From c1c7bfa053e5d39366b3243941dcce0cb3678c41 Mon Sep 17 00:00:00 2001 From: Kris Kwiatkowski Date: Fri, 5 Apr 2019 13:53:54 +0100 Subject: [PATCH] Update README --- README.md | 79 +++---------------------------------------------------- 1 file changed, 3 insertions(+), 76 deletions(-) diff --git a/README.md b/README.md index be5c08c..30a681d 100644 --- a/README.md +++ b/README.md @@ -1,30 +1,7 @@ -``` - _____ _ ____ _ _ -|_ _| | / ___| | |_ _ __(_)___ - | | | | \___ \ _____| __| '__| / __| - | | | |___ ___) |_____| |_| | | \__ \ - |_| |_____|____/ \__|_| |_|___/ - -``` - -crypto/tls, now with 100% more 1.3. - -THE API IS NOT STABLE AND DOCUMENTATION IS NOT GUARANTEED. - -[![Build Status](https://travis-ci.org/cloudflare/tls-tris.svg?branch=master)](https://travis-ci.org/cloudflare/tls-tris) - -## Usage - -Since `crypto/tls` is very deeply (and not that elegantly) coupled with the Go stdlib, -tls-tris shouldn't be used as an external package. It is also impossible to vendor it -as `crypto/tls` because stdlib packages would import the standard one and mismatch. - -So, to build with tls-tris, you need to use a custom GOROOT. +# trs -A script is provided that will take care of it for you: `./_dev/go.sh`. -Just use that instead of the `go` tool. - -The script also transparently fetches the custom Cloudflare Go 1.10 compiler with the required backports. +This is an implementation of TLS 1.3 forked from ``tls-tris`` (af21f3083ce150bf822574a4437be352a83ef45b). Modified +to be used as separated library. ## Development @@ -55,53 +32,3 @@ sudo usermod -a -G docker $USER Similar dependencies can be found on any UNIX based system/distribution. -### Building - -There are number of things that need to be setup before running tests. Most important step is to copy ``go env GOROOT`` directory to ``_dev`` and swap TLS implementation and recompile GO. Then for testing we use go implementation from ``_dev/GOROOT``. - -``` -git clone https://github.com/cloudflare/tls-tris.git -cd tls-tris; cp _dev/utils/pre-commit .git/hooks/ -make -f _dev/Makefile build-all -``` - -### Testing - -We run 3 kinds of test:. - -* Unit testing:
``make -f _dev/Makefile test-unit`` -* Testing against BoringSSL test suite:
``make -f _dev/Makefile test-bogo`` -* Compatibility testing (see below):
``make -f _dev/Makefile test-interop`` - -To run all the tests in one go use: -``` -make -f _dev/Makefile test -``` - -### Testing interoperability with 3rd party libraries - -In order to ensure compatibility we are testing our implementation against BoringSSL, NSS and PicoTLS. - -Makefile has a specific target for testing interoperability with external libraries. Following command can be used in order to run such test: - -``` -make -f _dev/Makefile test-interop -``` - -The makefile target is just a wrapper and it executes ``_dev/interop_test_runner`` script written in python. The script implements interoperability tests using ``python unittest`` framework. - -Script can be started from command line directly. For example: - -``` -> ./interop_test_runner -v InteropServer_NSS.test_zero_rtt -test_zero_rtt (__main__.InteropServer_NSS) ... ok - ----------------------------------------------------------------------- -Ran 1 test in 8.765s - -OK -``` - -### Debugging - -When the environment variable `TLSDEBUG` is set to `error`, Tris will print a hexdump of the Client Hello and a stack trace if an handshake error occurs. If the value is `short`, only the error and the first meaningful stack frame are printed.