tttls1.3 0.1.0

data/spec/client_spec.rb

@@ -0,0 +1,319 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require 'spec_helper'
+using Refinements
+
+RSpec.describe Client do
+  context 'client' do
+    let(:record) do
+      mock_socket = SimpleStream.new
+      client = Client.new(mock_socket, 'localhost')
+      client.send(:send_client_hello)
+      Record.deserialize(mock_socket.read, Cryptograph::Passer.new)
+    end
+
+    it 'should send default ClientHello' do
+      expect(record.type).to eq ContentType::HANDSHAKE
+
+      message = record.messages.first
+      expect(message.msg_type).to eq HandshakeType::CLIENT_HELLO
+      expect(message.legacy_version).to eq ProtocolVersion::TLS_1_2
+      expect(message.cipher_suites).to eq DEFAULT_CH_CIPHER_SUITES
+      expect(message.legacy_compression_methods).to eq ["\x00"]
+    end
+  end
+
+  context 'client' do
+    let(:message) do
+      msg_len = TESTBINARY_SERVER_HELLO.length
+      mock_socket = SimpleStream.new
+      mock_socket.write(ContentType::HANDSHAKE \
+                        + ProtocolVersion::TLS_1_2 \
+                        + msg_len.to_uint16 \
+                        + TESTBINARY_SERVER_HELLO)
+      client = Client.new(mock_socket, 'localhost')
+      client.send(:recv_server_hello)
+    end
+
+    it 'should receive ServerHello' do
+      expect(message.msg_type).to eq HandshakeType::SERVER_HELLO
+      expect(message.legacy_version).to eq ProtocolVersion::TLS_1_2
+      expect(message.cipher_suite).to eq CipherSuite::TLS_AES_128_GCM_SHA256
+      expect(message.legacy_compression_method).to eq "\x00"
+    end
+  end
+
+  context 'client' do
+    let(:client) do
+      mock_socket = SimpleStream.new
+      mock_socket.write(TESTBINARY_SERVER_PARAMETERS_RECORD)
+      client = Client.new(mock_socket, 'localhost')
+      client.instance_variable_set(:@cipher_suite,
+                                   CipherSuite::TLS_AES_128_GCM_SHA256)
+      read_seq_num = SequenceNumber.new
+      cipher = Cryptograph::Aead.new(
+        cipher_suite: CipherSuite::TLS_AES_128_GCM_SHA256,
+        write_key: TESTBINARY_SERVER_PARAMETERS_WRITE_KEY,
+        write_iv: TESTBINARY_SERVER_PARAMETERS_WRITE_IV,
+        sequence_number: read_seq_num
+      )
+      client.instance_variable_set(:@read_cipher, cipher)
+      client.instance_variable_set(:@read_seq_num, read_seq_num)
+      client
+    end
+
+    it 'should receive EncryptedExtensions' do
+      message = client.send(:recv_encrypted_extensions)
+      expect(message.msg_type).to eq HandshakeType::ENCRYPTED_EXTENSIONS
+    end
+
+    it 'should receive Certificate' do
+      client.send(:recv_encrypted_extensions) # to skip
+      message = client.send(:recv_certificate)
+      expect(message.msg_type).to eq HandshakeType::CERTIFICATE
+    end
+
+    it 'should receive CertificateVerify' do
+      client.send(:recv_encrypted_extensions) # to skip
+      client.send(:recv_certificate)          # to skip
+      message = client.send(:recv_certificate_verify)
+      expect(message.msg_type).to eq HandshakeType::CERTIFICATE_VERIFY
+    end
+
+    it 'should receive Finished' do
+      client.send(:recv_encrypted_extensions) # to skip
+      client.send(:recv_certificate)          # to skip
+      client.send(:recv_certificate_verify)   # to skip
+      message = client.send(:recv_finished)
+      expect(message.msg_type).to eq HandshakeType::FINISHED
+    end
+  end
+
+  context 'client' do
+    let(:record) do
+      mock_socket = SimpleStream.new
+      client = Client.new(mock_socket, 'localhost')
+      transcript = Transcript.new
+      transcript.merge!(
+        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
+        SH => ServerHello.deserialize(TESTBINARY_SERVER_HELLO),
+        EE => EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS),
+        CT => Certificate.deserialize(TESTBINARY_CERTIFICATE),
+        CV => CertificateVerify.deserialize(TESTBINARY_CERTIFICATE_VERIFY),
+        SF => Finished.deserialize(TESTBINARY_SERVER_FINISHED)
+      )
+      client.instance_variable_set(:@transcript, transcript)
+      ks = KeySchedule.new(shared_secret: TESTBINARY_SHARED_SECRET,
+                           cipher_suite: CipherSuite::TLS_AES_128_GCM_SHA256,
+                           transcript: transcript)
+      client.instance_variable_set(:@key_schedule, ks)
+      client.instance_variable_set(:@cipher_suite,
+                                   CipherSuite::TLS_AES_128_GCM_SHA256)
+      write_seq_num = SequenceNumber.new
+      write_cipher = Cryptograph::Aead.new(
+        cipher_suite: CipherSuite::TLS_AES_128_GCM_SHA256,
+        write_key: TESTBINARY_CLIENT_FINISHED_WRITE_KEY,
+        write_iv: TESTBINARY_CLIENT_FINISHED_WRITE_IV,
+        sequence_number: write_seq_num
+      )
+      client.instance_variable_set(:@write_cipher, write_cipher)
+      client.instance_variable_set(:@write_seq_num, write_seq_num)
+      client.send(:send_finished)
+      read_cipher = Cryptograph::Aead.new(
+        cipher_suite: CipherSuite::TLS_AES_128_GCM_SHA256,
+        write_key: TESTBINARY_CLIENT_FINISHED_WRITE_KEY,
+        write_iv: TESTBINARY_CLIENT_FINISHED_WRITE_IV,
+        sequence_number: SequenceNumber.new
+      )
+      Record.deserialize(mock_socket.read, read_cipher)
+    end
+
+    it 'should send Finished' do
+      expect(record.type).to eq ContentType::APPLICATION_DATA
+
+      message = record.messages.first
+      expect(message.msg_type).to eq HandshakeType::FINISHED
+      expect(message.serialize).to eq TESTBINARY_CLIENT_FINISHED
+    end
+  end
+
+  context 'client' do
+    let(:client) do
+      client = Client.new(nil, 'localhost')
+      transcript = Transcript.new
+      transcript.merge!(
+        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
+        SH => ServerHello.deserialize(TESTBINARY_SERVER_HELLO),
+        EE => EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS),
+        CT => Certificate.deserialize(TESTBINARY_CERTIFICATE),
+        CV => CertificateVerify.deserialize(TESTBINARY_CERTIFICATE_VERIFY),
+        SF => Finished.deserialize(TESTBINARY_SERVER_FINISHED)
+      )
+      client.instance_variable_set(:@transcript, transcript)
+      ks = KeySchedule.new(shared_secret: TESTBINARY_SHARED_SECRET,
+                           cipher_suite: CipherSuite::TLS_AES_128_GCM_SHA256,
+                           transcript: transcript)
+      client.instance_variable_set(:@key_schedule, ks)
+      client.instance_variable_set(:@cipher_suite,
+                                   CipherSuite::TLS_AES_128_GCM_SHA256)
+      client
+    end
+
+    let(:client_finished) do
+      Finished.deserialize(TESTBINARY_CLIENT_FINISHED)
+    end
+
+    it 'should verify server CertificateVerify' do
+      expect(client.send(:verify_certificate_verify)).to be true
+    end
+
+    it 'should verify server Finished' do
+      expect(client.send(:verify_finished)).to be true
+    end
+
+    it 'should sign client Finished' do
+      expect(client.send(:sign_finished)).to eq client_finished.verify_data
+    end
+  end
+
+  context 'client' do
+    let(:client) do
+      client = Client.new(nil, 'localhost')
+      transcript = {
+        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
+        SH => ServerHello.deserialize(TESTBINARY_SERVER_HELLO)
+      }
+      client.instance_variable_set(:@transcript, transcript)
+      client
+    end
+
+    it 'should check that ServerHello.legacy_version matches ' \
+       'ClientHello.legacy_version' do
+      expect(client.send(:valid_sh_legacy_version?)).to be true
+    end
+
+    it 'should check that ServerHello.legacy_session_id_echo matches ' \
+       'ClientHello.legacy_session_id' do
+      expect(client.send(:valid_sh_legacy_session_id_echo?)).to be true
+    end
