Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit c13ea19

Browse files
johubertjjohubertj
authored
feat: add integration test for secp384r1_mlkem_1024 (#5438)
1 parent ff60fc7 commit c13ea19

File tree

2 files changed

+77
-3
lines changed
  • bindings/rust/standard/integration/src/features

2 files changed

+77
-3
lines changed

bindings/rust/standard/integration/src/features/mod.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,4 +2,4 @@
22
// SPDX-License-Identifier: Apache-2.0
33

44
#[cfg(feature = "pq")]
5-
mod mldsa;
5+
mod pq;

bindings/rust/standard/integration/src/features/mldsa.rs renamed to bindings/rust/standard/integration/src/features/pq.rs

Lines changed: 76 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ pub async fn get_streams() -> Result<(TcpStream, TcpStream), tokio::io::Error> {
2020
}
2121

2222
#[test_log::test(tokio::test)]
23-
async fn s2n_client() -> Result<(), Box<dyn std::error::Error>> {
23+
async fn s2n_mldsa_client() -> Result<(), Box<dyn std::error::Error>> {
2424
let cert_path = format!("{TEST_PEMS_PATH}mldsa/ML-DSA-87.crt");
2525
let key_path = format!("{TEST_PEMS_PATH}mldsa/ML-DSA-87-seed.priv");
2626

@@ -63,7 +63,7 @@ async fn s2n_client() -> Result<(), Box<dyn std::error::Error>> {
6363
}
6464

6565
#[test_log::test(tokio::test)]
66-
async fn s2n_server() -> Result<(), Box<dyn std::error::Error>> {
66+
async fn s2n_mldsa_server() -> Result<(), Box<dyn std::error::Error>> {
6767
let cert_path = format!("{TEST_PEMS_PATH}mldsa/ML-DSA-87.crt");
6868
let key_path = format!("{TEST_PEMS_PATH}mldsa/ML-DSA-87-seed.priv");
6969

@@ -99,3 +99,77 @@ async fn s2n_server() -> Result<(), Box<dyn std::error::Error>> {
9999
);
100100
Ok(())
101101
}
102+
103+
#[tokio::test]
104+
async fn s2n_mlkem_client() -> Result<(), Box<dyn std::error::Error>> {
105+
let cert_path = format!("{TEST_PEMS_PATH}permutations/ec_ecdsa_p256_sha384/server-chain.pem");
106+
let key_path = format!("{TEST_PEMS_PATH}permutations/ec_ecdsa_p256_sha384/server-key.pem");
107+
108+
let (server_stream, client_stream) = get_streams().await?;
109+
110+
// Setup Openssl 3.5 server restricted to SecP384r1MLKEM1024
111+
let mut server = {
112+
let mut builder = SslContextBuilder::new(SslMethod::tls())?;
113+
builder.set_private_key_file(key_path, SslFiletype::PEM)?;
114+
builder.set_certificate_chain_file(cert_path.clone())?;
115+
builder.set_groups_list("SecP384r1MLKEM1024")?;
116+
let context = builder.build();
117+
let ssl = Ssl::new(&context)?;
118+
SslStream::new(ssl, server_stream)?
119+
};
120+
121+
// Setup s2n-tls client with default_pq
122+
let client = {
123+
let mut config = Config::builder();
124+
config.set_security_policy(&DEFAULT_PQ)?;
125+
config.trust_location(Some(Path::new(&cert_path)), None)?;
126+
TlsConnector::new(config.build()?)
127+
};
128+
129+
let server_pin = Pin::new(&mut server);
130+
let (_, client_result) = tokio::join!(
131+
server_pin.accept(),
132+
client.connect("localhost", client_stream),
133+
);
134+
135+
let client = client_result?;
136+
let conn = client.as_ref();
137+
let kem_group = conn.kem_group_name().unwrap();
138+
assert_eq!(kem_group, "SecP384r1MLKEM1024");
139+
Ok(())
140+
}
141+
142+
#[tokio::test]
143+
async fn s2n_mlkem_server() -> Result<(), Box<dyn std::error::Error>> {
144+
let cert_path = format!("{TEST_PEMS_PATH}permutations/ec_ecdsa_p256_sha384/server-chain.pem");
145+
let key_path = format!("{TEST_PEMS_PATH}permutations/ec_ecdsa_p256_sha384/server-key.pem");
146+
let (server_stream, client_stream) = get_streams().await?;
147+
148+
// Setup Openssl 3.5 client restricted to SecP384r1MLKEM1024
149+
let mut client = {
150+
let mut builder = SslContextBuilder::new(SslMethod::tls())?;
151+
builder.set_ca_file(Path::new(&cert_path))?;
152+
builder.set_groups_list("SecP384r1MLKEM1024")?;
153+
let context = builder.build();
154+
let ssl = Ssl::new(&context)?;
155+
SslStream::new(ssl, client_stream)?
156+
};
157+
158+
let server = {
159+
let mut config = Config::builder();
160+
config.set_security_policy(&DEFAULT_PQ)?;
161+
let cert = fs::read(&cert_path)?;
162+
let key = fs::read(&key_path)?;
163+
config.load_pem(&cert, &key)?;
164+
TlsAcceptor::new(config.build()?)
165+
};
166+
167+
let client_pin = Pin::new(&mut client);
168+
let (server_result, _) = tokio::join!(server.accept(server_stream), client_pin.connect(),);
169+
170+
let server = server_result?;
171+
let conn = server.as_ref();
172+
let kem_group = conn.kem_group_name().unwrap();
173+
assert_eq!(kem_group, "SecP384r1MLKEM1024");
174+
Ok(())
175+
}

0 commit comments

Comments
 (0)