test(tls): pin the TLS 1.3 stack to published RFC vectors#49
Merged
Conversation
Five inline suite tests (182 -> 187): RFC 8448 §3 full offline handshake, ECDSA-P256 verify per RFC 6979 §A.2.5 + 4-way invalid-signature rejection, the CertificateVerify path, and SAN hostname validation on a real leaf. Distilled from the manual tests in tools/tls/, each proven standalone first. Adding them exposed a suite-harness bug: run_test kept every compile's garbage live, so by test ~183 the default 1GB arena was full and the GC crawled (20+ min hang on a test that runs in seconds standalone). Each test now compiles inside an arena_mark/arena_reset window; suite memory stays flat and the full 187-test run drops to ~80 s at the default arena. Seed rebuilt via the in-process toolchain, fixed point verified (stage2 == stage3), rail_safe in lockstep (byte-identical, 19/19 gate). See CHANGELOG.md (Unreleased). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01Pb4TJEdqhSKkRdLsDYD2JF
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Five new inline suite tests (182 → 187) covering the code that decides who to trust:
tls13_rfc8448_handshakeecdsa_p256_rfc6979_verifyecdsa_p256_reject_invalidtls13_cert_verify_sigcert_hostname_sanEach test was proven as a standalone program first, then embedded verbatim; the originals in
tools/tls/remain as the long-form documented versions.Bonus bug the new tests exposed
The suite hung 20+ minutes on entering test 183 — at the default 1GB arena,
run_testkept every prior compile's garbage live, and by ~180 in-process compiles the arena was full and the GC crawled (the same test compiles in seconds standalone; atRAIL_ARENA_MB=6000the full suite passes in minutes). Fix: each test now runs inside anarena_mark/arena_resetwindow — only the unboxed verdict bool escapes — so suite memory stays flat at any test count, and total suite time drops since late tests no longer run against a degraded heap.Why
The TLS/PKI stack — handshake FSM, certificate verification, hostname matching (~3,400 LOC) — was covered only by manual tests that nothing gated. An undetected regression in exactly this code is the failure mode this project exists to prevent. With #48 (Ed25519 RFC 8032) and this, every trust-deciding primitive is pinned to published vectors on every push.
Seed
Suite tests compile into the binary, so the seed is rebuilt from the new source: in-process toolchain, fixed point verified (stage2 == stage3 byte-identical), sha256
ba9344da55733580a04c9593e9062fded821c86829fa326219de5a39297889f2.rail_saferebuilt in lockstep — byte-identical to the seed, 19/19 adversarial gate. Suite: 187/187 with the committed binary — in 80 s at the default 1GB arena (see below). The as/ld fallback path (what CI exercises) was independently confirmed to reach its own byte-identical fixed point on this source.🤖 Generated with Claude Code
https://claude.ai/code/session_01Pb4TJEdqhSKkRdLsDYD2JF