codtls 0.0.1.alpha

data/test/test_ecc.rb

@@ -0,0 +1,44 @@
+require 'test_helper'
+require 'codtls/ecc'
+
+# Testclass with Test Vectors from
+# http://www.nsa.gov/ia/_files/nist-routines.pdf
+class ECCTest < Minitest::Test
+  BP_X = ['6b17d1f2e12c4247f8bce6e563a440f2' \
+          '77037d812deb33a0f4a13945d898c296'].pack('H*')
+  BP_Y = ['4fe342e2fe1a7f9b8ee7eb4a7c0f9e16' \
+          '2bce33576b315ececbb6406837bf51f5'].pack('H*')
+
+  S_X = ['de2444bebc8d36e682edd27e0f271508' \
+         '617519b3221a8fa0b77cab3989da97c9'].pack('H*')
+  S_Y = ['c093ae7ff36e5380fc01a5aad1e66659' \
+         '702de80f53cec576b6350b243042a256'].pack('H*')
+
+  KEY = ['c51e4753afdec1e6b6c6a5b992f43f8d' \
+         'd0c7a8933072708b6522468b2ffb06fd'].pack('H*')
+
+  R_X = '51d08d5f2d4278882946d88d83c97d11' \
+        'e62becc3cfc18bedacc89ba34eeca03f'
+  R_Y = '75ee68eb8bf626aa5b673ab51f6e744e' \
+        '06f8fcf8a6c0cf3035beca956a7b41d5'
+
+  KEY2 = ['00000000000000000000000000000000' \
+          '00000000000000000000000000000002'].pack('H*')
+
+  R2_X = '7669e6901606ee3ba1a8eef1e0024c33' \
+         'df6c22f3b17481b82a860ffcdb6127b0'
+  R2_Y = 'fa878162187a54f6c39f6ee0072f33de' \
+         '389ef3eecd03023de10ca2c1db61d0c7'
+
+  def test_ecc
+    r = CoDTLS::ECC.mult(KEY, "\x04" + S_X + S_Y)
+    assert_equal('04' + R_X + R_Y, r.unpack('H*')[0])
+
+    r = CoDTLS::ECC.mult(KEY2, "\x04" + S_X + S_Y)
+    assert_equal('04' + R2_X + R2_Y, r.unpack('H*')[0])
+
+    r1 = CoDTLS::ECC.mult(KEY, "\x04" + BP_X + BP_Y)
+    r2 = CoDTLS::ECC.mult(KEY)
+    assert_equal(r1.unpack('H*')[0], r2.unpack('H*')[0])
+  end
+end

data/test/test_h_chello.rb

@@ -0,0 +1,40 @@
+require 'test_helper'
+require 'codtls'
+
+# Testclass
+class ClientHelloTest < Minitest::Test
+  RANDOM = 'ABCDEFGHIJKLMNOPQRSTUVWXYZAB'
+  COOKIE = 'ABCDEFGH'
+  APPENDIX = "\x00\x02\xFF\x01\x01\x00\x00\x0E\x00\x0A\x00" \
+             "\x04\x00\x02\x00\x23\x00\x0B\x00\x02\x01\x00"
+
+  # [fails?, time, random, cookie, wire]
+  V = [
+    [0, 42, RANDOM, COOKIE,
+     "\xFE\xFD\x00\x00\x00\x2A" + RANDOM + "\x08" + COOKIE + APPENDIX],
+    [0, 24, RANDOM, nil,
+     "\xFE\xFD\x00\x00\x00\x18" + RANDOM + "\x00" + APPENDIX],
+    [0, 0xFFFFFFFF, RANDOM, nil,
+     "\xFE\xFD\xFF\xFF\xFF\xFF" + RANDOM + "\x00" + APPENDIX],
+    [1, nil, RANDOM, COOKIE, 'T1'],
+    [1, 0x1FFFFFFFF, RANDOM, COOKIE, 'T2'],
+    [1, 42, '', COOKIE, 'T3'],
+    [1, 42, nil, COOKIE, 'T4'],
+    [1, 42, RANDOM[0..26], COOKIE, 'T5'],
+    [1, 42, RANDOM + 'C', COOKIE, 'T6'],
+    [1, 42, RANDOM, 'A' * 256, 'T7']
+  ]
+
+  def test_clienthello
+    V.each do |(f, t, r, c, w)|
+      if f == 1
+        assert_raises CoDTLS::HandshakeError, w do
+          CoDTLS::Handshake::ClientHello.new(t, r, c)
+        end
+      else
+        wire = CoDTLS::Handshake::ClientHello.new(t, r, c).to_wire
+        assert_equal(w.b, wire)
+      end
+    end
+  end
+end

