test: NTS wire-format interop tests + fix Next Protocol critical bit#55
Open
PenguinzTech wants to merge 1 commit into
Open
test: NTS wire-format interop tests + fix Next Protocol critical bit#55PenguinzTech wants to merge 1 commit into
PenguinzTech wants to merge 1 commit into
Conversation
RFC 8915 §4.1.5 requires the NTS Next Protocol Negotiation record's Critical Bit to be set. _build_nts_ke_response encoded it non-critical, which strict clients (ntpsec/chrony) reject — fix to critical=True. Add tests/test_nts_wire_interop.py (24 tests) that cross-check the wire format against independent, spec-faithful references rather than the server's own codec: - NTS-KE response byte layout + critical bits parsed by an independent RFC 8915 parser; server parses an independently-encoded chrony-style request; record encoding byte-identical to a reference encoder. - RFC 5297 AES-SIV known-answer vector (the primitive chrony/ntpsec use) and authenticator == AES-SIV(S2C).encrypt(empty,[AAD])[:16] (RFC 8915 §5.7); unsupported-AEAD rejection (no MAC downgrade). - RFC 7822 extension-field framing cross-checked by an independent parser. - End-to-end: a client holding the S2C key authenticates the NTP response by recomputing the tag over the AAD; Unique Identifier echo verified. Full ntp-server suite: 51 passing. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Reviewer's GuideFixes the NTS Next Protocol Negotiation record to set the Critical Bit per RFC 8915 for interop with strict clients, and adds a focused test suite that cross-checks the server’s NTS wire format, AES-SIV usage, and NTP extension-field framing against independent, spec-faithful reference implementations and vectors. Sequence diagram for building NTS-KE response with critical Next Protocol recordsequenceDiagram
participant NTPServer
participant NTSKERecord
NTPServer->>NTPServer: _build_nts_ke_response(aead_id, cookies)
NTPServer->>NTSKERecord: encode(NTSKERecordType.NEXT_PROTOCOL, next_proto_body, critical=True)
NTSKERecord-->>NTPServer: next_protocol_record
NTPServer-->>NTPServer: assemble_response_with_next_protocol_record
File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
There was a problem hiding this comment.
Hey - I've left some high level feedback:
- The tests reach into private helpers like
_build_nts_ke_response,_build_ef, and_compute_authenticator; consider exercising these behaviors via public interfaces where possible to avoid coupling tests to internal implementation details. - The test module manipulates
sys.pathto importserver; you may want to switch to package-relative imports (e.g.,ntp_server.bins.server) to keep test imports robust to layout changes. - Several AEAD- and type-related values (e.g.,
15for AES_SIV_CMAC_256) are hard-coded in tests; using the existing enum constants directly wherever possible would reduce the risk of divergence if the IDs change.
Prompt for AI Agents
Please address the comments from this code review:
## Overall Comments
- The tests reach into private helpers like `_build_nts_ke_response`, `_build_ef`, and `_compute_authenticator`; consider exercising these behaviors via public interfaces where possible to avoid coupling tests to internal implementation details.
- The test module manipulates `sys.path` to import `server`; you may want to switch to package-relative imports (e.g., `ntp_server.bins.server`) to keep test imports robust to layout changes.
- Several AEAD- and type-related values (e.g., `15` for AES_SIV_CMAC_256) are hard-coded in tests; using the existing enum constants directly wherever possible would reduce the risk of divergence if the IDs change.Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Stacked on #54. Third branch in the chain.
Interop fix
RFC 8915 §4.1.5 requires the NTS Next Protocol Negotiation record's Critical Bit to be set.
_build_nts_ke_responseencoded itcritical=False— strict clients (ntpsec, chrony) reject a response whose Next Protocol record isn't critical. Fixed tocritical=True.Interop tests (
tests/test_nts_wire_interop.py, 24 tests)Cross-checks the wire format against independent, spec-faithful references (no shared code with
server.py) rather than self-consistency:AES-SIV(S2C).encrypt(empty, [AAD])[:16](RFC 8915 §5.7); unsupported-AEAD IDs rejected (no MAC downgrade).Full ntp-server suite: 51 passing (27 existing + 24 new).
🤖 Generated with Claude Code
Summary by Sourcery
Ensure NTS wire-format interoperability by fixing the Next Protocol critical bit and adding cross-implementation tests for NTS-KE, AES-SIV, extension fields, and end-to-end authentication.
Bug Fixes:
Tests: