Python Client-Server SSL Communication channel test

ccc-certifier-framework / certifier-framework-for-confidential-computing

The Confidential Computing Certifier Framework consists of a client API called the Certifier-API and server-based policy evaluation called the Certifier Service. It simplifies and unifies programming and operations support for multi-vendor Confidential Computing platforms by providing support for scalable, policy-driven trust management including

Apache License 2.0

56 stars 16 forks source link

Python Client-Server SSL Communication channel test #205

Closed gapisback closed 1 year ago

gapisback commented 1 year ago

Add Python client-server SSL channel with mTLS communication test.

This commit adds a standalone unit-test to exercise SSL communication using mTLS between client and server. Communication channel is established between the two using certificate and private-keys generated by a stand-alone shell script that invokes 'openssl-req' utility.

A simple 'hello' message is exchanged between client -> server, followed by a client-side validation of expected message received from the server.

gapisback commented 1 year ago

MASSIVELY reworked test-cases to address comments from @rgerganov . We worked together on stabilizing the new test cases. Finally, we have these 5 test cases working now:

test_server_process_with_mtls_self_signed_cert() and test_client_app_with_mtls_self_signed_cert()
test_verify_certs_versus_root_cert()
test_server_process_with_mtls_root_signed_cert() and test_client_app_with_mtls_root_signed_cert()