+
+    it 'should check that ServerHello.cipher_suite is included in' \
+       'ClientHello.cipher_suites' do
+      expect(client.send(:valid_sh_cipher_suite?)).to be true
+    end
+
+    it 'should check that ServerHello.compression_method is valid value' do
+      expect(client.send(:valid_sh_compression_method?)).to be true
+    end
+
+    it 'should check that negotiated protocol_version is TLS 1.3' do
+      expect(client.send(:negotiated_tls_1_3?)).to be true
+    end
+  end
+
+  context 'client, received ServerHello with random[-8..] == ' \
+          'downgrade protection value(TLS 1.2),' do
+    let(:client) do
+      mock_socket = SimpleStream.new
+      client = Client.new(mock_socket, 'localhost')
+      sh = ServerHello.deserialize(TESTBINARY_SERVER_HELLO)
+      random = OpenSSL::Random.random_bytes(24) + \
+               Client::DOWNGRADE_PROTECTION_TLS_1_2
+      sh.instance_variable_set(:@random, random)
+      transcript = {
+        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
+        SH => sh
+      }
+      client.instance_variable_set(:@transcript, transcript)
+      client
+    end
+
+    it 'should check downgrade protection value' do
+      expect { client.send(:negotiated_tls_1_3?) }.to raise_error(ErrorAlerts)
+    end
+  end
+
+  context 'client, received ServerHello with random[-8..] == ' \
+          'downgrade protection value(prior to TLS 1.2),' do
+    let(:client) do
+      mock_socket = SimpleStream.new
+      client = Client.new(mock_socket, 'localhost')
+      sh = ServerHello.deserialize(TESTBINARY_SERVER_HELLO)
+      random = OpenSSL::Random.random_bytes(24) + \
+               Client::DOWNGRADE_PROTECTION_TLS_1_1
+      sh.instance_variable_set(:@random, random)
+      transcript = {
+        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
+        SH => sh
+      }
+      client.instance_variable_set(:@transcript, transcript)
+      client
+    end
+
+    it 'should check downgrade protection value' do
+      expect { client.send(:negotiated_tls_1_3?) }.to raise_error(ErrorAlerts)
+    end
+  end
+
+  context 'client, received ServerHello with supported_versions not ' \
+          'including "\x03\x04",' do
+    let(:client) do
+      mock_socket = SimpleStream.new
+      client = Client.new(mock_socket, 'localhost')
+      sh = ServerHello.deserialize(TESTBINARY_SERVER_HELLO)
+      extensions = sh.instance_variable_get(:@extensions)
+      extensions[ExtensionType::SUPPORTED_VERSIONS] = nil
+      sh.instance_variable_set(:@extensions, extensions)
+      transcript = {
+        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
+        SH => sh
+      }
+      client.instance_variable_set(:@transcript, transcript)
+      client
+    end
+
+    it 'should check negotiated protocol_version' do
+      expect(client.send(:negotiated_tls_1_3?)).to be false
+    end
+  end
+
+  context 'client, received Certificate signed by private CA,' do
+    let(:certificate) do
+      server_crt = OpenSSL::X509::Certificate.new(
+        File.read(__dir__ + '/../tmp/server.crt')
+      )
+      Certificate.new(certificate_list: [CertificateEntry.new(server_crt)])
+    end
+
+    let(:client) do
+      Client.new(nil, 'localhost')
+    end
+
+    it 'should not certify certificate' do
+      expect(client.send(:certified_certificate?, certificate.certificate_list))
+        .to be false
+    end
+
+    it 'should certify certificate, received path to private ca.crt' do
+      expect(client.send(:certified_certificate?, certificate.certificate_list,
+                         __dir__ + '/../tmp/ca.crt')).to be true
+    end
+  end
+
+  context 'client using PSK' do
+    let(:client) do
+      Client.new(nil, 'localhost')
+    end
+
+    let(:ticket_nonce) do
+      nst = NewSessionTicket.deserialize(TESTBINARY_NEW_SESSION_TICKET)
+      nst.ticket_nonce
+    end
+