data/test/test_h_content.rb

@@ -0,0 +1,59 @@
+require 'test_helper'
+require 'codtls'
+
+# Testclass
+class ContentTest < Minitest::Test
+  COOKIE = 'ABCDEFGH'
+
+  def test_content_get
+    3.times do |i|
+      c = ("\x0D\x0B\x03\x03\x08" + COOKIE) * (i + 1)
+      o = CoDTLS::Handshake::Content.get_content(c)
+      assert_equal(CoDTLS::Handshake::HelloVerifyRequest, o.class)
+      assert_equal(COOKIE, o.cookie)
+      assert_equal(("\x0D\x0B\x03\x03\x08" + COOKIE) * i, c)
+    end
+
+    c = "\x0D\x0B\x03\x03\x08" + COOKIE + 'A'
+    CoDTLS::Handshake::Content.get_content(c)
+    assert_equal('A', c)
+
+    assert_raises CoDTLS::HandshakeError do
+      c = "\x0D\x0B\x03\x03\x08" + COOKIE[0...6]
+      CoDTLS::Handshake::Content.get_content(c)
+    end
+
+    assert_raises CoDTLS::HandshakeError do
+      c = "\xFD\x0B\x03\x03\x08" + COOKIE
+      CoDTLS::Handshake::Content.get_content(c)
+    end
+  end
+
+  def test_add_content
+    c = ''
+    f = CoDTLS::Handshake::Finished.new('Hallo Welt!')
+    CoDTLS::Handshake::Content.add_content(c, f)
+    assert_equal("\x51\x0BHallo Welt!", c)
+
+    CoDTLS::Handshake::Content.add_content(c, f)
+    assert_equal("\x51\x0BHallo Welt!\x51\x0BHallo Welt!", c)
+
+    c = 'ABC'
+    f = CoDTLS::Handshake::Finished.new('Hallo Welt!')
+    CoDTLS::Handshake::Content.add_content(c, f)
+    assert_equal("ABC\x51\x0BHallo Welt!", c)
+
+    c = ''
+    f = CoDTLS::Handshake::Finished.new('')
+    CoDTLS::Handshake::Content.add_content(c, f)
+    assert_equal("\x50", c)
+
+    f = CoDTLS::Handshake::Finished.new('Hallo Welt!')
+    CoDTLS::Handshake::Content.add_content(c, f)
+    assert_equal("\x50\x51\x0BHallo Welt!", c)
+
+    f = CoDTLS::Handshake::Finished.new('')
+    CoDTLS::Handshake::Content.add_content(c, f)
+    assert_equal("\x50\x51\x0BHallo Welt!\x50", c)
+  end
+end

