~j\xd0\x98R|C\x89\x131\x12u%\x90\xb2\x05\xb4}\xad}\xc4MP\x8cmb\x0c\x88\xfd{)\x9b\xc0'
t4 = _tls_P_SHA1(b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19', b'\xcd'*50, 80) == b'\xd6\xe4\x8a\x91\xb3\xac\xe16\x9d\x10s\xf1\x1bu\x96(6f\xed\xd8x\x19\xcd<:\x15\xb2z\xc1\xa9\xdf\x89=\xeb!\xfb\n\x0e\xdf0\xb9\xb5\xa96\xcf\x9b\xd4\xcaD\x12Y1[p\xb9\xf9\xbb=\xa9\xcd\xb7\xe0L\xb00\xafK\xc4\x9c\xc6?#\xb6$\xebM\x1a\xba;3'
t5 = _tls_P_SHA1(b'\x0c'*20, b"Test With Truncation", 80) == b'`\x1d\xe4\x98Q\xa1\xdbW\xc5a\xa9@\x8fQ\x86\xfc\x17\xca\xda\x1a\xdd\xb8\xab\x94M_Y\xd1%Pj\xfc\xd4\xca\x82\x88\xdb\x04\xf9F\xbe\xbf\xecR\xa4\x0c}[\x8e\xc7\xdf\x88I:\xea2v\xbe\x06\x8fcx\xf1Q\xb7z1\x1455?\xc0_\xda\xbb;\xa6Q\xb3\xc5'
t6 = _tls_P_SHA1(b'\xaa'*80, b"Test Using Larger Than Block-Size Key - Hash Key First", 80) == b'\x00W\xbaq>^\x047;\xcezY}\x16\xc6\xf10\x80:\xe2K\x87i{\xc7V\xad2\xda=\xf3d7\x047\xf7r\xf1&\x04\xb1\xd1\xf8\x88H\'\r\x08\xc4\x81\xa3\xa1Q\xa5\x90\xed\xef\xd8\x9c\x14\xdc\x80\xab){3\xde\x87\x8a\x1e"\x1e\xad54rM\x94\xe1\xb8'
t7 = _tls_P_SHA1(b'\xaa'*80, b"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", 80) == b'N/PKC\x1d\xb5[}gUk\xc7\xaf\xb4-\xef\x9e\xe63$E=\xfc\xc4\xd0l]EA\x84\xb0\x1e\x91]\xcc[\x0e-\xec\xd5\x90\x19,\xc6\xffn\xf8\xbe1Ck\xe6\x9cF*\x8c"_\x05\x14%h\x98\xa1\xc2\xf1bCt\xd4S\xc1:{\x96\xa4\x14c '
t1 and t2 and t3 and t4 and t5 and t6 and t7


= Crypto - _tls_PRF behavior on test vectors borrowed from RFC 2202 (+ errata)
from scapy.layers.tls.crypto.prf import _tls_PRF
t1 = _tls_PRF(b'\x0b'*20, b"Test Label XXXX", b"Hi There", 80) == b'E\xcc\xeb\x12\x0b<\xbfh\x1f\xc3\xd3%J\x85\xdeQ\t\xbc[\xcd.\xbe\x170\xf2\xebm\xe6g\x05x\xad\x86V\x0b\xb3\xb7\xe5i\x7fh}T\xe5$\xe4\xba\xa0\xc6\xf0\xf1\xb1\xe1\x8a\xf5\xcc\x9ab\x1c\xc9\x10\x82\x93\x82Q\xd2\x80\xf0\xf8\x0f\x03\xe2\xbe\xc3\x94T\x05\xben\x9e'
t2 = _tls_PRF(b'Jefe', b"Test Label YYYYYYY", b"what do ya want for nothing?", 80) == b'n\xbet\x06\x82\x87\xcd\xea\xd9\x8b\xf8J\x17\x07\x84\xbc\xf3\x07\x9a\x99\n\xa6,\x97\xe6CRO\x7f\x0e[,\xa9\x83\xe6\xce?6\x12x\xc8Q\x00kO\x06s\xc5\xd7\xda\x1fd_\xe8\xad\xd4\xea\xfe\xd8\xc8 \x92e\x80\x8a\xafxF\xd6-/\x14\x94\x05a\x94\x0b\x1d\xf83'
t3 = _tls_PRF(b'\xaa'*20, b"Test Label ZZ", b'\xdd'*50, 80) == b"Ad\xe2B\xa0\xb0+G#\x0f%\x19\xae\xdd\xb1d\xa0\x99\x15\x98\xa43c?\xaa\xd1\xc0\xf7\xc39V\xcb\x9b}\x95T\xd9\xde \xecr{/\xfb\x018\xeeR \x18Awi\x86=\xb4rg\x13\\\xaf<\x17\xd3_\xc5'U[\xa5\x83\xfa<\xa6\xc9\xdd\x85l\x1a\xdb"
t4 = _tls_PRF(b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19', b"Test Label UUUUUUUUUUUUUUU", b'\xcd'*50, 80) == b'<\xf0\xe9\xaa\x95w\t\xa7\xb0!w\xf1EoC\x8fJ\x1f\xec\x80.\x89X\xe3O4Vl\xd1\xb7]\xa1\xb9o\xdf/&!\xb8n\xeb\x04"\xeftxs 6E+\xf1\xb3\xb6/vd\xd1h\xa3\x80>\x83Y\xbd]\xda\xab\xb8\xd8\x01\xc5b3K\xe7\x08\r\x12\x14'
t5 = _tls_PRF(b'\x0c'*20, b"Test Label KKKKKKKKK", b"Test With Truncation", 80) == b"gq\xa5\xc4\xf5\x86z.\x03\n\xa3\x85\x87\xbc\xabm\xf1\xd2\x06\xf6\xbc\xc8\xab\xf0\xee\xd2>e'!\xd3zW\x81\x10|^(\x8d~\xa5s&p\xef]\rDa\x113\xa6z\x9f\xf2\xe2_}\xd8.u\xbe\xb1\x7fx\xe0r~\xdc\xa2\x0f\xcd\xcd\x1d\x81\x1a`#\xc6O"
t6 = _tls_PRF(b'\xaa'*80, b"Test Label PPPPPPPPP", b"Test Using Larger Than Block-Size Key - Hash Key First", 80) == b'\x994^fx\x17\xbaaj\xc0"\xd1g\xbfh#uE\xee\xd8\xf1,\xab\xe7w\xfa\xc8\x0c\xf9\xcd\xbb\xbb\xa71U\xbe\xeb@\x90\xc2\x04\x93\xa5\xcf\x8e\xda\xbb\x93n\x99^\xa2{\x8b{\x18\xd7\xf7e\x8a~\xfbA\xdd\xc3\xd9\x9b\x1c\x82$\xf5YX{\xaa\xb4\xf2\x04\xb3%'
t7 = _tls_PRF(b'\xaa'*80, b"Test Label MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM", b"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", 80) == b'\xd6N\x12S\x18]\x87\x19\xacD\x1b4\xc3"\xc2\xd9J\xb8\xee/\xb0?\xc2_\x10\xb2\x196\xdaXC\xe0Ft\xd3:a\xcd\xb8\xdd\x8a\xb6\xb1\xc6sx\xb8\x87\x8a\x93\xf8~\xad\xc7\xd1\xa7I=\xceVW\x0f\x9a\xcc-\x8cv^o\x12\xa4\xcd\x10\xb1\xb0\x1f\xdd\x94,\x03'
t1 and t2 and t3 and t4 and t5 and t6 and t7


= Crypto - _ssl_PRF behavior on test vectors
from scapy.layers.tls.crypto.prf import _ssl_PRF
t1 = _ssl_PRF(b'\x0b'*20, b"Hi There", 80) == b'\x0fo\xbe9\x83>~Bc\xaea^\x86\xd2b\x94X\xfd9Be\xe799\xf2\x00\xfcS\xd6\x1c=\xe5\x7fin\x1e\xf9r\xc8\xe6k\x19K\x8a\x85SK\xe5\xb7;A\x19b\x86F3M\x8d=\xcf\x15\xeedo\xd3\xae\xa2\x95\x8e\x80\x13\xabG\x8d\x1c,\x8c\xab\xf7\xd4'
t2 = _ssl_PRF(b'Jefe', b"what do ya want for nothing?", 80) == b'\x19\x9f\xb9{\x87.\xd0\xf5\xc4\t.\xb6#\xae\x95\xe0S~\x15\xce\xe6\xb7oe\xad\x127\xb8\xc2C?\r\x87\xa6\x7f\x86y\xfa\xae\xcf\x0e\xb9\x01\xa5B\x07\x9d\x95\xf1]\xdc\x1bCb&T\xa0\xb0\x8a3\xcf\\\xaf\xe8j/\xbdx\x13\\\x91\xc8\xdfZ\xde"R`K\xd6'
t3 = _ssl_PRF(b'\xaa'*20, b'\xdd'*50, 80) == b'\xe3*\xce\xdc?k{\x10\x80\x8dt\x0e\xdaA\xf9}\x1d\x8e|\xc9Ux\x88\\\xf1a\xcfJ\xedi\xc1[C-\xf3\xa4\xcc\xf9\xce\xa3P\xe3\x9ai\x0b\xb7\xce\x8bar\x93\xc5\x93\x1a\x82\xc8{\x1c\xf2\x87\x9d\xe1\xf5\x9e\x0c\xf6\xa6\x91\xb9\x97\x17Y,\x11\x00\rs\xdd\xcf]'
t4 = _ssl_PRF(b'\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19', b'\xcd'*50, 80) == b"\x8c\x83!h\x1b\xf2\x96f\x04\x15\x80H\x88\xcb\x80\x03\xc0\xfc\x05\xe5q\x93]\xeb\t\xd4B\xbc\xa4{\xb9\xd8\xb6IF\xc2\x80\x87\x9e2*\x82\x0ef\xc8\xbbBi\xb15\x90\xd6MW\xebM\xd7\xf9u\xd5+\xa8\x81\x11'\x8c\x88]b\r,\xde\xd9d[t\t\x199\x0b"
t5 = _ssl_PRF(b'\x0c'*20, b"Test With Truncation", 80) == b"\x85\xf5\xe8\xd2\xddW$\x14\xde\x84\x08@\xca\x86\x8bZn\x07\x87AKg\x18\xc3\x1a'\xc2\xb9\xdd\x17\xb5K1\xb9\x9a=\xe4\x1f/\xfe\xa6\x96\x10\x0c\x15@:z\xbf\x1dM\xa3\x90\x01\xb67\x07Z\xe0\xfe}U=\x81\xb2~\xc6\x1a\xcb\xe7\x9b\x90+\xa0\x86\xb2\x8b\xae\xc7\x9f"
t6 = _ssl_PRF(b'\xaa'*80, b"Test Using Larger Than Block-Size Key - Hash Key First", 80) == b'\x99\x11\x92\x8dw\xf1\xab\xdfr\x96S\xf5\xc1\x96\xc0\x16W*=\xa49\xd0\xf0\xf15\x91le\xda\x16\xfe8\x834kC3\x1b\xdf\xfc\xd8\x82\xe1\x9c\xfe9(4\xf9\x9c\x12\xc5~\xd1\xdc\xf3\xe5\x91\xbd\xbb\xb5$\x1c\xe4fs\xf2\xedM\xb7pO\x17\xdf\x01K\xf8\xed2-'
t7 = _ssl_PRF(b'\xaa'*80, b"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", 80) == b"\x8esl|C\x81\x80vv\xe1\x89H\xc9'oC\x1b\xbe\xc3\xbbE\x04)\xed\x1c\x84\xa9)\x08\xf5\xeb-\x93\xe9\x0f}\xeb[\xc4w\xd53y$\x07\xdc\x0f\\\xfc\xb2\x05r+\x13\xd8\xc3\xe7Lsz\xa1\x03\x93\xdd-\xf9l\xb7\xe6\xb3\x7fM\xfa\x90\xadeo\xcer*"
t1 and t2 and t3 and t4 and t5 and t6 and t7


