Blame - src/test/utils/EapTLS.py - cord-tester

A R Karthick

a2e53d6

2016-02-19 17:38:30 -0800

[diff] [blame]

1

import sys, os

A R Karthick

a2e53d6

2016-02-19 17:38:30 -0800

[diff] [blame]

2

from EapolAAA import *

3

from enum import *

4

import noseTlsAuthHolder as tlsAuthHolder

5

from scapy_ssl_tls.ssl_tls import *

from socket import *

from struct import *

import scapy

from nose.tools import *

10

from CordTestBase import CordTester

Chetan Gaonker

4a25e2b

2016-03-04 14:45:15 -0800

[diff] [blame]

11

import re

A R Karthick

a2e53d6

2016-02-19 17:38:30 -0800

[diff] [blame]

12

13

class TLSAuthTest(EapolPacket, CordTester):

14

15

tlsStateTable = Enumeration("TLSStateTable", ("ST_EAP_SETUP",

16

"ST_EAP_START",

17

"ST_EAP_ID_REQ",

18

"ST_EAP_TLS_HELLO_REQ",

19

"ST_EAP_TLS_CERT_REQ",

"ST_EAP_TLS_DONE"

)

)

tlsEventTable = Enumeration("TLSEventTable", ("EVT_EAP_SETUP",

24

"EVT_EAP_START",

25

"EVT_EAP_ID_REQ",

26

"EVT_EAP_TLS_HELLO_REQ",

27

"EVT_EAP_TLS_CERT_REQ",

"EVT_EAP_TLS_DONE"

)

)

def __init__(self, intf = 'veth0'):

32

self.fsmTable = tlsAuthHolder.initTlsAuthHolderFsmTable(self, self.tlsStateTable, self.tlsEventTable)

33

EapolPacket.__init__(self, intf)

34

CordTester.__init__(self, self.fsmTable, self.tlsStateTable.ST_EAP_TLS_DONE)

35

#self.tlsStateTable, self.tlsEventTable)

36

self.currentState = self.tlsStateTable.ST_EAP_SETUP

37

self.currentEvent = self.tlsEventTable.EVT_EAP_SETUP

38

self.nextState = None

39

self.nextEvent = None

40

41

def _eapSetup(self):

42

print 'Inside EAP Setup'

43

self.setup()

44

self.nextEvent = self.tlsEventTable.EVT_EAP_START

45

46

def _eapStart(self):

47

print 'Inside EAP Start'

48

self.eapol_start()

49

self.nextEvent = self.tlsEventTable.EVT_EAP_ID_REQ

50

51

def _eapIdReq(self):

52

print 'Inside EAP ID Req'

53

p = self.eapol_recv()

54

code, pkt_id, eaplen = unpack("!BBH", p[0:4])

55

print "Code %d, id %d, len %d" %(code, pkt_id, eaplen)

56

assert_equal(code, EAP_REQUEST)

57

reqtype = unpack("!B", p[4:5])[0]

58

reqdata = p[5:4+eaplen]

59

assert_equal(reqtype, EAP_TYPE_ID)

60

print "<====== Send EAP Response with identity = %s ================>" % USER

61

self.eapol_id_req(pkt_id, USER)

62

self.nextEvent = self.tlsEventTable.EVT_EAP_TLS_HELLO_REQ

63

64

def _eapTlsHelloReq(self):

65

print 'Inside EAP TLS Hello Req'

66

p = self.eapol_recv()

67

code, pkt_id, eaplen = unpack("!BBH", p[0:4])

68

print "Code %d, id %d, len %d" %(code, pkt_id, eaplen)

69

assert_equal(code, EAP_REQUEST)

70

reqtype = unpack("!B", p[4:5])[0]

71

assert_equal(reqtype, EAP_TYPE_TLS)

72

reqdata = TLSRecord(version="TLS_1_0")/TLSHandshake()/TLSClientHello(version="TLS_1_0",

73

gmt_unix_time=1234,

74

random_bytes="A" * 28,

75

session_id='',

76

compression_methods=(TLSCompressionMethod.NULL),

77

cipher_suites=[TLSCipherSuite.RSA_WITH_AES_128_CBC_SHA]

)

#reqdata.show()

print "------> Sending Client Hello TLS payload of len %d ----------->" %len(reqdata)

82

eap_payload = self.eapTLS(EAP_RESPONSE, pkt_id, TLS_LENGTH_INCLUDED, str(reqdata))

83

self.eapol_send(EAPOL_EAPPACKET, eap_payload)

84

self.nextEvent = self.tlsEventTable.EVT_EAP_TLS_CERT_REQ

85

86

def _eapTlsCertReq(self):

87

print 'Inside EAP TLS Cert Req'

88

p = self.eapol_recv()

89

print 'Got TLS Cert Req with payload len: %d' %len(p)

Chetan Gaonker

4a25e2b

2016-03-04 14:45:15 -0800

[diff] [blame]

90

code, pkt_id, eaplen = unpack("!BBH", p[0:4])

91

print "Code %d, id %d, len %d" %(code, pkt_id, eaplen)

92

assert_equal(code, EAP_REQUEST)

93

reqtype = unpack("!B", p[4:5])[0]

94

assert_equal(reqtype, EAP_TYPE_TLS)

