[ech] ECH PR reviews...
Stephen Farrell
stephen.farrell at cs.tcd.ie
Tue Dec 12 00:40:13 UTC 2023
Hiya,
On 11/12/2023 23:11, Kurt Roeckx wrote:
> With new code like that, it's ussually also useful to add a file
> having some basic coverage, an example of a handshake. It will
> be much faster in finding new coverage in that case. For the client
> that would be things that the server sends to a client.
Ah. I've been trying to figure that out this evening. (I guess there
probably isn't a HOWTO for adding fuzzing for new APIs:-)
For ECH, both the most interesting, and the most tricky, thing to
want to fuzz is the recovered plaintext of an EncodedClientHelloInner
on the server. I figured a way to handle static bad encodings of
those in ``test/echcorrupttest.c`` [1] but if there's a way to make
a fuzzy equivalent of that, that'd be interesting and useful. (Not
sure that extending the current approach to cover that is doable
though, given doing so might require defining an otherwise unneeded
way to do NULL encryption for HPKE.)
Cheers,
S.
[1]
https://github.com/sftcd/openssl/blob/ECH-draft-13c/test/echcorrupttest.c#L42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20231212/2a8d2095/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20231212/2a8d2095/attachment.sig>
More information about the ech
mailing list