+    it 'should generate PSK from NewSessionTicket of previous handshake' do
+      expect(client.send(:gen_psk_from_nst, TESTBINARY_RES_MASTER, ticket_nonce,
+                         'SHA256')).to eq TESTBINARY_0_RTT_PSK
+    end
+  end
+end

data/spec/connection_spec.rb

@@ -0,0 +1,114 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Connection do
+  context 'connection, Simple 1-RTT Handshake,' do
+    let(:ct) do
+      Certificate.deserialize(TESTBINARY_CERTIFICATE)
+    end
+
+    let(:cv) do
+      CertificateVerify.deserialize(TESTBINARY_CERTIFICATE_VERIFY)
+    end
+
+    let(:cf) do
+      Finished.deserialize(TESTBINARY_CLIENT_FINISHED)
+    end
+
+    let(:sf) do
+      Finished.deserialize(TESTBINARY_SERVER_FINISHED)
+    end
+
+    let(:connection) do
+      connection = Connection.new(nil)
+      transcript = Transcript.new
+      transcript.merge!(
+        CH => ClientHello.deserialize(TESTBINARY_CLIENT_HELLO),
+        SH => ServerHello.deserialize(TESTBINARY_SERVER_HELLO),
+        EE => EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS),
+        CT => ct,
+        CV => cv,
+        CF => cf,
+        SF => sf
+      )
+      connection.instance_variable_set(:@transcript, transcript)
+      connection.instance_variable_set(:@cipher_suite,
+                                       CipherSuite::TLS_AES_128_GCM_SHA256)
+      connection
+    end
+
+    it 'should verify server CertificateVerify.signature' do
+      certificate_pem = ct.certificate_list.first.cert_data.to_pem
+      signature_scheme = cv.signature_scheme
+      signature = cv.signature
+      expect(connection.send(:do_verify_certificate_verify,
+                             certificate_pem: certificate_pem,
+                             signature_scheme: signature_scheme,
+                             signature: signature,
+                             context: 'TLS 1.3, server CertificateVerify',
+                             handshake_context_end: CT))
+        .to be true
+    end
+
+    it 'should verify server Finished.verify_data' do
+      expect(connection.send(:do_verify_finished,
+                             digest: 'SHA256',
+                             finished_key: TESTBINARY_SERVER_FINISHED_KEY,
+                             handshake_context_end: CV,
+                             signature: sf.verify_data))
+        .to be true
+    end
+
+    it 'should sign client Finished.verify_data' do
+      expect(connection.send(:do_sign_finished,
+                             digest: 'SHA256',
+                             finished_key: TESTBINARY_CLIENT_FINISHED_KEY,
+                             handshake_context_end: EOED))
+        .to eq cf.verify_data
+    end
+  end
+
+  context 'connection, HelloRetryRequest,' do
+    let(:ct) do
+      Certificate.deserialize(TESTBINARY_HRR_CERTIFICATE)
+    end
+
+    let(:cv) do
+      CertificateVerify.deserialize(TESTBINARY_HRR_CERTIFICATE_VERIFY)
+    end
+
+    let(:connection) do
+      connection = Connection.new(nil)
+      transcript = Transcript.new
+      transcript.merge!(
+        CH1 => ClientHello.deserialize(TESTBINARY_HRR_CLIENT_HELLO1),
+        HRR => ServerHello.deserialize(TESTBINARY_HRR_HELLO_RETRY_REQUEST),
+        CH => ClientHello.deserialize(TESTBINARY_HRR_CLIENT_HELLO),
+        SH => ServerHello.deserialize(TESTBINARY_HRR_SERVER_HELLO),
+        EE =>
+        EncryptedExtensions.deserialize(TESTBINARY_HRR_ENCRYPTED_EXTENSIONS),
+        CT => ct,
+        CV => cv
+      )
+      connection.instance_variable_set(:@transcript, transcript)
+      connection.instance_variable_set(:@cipher_suite,
+                                       CipherSuite::TLS_AES_128_GCM_SHA256)
+      connection
+    end
+
+    it 'should verify server CertificateVerify.signature' do
+      certificate_pem = ct.certificate_list.first.cert_data.to_pem
+      signature_scheme = cv.signature_scheme
+      signature = cv.signature