data/test/test_h_keyexchange.rb

@@ -0,0 +1,36 @@
+require 'test_helper'
+require 'codtls'
+
+# Testclass
+class KeyExchangeTest < Minitest::Test
+  PSK_HINT = 'ABCDEFGHIJKLMNOP'
+  CURVE = CoDTLS::Handshake::KeyExchange::ECCURVETYPE[:named_curve] +
+          CoDTLS::Handshake::KeyExchange::NAMEDCURVE[:secp256r1]
+  POINT = CoDTLS::Handshake::KeyExchange::POINTTYPE[:uncompressed] +
+          ['6b17d1f2e12c4247f8bce6e563a440f2' \
+           '77037d812deb33a0f4a13945d898c296'].pack('H*') +
+          ['4fe342e2fe1a7f9b8ee7eb4a7c0f9e16' \
+           '2bce33576b315ececbb6406837bf51f5'].pack('H*')
+
+  # [fails?, psk_hint, curve, point, wire]
+  V = [
+    [0, PSK_HINT, CURVE, POINT,
+     "\x00\x10" + PSK_HINT + CURVE + "\x41" + POINT] # ,
+    # [1, nil, RANDOM, COOKIE, 'T1']
+  ]
+
+  def test_keyexchange
+    V.each do |(f, psk, c, p, w)|
+      if f == 1
+        # assert_raises CoDTLS::HandshakeError, w do
+        #   CoDTLS::Handshake::ClientHello.new(t, r, c)
+        # end
+      else
+        wire = CoDTLS::Handshake::ClientKeyExchange.new(psk, c, p).to_wire
+        assert_equal(w.b, wire)
+        wire = CoDTLS::Handshake::ServerKeyExchange.new(psk, c, p).to_wire
+        assert_equal(w.b, wire)
+      end
+    end
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,3 @@
+require 'coveralls'
+Coveralls.wear!
+require 'minitest/autorun'

data/test/test_pskdb.rb

@@ -0,0 +1,37 @@
+require 'test_helper'
+require 'codtls/pskdb'
+
+# Testclass
+class CoDTLSPSKDBTest < Minitest::Test
+  def setup
+    fail CoDTLS::SessionError 'testdatabase already exists' if File.exist?(
+                                                         'testdatabase.sqlite')
+    SQLite3::Database.new('testdatabase.sqlite')
+    ActiveRecord::Base.establish_connection(
+      adapter: 'sqlite3',
+      database: 'testdatabase.sqlite')
+    ActiveRecord::Base.connection
+    ActiveRecord::Migration.verbose = false # debug messages
+    ActiveRecord::Migrator.migrate 'db/migrate'
+    @session = CoDTLS::Session.new('127.0.0.1')
+  end
+
+  def teardown
+    ActiveRecord::Base.remove_connection
+    FileUtils.rm('testdatabase.sqlite') if File.exist?('testdatabase.sqlite')
+  end
+
+  # a new uuid gets registered and its psk gets updated.
+  # The standard values for the epoch and handshake get checked.
+  def test_psk
+    assert_equal(nil, CoDTLS::PSKDB.get_psk('UUID'))
+    CoDTLS::PSKDB.set_psk('UUID', '')
+    assert_equal('', CoDTLS::PSKDB.get_psk('UUID'))
+    CoDTLS::PSKDB.set_psk('UUID', 'PSK')
+    assert_equal('PSK', CoDTLS::PSKDB.get_psk('UUID'))
+    CoDTLS::PSKDB.set_psk('UUID2', 'PSK1')
+    assert_equal('PSK1', CoDTLS::PSKDB.get_psk('UUID2'))
+    CoDTLS::PSKDB.set_psk('UUID2', 'PSK2')
+    assert_equal('PSK2', CoDTLS::PSKDB.get_psk('UUID2'))
+  end
+end