= Crypto - _tls12_*_PRF behavior, using SHA-256, SHA-384 and SHA-512
# https://www.ietf.org/mail-archive/web/tls/current/msg03416.html

from scapy.layers.tls.crypto.prf import PRF
class _prf_tls12_sha256_test:
    h= "SHA256"
    k= b"\x9b\xbe\x43\x6b\xa9\x40\xf0\x17\xb1\x76\x52\x84\x9a\x71\xdb\x35"
    s= b"\xa0\xba\x9f\x93\x6c\xda\x31\x18\x27\xa6\xf7\x96\xff\xd5\x19\x8c"
    o=(b"\xe3\xf2\x29\xba\x72\x7b\xe1\x7b\x8d\x12\x26\x20\x55\x7c\xd4\x53" +
       b"\xc2\xaa\xb2\x1d\x07\xc3\xd4\x95\x32\x9b\x52\xd4\xe6\x1e\xdb\x5a")

class _prf_tls12_sha384_test:
    h= "SHA384"
    k= b"\xb8\x0b\x73\x3d\x6c\xee\xfc\xdc\x71\x56\x6e\xa4\x8e\x55\x67\xdf"
    s= b"\xcd\x66\x5c\xf6\xa8\x44\x7d\xd6\xff\x8b\x27\x55\x5e\xdb\x74\x65"
    o=(b"\x7b\x0c\x18\xe9\xce\xd4\x10\xed\x18\x04\xf2\xcf\xa3\x4a\x33\x6a" +
       b"\x1c\x14\xdf\xfb\x49\x00\xbb\x5f\xd7\x94\x21\x07\xe8\x1c\x83\xcd")

class _prf_tls12_sha512_test:
    h= "SHA512"
    k= b"\xb0\x32\x35\x23\xc1\x85\x35\x99\x58\x4d\x88\x56\x8b\xbb\x05\xeb"
    s= b"\xd4\x64\x0e\x12\xe4\xbc\xdb\xfb\x43\x7f\x03\xe6\xae\x41\x8e\xe5"
    o=(b"\x12\x61\xf5\x88\xc7\x98\xc5\xc2\x01\xff\x03\x6e\x7a\x9c\xb5\xed" +
       b"\xcd\x7f\xe3\xf9\x4c\x66\x9a\x12\x2a\x46\x38\xd7\xd5\x08\xb2\x83")

def _all_prf_tls12_tests():
    res = True
    for t in [ _prf_tls12_sha256_test,
               _prf_tls12_sha384_test,
               _prf_tls12_sha512_test ]:
        p = PRF(tls_version=0x303, hash_name=t.h)
        tmp = p.prf(t.k, b"test label", t.s, 32) == t.o
        res = res and tmp
    return res

_all_prf_tls12_tests()


= Crypto - compute_master_secret() in SSL mode
f = PRF(tls_version=0x300)
t1 = f.compute_master_secret(b"A"*48, b"B"*32, b"C"*32) == b'\xe8\xb5O68e\x8c\x1e\xd0hD!\xc1Zk\x9e\xc7x3\xfc".\xf9\x17\xd5B\xfc\xef\x8d\xed\x9fP\xcer\x83|6\x02\xe0\x86\xda\xab-G\x8c\xa9H5'
t2 = f.compute_master_secret(b"A"*48, b"C"*32, b"B"*32) == b'Ts/q\x83\x88\x10\x9c1Y\xff\xf3vo\xe3\x8aM\x9b\xa3k[J\xeeWXs\xcfTe\x19\xc6\xb1\x0ebj1}\x0c\xca\x97=|\x88W\xd8q\xfb|'
t3 = f.compute_master_secret(b"C"*48, b"A"*32, b"B"*32) == b'Q\xde\x06L\xdb\xe9\x9dC\x19\x8a:m@\xce\xbf\xc0\n\xd8\xd4H!#\x06\xad\x929\x85\xc9@\x1f\xb5\xe2)^{c\x94\x06&\xad\xb56\x13^\xd6\xa5\x19\xe7'
t4 = f.compute_master_secret(b"D"*48, b"B"*32, b"A"*32) == b'\xbe\x9a\xc8)\xb5{.H1\x8382\xc2\xdff\xdf@\xda\xde\x88\xe1\xf3\xad9\xcc\x14\xb1\x7f\x90\x00;B)\x8c\xdb\xdbH\xfe=%^\xe9\x83\x0eV\x86\x83\x8d'
t1 and t2 and t3 and t4


= Crypto - derive_key_block() in SSL mode
t1 = f.derive_key_block(b"A"*48, b"B"*32, b"C"*32, 72) == b'\xe8\xb5O68e\x8c\x1e\xd0hD!\xc1Zk\x9e\xc7x3\xfc".\xf9\x17\xd5B\xfc\xef\x8d\xed\x9fP\xcer\x83|6\x02\xe0\x86\xda\xab-G\x8c\xa9H5\xdf\x14\xa9\xcfV\r\xea}\x98\x04\x8dK,\xb6\xf7;\xaa\xa8\xa5\xad\x7f\x0fCY'
t2 = f.derive_key_block(b"A"*48, b"C"*32, b"B"*32, 72) == b'Ts/q\x83\x88\x10\x9c1Y\xff\xf3vo\xe3\x8aM\x9b\xa3k[J\xeeWXs\xcfTe\x19\xc6\xb1\x0ebj1}\x0c\xca\x97=|\x88W\xd8q\xfb|\x17\x99\nH;\xec\xd2\x15\xabd\xed\xc3\xe0p\xd8\x1eS\xb5\xf4*8\xceE^'
t3 = f.derive_key_block(b"C"*48, b"A"*32, b"B"*32, 72) == b'Q\xde\x06L\xdb\xe9\x9dC\x19\x8a:m@\xce\xbf\xc0\n\xd8\xd4H!#\x06\xad\x929\x85\xc9@\x1f\xb5\xe2)^{c\x94\x06&\xad\xb56\x13^\xd6\xa5\x19\xe7\xed\xd6\x92\xe0O\x0e\xbf\xc6\x97\x9f~\x95\xcf\xb0\xe7a\x1d\xbc]\xf4&Z\x81J'
t4 = f.derive_key_block(b"D"*48, b"B"*32, b"A"*32, 72) == b'\xbe\x9a\xc8)\xb5{.H1\x8382\xc2\xdff\xdf@\xda\xde\x88\xe1\xf3\xad9\xcc\x14\xb1\x7f\x90\x00;B)\x8c\xdb\xdbH\xfe=%^\xe9\x83\x0eV\x86\x83\x8d\xeal\x8ea\x08\x9d\xb3\xf3\xf4\xa6[\'j\xda\rT"\x10\xa5Z\n\xc0r\xf3'
t1 and t2 and t3 and t4


= Crypto - compute_master_secret() in TLS 1.0 mode
from scapy.layers.tls.crypto.prf import PRF
f = PRF(tls_version=0x301)
t1 = f.compute_master_secret(b"A"*48, b"B"*32, b"C"*32) == b"k\\[e\x11\xab\xfe6\trN\x9e\x8d\xb09{\x17\x8d\x9f\xc6_' G\x05\x08}\xf7Q\x8e\xcb\xff\x00\xfc7\xd0\xf0z\xea\x8b\x98%\x90\x89sd\x98\xa1"
t2 = f.compute_master_secret(b"A"*48, b"C"*32, b"B"*32) == b'k\xd2\xf7\x1aqt\xa4~\x9bqf\x0f:\xc4%\x9a\x07\x17\x14\xf4\xdf&)*\x1c\x9c8\x8em\xe1\x13\x17\xa7\xd2\x051Q<M~\xc2a\x85\x82\xe6\xd7.['
t3 = f.compute_master_secret(b"C"*48, b"A"*32, b"B"*32) == b'\xe57\xae.,B\xeb(/?\xf4tR#\xd0\xa9"\xf7-\x9d\x0e\xd7\xd9\x1c\x1f\x9b\x95\xe6\xd0\x0e(\x06W7s(^"x\xbb\xdb\xb6\xae\xf75J\x0f\xbf'
t4 = f.compute_master_secret(b"D"*48, b"B"*32, b"A"*32) == b'\xeb3\xf5Ty\x08xqP\x01p\x12\x95\xd4\xf5y{\xe7\xea5\nS\xb1T\xea\xe3d\x8b\xd7\xb89\xcf\xb9\xe0l\x95d\xbd-\x97\xea\xf20n\x96t\xfe\xff'
t1 and t2 and t3 and t4


= Crypto - derive_key_block() in TLS 1.0 mode
t1 = f.derive_key_block(b"A"*48, b"B"*32, b"C"*32, 72) == b'\x06\xccA\xd5\xf3\x9dT`ZC!/\xa0\xbe\x95\x86m\xdb@\x18\xfb\x95\xad\xcd\xac<(K\x88\xacB\x92s\x8d7AVG\xf04\x0be\x8dv\x02\xd6\x03\x7f\xe4\x8eYe\x88\xb7YI\xc2\xf0!\x1dSx\x86\xdeY\x81\x89\x11\xa6\xd9\xd1\xed'
t2 = f.derive_key_block(b"A"*48, b"C"*32, b"B"*32, 72) == b"\\@d\x1d9V\xae\xe2'\xf6Q\xc9\xd7\x8beu\xe8u\xd9\xe8\r\x18a\x8c|\xde\x95H\xec\xc5}I\xf9s(e\xe4\x87*s\x98=\x96wsj\xfe\x0euo\x1f\\1hh-\x0f\xda9\x9etk\x0fW\x03\xe2k\xb0\x87Pb3"
t3 = f.derive_key_block(b"C"*48, b"A"*32, b"B"*32, 72) == b'\x9c\xaate\x07\x12K\xb2\xc3zT1\xf4\x1fN\xa8\x03\xbd\xcfF_\x0c\x0bF\x14\x8f\xcf\x08c\xa6\x80\x1d\xd8Wh.E\xf5\x9a\xfd\x1d\x8a6\xf7\x950\xf4\xbcm\x89\xa6!\x7fc\x19D\xb4\xcc\x8f\xf7x\x12\xe0q\x17\x84-\xcc[\x7f@p'
t4 = f.derive_key_block(b"D"*48, b"B"*32, b"A"*32, 72) == b't{P+k\xe1\xe5O\xbe]L?$\x8d7O.\xe6\xd6\xa8\x19U\x87\x04%\x13m+_\xb9\x99\x03\xe1\xfd1]*7\x8d\xa0Xx\xa1\xd1\xfe\x0c\xb1\xb1\xa8\xdd\x0c\xb20@v\xb6\xdc\x86d\n\x8a-\x95\xaeL\x97\xfaFjl\xfb^'
t1 and t2 and t3 and t4


###############################################################################
### Ciphers                                                                 ###
###############################################################################

+ Test RC4
= Crypto - RC4 stream cipher, encryption/decryption checks from RFC 6229

class _rc4_40_test:
    k= b"\x01\x02\x03\x04\x05"
    s=(b"\xb2\x39\x63\x05\xf0\x3d\xc0\x27\xcc\xc3\x52\x4a\x0a\x11\x18\xa8" +
       b"\x69\x82\x94\x4f\x18\xfc\x82\xd5\x89\xc4\x03\xa4\x7a\x0d\x09\x19")
    s_1024= b"\x30\xab\xbc\xc7\xc2\x0b\x01\x60\x9f\x23\xee\x2d\x5f\x6b\xb7\xdf"

class _rc4_128_test:
    k= b"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10"
    s=(b"\x9a\xc7\xcc\x9a\x60\x9d\x1e\xf7\xb2\x93\x28\x99\xcd\xe4\x1b\x97"
       b"\x52\x48\xc4\x95\x90\x14\x12\x6a\x6e\x8a\x84\xf1\x1d\x1a\x9e\x1c")
    s_1024=b"\xbd\xf0\x32\x4e\x60\x83\xdc\xc6\xd3\xce\xdd\x3c\xa8\xc5\x3c\x16"

def _all_rc4_tests():
    from scapy.layers.tls.crypto.cipher_stream import (Cipher_RC4_40,
                                                       Cipher_RC4_128)
    res = True
    t = _rc4_40_test
    c = Cipher_RC4_40(t.k).encrypt(b"\x00"*(1024+16))
    res = res and (c[:32] == t.s) and (c[-16:] == t.s_1024)
    res = res and Cipher_RC4_40(t.k).decrypt(t.s) == b"\x00"*32
    t = _rc4_128_test
    c = Cipher_RC4_128(t.k).encrypt(b"\x00"*(1024+16))
    res = res and (c[:32] == t.s) and (c[-16:] == t.s_1024)
    res = res and Cipher_RC4_128(t.k).decrypt(t.s) == b"\x00"*32
    return res

_all_rc4_tests()


= Crypto - RC2 block cipher, encryption/decryption checks from RFC 2268

import binascii
class _rc2_128_cbc_test:
    k= binascii.unhexlify("88bca90e90875a7f0f79c384627bafb2")
    p= binascii.unhexlify("0000000000000000")
    c= binascii.unhexlify("2269552ab0f85ca6")
    iv=binascii.unhexlify("0000000000000000")

def _all_rc2_tests():
    try:
        from scapy.layers.tls.crypto.cipher_block import Cipher_RC2_CBC
        res = True
        t = _rc2_128_cbc_test
        tmp = (Cipher_RC2_CBC(t.k, t.iv).encrypt(t.p) == t.c and
               Cipher_RC2_CBC(t.k, t.iv).decrypt(t.c) == t.p)
        res = res and tmp
        return res
    except ImportError:
        return True