+      expect(connection.send(:do_verify_certificate_verify,
+                             certificate_pem: certificate_pem,
+                             signature_scheme: signature_scheme,
+                             signature: signature,
+                             context: 'TLS 1.3, server CertificateVerify',
+                             handshake_context_end: CT))
+        .to be true
+    end
+  end
+end

data/spec/cookie_spec.rb

@@ -0,0 +1,98 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require 'spec_helper'
+using Refinements
+
+RSpec.describe Cookie do
+  context 'valid cookie' do
+    let(:cookie) do
+      OpenSSL::Random.random_bytes(2**16 - 3)
+    end
+
+    let(:extension) do
+      Cookie.new(cookie)
+    end
+
+    it 'should be generated' do
+      expect(extension.extension_type).to eq ExtensionType::COOKIE
+      expect(extension.cookie).to eq cookie
+    end
+
+    it 'should be serialized' do
+      expect(extension.serialize).to eq ExtensionType::COOKIE \
+                                        + (2**16 - 1).to_uint16 \
+                                        + (2**16 - 3).to_uint16 \
+                                        + cookie
+    end
+  end
+
+  context 'ignored cookie, empty,' do
+    let(:extension) do
+      Cookie.new('')
+    end
+
+    it 'should be generated' do
+      expect(extension.extension_type).to eq ExtensionType::COOKIE
+      expect(extension.cookie).to eq ''
+    end
+  end
+
+  context 'ignored cookie, nil,' do
+    let(:extension) do
+      Cookie.new(nil)
+    end
+
+    it 'should not be generated' do
+      expect(extension.extension_type).to eq ExtensionType::COOKIE
+      expect(extension.cookie).to eq ''
+    end
+  end
+
+  context 'invalid cookie, too long,' do
+    let(:extension) do
+      Cookie.new('a' * (2**16 - 2))
+    end
+
+    it 'should not be generated' do
+      expect { extension }.to raise_error(ErrorAlerts)
+    end
+  end
+
+  context 'valid cookie binary' do
+    let(:extension) do
+      Cookie.deserialize(TESTBINARY_COOKIE)
+    end
+
+    it 'should generate object' do
+      expect(extension.extension_type).to eq ExtensionType::COOKIE
+      expect(extension.cookie).to eq TESTBINARY_COOKIE[2..]
+    end
+
+    it 'should generate serializable object' do
+      expect(extension.serialize).to eq ExtensionType::COOKIE \
+                                        + TESTBINARY_COOKIE.prefix_uint16_length
+    end
+  end
+
+  context 'cookie binary, empty,' do
+    let(:extension) do
+      Cookie.deserialize("\x00\x00")
+    end
+
+    it 'should generat object' do
+      expect(extension.extension_type).to eq ExtensionType::COOKIE
+      expect(extension.cookie).to eq ''
+    end
+  end
+
+  context 'invalid cookie binary, malformed binary,' do
+    let(:extension) do
+      Cookie.deserialize(TESTBINARY_COOKIE[0...-1])
+    end
+
+    it 'should return nil' do
+      expect(extension).to be nil
+    end
+  end
+end

data/spec/early_data_indication_spec.rb

@@ -0,0 +1,64 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require 'spec_helper'
+using Refinements
+
+RSpec.describe EarlyDataIndication do
+  context 'valid early_data_indication, NewSessionTicket,' do
+    let(:extension) do
+      EarlyDataIndication.new(2**32 - 1)
+    end
+
+    it 'should be generated' do
+      expect(extension.extension_type).to eq ExtensionType::EARLY_DATA
+      expect(extension.max_early_data_size).to eq 2**32 - 1
+    end
+
+    it 'should be serialized' do
+      expect(extension.serialize).to eq ExtensionType::EARLY_DATA \
+                                        + 4.to_uint16 \
+                                        + (2**32 - 1).to_uint32
+    end
+  end
+
+  context 'valid early_data_indication, ClientHello or EncryptedExtensions,' do
+    let(:extension) do
+      EarlyDataIndication.new(nil)
+    end
+
+    it 'should be generated' do