data/test/test_ram_session.rb

@@ -0,0 +1,131 @@
+require 'test_helper'
+require 'codtls/abstract_session'
+require 'codtls/ram_session'
+
+# Testclass
+class CoDTLSRAMSessionTest < Minitest::Test
+  def setup
+    @session = CoDTLS::RAMSession.new('127.0.0.1')
+  end
+
+  def teardown
+    CoDTLS::RAMSession.clear_all
+  end
+
+  # check values, set everything, check values, clear, check values,
+  # create new session, check values
+  def test_clear
+    assert_equal(nil, @session.id)
+    assert_equal(0, @session.epoch)
+    assert_equal(true, @session.check_seq(1))
+    assert_equal(1, @session.seq)
+    assert_equal(nil, @session.key_block)
+    assert_equal(false, @session.handshake?)
+
+    @session.id = 'ABCDEFGH'
+    @session.key_block = 'ABCDEFGHIJKLMNOPABCDEFGHIJKLMNOPABCDABCD'
+    @session.increase_epoch
+    @session.seq = 5
+    @session.enable_handshake
+
+    assert_equal('ABCDEFGH', @session.id)
+    assert_equal(1, @session.epoch)
+    assert_equal(true, @session.check_seq(6))
+    assert_equal(1, @session.seq)
+    assert_equal('ABCDEFGHIJKLMNOPABCDEFGHIJKLMNOPABCDABCD',
+                 @session.key_block)
+    assert_equal(true, @session.handshake?)
+
+    @session.clear
+    assert_equal(nil, @session.id)
+    assert_equal(0, @session.epoch)
+    assert_equal(true, @session.check_seq(1))
+    assert_equal(1, @session.seq)
+    assert_equal(nil, @session.key_block)
+    assert_equal(false, @session.handshake?)
+  end
+
+  # get_epoch and increase_epoch test
+  def test_epoch
+    assert_equal(nil, @session.id)
+    assert_equal(0, @session.epoch)
+    assert_equal(true, @session.check_seq(1))
+    assert_equal(1, @session.seq)
+    assert_equal(nil, @session.key_block)
+    assert_equal(false, @session.handshake?)
+
+    @session.seq
+    @session.seq
+    @session.seq = 50
+    assert_raises(CoDTLS::SessionError) { @session.increase_epoch }
+
+    @session.key_block = 'ABCDEFGHIJKLMNOPABCDEFGHIJKLMNOPABCDABCD'
+    assert_equal(nil, @session.key_block)
+
+    @session.increase_epoch
+    assert_equal(1, @session.epoch)
+    assert_equal(true, @session.check_seq(1))
+    assert_equal(1, @session.seq)
+    assert_equal('ABCDEFGHIJKLMNOPABCDEFGHIJKLMNOPABCDABCD',
+                 @session.key_block)
+  end
+
+  # get_key_block and add_key_block tests, testing the overwriting off
+  # new keyblocks and switching keyblocks when the epoch is increased
+  def test_key_block
+    assert_equal(nil, @session.key_block)
+    exception = assert_raises(CoDTLS::SessionError) do
+      @session.key_block = 'this_key_block_is_too_small'
+    end
+    assert_equal('key blocks have to be 40 byte long', exception.message)
+    @session.key_block = 'key_block_with_fourty_bytes_number_00001'
+    assert_equal(nil, @session.key_block)
+    @session.increase_epoch
+    assert_equal('key_block_with_fourt' \
+                 'y_bytes_number_00001', @session.key_block)
+    @session.key_block = 'key_block_with_fourty_bytes_number_00002'
+    @session.key_block = 'key_block_with_fourty_bytes_number_00003'
+    assert_equal('key_block_with_fourt' \
+                 'y_bytes_number_00001', @session.key_block)
+    @session.increase_epoch
+    assert_equal('key_block_with_fourt' \
+                 'y_bytes_number_00003', @session.key_block)
+  end
+
+  # enable_handshake and dissable_handshake tests.
+  def test_handshake
+    assert_equal(false, @session.handshake?)
+    @session.enable_handshake
+    assert_equal(true, @session.handshake?)
+    @session.enable_handshake
+    assert_equal(true, @session.handshake?)
+    @session.disable_handshake
+    assert_equal(false, @session.handshake?)
+  end
+
+  # get_seq and check_seq tests, testing the check_seq ranges and the
+  # incrementing of get_seq.
+  def test_seq
+    assert_equal(1, @session.seq)
+    assert_equal(2, @session.seq)
+    assert_equal(3, @session.seq)
+
+    # 1 is expected, so -9 ... 101 are valid values
+    assert_equal(false, @session.check_seq(-10))
+    assert_equal(false, @session.check_seq(102))
+    assert_equal(true, @session.check_seq(-9))
+    assert_equal(true, @session.check_seq(-1))
+    assert_equal(true, @session.check_seq(0))
+    assert_equal(true, @session.check_seq(1))
+    assert_equal(true, @session.check_seq(101))
+
+    @session.seq = 1
+    (2..100).each do |n|
+      assert_equal(true, @session.check_seq(n))
+      @session.seq = n
+    end
+    # 101 is expected, so max allowed value is 201
+    assert_equal(true, @session.check_seq(201))
+    assert_equal(false, @session.check_seq(202))
+  end
+end