_all_rc2_tests()


= Crypto - DES cipher in CBC mode, check from FIPS PUB 81

class _descbc_test:
    k= binascii.unhexlify("0123456789abcdef")
    p= binascii.unhexlify("4e6f77206973207468652074696d6520666f7220616c6c20")
    c= binascii.unhexlify("e5c7cdde872bf27c43e934008c389c0f683788499a7c05f6")
    iv=binascii.unhexlify("1234567890abcdef")

def _all_aes_cbc_tests():
    from scapy.layers.tls.crypto.cipher_block import Cipher_DES_CBC
    res = True
    t = _descbc_test
    tmp = (Cipher_DES_CBC(t.k, t.iv).encrypt(t.p) == t.c and
           Cipher_DES_CBC(t.k, t.iv).decrypt(t.c) == t.p)
    res = res and tmp
    return res

_all_aes_cbc_tests()


= Crypto - AES cipher in CBC mode, checks from RFC 3602

class _aes128cbc_test_1:
    k= b"\x06\xa9\x21\x40\x36\xb8\xa1\x5b\x51\x2e\x03\xd5\x34\x12\x00\x06"
    p= b"Single block msg"
    c= b"\xe3\x53\x77\x9c\x10\x79\xae\xb8\x27\x08\x94\x2d\xbe\x77\x18\x1a"
    iv=b"\x3d\xaf\xba\x42\x9d\x9e\xb4\x30\xb4\x22\xda\x80\x2c\x9f\xac\x41"

class _aes128cbc_test_2:
    k= b"\x56\xe4\x7a\x38\xc5\x59\x89\x74\xbc\x46\x90\x3d\xba\x29\x03\x49"
    p=(b"\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf" +
       b"\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf" +
       b"\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf" +
       b"\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf")
    c=(b"\xc3\x0e\x32\xff\xed\xc0\x77\x4e\x6a\xff\x6a\xf0\x86\x9f\x71\xaa" +
       b"\x0f\x3a\xf0\x7a\x9a\x31\xa9\xc6\x84\xdb\x20\x7e\xb0\xef\x8e\x4e" +
       b"\x35\x90\x7a\xa6\x32\xc3\xff\xdf\x86\x8b\xb7\xb2\x9d\x3d\x46\xad" +
       b"\x83\xce\x9f\x9a\x10\x2e\xe9\x9d\x49\xa5\x3e\x87\xf4\xc3\xda\x55")
    iv=b"\x8c\xe8\x2e\xef\xbe\xa0\xda\x3c\x44\x69\x9e\xd7\xdb\x51\xb7\xd9"

class _aes256cbc_test_1:
    k=(b"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81" +
       b"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4")
    p= b"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
    c= b"\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6"
    iv=b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"

class _aes256cbc_test_2:
    k=(b"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81" +
       b"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4")
    p= b"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10"
    c= b"\xb2\xeb\x05\xe2\xc3\x9b\xe9\xfc\xda\x6c\x19\x07\x8c\x6a\x9d\x1b"
    iv=b"\x39\xF2\x33\x69\xA9\xD9\xBA\xCF\xA5\x30\xE2\x63\x04\x23\x14\x61"

def _all_aes_cbc_tests():
    from scapy.layers.tls.crypto.cipher_block import (Cipher_AES_128_CBC,
                                                      Cipher_AES_256_CBC)
    res = True
    for t in [_aes128cbc_test_1, _aes128cbc_test_2]:
        tmp = (Cipher_AES_128_CBC(t.k, t.iv).encrypt(t.p) == t.c and
               Cipher_AES_128_CBC(t.k, t.iv).decrypt(t.c) == t.p)
        res = res and tmp
    for t in [_aes256cbc_test_1, _aes256cbc_test_2]:
        tmp = (Cipher_AES_256_CBC(t.k, t.iv).encrypt(t.p) == t.c and
               Cipher_AES_256_CBC(t.k, t.iv).decrypt(t.c) == t.p)
        res = res and tmp
    return res

_all_aes_cbc_tests()


= Crypto - AES cipher in GCM mode, auth_encrypt() and auth_decrypt() checks
#https://tools.ietf.org/html/draft-mcgrew-gcm-test-01

class _aes128gcm_test_1:
    k= b"\x4c\x80\xcd\xef\xbb\x5d\x10\xda\x90\x6a\xc7\x3c\x36\x13\xa6\x34"
    n= b"\x22\x43\x3c\x64\x48\x55\xec\x7d\x3a\x23\x4b\xfd"
    p=(b"\x08\x00\xc6\xcd\x02\x00\x07\x00\x61\x62\x63\x64\x65\x66\x67\x68" +
       b"\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x01\x02\x02\x01")
    a= b"\x00\x00\x43\x21\x87\x65\x43\x21\x00\x00\x00\x07"
    ct=(b"\x74\x75\x2e\x8a\xeb\x5d\x87\x3c\xd7\xc0\xf4\xac\xc3\x6c\x4b\xff" +
       b"\x84\xb7\xd7\xb9\x8f\x0c\xa8\xb6\xac\xda\x68\x94\xbc\x61\x90\x69" +
       b"\xef\x9c\xbc\x28\xfe\x1b\x56\xa7\xc4\xe0\xd5\x8c\x86\xcd\x2b\xc0")

class _aes128gcm_test_2:
    k= b"\x3d\xe0\x98\x74\xb3\x88\xe6\x49\x19\x88\xd0\xc3\x60\x7e\xae\x1f"
    n= b"\x57\x69\x0e\x43\x4e\x28\x00\x00\xa2\xfc\xa1\xa3"
    p=(b"\x45\x00\x00\x30\xda\x3a\x00\x00\x80\x01\xdf\x3b\xc0\xa8\x00\x05" +
       b"\xc0\xa8\x00\x01\x08\x00\xc6\xcd\x02\x00\x07\x00\x61\x62\x63\x64" +
       b"\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74" +
       b"\x01\x02\x02\x01")
    a= b"\x3f\x7e\xf6\x42\x10\x10\x10\x10\x10\x10\x10\x10"
    ct=(b"\xfb\xa2\xca\xa8\xc6\xc5\xf9\xf0\xf2\x2c\xa5\x4a\x06\x12\x10\xad" +
       b"\x3f\x6e\x57\x91\xcf\x1a\xca\x21\x0d\x11\x7c\xec\x9c\x35\x79\x17" +
       b"\x65\xac\xbd\x87\x01\xad\x79\x84\x5b\xf9\xfe\x3f\xba\x48\x7b\xc9" +
       b"\x63\x21\x93\x06\x84\xee\xca\xdb\x56\x91\x25\x46\xe7\xa9\x5c\x97" +
       b"\x40\xd7\xcb\x05")

class _aes256gcm_test_1:
    k=(b"\x6c\x65\x67\x61\x6c\x69\x7a\x65\x6d\x61\x72\x69\x6a\x75\x61\x6e" +
       b"\x61\x61\x6e\x64\x64\x6f\x69\x74\x62\x65\x66\x6f\x72\x65\x69\x61")
    n= b"\x74\x75\x72\x6e\x33\x30\x21\x69\x67\x65\x74\x6d"
    p=(b"\x45\x00\x00\x30\xda\x3a\x00\x00\x80\x01\xdf\x3b\xc0\xa8\x00\x05" +
       b"\xc0\xa8\x00\x01\x08\x00\xc6\xcd\x02\x00\x07\x00\x61\x62\x63\x64" +
       b"\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74" +
       b"\x01\x02\x02\x01")
    a= b"\x79\x6b\x69\x63\xff\xff\xff\xff\xff\xff\xff\xff"
    ct=(b"\xf9\x7a\xb2\xaa\x35\x6d\x8e\xdc\xe1\x76\x44\xac\x8c\x78\xe2\x5d" +
       b"\xd2\x4d\xed\xbb\x29\xeb\xf1\xb6\x4a\x27\x4b\x39\xb4\x9c\x3a\x86" +
       b"\x4c\xd3\xd7\x8c\xa4\xae\x68\xa3\x2b\x42\x45\x8f\xb5\x7d\xbe\x82" +
       b"\x1d\xcc\x63\xb9\xd0\x93\x7b\xa2\x94\x5f\x66\x93\x68\x66\x1a\x32" +
       b"\x9f\xb4\xc0\x53")

class _aes256gcm_test_2:
    # this funny plaintext is not our deed
    k=(b"\xab\xbc\xcd\xde\xf0\x01\x12\x23\x34\x45\x56\x67\x78\x89\x9a\xab" +
       b"\xab\xbc\xcd\xde\xf0\x01\x12\x23\x34\x45\x56\x67\x78\x89\x9a\xab")
    n= b"\x73\x61\x6c\x74\x61\x6e\x64\x01\x69\x76\x65\x63"
    p=(b"\x63\x69\x73\x63\x6f\x01\x72\x75\x6c\x65\x73\x01\x74\x68\x65\x01" +
       b"\x6e\x65\x74\x77\x65\x01\x64\x65\x66\x69\x6e\x65\x01\x74\x68\x65" +
       b"\x74\x65\x63\x68\x6e\x6f\x6c\x6f\x67\x69\x65\x73\x01\x74\x68\x61" +
       b"\x74\x77\x69\x6c\x6c\x01\x64\x65\x66\x69\x6e\x65\x74\x6f\x6d\x6f" +
       b"\x72\x72\x6f\x77\x01\x02\x02\x01")
    a= b"\x17\x40\x5e\x67\x15\x6f\x31\x26\xdd\x0d\xb9\x9b"
    ct=(b"\xd4\xb7\xed\x86\xa1\x77\x7f\x2e\xa1\x3d\x69\x73\xd3\x24\xc6\x9e" +
       b"\x7b\x43\xf8\x26\xfb\x56\x83\x12\x26\x50\x8b\xeb\xd2\xdc\xeb\x18" +
       b"\xd0\xa6\xdf\x10\xe5\x48\x7d\xf0\x74\x11\x3e\x14\xc6\x41\x02\x4e" +
       b"\x3e\x67\x73\xd9\x1a\x62\xee\x42\x9b\x04\x3a\x10\xe3\xef\xe6\xb0" +
       b"\x12\xa4\x93\x63\x41\x23\x64\xf8\xc0\xca\xc5\x87\xf2\x49\xe5\x6b" +
       b"\x11\xe2\x4f\x30\xe4\x4c\xcc\x76")

def _all_aes_gcm_tests():
    from scapy.layers.tls.crypto.cipher_aead import (Cipher_AES_128_GCM,
                                                     Cipher_AES_256_GCM)
    res = True
    ciphers = []
    for t in [_aes128gcm_test_1, _aes128gcm_test_2]:
        c = Cipher_AES_128_GCM(key=t.k, fixed_iv=t.n[:4],
                               nonce_explicit=pkcs_os2ip(t.n[4:]))
        ne = t.n[-c.nonce_explicit_len:]
        tup = ne, t.p, t.ct[-c.tag_len:]
        tmp1 = c.auth_decrypt(t.a, ne + t.ct, add_length=False) == tup
        tmp2 = c.auth_encrypt(t.p, t.a) == (ne + t.ct)
        res = res and tmp1 and tmp2
    for t in [_aes256gcm_test_1, _aes256gcm_test_2]:
        c = Cipher_AES_256_GCM(key=t.k, fixed_iv=t.n[:4],
                               nonce_explicit=pkcs_os2ip(t.n[4:]))
        ne = t.n[-c.nonce_explicit_len:]
        tup = ne, t.p, t.ct[-c.tag_len:]
        tmp1 = c.auth_decrypt(t.a, ne + t.ct, add_length=False) == tup
        tmp2 = c.auth_encrypt(t.p, t.a) == (ne + t.ct)
        res = res and tmp1 and tmp2
    return res

_all_aes_gcm_tests()


