Hi, I was trying to add test coverage to res_crypto using canned reference data, but RSA encryption uses dynamic padding (OAEP or PKCSv1.5) to avoid generating the same values each time, as this would be cryptographically weak and susceptible to cryptanalysis.
There are other times where you might need external validation done without canned results: packet exchanges that generate timestamps or nonces, dynamic uuid's based on timestamps i.e. V1 UUIDs (see Section 4.1.4 of RFC-4122), environmental seepage into the tests (local IP addresses when talking to external STUN servers, for example), etc. The long and the short of it is, sometimes you want to generate results internally, and then validate them externally... or conversely generate results externally, and validate them internally: https://issues.asterisk.org/jira/browse/ASTERISK-30037 To this end, I've added support for running a command externally and both piping it input (if it requires input... some commands just take command-line arguments, of course) and then capturing its stdout and stderr values for comparison. You can see the original review request here: https://gerrit.asterisk.org/c/asterisk/+/18525 To do this. You can also see coverage of this functionality via common UNIX commands here: https://gerrit.asterisk.org/c/asterisk/+/18526 And then the test coverage to res_crypto that originally put me on this path: https://gerrit.asterisk.org/c/asterisk/+/18532 I'm happy to discuss adding more test coverage to 18526 if anyone thinks it needs it. I'm also happy to work with others that want to add unit-test coverage to other modules and resources that leverages external processes. Thanks, -Philip -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