data/test/test_rampskdb.rb

@@ -0,0 +1,26 @@
+require 'test_helper'
+require 'codtls/rampskdb'
+
+# Testclass
+class CoDTLSRAMPSKDBTest < Minitest::Test
+  def setup
+  end
+
+  def teardown
+    CoDTLS::RAMPSKDB.clear_all
+  end
+
+  # a new uuid gets registered and its psk gets updated.
+  # The standard values for the epoch and handshake get checked.
+  def test_psk
+    assert_equal(nil, CoDTLS::RAMPSKDB.get_psk('UUID'))
+    CoDTLS::RAMPSKDB.set_psk('UUID', '')
+    assert_equal('', CoDTLS::RAMPSKDB.get_psk('UUID'))
+    CoDTLS::RAMPSKDB.set_psk('UUID', 'PSK')
+    assert_equal('PSK', CoDTLS::RAMPSKDB.get_psk('UUID'))
+    CoDTLS::RAMPSKDB.set_psk('UUID2', 'PSK1')
+    assert_equal('PSK1', CoDTLS::RAMPSKDB.get_psk('UUID2'))
+    CoDTLS::RAMPSKDB.set_psk('UUID2', 'PSK2')
+    assert_equal('PSK2', CoDTLS::RAMPSKDB.get_psk('UUID2'))
+  end
+end