= Crypto - AES cipher in CCM mode, checks from IEEE P1619.1
~ crypto_advanced

class _aes256ccm_test_1:
    k= b"\0"*32
    n= b"\0"*12
    p= b"\0"*16
    a= b""
    ct=(b"\xc1\x94\x40\x44\xc8\xe7\xaa\x95\xd2\xde\x95\x13\xc7\xf3\xdd\x8c" +
       b"\x4b\x0a\x3e\x5e\x51\xf1\x51\xeb\x0f\xfa\xe7\xc4\x3d\x01\x0f\xdb")

class _aes256ccm_test_2:
    k=(b"\xfb\x76\x15\xb2\x3d\x80\x89\x1d\xd4\x70\x98\x0b\xc7\x95\x84\xc8" +
       b"\xb2\xfb\x64\xce\x60\x97\x87\x8d\x17\xfc\xe4\x5a\x49\xe8\x30\xb7")
    n= b"\xdb\xd1\xa3\x63\x60\x24\xb7\xb4\x02\xda\x7d\x6f"
    p= b"\xa9"
    a= b"\x36"
    ct=b"\x9d\x32\x61\xb1\xcf\x93\x14\x31\xe9\x9a\x32\x80\x67\x38\xec\xbd\x2a"

class _aes256ccm_test_3:
    k=(b"\xfb\x76\x15\xb2\x3d\x80\x89\x1d\xd4\x70\x98\x0b\xc7\x95\x84\xc8" +
       b"\xb2\xfb\x64\xce\x60\x97\x8f\x4d\x17\xfc\xe4\x5a\x49\xe8\x30\xb7")
    n= b"\xdb\xd1\xa3\x63\x60\x24\xb7\xb4\x02\xda\x7d\x6f"
    p= b"\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e"
    a= b""
    ct=(b"\xcc\x88\x12\x61\xc6\xa7\xfa\x72\xb9\x6a\x17\x39\x17\x6b\x27\x7f" +
       b"\x34\x72\xe1\x14\x5f\x2c\x0c\xbe\x14\x63\x49\x06\x2c\xf0\xe4\x23")

class _aes256ccm_test_4:
    k=(b"\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f" +
       b"\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f")
    n= b"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b"
    p=(b"\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" +
       b"\x30\x31\x32\x33\x34\x35\x36\x37")
    a=(b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" +
       b"\x10\x11\x12\x13")
    ct=(b"\x04\xf8\x83\xae\xb3\xbd\x07\x30\xea\xf5\x0b\xb6\xde\x4f\xa2\x21" +
       b"\x20\x34\xe4\xe4\x1b\x0e\x75\xe5\x9b\xba\x3f\x3a\x10\x7f\x32\x39" +
       b"\xbd\x63\x90\x29\x23\xf8\x03\x71")

def _all_aes_ccm_tests():
    from scapy.layers.tls.crypto.cipher_aead import Cipher_AES_256_CCM
    res = True
    ciphers = []
    for t in [_aes256ccm_test_1, _aes256ccm_test_2,
              _aes256ccm_test_3, _aes256ccm_test_4]:
        c = Cipher_AES_256_CCM(key=t.k, fixed_iv=t.n[:4],
                               nonce_explicit=pkcs_os2ip(t.n[4:]))
        ne = t.n[-c.nonce_explicit_len:]
        tup = ne, t.p, t.ct[-c.tag_len:]
        tmp1 = c.auth_decrypt(t.a, ne + t.ct, add_length=False) == tup
        tmp2 = c.auth_encrypt(t.p, t.a) == (ne + t.ct)
        res = res and tmp1 and tmp2
    return res

_all_aes_ccm_tests()


= Crypto - ChaCha20POly1305 test (test vector A.5 from RFC 7539)
~ crypto_advanced

import binascii
def clean(s):
    return binascii.unhexlify(''.join(c for c in s if c.isalnum()))

class _chacha20poly1305_test_1:
    k= clean("""
        1c 92 40 a5 eb 55 d3 8a f3 33 88 86 04 f6 b5 f0
        47 39 17 c1 40 2b 80 09 9d ca 5c bc 20 70 75 c0
        """)
    n= clean("""
        00 00 00 00 01 02 03 04 05 06 07 08
        """)
    p= clean("""
        49 6e 74 65 72 6e 65 74 2d 44 72 61 66 74 73 20
        61 72 65 20 64 72 61 66 74 20 64 6f 63 75 6d 65
        6e 74 73 20 76 61 6c 69 64 20 66 6f 72 20 61 20
        6d 61 78 69 6d 75 6d 20 6f 66 20 73 69 78 20 6d
        6f 6e 74 68 73 20 61 6e 64 20 6d 61 79 20 62 65
        20 75 70 64 61 74 65 64 2c 20 72 65 70 6c 61 63
        65 64 2c 20 6f 72 20 6f 62 73 6f 6c 65 74 65 64
        20 62 79 20 6f 74 68 65 72 20 64 6f 63 75 6d 65
        6e 74 73 20 61 74 20 61 6e 79 20 74 69 6d 65 2e
        20 49 74 20 69 73 20 69 6e 61 70 70 72 6f 70 72
        69 61 74 65 20 74 6f 20 75 73 65 20 49 6e 74 65
        72 6e 65 74 2d 44 72 61 66 74 73 20 61 73 20 72
        65 66 65 72 65 6e 63 65 20 6d 61 74 65 72 69 61
        6c 20 6f 72 20 74 6f 20 63 69 74 65 20 74 68 65
        6d 20 6f 74 68 65 72 20 74 68 61 6e 20 61 73 20
        2f e2 80 9c 77 6f 72 6b 20 69 6e 20 70 72 6f 67
        72 65 73 73 2e 2f e2 80 9d
        """)
    a= clean("""
        f3 33 88 86 00 00 00 00 00 00 4e 91
        """)
    ct=clean("""
        64 a0 86 15 75 86 1a f4 60 f0 62 c7 9b e6 43 bd
        5e 80 5c fd 34 5c f3 89 f1 08 67 0a c7 6c 8c b2
        4c 6c fc 18 75 5d 43 ee a0 9e e9 4e 38 2d 26 b0
        bd b7 b7 3c 32 1b 01 00 d4 f0 3b 7f 35 58 94 cf
        33 2f 83 0e 71 0b 97 ce 98 c8 a8 4a bd 0b 94 81
        14 ad 17 6e 00 8d 33 bd 60 f9 82 b1 ff 37 c8 55
        97 97 a0 6e f4 f0 ef 61 c1 86 32 4e 2b 35 06 38
        36 06 90 7b 6a 7c 02 b0 f9 f6 15 7b 53 c8 67 e4
        b9 16 6c 76 7b 80 4d 46 a5 9b 52 16 cd e7 a4 e9
        90 40 c5 a4 04 33 22 5e e2 82 a1 b0 a0 6c 52 3e
        af 45 34 d7 f8 3f a1 15 5b 00 47 71 8c bc 54 6a
        0d 07 2b 04 b3 56 4e ea 1b 42 22 73 f5 48 27 1a
        0b b2 31 60 53 fa 76 99 19 55 eb d6 31 59 43 4e
        ce bb 4e 46 6d ae 5a 10 73 a6 72 76 27 09 7a 10
        49 e6 17 d9 1d 36 10 94 fa 68 f0 ff 77 98 71 30
        30 5b ea ba 2e da 04 df 99 7b 71 4d 6c 6f 2c 29
        a6 ad 5c b4 02 2b 02 70 9b
        """)
    tag=clean("""
        ee ad 9d 67 89 0c bb 22 39 23 36 fe a1 85 1f 38
        """)

def _all_chacha20poly1305_tests():
    from scapy.layers.tls.crypto.cipher_aead import Cipher_CHACHA20_POLY1305_TLS13
    res = True
    ciphers = []
    for t in [_chacha20poly1305_test_1]:
        c = Cipher_CHACHA20_POLY1305_TLS13(key=t.k, fixed_iv=t.n)
        tmp1 = c.auth_decrypt(t.a, t.ct + t.tag, b"\0"*8) == (t.p, t.tag)
        tmp2 = c.auth_encrypt(t.p, t.a, b"\0"*8) == t.ct + t.tag
        res = res and tmp1 and tmp2
    return res

_all_chacha20poly1305_tests()


= Crypto - Camellia cipher, encryption/decryption checks

class _Camellia128_test:
    k= b"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10"
    p= b"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10"
    c= b"\x67\x67\x31\x38\x54\x96\x69\x73\x08\x57\x06\x56\x48\xea\xbe\x43"
    iv=b"\0"*16

class _Camellia256_test:
    k=(b"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10" +
       b"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff")
    p= b"\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10"
    c= b"\x9a\xcc\x23\x7d\xff\x16\xd7\x6c\x20\xef\x7c\x91\x9e\x3a\x75\x09"
    iv=b"\0"*16

def _all_camellia_tests():
    from scapy.layers.tls.crypto.cipher_block import (Cipher_CAMELLIA_128_CBC,
                                                      Cipher_CAMELLIA_256_CBC)
    res = True
    t = _Camellia128_test
    tmp = (Cipher_CAMELLIA_128_CBC(t.k, t.iv).encrypt(t.p) == t.c and
           Cipher_CAMELLIA_128_CBC(t.k, t.iv).decrypt(t.c) == t.p)
    res = res and tmp
    t = _Camellia256_test
    tmp = (Cipher_CAMELLIA_256_CBC(t.k, t.iv).encrypt(t.p) == t.c and
           Cipher_CAMELLIA_256_CBC(t.k, t.iv).decrypt(t.c) == t.p)
    res = res and tmp
    return res

_all_camellia_tests()


###############################################################################
#################### Reading protected test session ###########################
###############################################################################

