Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate bare protocol locally against OpenSSL reference #66

Merged
merged 23 commits into from
May 2, 2024
Merged

Validate bare protocol locally against OpenSSL reference #66

merged 23 commits into from
May 2, 2024

Conversation

pinkforest
Copy link
Contributor

Should this be re-organised ? e.g. into validation directory ?

generating the certificates requires openssl binaries in the system so best to just use one year certs ?

@pinkforest pinkforest mentioned this pull request Apr 24, 2024
Merged
@tarcieri
Copy link
Member

generating the certificates requires openssl binaries

You could use the x509-cert crate instead.

Shelling out to openssl also seems preferable to the certs breaking after a year.

@pinkforest
Copy link
Contributor Author

keen to get rid of those files - x509-cert sounds like ideal

@pinkforest
Copy link
Contributor Author

pinkforest commented Apr 28, 2024
edited

I moved it under validation/local_ping_pong_openssl

Can later translate that Makefile spawned from Command to library calls later

Thought about using x509-cert but the idea is to test against openssl as ref impl incl. generated so 🤷‍♀️

@pinkforest pinkforest changed the title Add test for bare PING-PONG protocol over TLS handle Validate bare protocol locally against OpenSSL reference Apr 28, 2024
@pinkforest
Copy link
Contributor Author

pinkforest commented Apr 28, 2024
edited

I also added different cipher suites and groups so it tests autoneg & pinned as below:

running 13 tests
test test::vs_openssl_as_client_ccm8_sha256 - should panic ... ok
test test::vs_openssl_as_client_group_none - should panic ... ok
test test::vs_openssl_as_client_ccm_sha256 - should panic ... ok
test test::vs_openssl_as_client_group_p521 - should panic ... ok
test test::vs_openssl_as_client_group_x448 - should panic ... ok
test test::vs_openssl_as_client_none - should panic ... ok
test test::vs_openssl_as_client_gcm_sha256 ... ok
test test::vs_openssl_as_client_gcm_sha384 ... ok
test test::vs_openssl_as_client_group_x25519 ... ok
test test::vs_openssl_as_client_autoneg ... ok
test test::vs_openssl_as_client_group_p256 ... ok
test test::vs_openssl_as_client_poly1305_sha256 ... ok
test test::vs_openssl_as_client_group_p384 ... ok

@pinkforest pinkforest mentioned this pull request Apr 28, 2024
Open
@pinkforest pinkforest mentioned this pull request Apr 28, 2024
Open
@tarcieri tarcieri merged commit ca89eb1 into RustCrypto:master May 2, 2024
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tarcieri tarcieri tarcieri approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@pinkforest @tarcieri