diff --git a/prober.py b/prober.py index faa9ec5..c7c0ebf 100755 --- a/prober.py +++ b/prober.py @@ -114,6 +114,8 @@ ClientCertURLsNotNull12(), ClientCertURLsNotNull12PFS(), TrustedCANull(), + TrustedCANull12(), + TrustedCANull12PFS(), TrustedCAOverflow(), TrustedCAUnderflow(), TruncatedHMACNotNull(), diff --git a/probes.py b/probes.py index e2441d2..f4b7711 100644 --- a/probes.py +++ b/probes.py @@ -1203,6 +1203,16 @@ def test(self, sock): sock.write(self.make_trusted_ca_hello('')) +class TrustedCANull12(TrustedCANull, NormalHandshake12): + '''As with TrustedCANull but in TLSv1.2 hello''' + pass + + +class TrustedCANull12PFS(TrustedCANull, NormalHandshake12PFS): + '''As with TrustedCANull, but in PFS TLSv1.2 hello''' + pass + + class TrustedCAOverflow(TrustedCANull): '''Send trusted CA keys extension smaller than length inside indicates''' diff --git a/tests/test_probes.py b/tests/test_probes.py index 35ef17e..5c8d6ea 100644 --- a/tests/test_probes.py +++ b/tests/test_probes.py @@ -1789,6 +1789,47 @@ def test_test(self): b'\x00\x03\x00\x00']) +class TestTrustedCANull12(unittest.TestCase): + def test_test(self): + probe = TrustedCANull12() + sock = MockSock() + + probe.test(sock) + + self.assertEqual(sock.sent_data, + [b'\x16\x03\x01\x00W' + b'\x01\x00\x00S' + b'\x03\x03' + + RANDOM_STR + + b'\x00' + b'\x00&' + + DEFAULT_12_CIPHERS_STR + + b'\x01\x00' + b'\x00\x04' + b'\x00\x03\x00\x00']) + + +class TestTrustedCANull12PFS(unittest.TestCase): + def test_test(self): + probe = TrustedCANull12PFS() + sock = MockSock() + + probe.test(sock) + + self.maxDiff = None + self.assertEqual(sock.sent_data, + [b"\x16\x03\x01\x00\x8f" + b"\x01\x00\x00\x8b" + b"\x03\x03" + + RANDOM_STR + + b"\x00" + b"\x00^" + + DEFAULT_PFS_CIPHERS_STR + + b"\x01\x00" + b'\x00\x04' + b'\x00\x03\x00\x00']) + + class TestTrustedCAOverflow(unittest.TestCase): def test_test(self): probe = TrustedCAOverflow()