# These packets come from a random TLS thread captured
# during a github connection from a Mozilla Firefox client.

+ Read a protected TLS session

= Reading test session - Loading unparsed TLS records
p1_ch = b'\x16\x03\x01\x00\xd5\x01\x00\x00\xd1\x03\x03\x17\xf2M\xc3|\x19\xdb\xc3<\xb5J\x0b\x8d5\x81\xc5\xce\t 2\x08\xd8\xec\xd1\xf8"B\x9cW\xd0\x16v\x00\x00\x16\xc0+\xc0/\xc0\n\xc0\t\xc0\x13\xc0\x14\x003\x009\x00/\x005\x00\n\x01\x00\x00\x92\x00\x00\x00\x1f\x00\x1d\x00\x00\x1acamo.githubusercontent.com\xff\x01\x00\x01\x00\x00\n\x00\x08\x00\x06\x00\x17\x00\x18\x00\x19\x00\x0b\x00\x02\x01\x00\x00#\x00\x003t\x00\x00\x00\x10\x00)\x00\'\x05h2-16\x05h2-15\x05h2-14\x02h2\x08spdy/3.1\x08http/1.1\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'
p2_sh = b'\x16\x03\x03\x00T\x02\x00\x00P\x03\x03F\x07n\xe2\x0c\x97g\xb7o\xb6\x9b\x14\x19\xbd\xdd1\x80@\xaaQ+\xc2,\x19\x15"\x82\xe8\xc5,\xe8\x12\x00\xc0/\x00\x00(\x00\x00\x00\x00\xff\x01\x00\x01\x00\x00\x0b\x00\x04\x03\x00\x01\x02\x00#\x00\x00\x00\x05\x00\x00\x00\x10\x00\x0b\x00\t\x08http/1.1'
p3_cert = b'\x16\x03\x03\nu\x0b\x00\nq\x00\nn\x00\x05\xb30\x82\x05\xaf0\x82\x04\x97\xa0\x03\x02\x01\x02\x02\x10\x07z]\xc36#\x01\xf9\x89\xfeT\xf7\xf8o>d0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x000p1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x150\x13\x06\x03U\x04\n\x13\x0cDigiCert Inc1\x190\x17\x06\x03U\x04\x0b\x13\x10www.digicert.com1/0-\x06\x03U\x04\x03\x13&DigiCert SHA2 High Assurance Server CA0\x1e\x17\r160120000000Z\x17\r170406120000Z0j1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x130\x11\x06\x03U\x04\x08\x13\nCalifornia1\x160\x14\x06\x03U\x04\x07\x13\rSan Francisco1\x150\x13\x06\x03U\x04\n\x13\x0cFastly, Inc.1\x170\x15\x06\x03U\x04\x03\x13\x0ewww.github.com0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xfb\xd5\x94\n\n\xe0P\xdc\x0f\xfc\x90\xb7qG\x9f,\x05\xde\x0e\x9a\xbc*\x8f\xd4\xf2\x9f\x08F\xf9\xf2\xd1\x18\xb4#\xa5*\xd2\xdf\x91?\xf9\xc5\xd0\xb2@\xbd\xd6\xbc@v.\x8d\xd8\x1e\r7\x8fz\x90W\xef\xe3\xa2\xc0\x11a\x03F\x0e\xfa\xb37\x0bf|!\x16\x8d\xfe/^.Y\xfec\':\xf3\xeds\xf8Mt\xb3Q\x17u\x9a\xed\x0ck\xcd\xe8\xc1\xea\xca\x01\xacu\xf9\x17)\xf0KP\x9dAdHl\xf6\xc0g}\xc8\xea\xdeHy\x81\x97A\x02\xb7F\xf6^M\xa5\xd9\x90\x86\xd7\x1ehQ\xac>%\xae\'\x11\xb1G4\xb8\x8b\xdeoyA\xd6\x92\x13)\x11\x80\xc4\x10\x17\\\x0clj\x02\xbb\xd0\n\xfc\xd2\x96x\x1d\xb6\xd4\x02\x7f\x1f\x0eR@Sop@\xda\x89)O\x0c\t~\xa3\xec\xc5W\xad\x03\xaa\x91\xedC\\\xf9\xf5[\xe8\xa1\xf0\xbem\x1b\xce-\xabC|p\xdc?\xec\xc9\x11\xf0t\xc9)\xa1P\xd0<)8\xdc\x7fV\xb9\xf8\x1f\x04\xa4^\x9f\xce\xdd\x17\x02\x03\x01\x00\x01\xa3\x82\x02I0\x82\x02E0\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14Qh\xff\x90\xaf\x02\x07u<\xcc\xd9edb\xa2\x12\xb8Yr;0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14d\xbfD\xb3F\t\x9b\xcfZ\x1dqI\xa2\x04r\x8b\x884\x84#0{\x06\x03U\x1d\x11\x04t0r\x82\x0ewww.github.com\x82\x0c*.github.com\x82\ngithub.com\x82\x0b*.github.io\x82\tgithub.io\x82\x17*.githubusercontent.com\x82\x15githubusercontent.com0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x05\xa00\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020u\x06\x03U\x1d\x1f\x04n0l04\xa02\xa00\x86.http://crl3.digicert.com/sha2-ha-server-g5.crl04\xa02\xa00\x86.http://crl4.digicert.com/sha2-ha-server-g5.crl0L\x06\x03U\x1d \x04E0C07\x06\t`\x86H\x01\x86\xfdl\x01\x010*0(\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16\x1chttps://www.digicert.com/CPS0\x08\x06\x06g\x81\x0c\x01\x02\x020\x81\x83\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04w0u0$\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x18http://ocsp.digicert.com0M\x06\x08+\x06\x01\x05\x05\x070\x02\x86Ahttp://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\x000\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00O\x16\xd1t\xf8>\xa3\x8f~\xf7\xaf\xcf\xfa\xb6\xdd\xa7\x88\x9e\xf8!\xad|(\x14\xb9\xb4\xffg\xd0\xb9\xe2O\x81}\x03\xb4\x9d\xbcU\x80$\x8c\xe5fP\xb8\xb8(\xd9\x0f\xb4\x95\xccb\xb2\x87|\xcf\x16^SH\xf9\xc2\xf8\x90 \xdc\x0e\x96\x7f\xe27\xcfA\xc7uf\r\x1c\xa7M\xee\x02\xaa\x1b\x00\xc0\xea\x0e\xd4Df\x08\t\xac\x00\x90pc\xfa\xcd\xaf\x89\x8a\xdbj|z\xb0k\xa8\xc5\xb4\x9d\x85\xd8S\x93E\xcar>\xa4\xd4\xe3\xa28J\x0f\x82\x08\xf0\xf3U\xf0m\xb21l\x189\xbf\xee\xe3\xe5\x8f\xcd@\x07\x0b\xd0\xe9e\xda\xd6LA\xff[\xafB\xaf\xf2\xb1F\xa1\xacX\xfc)\x80\xcb\xf6Z\xa6\xaf\xf26\x93\xdf\x92q\xa95\xe3:XP\xab::|\xd9\xf7y\x83\x9e\t\xfe\x0f\x90,Y+\x07$Z<\xb5\xd2\xa0\xdaE\xb8\xe1\xc0\x03\x07\x00h\xf6L\xfa\xe2v[\xce\x8f\xfe\xd0\xcb%\xf9\x9b\xcb\xa9\xffU\x12\xf3=_En2\xa0$\x8e\xb7\xa5vo\x0b\x87\xe9\x00\x04\xb50\x82\x04\xb10\x82\x03\x99\xa0\x03\x02\x01\x02\x02\x10\x04\xe1\xe7\xa4\xdc\\\xf2\xf3m\xc0+B\xb8]\x15\x9f0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x000l1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x150\x13\x06\x03U\x04\n\x13\x0cDigiCert Inc1\x190\x17\x06\x03U\x04\x0b\x13\x10www.digicert.com1+0)\x06\x03U\x04\x03\x13"DigiCert High Assurance EV Root CA0\x1e\x17\r131022120000Z\x17\r281022120000Z0p1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x150\x13\x06\x03U\x04\n\x13\x0cDigiCert Inc1\x190\x17\x06\x03U\x04\x0b\x13\x10www.digicert.com1/0-\x06\x03U\x04\x03\x13&DigiCert SHA2 High Assurance Server CA0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xb6\xe0/\xc2$\x06\xc8m\x04_\xd7\xef\nd\x06\xb2}"&e\x16\xaeB@\x9b\xce\xdc\x9f\x9fv\x07>\xc30U\x87\x19\xb9O\x94\x0eZ\x94\x1fUV\xb4\xc2\x02*\xaf\xd0\x98\xee\x0b@\xd7\xc4\xd0;r\xc8\x14\x9e\xef\x90\xb1\x11\xa9\xae\xd2\xc8\xb8C:\xd9\x0b\x0b\xd5\xd5\x95\xf5@\xaf\xc8\x1d\xedM\x9c_W\xb7\x86Ph\x99\xf5\x8a\xda\xd2\xc7\x05\x1f\xa8\x97\xc9\xdc\xa4\xb1\x82\x84-\xc6\xad\xa5\x9c\xc7\x19\x82\xa6\x85\x0f^DX*7\x8f\xfd5\xf1\x0b\x08\'2Z\xf5\xbb\x8b\x9e\xa4\xbdQ\xd0\'\xe2\xdd;B3\xa3\x05(\xc4\xbb(\xcc\x9a\xac+#\rx\xc6{\xe6^q\xb7J>\x08\xfb\x81\xb7\x16\x16\xa1\x9d#\x12M\xe5\xd7\x92\x08\xacu\xa4\x9c\xba\xcd\x17\xb2\x1eD5e\x7fS%9\xd1\x1c\n\x9ac\x1b\x19\x92th\n7\xc2\xc2RH\xcb9Z\xa2\xb6\xe1]\xc1\xdd\xa0 \xb8!\xa2\x93&o\x14J!A\xc7\xedm\x9b\xf2H/\xf3\x03\xf5\xa2h\x92S/^\xe3\x02\x03\x01\x00\x01\xa3\x82\x01I0\x82\x01E0\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\x000\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x860\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x0204\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04(0&0$\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x18http://ocsp.digicert.com0K\x06\x03U\x1d\x1f\x04D0B0@\xa0>\xa0<\x86:http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0=\x06\x03U\x1d \x0460402\x06\x04U\x1d \x000*0(\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16\x1chttps://www.digicert.com/CPS0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14Qh\xff\x90\xaf\x02\x07u<\xcc\xd9edb\xa2\x12\xb8Yr;0\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xb1>\xc3i\x03\xf8\xbfG\x01\xd4\x98&\x1a\x08\x02\xefcd+\xc30\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x18\x8a\x95\x89\x03\xe6m\xdf\\\xfc\x1dh\xeaJ\x8f\x83\xd6Q/\x8dkD\x16\x9e\xacc\xf5\xd2nl\x84\x99\x8b\xaa\x81q\x84[\xed4N\xb0\xb7y\x92)\xcc-\x80j\xf0\x8e \xe1y\xa4\xfe\x03G\x13\xea\xf5\x86\xcaYq}\xf4\x04\x96k\xd3YX=\xfe\xd31%\\\x188\x84\xa3\xe6\x9f\x82\xfd\x8c[\x981N\xcdx\x9e\x1a\xfd\x85\xcbI\xaa\xf2\'\x8b\x99r\xfc>\xaa\xd5A\x0b\xda\xd56\xa1\xbf\x1cnGI\x7f^\xd9H|\x03\xd9\xfd\x8bI\xa0\x98&B@\xeb\xd6\x92\x11\xa4d\nWT\xc4\xf5\x1d\xd6\x02^k\xac\xee\xc4\x80\x9a\x12r\xfaV\x93\xd7\xff\xbf0\x85\x060\xbf\x0b\x7fN\xffW\x05\x9d$\xed\x85\xc3+\xfb\xa6u\xa8\xac-\x16\xef}y\'\xb2\xeb\xc2\x9d\x0b\x07\xea\xaa\x85\xd3\x01\xa3 (AYC(\xd2\x81\xe3\xaa\xf6\xec{;w\xb6@b\x80\x05AE\x01\xef\x17\x06>\xde\xc03\x9bg\xd3a.r\x87\xe4i\xfc\x12\x00W@\x1ep\xf5\x1e\xc9\xb4'
p4_certstat_ske_shd = b'\x16\x03\x03\x01\xdf\x16\x00\x01\xdb\x01\x00\x01\xd70\x82\x01\xd3\n\x01\x00\xa0\x82\x01\xcc0\x82\x01\xc8\x06\t+\x06\x01\x05\x05\x070\x01\x01\x04\x82\x01\xb90\x82\x01\xb50\x81\x9e\xa2\x16\x04\x14Qh\xff\x90\xaf\x02\x07u<\xcc\xd9edb\xa2\x12\xb8Yr;\x18\x0f20160914121000Z0s0q0I0\t\x06\x05+\x0e\x03\x02\x1a\x05\x00\x04\x14\xcf&\xf5\x18\xfa\xc9~\x8f\x8c\xb3B\xe0\x1c/j\x10\x9e\x8e_\n\x04\x14Qh\xff\x90\xaf\x02\x07u<\xcc\xd9edb\xa2\x12\xb8Yr;\x02\x10\x07z]\xc36#\x01\xf9\x89\xfeT\xf7\xf8o>d\x80\x00\x18\x0f20160914121000Z\xa0\x11\x18\x0f20160921112500Z0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x90\xef\xf9\x15U\x88\xac@l\xf6n\x04C/\x1a\xf5\xbc[Xi\xd9U\xbe\'\xd3\xb7\xf5\xbb\t\xd8\xb1Tw\x9c2\xac\x7f\x88\xba\x98\xe4\xa13\xf4\xdc\xea\xf3\xacX\xe4,E\xf5\xa9\xc3\xf4B-N\xe0\x89D[\xbe\n\xc2h\x9ar\xfd\'.\xc8,\xed\x83\xc2\xf0\x89_\x8c\xc3\xe7\x8a\xad\xa4\x14\x03\x96\x02\xc4\xa8\xc8\x90\x96%X\x80\x95\x02\x9d_\xc82;m\xe9\x15\x00\xa8\x00\xb9\x01\xe3aN&\xe4\xd5\x8a\xc4w7\x0b\xc3~\xc5\xb1M\x10~T\x9e\x1d\xf6\x06\xf8\x12sTg\x14b_\xe7\xc04\xb4\xa3\xd2\x8f\xe6\xa6\xc4\x01q\x03j\xc8\xd4\xc7\x89\xdde\x99\x1a\xd9\x02\xe7\x17\xd1\xf40P\xef\xf6$\xee\xfad\xf4\xeb\xc8\xf7\x0bRL\x8b\xa5x\xe4R2\xe9\xc2\xfcB\nh\x93\xf7\x0ep4h\xeb\x17\x83\xc8\x88!\xc3W\x94WG\xfe3\x15C0qE&A\x99\xa8}\x1a\xda"\xa9O\xba\x90W_W\xado\x1c\xf0`g7\xbb$\x91o\xec\xdd\xbd\x9e\x8bb\xfc\x16\x03\x03\x01M\x0c\x00\x01I\x03\x00\x17A\x04\xc3\x9d\x1cD\xcb\x85?dU\x9eg\xc9\x90\xd8\x80N|F\x98\x0cA\x07\xdfg\xa2\xfb_z\xe4\x9b\xf6\x06\xf3L\x82KJ8\x0e\x1a\x13\x97;:\x12\rdeu\xb5\x9f\x8d\xaa\xfc\x0f\xacb\x0e\xadVX\x19\x03u\x06\x01\x01\x00y\x8aQ\x11\x94\x91\x7f\xf7\xa3#o.\x11\x1d\xb3K\xede~0\xfb\xaf\x92\xfb\xfdY\x98n\x17$\xae\xf6\x16\x14\x13J;\x1cm7\xfa;\xc8G\xa6\x1a}{\xc2\xa5\x1b\xc5\x1c\xb5\x86\x18\x18Z\xa71\x86\x0b-\xa7/q\x89+\xc7$\xbb\xf2 \x17\xc8`\xbbt[j\x9f\x83\x88\xc0\x8d\xcf4fu1\xc3\xea:B\r\xc6\xc9\x12jP\x0c- \x17\x17t\x10\x17)e\xbe\xaao\xe5@\xd2\xcc\xa5\x89mRy\xfapc~\xa6\x84\x80\xbc4\xb4B\xcb\x92\x86\xad\xf6`9j\xf0\x8ee\xc0|\xfd\xdb\xde!\xceH\x0e\x9c\xfb\x85#\x9f\xb7\xccT\x96\xe0 \xfet-\xd8yUs\xe7m\x94\x07\xbc]~\x99\xd3\x93\xfb\\\xfc@B\x14w\xce\xe8n\x14\xd4\xcc\x07\xe5\xb5@j\x17IQ\xcfub\xcf\xa2\xde\xcaU\xb3 \x8b\xdb\x10Y\x0cS\xc7\x0b\xd8BP\xfeX!\x17\x94\x80\xedu\xf8M\xa7r\xc3\x04\xf4\xd6\xb7\x99\xd1=\x922\xf9\x0b\x9f\xe7\x1b\x932`15\xef\x16\x03\x03\x00\x04\x0e\x00\x00\x00'
p5_cke_ccs_fin = b"\x16\x03\x03\x00F\x10\x00\x00BA\x04\xd2\x07\xce\xa9v\xd8\x1d\x18\x9bN\xe1\x83U\x8c\x8f\xd5a\x0f\xe5_\x9d\x0f\x8c\x9dT\xf6\xa9\x18'a\x8fHH@\x0c\xd4D\x801\x92\x07\xf3\x95\xa9W\x18\xfc\xb7J\xe6j\xbb\xac\x0f\x86\xae\n+\xd5\xb9\xdc\x86[\xe7\x14\x03\x03\x00\x01\x01\x16\x03\x03\x00(\x00\x00\x00\x00\x00\x00\x00\x00\xd9\xcb,\x8cM\xfd\xbc9\xaa\x05\xf3\xd3\xf3Z\x8a-\xc7^\xc1\x8e\x81M\xff\x00\x0f}G\xf2\x8c\xab\n="
p6_tick_ccs_fin = b"\x16\x03\x03\x00\xca\x04\x00\x00\xc6\x00\x00\x04\xb0\x00\xc0c\xccwJ\x00\xdb,B.\x8fv#\xdd\xa9\xaeS\x90S \xb7(^\x0c\xed\n\xaeM\x0bN\xba\xb4\x8a4d\x85\x88 iN\xc9\xd1\xbe\xac\xe2Wb\xc9N\xf3\x85\xbf\xb7j\xa4IB\x8a\x1b\xe4\x8d\x1f\x148%\xd7R3\x0f4\rh\x8f\xccBj\xb5\r\xfa\xc1f\r?f\xc4\x0f_q9\xe1\x07B\x038\xb4}\xbb\xb0\xfc\x0eG\xf2\t&\x13\x98\xcb\xfc\xf6\xf4\xeb\x99!\t]\xe2\xd9-J\xe4\xdbK\xa1\xe5\xf0\t\xdfX\x0c\xb3\r\xf9\x18\xfb}\xd9\nhW1\xfc\x1c\x08DJ,\xa6#\xb0\x15\x16(&\xfdP\x8a%\xeb\xc2\xdd\xd8\xa2/\xbd$\xc3\x14\xfb\xf3\x86\xa3\xceO\x18\x9f\xfdS|'\x11\x02\xc8\xa6eW\xbdo*y\xf3.\xcf\x04\x14\x03\x03\x00\x01\x01\x16\x03\x03\x00(\xd8m\x92\t5YZ:7\\)`\xaa`\x7ff\xcd\x10\xa9v\xa3*\x17\x1a\xecguD\xa8\x87$<7+\n\x94\x1e9\x96\xfa"
p7_data = b"\x17\x03\x03\x01\xf6\x00\x00\x00\x00\x00\x00\x00\x01?\x04iy\x00\x04 \\\xd0\xd4\x9eG\x1f\xbf\xa3k\xfe=\xee\xce\x15\xa0%%\x06c}\xf6\xd4\xfb\xa6\xf0\xf6\x0cO\x1c\x9c\x91\xa9\x0b\x88J\xe0z\x94\xcaT\xeb\xc7\xad\x02j\x10\r\xc6\x12\xb9\xb9\x7f<\x84V\xab\x1e\xfc\xe5\x01\xda\xd6G\xf5\xb7\xf2I6\x8b\xc9\xc4a\xd3\x19\xeat\xfc\x9b\xfa\x1e\xe7\x8c\xaa\xb3\xce\xd0\x86G\x9b\x90\xf7\xde\xb1\x8bwM\x93\xa2gS>\xf3\x97\xf1CB\xfb\x8fs\x1e\xff\x83\xf9\x8b\xc0]\xbd\x80Mn3\xff\xa9\xf3)'\xc3S\xc8\xcd:\xbe\xd72B~$\xb2;\xeb+\xa4\xbd\xa9A\xd9 \n\x87\xe9\xe2\xe9\x82\x83M\x19Q\xf2n\x0e\x15\xdf\xb3;0\xdd&R\xb7\x15\x89\xe9O\xd8G7\x7f\xc3\xb8f\xc7\xd3\xc90R\x83\xf3\xd4\x1cd\xe8\xc5\x8d\xe4N(k7\xf0\xb7\xbd\x01\xb3\x9b\x86\xbaC.\x17\x8d\xd0g\xc9\xb1\x01\xfa\x01\xbe\xdbt\xb1u/\x19V\xc6\x08@\xff\xa8n\xe8\xd0\xd6n,\x05\xc9\xc2\xd8g\x19\x03.l\xb4)\xa09\xf9\xe7\x83\x01-\xe8\xf8\xffy\xbf\xf7\xe6\x11\xc5\xf5\x9aG\xb3e \xd85\x0f\x8f\x85H\xea\xc2n\x1eR\xbe\x01\xef\xef\x93\xe7*>\xbd\x84\x8b9HDI\x90\xc4$\x9a\x9aK\x88Ki\n\xa3\xab\xed\x91\xcd\xe8\xb1\xd4\x8e\xbcE\x88\xe8\x05\x16\xd5\xed\x18\x16g>\x04\xd8\x1dB}\x91\x90\xd1\xda\x03\xe1\x972CxtD\x85\xafF|~7D9*U\xad\x0b\xc4#\x06}\xec\xd6\xd3?y\x96\xa4\xb5\xa3\x1d\x1c\xbd\xc9\xc9g\xb12\xc9\x0f\xa1\x03\x12N\x0b\xec\x14\xc9vJ\nM\xa7\xc8h\xd0|(1(\xa3\x98@nH\n\x0b\xa80\x00\x02\xb7\x06Z\xd4M\xdc!AV\xe2\xa7*\xc3\x90U\xee\xd0\xb2\x05\xa3w\xe1\xe2\xbe\x1e\xbe\xd4u\xb1\xa1z\x1e\x1c\x15%7\xdd\xf9\xb9~\x02\xf9s\x0c1\xfb;\xab\xf1\x1e\xaf\x06\x8c\xafe\x00\x15e5\xac\xd7]>\x1dLb5\x8e+\x01n\xcb\x19\xcc\x17Ey\xc8"


