[gnutls-devel] cipher suites

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Oct 26 19:02:50 CEST 2013


On 10/26/2013 12:15 PM, Stefan Bühler wrote:
> Hi,
> 
> sry, looks like my previous mail accidentally went off list.
> 
> On Fri, 25 Oct 2013 19:58:29 +0200
> Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
>>> Nice.
>>> I just went for it and tried to verify the ids (involving piping
>>> your ciphersuites.c through the preprocessor, some iterations of
>>> (g)awk, sed, sort, cut, column and using saxonsb on the
>>> tls-parameters.xml to get javascript tables I could compare with
>>> the help of nodejs...):
>>
>> Hello,
>>  Could this be automated somehow so it could be added in the
>> testsuite?
> 
> I extracted the code and put it into a gist:
>   https://gist.github.com/stbuehler/7167426
> Depending on saxonb and nodejs for (default) tests seems wrong though.
> Replacing javascript with something else (perl, perhaps even bash)
> should be "easy", but getting rid of saxonb is probably hard; parsing
> xml is no fun :)

Thank you that's very useful. I've added it to the tests that are run
only in the git repository (i.e., by me prior to release) so the
dependencies are fine. Is there a way for nodejs to return a different
error code than zero on error (e.g. a mismatch)?

> Also the test should use the current
> http://www.iana.org/assignments/tls-parameters/tls-parameters.xml, but
> in automated build environments you often have no internet connection
> available.

This can be updated periodically when new ciphersuites are added so it's
not a big issue.

> I used the same/similar code to generate (parts of) these files:
> http://blog.lighttpd.net/javascripts/gnutls-data/registry-ciphers.js
> http://blog.lighttpd.net/javascripts/gnutls-data/ciphers.js

That would be also useful to add in case tls-parameters.xml changes.

regards,
Nikos




More information about the Gnutls-devel mailing list