95

rex_pem = re.compile(r'\-+BEGIN[^\-]+\-+(.*?)\-+END[^\-]+\-+', re.DOTALL)

96

self.pem_cert="""-----BEGIN CERTIFICATE-----

97

MIIE4TCCA8mgAwIBAgIJANhJTS6x4B0iMA0GCSqGSIb3DQEBCwUAMIGTMQswCQYD

98

VQQGEwJGUjEPMA0GA1UECBMGUmFkaXVzMRIwEAYDVQQHEwlTb21ld2hlcmUxFTAT

99

BgNVBAoTDEV4YW1wbGUgSW5jLjEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBs

100

ZS5jb20xJjAkBgNVBAMTHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X

101

DTE0MDUyMDExNTkzNloXDTE0MDcxOTExNTkzNlowgZMxCzAJBgNVBAYTAkZSMQ8w

102

DQYDVQQIEwZSYWRpdXMxEjAQBgNVBAcTCVNvbWV3aGVyZTEVMBMGA1UEChMMRXhh

103

bXBsZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLmNvbTEmMCQG

104

A1UEAxMdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqGSIb3

105

DQEBAQUAA4IBDwAwggEKAoIBAQC/KUyltP0BS5A/sYg/XJOZMSHDIUiW+D8s1JgJ

106

9Q/FIAnlMpevjPQtlmWi+hpgOUGgTryV+rTlzcUNw/gjmMs1Z4bAakFIc2vCPybw

107

5hgKMU2E9SMgLr1aMVzwN3BH/njt1eWQ5Q9ajyu3JzmXZwOg/tV03L7BYpjLajhT

108

iln4pvO/nq9YHVGurE5qCwyyrleYmtEXPi8MxrgudaKShrr7KgXbhlSwEaGGapSD

109

JFhKvyQ4UZ56qiDFXD/AIXE9o8Soouv+8ufsCOyf/xKp1QkUaZ17Fe6YHqvQYdNM

110

ovwnXnX+vRW0cZVui7ufxHncb9sJSAlovxzDy/GeL0SHtdH9AgMBAAGjggE0MIIB

111

MDAdBgNVHQ4EFgQUHjtJ/Mjl+dcwmT5UI37N74qh2YUwgcgGA1UdIwSBwDCBvYAU

112

HjtJ/Mjl+dcwmT5UI37N74qh2YWhgZmkgZYwgZMxCzAJBgNVBAYTAkZSMQ8wDQYD

113

VQQIEwZSYWRpdXMxEjAQBgNVBAcTCVNvbWV3aGVyZTEVMBMGA1UEChMMRXhhbXBs

114

ZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLmNvbTEmMCQGA1UE

115

AxMdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCCQDYSU0useAdIjAMBgNV

116

HRMEBTADAQH/MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly93d3cuZXhhbXBsZS5j

117

b20vZXhhbXBsZV9jYS5jcmwwDQYJKoZIhvcNAQELBQADggEBAEbkq17kbT7X/oiy

118

E2DOV7g1W8Au+TQR0GKzjXPgmYVGixN8l/9dQZ9WVDmCetBy71UHgTxPp20My2zr

119

uA7hy9FYNGtZ2jmu0p019fH+CSCL7RHHgKsY63UsldT1qPYiWiyqbWy5GvJX778N

120

GxVo7oN33se1c4KEmMOLVqQqX5dDWjN2r27l0GFh1ssx4RHqOc57G5Txq861i6UT

121

KlrN0xpyu7LjcQGMwKbfzCXfwys5i4rrAVX1spILTIihUKpD6FYxp6oj+d4ELZOh

122

br3zfhKrkbvPCG0gEziBLnwd11ZJELQfm89IYBhmoOYkk5+ZOszDsXKGWzfV6XSW

123

ZRv+LU0=

124

-----END CERTIFICATE-----"""

125

self.der_cert = rex_pem.findall(self.pem_cert)[0].decode("base64")

126

self.pem_priv_key = """-----BEGIN RSA PRIVATE KEY-----

127

MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv

128

h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL

129

tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu

130

D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI

131

uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6

132

qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn

133

zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3

134

r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D

135

AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R

136

5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm

137

W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH

138

674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg

139

utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY

140

BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX

141

4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a

142

WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8

143

bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH

144

6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex

145

4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa

146

WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g

147

n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB

148

JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+

149

OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX

150

xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK

151

UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==

152

-----END RSA PRIVATE KEY-----

153

"""

154

self.der_priv_key = rex_pem.findall(self.pem_priv_key)[0].decode("base64")

155

reqdata = TLSRecord(version="TLS_1_0")/TLSHandshake()/TLSCertificateList(

156

certificates=[TLSCertificate(data=x509.X509Cert(self.der_cert))])

157

#reqdata.show()

158

print "------> Sending Client Hello TLS Certificate payload of len %d ----------->" %len(reqdata)

159

eap_payload = self.eapTLS(EAP_RESPONSE, pkt_id, TLS_LENGTH_INCLUDED, str(reqdata))

160

self.eapol_send(EAPOL_EAPPACKET, eap_payload)

A R Karthick

a2e53d6

2016-02-19 17:38:30 -0800

[diff] [blame]

161

self.nextEvent = None