= Reading TLS test session - TLS parsing (no encryption) does not throw any error
# We will need to distinguish between connection ends. See next XXX below.
t1 = TLS(p1_ch)
t2 = TLS(p2_sh, tls_session=t1.tls_session.mirror())
t3 = TLS(p3_cert, tls_session=t2.tls_session)
t4 = TLS(p4_certstat_ske_shd, tls_session=t3.tls_session)


= Reading TLS test session - TLS Record header
# We leave the possibility for some attributes to be either '' or None.
assert(t1.type == 0x16)
assert(t1.version == 0x0301)
assert(t1.len == 213)
assert(not t1.iv)
assert(not t1.mac)
assert(not t1.pad and not t1.padlen)
len(t1.msg) == 1


= Reading TLS test session - TLS Record __getitem__
TLSClientHello in t1

= Reading TLS test session - ClientHello
ch = t1.msg[0]
assert(isinstance(ch, TLSClientHello))
assert(ch.msgtype == 1)
assert(ch.msglen == 209)
assert(ch.version == 0x0303)
assert(ch.gmt_unix_time == 0x17f24dc3)
assert(ch.random_bytes == b'|\x19\xdb\xc3<\xb5J\x0b\x8d5\x81\xc5\xce\t 2\x08\xd8\xec\xd1\xf8"B\x9cW\xd0\x16v')
assert(ch.sidlen == 0)
assert(not ch.sid)
assert(ch.cipherslen == 22)
assert(ch.ciphers == [49195, 49199, 49162, 49161, 49171, 49172, 51, 57, 47, 53, 10])
assert(ch.complen == 1)
assert(ch.comp == [0])


= Reading TLS test session - ClientHello extensions
assert(ch.extlen == 146)
ext = ch.ext
assert(len(ext) == 9)
assert(isinstance(ext[0], TLS_Ext_ServerName))
assert(ext[0].type == 0)
assert(ext[0].len == 31)
assert(ext[0].servernameslen == 29)
assert(len(ext[0].servernames) == 1)
assert(ext[0].servernames[0].nametype == 0)
assert(ext[0].servernames[0].namelen == 26)
assert(ext[0].servernames[0].servername == b"camo.githubusercontent.com")
assert(isinstance(ext[1], TLS_Ext_RenegotiationInfo))
assert(not ext[1].renegotiated_connection)
assert(isinstance(ext[2], TLS_Ext_SupportedGroups))
assert(ext[2].groups == [0x17, 0x18, 0x19])
assert(isinstance(ext[3], TLS_Ext_SupportedPointFormat))
assert(ext[3].ecpl == [0])
assert(isinstance(ext[4], TLS_Ext_SessionTicket))
assert(not ext[4].ticket)
assert(isinstance(ext[5], TLS_Ext_NPN))
assert(ext[5].protocols == [])
assert(isinstance(ext[6], TLS_Ext_ALPN))
assert(len(ext[6].protocols) == 6)
assert(ext[6].protocols[-1].protocol == b"http/1.1")
assert(isinstance(ext[7], TLS_Ext_CSR))
assert(isinstance(ext[7].req[0], OCSPStatusRequest))
assert(isinstance(ext[8], TLS_Ext_SignatureAlgorithms))
assert(len(ext[8].sig_algs) == 10)
ext[8].sig_algs[-1] == 0x0202


= Reading TLS test session - ServerHello
assert(TLSServerHello in t2)
sh = t2.msg[0]
assert(isinstance(sh, TLSServerHello))
assert(sh.gmt_unix_time == 0x46076ee2)
assert(sh.random_bytes == b'\x0c\x97g\xb7o\xb6\x9b\x14\x19\xbd\xdd1\x80@\xaaQ+\xc2,\x19\x15"\x82\xe8\xc5,\xe8\x12')
assert(sh.cipher == 0xc02f)
assert(len(sh.ext) == 6)
sh.ext[-1].protocols[-1].protocol == b"http/1.1"


= Reading TLS test session - Certificate
cert = t3.msg[0]
assert(cert.certslen == 2670)
assert(len(cert.certs) == 2)
srv_cert = cert.certs[0][1]
assert(isinstance(srv_cert, Cert))
assert(srv_cert.serial == 0x077a5dc3362301f989fe54f7f86f3e64)
srv_cert.subject['commonName'] == 'www.github.com'


= Reading TLS test session - Multiple TLS layers
cert_stat = t4.msg[0]
ske = t4.payload.msg[0]
shd = t4.payload.payload.msg[0]
isinstance(t4.payload.payload.payload, NoPayload)


= Reading TLS test session - CertificateStatus
assert(isinstance(cert_stat, TLSCertificateStatus))
assert(cert_stat.responselen == 471)
cert_stat.response[0].responseStatus == 0
# we leave the remaining OCSP tests to x509.uts


= Reading TLS test session - ServerKeyExchange
assert(isinstance(ske, TLSServerKeyExchange))
p = ske.params
assert(isinstance(p, ServerECDHNamedCurveParams))
assert(p.named_curve == 0x0017)
assert(orb(p.point[0]) == 4 and p.point[1:5] == b'\xc3\x9d\x1cD' and p.point[-4:] == b'X\x19\x03u')
assert(ske.sig.sig_alg == 0x0601)
ske.sig.sig_val[:4] == b'y\x8aQ\x11' and ske.sig.sig_val[-4:] == b'`15\xef'


= Reading TLS test session - ServerHelloDone
assert(isinstance(shd, TLSServerHelloDone))
shd.msglen == 0