data/test/test_record.rb

@@ -0,0 +1,128 @@
+require 'test_helper'
+require 'codtls'
+
+# Testclass
+class RecordTest < Minitest::Test
+  # [fails?, input, header, headeradd]
+  V = [[
+    # Type
+    [0, :alert,     0x2000, ''],
+    [0, :handshake, 0x4000, ''],
+    [0, :appdata,   0x6000, ''],
+    [0, 0,          0x0000, '00'],
+    [0, 128,        0x0000, '80'],
+    [0, 255,        0x0000, 'ff'],
+    [1, 'string',   0x0000, ''],
+    [1, :unknown,   0x0000, ''],
+    [1, -1,         0x0000, ''],
+    [1, 256,        0x0000, '']
+  ], [
+    # Version
+    [0, :v10,       0x0000, ''],
+    [0, :v12,       0x1000, ''],
+    [0, 0,          0x0800, '0000'],
+    [0, 255,        0x0800, '00ff'],
+    [0, 256,        0x0800, '0100'],
+    [0, 2**16 - 1,  0x0800, 'ffff'],
+    [1, 'string',   0x0800, ''],
+    [1, :reserved,  0x0800, ''],
+    [1, -1,         0x0800, ''],
+    [1, 2**16,      0x0800, '']
+  ], [
+    # Epoch
+    [0, :implizit,  0x0700, ''],
+    [0, 0,          0x0000, ''],
+    [0, 4,          0x0400, ''],
+    [0, 5,          0x0500, '05'],
+    [0, 255,        0x0500, 'ff'],
+    [0, 256,        0x0600, '0100'],
+    [0, 2**16 - 1,  0x0600, 'ffff'],
+    [1, 'string',   0x0500, ''],
+    [1, :unknown,   0x0500, ''],
+    [1, -1,         0x0600, ''],
+    [1, 2**16,      0x0600, '']
+  ], [
+    # Seq_Num
+    [0, :none,      0x0000, ''],
+    [0, :implizit,  0x001C, ''],
+    [0, 0,          0x0004, '00'],
+    [0, 255,        0x0004, 'ff'],
+    [0, 256,        0x0008, '0100'],
+    [0, 2**16 - 1,  0x0008, 'ffff'],
+    [0, 2**16,      0x000C, '010000'],
+    [0, 2**48 - 1,  0x0018, 'ffffffffffff'],
+    [1, 'string',   0x0004, ''],
+    [1, :unknown,   0x0008, ''],
+    [1, -1,         0x000C, ''],
+    [1, 2**48,      0x0018, '']
+  ], [
+    # Length
+    [0, :implizit,  0x0003, ''],
+    [0, 0,          0x0000, ''],
+    [0, 5,          0x0001, '05'],
+    [0, 128,        0x0001, '80'],
+    [0, 255,        0x0001, 'ff'],
+    [0, 256,        0x0002, '0100'],
+    [0, 2**16 - 1,  0x0002, 'ffff'],
+    [1, 'string',   0x0001, ''],
+    [1, :unknown,   0x0001, ''],
+    [1, -1,         0x0002, ''],
+    [1, 2**16,      0x0002, '']
+  ]]
+
+  def test_record
+    assert_raises(CoDTLS::RecordError) { CoDTLS::Record.parse('') }
+    assert_raises(CoDTLS::RecordError) { CoDTLS::Record.parse(' ') }
+
+    V[0].each do |t|
+      V[1].each do |v|
+        V[2].each do |e|
+          V[3].each do |s|
+            V[4].each do |l|
+              header = 0x00C0 | t[2] | v[2] | e[2] | s[2] | l[2]
+              to_add = t[3] + v[3] + e[3] + s[3] + l[3]
+              complete = [header].pack('n').unpack('H*')[0] + to_add
+
+              fail = t[0] | v[0] | e[0] | s[0] | l[0]
+              if fail == 1
+                assert_raises CoDTLS::RecordError, complete do
+                  r = CoDTLS::Record.new(t[1], e[1], s[1])
+                  r.version = v[1]
+                  r.length = l[1]
+                end
+                assert_raises CoDTLS::RecordError, complete do
+                  CoDTLS::Record.parse([complete].pack('H*'))
+                end
+              else
+                nonce = 'abcd'
+                nonce += [e[1].class == Symbol ? 0 : e[1]].pack('n')
+                seq = [s[1].class == Symbol ? 0 : s[1]].pack('Q')
+                nonce += seq[0...6].reverse
+                # to_wire
+                r = CoDTLS::Record.new(t[1], e[1], s[1])
+                r.version = v[1]
+                r.length = l[1]
+                assert_equal(complete, r.to_wire.unpack('H*')[0], r.inspect)
+                assert_equal(nonce, r.nonce('abcd'))
+                # parse
+                data = 'Hello World!'
+                fail_info = complete + data
+                complete = [complete].pack('H*') + data
+                r, d = CoDTLS::Record.parse(complete)
+                assert_equal(t[1], r.type, fail_info + ' Type')
+                assert_equal(v[1], r.version, fail_info + ' Version')
+                assert_equal(e[1], r.epoch, fail_info + ' Epoch')
+                assert_equal(s[1], r.seq_num, fail_info + ' Seq_num')
+                assert_equal(l[1], r.length, fail_info + ' Length')
+                range = (r.length == :implizit ? 0..-1 : 0...r.length)
+                assert_equal(data.slice!(range), d, fail_info + ' Payload')
+                assert_equal(data, complete, fail_info + ' Rest')
+                assert_equal(nonce, r.nonce('abcd'))
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end