+      expect(extension.extension_type).to eq ExtensionType::EARLY_DATA
+      expect(extension.max_early_data_size).to be nil
+    end
+
+    it 'should be serialized' do
+      expect(extension.serialize).to eq ExtensionType::EARLY_DATA \
+                                        + 0.to_uint16
+    end
+  end
+
+  context 'valid early_data_indication binary, NewSessionTicket,' do
+    let(:extension) do
+      EarlyDataIndication.deserialize(TESTBINARY_EARLY_DATA_INDICATION_NST,
+                                      HandshakeType::NEW_SESSION_TICKET)
+    end
+
+    it 'should generate valid object' do
+      expect(extension.extension_type).to eq ExtensionType::EARLY_DATA
+      expect(extension.max_early_data_size).to eq 1024
+    end
+  end
+
+  context 'valid early_data_indication binary, ClientHello,' do
+    let(:extension) do
+      EarlyDataIndication.deserialize(TESTBINARY_EARLY_DATA_INDICATION_CH,
+                                      HandshakeType::CLIENT_HELLO)
+    end
+
+    it 'should generate valid object' do
+      expect(extension.extension_type).to eq ExtensionType::EARLY_DATA
+      expect(extension.max_early_data_size).to be nil
+    end
+  end
+end

data/spec/encrypted_extensions_spec.rb

@@ -0,0 +1,94 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require 'spec_helper'
+using Refinements
+
+RSpec.describe EncryptedExtensions do
+  context 'valid encrypted_extensions' do
+    let(:server_name) do
+      ServerName.new('')
+    end
+
+    let(:supported_groups) do
+      SupportedGroups.new(
+        [
+          NamedGroup::SECP256R1,
+          NamedGroup::SECP384R1,
+          NamedGroup::SECP521R1
+        ]
+      )
+    end
+
+    let(:extensions) do
+      Extensions.new([server_name, supported_groups])
+    end
+
+    let(:message) do
+      EncryptedExtensions.new(extensions)
+    end
+
+    it 'should be generated' do
+      expect(message.msg_type).to eq HandshakeType::ENCRYPTED_EXTENSIONS
+      expect(message.extensions).to eq extensions
+      expect(message.any_forbidden_extensions?).to be false
+    end
+
+    it 'should be serialized' do
+      expect(message.serialize)
+        .to eq HandshakeType::ENCRYPTED_EXTENSIONS \
+               + extensions.serialize.prefix_uint24_length
+    end
+  end
+
+  context 'invalid encrypted_extensions, including forbidden extension type,' do
+    let(:extensions) do
+      signature_algorithms \
+      = SignatureAlgorithms.new([SignatureScheme::ECDSA_SECP256R1_SHA256])
+      Extensions.new([signature_algorithms])
+    end
+
+    let(:message) do
+      EncryptedExtensions.new(extensions)
+    end
+
+    it 'should be generated' do
+      expect(message.msg_type).to eq HandshakeType::ENCRYPTED_EXTENSIONS
+      expect(message.extensions).to eq extensions
+      expect(message.any_forbidden_extensions?).to be true
+    end
+  end
+
+  context 'valid encrypted_extensions, nil argument,' do
+    let(:message) do
+      EncryptedExtensions.new(nil)
+    end
+
+    it 'should be generated' do
+      expect(message.msg_type).to eq HandshakeType::ENCRYPTED_EXTENSIONS
+      expect(message.extensions).to eq Extensions.new
+      expect(message.any_forbidden_extensions?).to be false
+    end
+
+    it 'should be serialized' do
+      expect(message.serialize)
+        .to eq HandshakeType::ENCRYPTED_EXTENSIONS \
+               + Extensions.new.serialize.prefix_uint24_length
+    end
+  end
+
+  context 'valid encrypted_extensions binary' do
+    let(:message) do
+      EncryptedExtensions.deserialize(TESTBINARY_ENCRYPTED_EXTENSIONS)
+    end
+
+    it 'should generate valid object' do
+      expect(message.msg_type).to eq HandshakeType::ENCRYPTED_EXTENSIONS
+      expect(message.any_forbidden_extensions?).to be false
+    end
+
+    it 'should generate valid serializable object' do
+      expect(message.serialize).to eq TESTBINARY_ENCRYPTED_EXTENSIONS
+    end
+  end
+end