= Reading TLS test session - Context checks after 1st RTT
t = shd.tls_session
assert(len(t.handshake_messages) == 6)
assert(t.handshake_messages_parsed[-1] is shd)
assert(t.tls_version == 0x0303)
assert(t.client_kx_ffdh_params is None)
assert(t.client_kx_ecdh_params is not None)
pn = t.server_kx_pubkey.public_numbers()
x = pkcs_i2osp(pn.x, pn.curve.key_size/8)
y = pkcs_i2osp(pn.y, pn.curve.key_size/8)
assert(x[:4] == b'\xc3\x9d\x1cD' and y[-4:] == b'X\x19\x03u')
assert(t.rcs.row == "read")
assert(t.wcs.row == "write")
t.rcs.ciphersuite.val == 0


= Reading TLS test session - TLS parsing (with encryption) does not throw any error
# XXX Something should be done, as for instance the reading of the 1st CCS
# will mess up the reading state of the other side (even before the 2nd CCS).
t5 = TLS(p5_cke_ccs_fin, tls_session=t4.tls_session.mirror())


= Reading TLS test session - ClientKeyExchange
cke = t5.msg[0]
ccs = t5.payload.msg[0]
rec_fin = t5.payload.payload
fin = t5.payload.payload.msg[0]
isinstance(t5.payload.payload.payload, NoPayload)
assert(isinstance(cke, TLSClientKeyExchange))
k = cke.exchkeys
assert(isinstance(k, ClientECDiffieHellmanPublic))
assert(k.ecdh_Yclen == 65)
assert(k.ecdh_Yc[:4] == b'\x04\xd2\x07\xce' and k.ecdh_Yc[-4:] == b'\xdc\x86[\xe7')


= Reading TLS test session - ChangeCipherSpec
assert(isinstance(ccs, TLSChangeCipherSpec))
ccs.msgtype == 1


= Reading TLS test session - Finished
assert(rec_fin.version == 0x0303)
assert(rec_fin.deciphered_len == 16)
assert(rec_fin.len == 40)
assert(rec_fin.iv == b'\x00\x00\x00\x00\x00\x00\x00\x00')
assert(rec_fin.mac == b'\xc7^\xc1\x8e\x81M\xff\x00\x0f}G\xf2\x8c\xab\n=')
assert(not rec_fin.pad and not rec_fin.padlen)
from scapy.layers.tls.record import _TLSEncryptedContent
assert(isinstance(fin, _TLSEncryptedContent))
fin.load == b'\xd9\xcb,\x8cM\xfd\xbc9\xaa\x05\xf3\xd3\xf3Z\x8a-'


= Reading TLS test session - Ticket, CCS & Finished
t6 = TLS(p6_tick_ccs_fin, tls_session=t5.tls_session.mirror())
tick = t6.msg[0]
assert(isinstance(tick, TLSNewSessionTicket))
assert(tick.msgtype == 4)
assert(tick.lifetime == 1200)
assert(tick.ticketlen == 192)
assert(tick.ticket[:4] == b'c\xccwJ' and tick.ticket[-4:] == b'\xf3.\xcf\x04')
ccs = t6.payload.msg[0]
assert(isinstance(ccs, TLSChangeCipherSpec))
rec_fin = t6.getlayer(4)
assert(rec_fin.iv == b'\xd8m\x92\t5YZ:')
assert(rec_fin.mac == b'\xecguD\xa8\x87$<7+\n\x94\x1e9\x96\xfa')
assert(isinstance(rec_fin.msg[0], _TLSEncryptedContent))
rec_fin.msg[0].load == b'7\\)`\xaa`\x7ff\xcd\x10\xa9v\xa3*\x17\x1a'


= Reading TLS test session - ApplicationData
t7 = TLS(p7_data, tls_session=t6.tls_session.mirror())
assert(t7.iv == b'\x00\x00\x00\x00\x00\x00\x00\x01')
assert(t7.mac == b'>\x1dLb5\x8e+\x01n\xcb\x19\xcc\x17Ey\xc8')
assert(not t7.pad and not t7.padlen)
assert(isinstance(t7.msg[0], _TLSEncryptedContent))
len(t7.msg[0].load) == 478

= Reading TLS msg dissect - Packet too small
assert isinstance(TLS(b"\x00"), Raw)

= Reading TLS msg dissect - Wrong data
from scapy.layers.tls.record import _TLSMsgListField
assert isinstance(_TLSMsgListField.m2i(_TLSMsgListField("", []), TLS(type=0), '\x00\x03\x03\x00\x03abc'), Raw)


###############################################################################
################## Reading TLS vulnerable test session ########################
###############################################################################

# These packets come from a session between an s_server and an s_client.
# We assume the server's private key has been retrieved. Because the cipher
# suite does not provide PFS, we are able to break the data confidentiality.

+ Read a vulnerable TLS session

= Reading TLS vulnerable session - Decrypt data from using a compromised server key
import os
basedir = os.path.abspath(os.path.join(os.path.dirname(__file__),"../"))
key = PrivKeyRSA(basedir + "/test/tls/pki/srv_key.pem")
ch = b'\x16\x03\x01\x005\x01\x00\x001\x03\x01X\xac\x0e\x8c\xe46\xe9\xedo\xda\x085$M\xae$\x90\xd9\xa93\xb7(\x13J\xf9\xc5?\xef\xf4\x96\xa1\xfa\x00\x00\x04\x00/\x00\xff\x01\x00\x00\x04\x00#\x00\x00'
sh = b'\x16\x03\x01\x005\x02\x00\x001\x03\x01\x88\xac\xd4\xaf\x93~\xb5\x1b8c\xe7)\xa6\x9b\xa9\xed\xf3\xf3*\xdb\x00\x8bB\xf6\n\xcbz\x8eP\x83`G\x00\x00/\x00\x00\t\xff\x01\x00\x01\x00\x00#\x00\x00\x16\x03\x01\x03\xac\x0b\x00\x03\xa8\x00\x03\xa5\x00\x03\xa20\x82\x03\x9e0\x82\x02\x86\xa0\x03\x02\x01\x02\x02\t\x00\xfe\x04W\r\xc7\'\xe9\xf60\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x000T1\x0b0\t\x06\x03U\x04\x06\x13\x02MN1\x140\x12\x06\x03U\x04\x07\x0c\x0bUlaanbaatar1\x170\x15\x06\x03U\x04\x0b\x0c\x0eScapy Test PKI1\x160\x14\x06\x03U\x04\x03\x0c\rScapy Test CA0\x1e\x17\r160916102811Z\x17\r260915102811Z0X1\x0b0\t\x06\x03U\x04\x06\x13\x02MN1\x140\x12\x06\x03U\x04\x07\x0c\x0bUlaanbaatar1\x170\x15\x06\x03U\x04\x0b\x0c\x0eScapy Test PKI1\x1a0\x18\x06\x03U\x04\x03\x0c\x11Scapy Test Server0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xcc\xf1\xf1\x9b`-`\xae\xf2\x98\r\')\xd9\xc0\tYL\x0fJ0\xa8R\xdf\xe5\xb1!\x9fO\xc3=V\x93\xdd_\xc6\xf7\xb3\xf6U\x8b\xe7\x92\xe2\xde\xf2\x85I\xb4\xa1,\xf4\xfdv\xa8g\xca\x04 `\x11\x18\xa6\xf2\xa9\xb6\xa6\x1d\xd9\xaa\xe5\xd9\xdb\xaf\xe6\xafUW\x9f\xffR\x89e\xe6\x80b\x80!\x94\xbc\xcf\x81\x1b\xcbg\xc2\x9d\xb5\x05w\x04\xa6\xc7\x88\x18\x80xh\x956\xde\x97\x1b\xb6a\x87B\x1au\x98E\x82\xeb>2\x11\xc8\x9b\x86B9\x8dM\x12\xb7X\x1b\x19\xf3\x9d+\xa1\x98\x82\xca\xd7;$\xfb\t9\xb0\xbc\xc2\x95\xcf\x82)u\x16)?B \x17+M@\x8cVl\xad\xba\x0f4\x85\xb1\x7f@yqx\xb7\xa5\x04\xbb\x94\xf7\xb5A\x95\xee|\xeb\x8d\x0cyhY\xef\xcb\xb3\xfa>x\x1e\xeegLz\xdd\xe0\x99\xef\xda\xe7\xef\xb2\t]\xbe\x80 !\x05\x83,D\xdb]*v)\xa5\xb0#\x88t\x07T"\xd6)z\x92\xf5o-\x9e\xe7\xf8&+\x9cXe\x02\x03\x01\x00\x01\xa3o0m0\t\x06\x03U\x1d\x13\x04\x020\x000\x0b\x06\x03U\x1d\x0f\x04\x04\x03\x02\x05\xe00\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xa1+ p\xd2k\x80\xe5e\xbc\xeb\x03\x0f\x88\x9ft\xad\xdd\xf6\x130\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14fS\x94\xf4\x15\xd1\xbdgh\xb0Q725\xe1\xa4\xaa\xde\x07|0\x13\x06\x03U\x1d%\x04\x0c0\n\x06\x08+\x06\x01\x05\x05\x07\x03\x010\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x81\x88\x92sk\x93\xe7\x95\xd6\xddA\xee\x8e\x1e\xbd\xa3HX\xa7A5?{}\xd07\x98\x0e\xb8,\x94w\xc8Q6@\xadY\t(\xc8V\xd6\xea[\xac\xb4\xd8?h\xb7f\xca\xe1V7\xa9\x00e\xeaQ\xc9\xec\xb2iI]\xf9\xe3\xc0\xedaT\xc9\x12\x9f\xc6\xb0\nsU\xe8U5`\xef\x1c6\xf0\xda\xd1\x90wV\x04\xb8\xab8\xee\xf7\t\xc5\xa5\x98\x90#\xea\x1f\xdb\x15\x7f2(\x81\xab\x9b\x85\x02K\x95\xe77Q{\x1bH.\xfb>R\xa3\r\xb4F\xa9\x92:\x1c\x1f\xd7\n\x1eXJ\xfa.Q\x8f)\xc6\x1e\xb8\x0e1\x0es\xf1\'\x88\x17\xca\xc8i\x0c\xfa\x83\xcd\xb3y\x0e\x14\xb0\xb8\x9b/:-\t\xe3\xfc\x06\xf0:n\xfd6;+\x1a\t*\xe8\xab_\x8c@\xe4\x81\xb2\xbc\xf7\x83g\x11nN\x93\xea"\xaf\xff\xa3\x9awWv\xd0\x0b8\xac\xf8\x8a\x945\x8e\xd7\xd4a\xcc\x01\xff$\xb4\x8fa#\xba\x88\xd7Y\xe4\xe9\xba*N\xb5\x15\x0f\x9c\xd0\xea\x06\x91\xd9\xde\xab\x16\x03\x01\x00\x04\x0e\x00\x00\x00'
ck = b"\x16\x03\x01\x01\x06\x10\x00\x01\x02\x01\x00w\x93\xec\xfa\xf3\xdf[\x9a4\xa7\x9e\xcd\x06=\x8dH\xf1\x069\x8c\x06\x01S\xf7\xb5\x16h\xf6\xd5 I\xd7\xf0\xc5Z\xf6\xe0f7\x95\x91\xddNC\xe7$\xf5\xdaZ\xcdG\xd8\x14\xcaV\x98\xc4\xb2\x8cm\xe51@\x9b\x9c\xb8\xadul\xd0\xdf\xf2\xd7@Q\xe4\x05J\xf31[\xdf\xc8'(\x8f#\xf0\xc4\x1c\xc6\x07G\xb327\x85\xad\xa2\xa6\xa2E\x18\x85rP\xb8\x86uL\\7\x82\x18\xceh\xc6\xd1\xf4\xcc\xb9VN\x85\x7f9c\x92\t\x96\x8e\x80\x06\xe4\r\xbfu<\xabgP^z\xc7\xfd\x8e\x12t^\xb7\xc7Lr\xdc5\xf8\xa7\xdb\x9c\xbd\xd5\xad\xabP<\xe7\x9f%f\xb4\xd8\xf4\xf0~\x99\xbeZ\xe9\xbc\x0c9\r\xb2Uq\xfcd\xa4\xda\x89\x90\xd1\x15\x05\xcc\x00\xb1\xcd\xa9c\xb4\xe8\x7fRH\xbd\xe1\xd2\xd8\x9c\xb6\xd2\x8dq9\xe5\t\xeb\xfc\x1b\x06\xac\xab\x96\xa7\xfd{\xdf\xf2\x16\r\xd6'\xb8\xd3\xa5L\xc8\x08 \xb9\xccN\xe5\xf0\xa0S\xf3\xc3\xc9\xdf\xee\xd0\r\xd8[\x14\x03\x01\x00\x01\x01\x16\x03\x01\x000~\x01\xe1!2\x90\xba\xc8 \xb6\x8c\xb7\xd9\xf5\x80\x1d$Z^\xc8\xa3\x9f\xb3\xf1M\x0c\xd1\xedd\xb1'\x0f\xe4ER\xc9\xf7L\xf3;\xc1\xbaz\xfa\xb76\xe3q"
fin = b"\x16\x03\x01\x00\xaa\x04\x00\x00\xa6\x00\x00\x1c \x00\xa0*\xf5.4:\xe4;t\xf0v\xed\xeaLX\xa5\xce*@\xe7\x83\rWx\xadWkM-\x95\xe7\x98\xcb6x\xeb\xca\xfe8\xf5\x84*\x9bAmZ/o9\xb03\xea\x1e\x99\xfdQ\xbfe\r\xe8W\xd5\xdb\xdd\x83\x90\x14\xc6\xef\x10s\x15\xff\xc2U\xce\xb0\x00\x11\x02|\xed\x99\xbac\xfb\x03M\xce\xd3\x92\xbe\x98\x95\x1c\xef\x9b\xb1\xd6,\x0c6Td\xc9j*\x17\xb9\xde\x13\x8f\xba[\xbcD\x1b\x9a~\xe9\xa2\xf3\xa4V3\xfe\xd6'\xc8i+\xb0m\xf8&\x86\x83\xaa\xe5\x1d\x06\x07lOx\x06 \x02\xbe\xfe\xda\x93-\x9fk\xeaHu\x8a\xec_\x14\x03\x01\x00\x01\x01\x16\x03\x01\x000Pc\xe0T+\x17\\>\xd0\xbc\xe6Xx}\xe5\xa26\xea\x0b\xad\x1bY\x1b\x05,\x7f\xeeQ\xd6\xea!\x9d.\xe0\xf3\x88\xe6'jV\xfdz]M'\xcejJ"
data = b'\x17\x03\x01\x00 \xe8\x91\'mRT\x17\xa1\xd6}+\x80\x02\xda\xadw.\x82TA\'\xdep\xa4\xe1\xb1H\xa9\xb1\x81gw\x17\x03\x01\x00P\xddD\x18\xdb\x82pz\xb75>\x1c\xd7\xa9=\x18C\xbd\xf0F\xa1k\x0c\xe5&\xf2\xdf\x97\xf0\xab5\xf41W\x85 \xcf\xd9\x98\xa4\xe8\xcc\xff \x1c\xbc\xb3U\xc8\x9c>\xc4$\xa5U\xc6\xd4\x1f"\xce\xf0\x98\xf0D\xd2\x1d\r*\x99*\xdcd4?\xc9\x0b\xa6\xb2\x81%\xfc'
t = TLS(ch)
t = TLS(sh, tls_session=t.tls_session.mirror())
t.tls_session.server_rsa_key = key
t = TLS(ck, tls_session=t.tls_session.mirror())
t = TLS(fin, tls_session=t.tls_session.mirror())
t = TLS(data, tls_session=t.tls_session.mirror())
assert(len(t.msg) == 1)
assert(isinstance(t.msg[0], TLSApplicationData))
assert(t.msg[0].data == b"")
t.getlayer(2).msg[0].data == b"To boldly go where no man has gone before...\n"


