| A R Karthick | a2e53d6 | 2016-02-19 17:38:30 -0800 | [diff] [blame] | 1 | import sys, os |
| 2 | cord_root = os.getenv('CORD_TEST_ROOT') or './' |
| 3 | CORD_TEST_FSM = 'fsm' |
| 4 | sys.path.append(cord_root + CORD_TEST_FSM) |
| 5 | from EapolAAA import * |
| 6 | from enum import * |
| 7 | import noseTlsAuthHolder as tlsAuthHolder |
| 8 | from scapy_ssl_tls.ssl_tls import * |
| 9 | from socket import * |
| 10 | from struct import * |
| 11 | import scapy |
| 12 | from nose.tools import * |
| 13 | from CordTestBase import CordTester |
| 14 | |
| 15 | class TLSAuthTest(EapolPacket, CordTester): |
| 16 | |
| 17 | tlsStateTable = Enumeration("TLSStateTable", ("ST_EAP_SETUP", |
| 18 | "ST_EAP_START", |
| 19 | "ST_EAP_ID_REQ", |
| 20 | "ST_EAP_TLS_HELLO_REQ", |
| 21 | "ST_EAP_TLS_CERT_REQ", |
| 22 | "ST_EAP_TLS_DONE" |
| 23 | ) |
| 24 | ) |
| 25 | tlsEventTable = Enumeration("TLSEventTable", ("EVT_EAP_SETUP", |
| 26 | "EVT_EAP_START", |
| 27 | "EVT_EAP_ID_REQ", |
| 28 | "EVT_EAP_TLS_HELLO_REQ", |
| 29 | "EVT_EAP_TLS_CERT_REQ", |
| 30 | "EVT_EAP_TLS_DONE" |
| 31 | ) |
| 32 | ) |
| 33 | def __init__(self, intf = 'veth0'): |
| 34 | self.fsmTable = tlsAuthHolder.initTlsAuthHolderFsmTable(self, self.tlsStateTable, self.tlsEventTable) |
| 35 | EapolPacket.__init__(self, intf) |
| 36 | CordTester.__init__(self, self.fsmTable, self.tlsStateTable.ST_EAP_TLS_DONE) |
| 37 | #self.tlsStateTable, self.tlsEventTable) |
| 38 | self.currentState = self.tlsStateTable.ST_EAP_SETUP |
| 39 | self.currentEvent = self.tlsEventTable.EVT_EAP_SETUP |
| 40 | self.nextState = None |
| 41 | self.nextEvent = None |
| 42 | |
| 43 | def _eapSetup(self): |
| 44 | print 'Inside EAP Setup' |
| 45 | self.setup() |
| 46 | self.nextEvent = self.tlsEventTable.EVT_EAP_START |
| 47 | |
| 48 | def _eapStart(self): |
| 49 | print 'Inside EAP Start' |
| 50 | self.eapol_start() |
| 51 | self.nextEvent = self.tlsEventTable.EVT_EAP_ID_REQ |
| 52 | |
| 53 | def _eapIdReq(self): |
| 54 | print 'Inside EAP ID Req' |
| 55 | p = self.eapol_recv() |
| 56 | code, pkt_id, eaplen = unpack("!BBH", p[0:4]) |
| 57 | print "Code %d, id %d, len %d" %(code, pkt_id, eaplen) |
| 58 | assert_equal(code, EAP_REQUEST) |
| 59 | reqtype = unpack("!B", p[4:5])[0] |
| 60 | reqdata = p[5:4+eaplen] |
| 61 | assert_equal(reqtype, EAP_TYPE_ID) |
| 62 | print "<====== Send EAP Response with identity = %s ================>" % USER |
| 63 | self.eapol_id_req(pkt_id, USER) |
| 64 | self.nextEvent = self.tlsEventTable.EVT_EAP_TLS_HELLO_REQ |
| 65 | |
| 66 | def _eapTlsHelloReq(self): |
| 67 | print 'Inside EAP TLS Hello Req' |
| 68 | p = self.eapol_recv() |
| 69 | code, pkt_id, eaplen = unpack("!BBH", p[0:4]) |
| 70 | print "Code %d, id %d, len %d" %(code, pkt_id, eaplen) |
| 71 | assert_equal(code, EAP_REQUEST) |
| 72 | reqtype = unpack("!B", p[4:5])[0] |
| 73 | assert_equal(reqtype, EAP_TYPE_TLS) |
| 74 | reqdata = TLSRecord(version="TLS_1_0")/TLSHandshake()/TLSClientHello(version="TLS_1_0", |
| 75 | gmt_unix_time=1234, |
| 76 | random_bytes="A" * 28, |
| 77 | session_id='', |
| 78 | compression_methods=(TLSCompressionMethod.NULL), |
| 79 | cipher_suites=[TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA] |
| 80 | ) |
| 81 | |
| 82 | #reqdata.show() |
| 83 | print "------> Sending Client Hello TLS payload of len %d ----------->" %len(reqdata) |
| 84 | eap_payload = self.eapTLS(EAP_RESPONSE, pkt_id, TLS_LENGTH_INCLUDED, str(reqdata)) |
| 85 | self.eapol_send(EAPOL_EAPPACKET, eap_payload) |
| 86 | self.nextEvent = self.tlsEventTable.EVT_EAP_TLS_CERT_REQ |
| 87 | |
| 88 | def _eapTlsCertReq(self): |
| 89 | print 'Inside EAP TLS Cert Req' |
| 90 | p = self.eapol_recv() |
| 91 | print 'Got TLS Cert Req with payload len: %d' %len(p) |
| 92 | self.nextEvent = None |