Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add initial code handling certificate #1

Merged
merged 5 commits into from
Jul 13, 2021
Merged

Add initial code handling certificate #1

merged 5 commits into from
Jul 13, 2021

Conversation

kpp
Copy link
Owner

@kpp kpp commented Jul 9, 2021
edited
Loading

Tracking issue: paritytech/polkadot-sdk#536

This is an initial implementation of a serializer, parser and verifier of x509 certificates with libp2p extension binary compatible with the go-libp2p-tls implementation.

cc @tomaka, @mxinden

@kpp kpp mentioned this pull request Jul 9, 2021
Open
10 tasks
kpp
kpp commented Jul 9, 2021
View reviewed changes
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
@mxinden
Copy link

mxinden commented Jul 9, 2021

Thanks for the ping @kpp. In case you want to continue @tomaka 's work in branch https://github.com/tomaka/libp2p-rs/tree/quiccc-again you might want to cherry pick the commits from my fork https://github.com/mxinden/rust-libp2p/tree/quiccc-again "fixing" the unit tests.

0x7CFE
0x7CFE suggested changes Jul 9, 2021
View reviewed changes
transports/tls-quic/Cargo.toml Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/lib.rs Show resolved Hide resolved
0x7CFE
0x7CFE reviewed Jul 10, 2021
View reviewed changes
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
transports/tls-quic/src/certificate.rs Outdated Show resolved Hide resolved
@kpp
Copy link
Owner Author

kpp commented Jul 12, 2021
edited
Loading

Issues I found so far: x509-parser::X509Certificate::verify_signature:

  1. is not aware of all signature algorithms we can actually support (like ed25519),
  2. supports signatures with hash len < 256 like SHA1 (which is a big NO).

Shall I fix it in the current PR or shall I file issues and fix them in the future before actually integrating in the https://github.com/libp2p/rust-libp2p repo?

@kpp
Copy link
Owner Author

kpp commented Jul 13, 2021

Will do in the next PR because we need to verify TLS certs & handshakes.

@kpp kpp merged commit b8d277d into master Jul 13, 2021
@kpp kpp deleted the init_tls_quic branch July 13, 2021 13:30
This was referenced Jul 13, 2021
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0x7CFE 0x7CFE 0x7CFE requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kpp @mxinden @0x7CFE