###############################################################################
############################## Building packets ###############################
###############################################################################

+ Build TLS packets

= Building packets - Various default records
raw(TLS())
raw(TLSClientHello())
raw(TLSServerHello())
raw(TLSCertificate())
raw(TLSServerKeyExchange())
raw(TLSClientKeyExchange())
raw(TLSAlert())
raw(TLSChangeCipherSpec())
raw(TLSApplicationData()) == b""


= Building packets - ClientHello with automatic length computation
ch = TLSClientHello()
ch.msgtype = 'client_hello'
ch.version = 'TLS 1.2'
ch.gmt_unix_time = 0x26ee2ddd
ch.random_bytes = b'X\xe1\xb1T\xaa\xb1\x0b\xa0zlg\xf8\xd14]%\xa9\x91d\x08\xc7t\xcd6\xd4"\x9f\xcf'
ch.ciphers = [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA]
ch.comp = 'null'
ext1 = TLS_Ext_ServerName(servernames=ServerName(servername='mn.scapy.wtv'))
ext2 = TLS_Ext_RenegotiationInfo()
ext3 = TLS_Ext_SupportedEllipticCurves(groups=['secp256r1', 'secp384r1', 'secp521r1'])
ext4 = TLS_Ext_SupportedPointFormat(ecpl='uncompressed')
ext5 = TLS_Ext_SessionTicket()
ext6 = TLS_Ext_NPN()
ext7 = TLS_Ext_ALPN(protocols=[ProtocolName(protocol='h2-16'), ProtocolName(protocol='h2-15'), ProtocolName(protocol='h2-14'), ProtocolName(protocol='h2'), ProtocolName(protocol='spdy/3.1'), ProtocolName(protocol='http/1.1')])
ext8 = TLS_Ext_CSR(stype='ocsp', req=OCSPStatusRequest())
ext9 = TLS_Ext_SignatureAlgorithms(sig_algs=['sha256+rsa', 'sha384+rsa', 'sha512+rsa', 'sha1+rsa', 'sha256+ecdsa', 'sha384+ecdsa', 'sha512+ecdsa', 'sha1+ecdsa', 'sha256+dsa', 'sha1+dsa'])
ch.ext = [ext1, ext2, ext3, ext4, ext5, ext6, ext7, ext8, ext9]
t = TLS(type='handshake', version='TLS 1.0', msg=ch)
raw(t) == b'\x16\x03\x01\x00\xc7\x01\x00\x00\xc3\x03\x03&\xee-\xddX\xe1\xb1T\xaa\xb1\x0b\xa0zlg\xf8\xd14]%\xa9\x91d\x08\xc7t\xcd6\xd4"\x9f\xcf\x00\x00\x16\xc0+\xc0/\xc0\n\xc0\t\xc0\x13\xc0\x14\x003\x009\x00/\x005\x00\n\x01\x00\x00\x84\x00\x00\x00\x11\x00\x0f\x00\x00\x0cmn.scapy.wtv\xff\x01\x00\x01\x00\x00\n\x00\x08\x00\x06\x00\x17\x00\x18\x00\x19\x00\x0b\x00\x02\x01\x00\x00#\x00\x003t\x00\x00\x00\x10\x00)\x00\'\x05h2-16\x05h2-15\x05h2-14\x02h2\x08spdy/3.1\x08http/1.1\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00\r\x00\x16\x00\x14\x04\x01\x05\x01\x06\x01\x02\x01\x04\x03\x05\x03\x06\x03\x02\x03\x04\x02\x02\x02'


= Building packets - ServerHello context linking
from scapy.layers.tls.crypto.kx_algs import KX_ECDHE_RSA
from scapy.layers.tls.crypto.cipher_block import Cipher_AES_256_CBC
sh = TLSServerHello(gmt_unix_time=0x41414141, random_bytes='B'*28, cipher=0xc014)
t = TLS(msg=sh)
t.raw_stateful()
assert(isinstance(t.tls_session.pwcs.ciphersuite, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA))
assert(isinstance(t.tls_session.pwcs.key_exchange, KX_ECDHE_RSA))
assert(isinstance(t.tls_session.pwcs.cipher, Cipher_AES_256_CBC))
assert(isinstance(t.tls_session.pwcs.hmac, Hmac_SHA))
t.tls_session.server_random == b'A'*4+b'B'*28


= Building packets - ChangeCipherSpec with forged, forbidden field values
t = TLS(msg=TLSChangeCipherSpec())
assert(raw(t) == b'\x14\x03\x03\x00\x01\x01')
t.len = 0
assert(raw(t) == b'\x14\x03\x03\x00\x00\x01')
t.type = 0xde
t.version = 0xadbe
t.len = 0xefff
raw(t) == b'\xde\xad\xbe\xef\xff\x01'


= Building packets - TLS record with bad data
a = TLS(b'\x17\x03\x03\x00\x03data')
assert a.haslayer(Raw)


= Building packets - _CipherSuitesField with no cipher
from scapy.layers.tls.handshake import _CipherSuitesField
a = _CipherSuitesField("test", None, {})
assert a.i2repr(None, None) == "None"
assert isinstance(a.randval(), RandBin)


= Building packets - TLSClientKeyExchange with bad data
a = TLSClientKeyExchange(raw(TLSClientKeyExchange(exchkeys="baddata")))
assert a.haslayer(Raw)


= Building packets - Perform dummy session update
assert not TLSHelloRequest().tls_session_update(None)


= Cryptography module is unavailable
import scapy.modules.six as six
import mock

@mock.patch("scapy.layers.tls.crypto.suites.get_algs_from_ciphersuite_name")
def test_tls_without_cryptography(get_algs_from_ciphersuite_name_mock):
    get_algs_from_ciphersuite_name_mock.return_value = (scapy.layers.tls.crypto.kx_algs.KX_ECDHE_RSA, None, None, scapy.layers.tls.crypto.hash.Hash_SHA256, False)
    sh = IP()/TCP()/TLS(msg=TLSServerHello(cipher=0xc02f))
    assert raw(sh)
    if six.PY2:
        assert str(sh)
    sh2 = Ether(b"\xaa\xaa\xaa\xaa\xaa\xaa\xbb\xbb\xbb\xbb\xbb\xbb\x86\xdd`\x04Z\xd8\x02\x19\x06@\xcfm\xack|z\xae\xac\x9d\x8d'\xba\xa2Cs\xcc\x07\x8f\x91\xbdk\x0e\x1e\xdb\xf6\xbe\xc3\xa1\xfc\xa5\x15\xca\xd6#\x01\xbb\xeeC\xc0H\xea\xa2\x9a,P\x18\x00\xffu\xf0\x00\x00\x16\x03\x01\x02\x00\x01\x00\x01\xfc\x03\x03W`\xb4|\n5E\x11\xe8\xb5\xa3\x9c\xea\xa6I\x99N\xcd\xe9j\x8d\xfe\xa8%\x8b\xceC\xf8w\x94gV \x13\x0b\xdf}\xad\xbf\xbe67\xba\xcf\x9c\xfa\x92\xc2\xeeS\xf6DL\x19\xb3\xe4`H\x84\xcb]h\xb4\xbb\xba\x00\x1cZZ\xc0+\xc0/\xc0,\xc00\xcc\xa9\xcc\xa8\xc0\x13\xc0\x14\x00\x9c\x00\x9d\x00/\x005\x00\n\x01\x00\x01\x97\xba\xba\x00\x00\xff\x01\x00\x01\x00\x00\x00\x00\x11\x00\x0f\x00\x00\x0cfacebook.com\x00\x17\x00\x00\x00#\x00\xc0\x8a`K^\x7fF\x05K\x95\x85\x1c\xec\x9f\xff\x9b\x85T\x85=<\xbc\xfb\xe4n4\xe9W+\xfanM\xa7\x8c.\x95\x9e\xf0\xfb\x93\x91\xa9\x87\x12o\xc8\x99\xe8\x94_\xca\xceH(\xcai\xdf\xe8\xcf7\x05v\xd4\x9e\x85\x86\x19\xe4\xb6\xf9K\n\xb2\xfd\xa1\xa3r\x9f\xec\x05\xd4\xbc\x1bU\x9a\x89\x1d)\xc5\x85(?@x\r\x12Ep\xb7\xf8\x0c\xe7\x17Y<\xbd-\xd7\x9a\x9f^\xb1k\x0b\xcb\xfd\xf4\xb1z\x06\xe9Mna\x9a\xc8\xc8\xdd\x95\xa1`N\xbd/\x9d\xd6\xd9\x93\xf4$\xefq\x80R\xc3|\x9f\xe1'\x19\xf2I\xf8\xdbV\x0b/\xaex8q\xb2ZGU\xf7^\xa9\x80\xf9\r\xbfo\xee\t\x01(\x93\x12g\x1frXUa\xdc\x8d*F\xb8\xc6\xe2\xb6\x00\r\x00\x14\x00\x12\x04\x03\x08\x04\x04\x01\x05\x03\x08\x05\x05\x01\x08\x06\x06\x01\x02\x01\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00\x12\x00\x00\x00\x10\x00\x0e\x00\x0c\x02h2\x08http/1.1uP\x00\x00\x00\x0b\x00\x02\x01\x00\x00\n\x00\n\x00\x08jj\x00\x1d\x00\x17\x00\x18zz\x00\x01\x00\x00\x15\x00Y\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00")
    assert TLS in sh2
    assert isinstance(sh2.msg[0], TLSClientHello)

test_tls_without_cryptography()

###############################################################################
############################ Automaton behaviour ##############################
###############################################################################

# see test/tls/tests_tls_netaccess.uts