[CO-389] Write properties for cardano-sl-x509

[KtorZ]

Description

As per comment in #3610 --> #3610 (comment)

Linked issue

[CO-379]

Type of change

• 🐞 Bug fix (non-breaking change which fixes an issue)
• 🛠 New feature (non-breaking change which adds functionality)
• ⚠️ Breaking change (fix or feature that would cause existing functionality to change)
• 🏭 Refactoring that does not change existing functionality but does improve things like code readability, structure etc
• 🔨 New or improved tests for existing code
• ⛑ git-flow chore (backport, hotfix, etc)

Developer checklist

• I have read the style guide document, and my code follows the code style of this project.
• If my code deals with exceptions, it follows the guidelines.
• I have updated any documentation accordingly, if needed. Documentation changes can be reflected in opening a PR on cardanodocs.com, amending the inline Haddock comments, any relevant README file or one of the document listed in the docs directory.
• [ ] CHANGELOG entry has been added and is linked to the correct PR on GitHub.

Testing checklist

• I have added tests to cover my changes.
• All new and existing tests passed.

QA Steps

Screenshots (if available)

[erikd]

So you have implemented this in QuickCheck and there is no shrink. If this fails, its going to be a pain in the neck.

We'll keep this for now, but I really recommend that you have a look at HedgeHog.

[KtorZ]

Well, not really right? There are shrinkers defined when they make sense. Here, there's just no way to shrink a DirConfiguration. Nevertheless, even without shrinking, a DirConfiguration don't get really unmanageable 😅

[KtorZ]

That's actually why I have also explictely defined it as [], to make it clear that I haven't forgotten to define a shrink method for that type but that is just that this is the only sensible choice :)

And so far, failures render nicely 😛 (I got a few during development)

[disassembler]

I'd also add this to release.nix so hydra reports checks for it since it's no longer part of tools.

[disassembler]

This will break deadalus. Please leave the IP SAN parsing in.

[KtorZ]

Hmmm... Good catch @Disasm
But IP SAN aren't recognized as a valid alternative names by the x509 library we use. I can perhaps tweak the hook which validates the name...

Does Daedalus uses 127.0.0.1 to contact the server instead of localhost?

[disassembler]

Does this mean localhost is an invalid altName as well now? That breaks wallet connectScripts if so.

[KtorZ]

No. The Invalid is just biaised to sometimes generate invalid configurations such that we can use it to trigger multiple sort of errors.

[KtorZ]

@disassembler

Okay, I've updated the implementation to:

• Accept IPs as SAN (using the IPv4 and IPv6 encoding / decoding functions)
• Properly validate IP SAN and DNS SAN. The former one just does a plain equality check and the latter relies on the default validation hook from x509-validation (which validates DNS SAN or fails)
• Updated properties to reflect these changes
• Have a new property which checks that unknown ServiceID (i.e. not defined as SAN) are actually rejected, for server certificates (we don't check the name in case of client certificates because it doesn't make sense).

Let me know 👍

Also: I am not sure whether I should add something to release.nix or anything. Note that this package is going to be used by cardano-sl-wallet-new (PR incoming) so it will get built anyway. Would tests run as part of the build automatically?

[KtorZ]

@disassembler
So, while using this on the "demo cluster" story, I noticed an issue with our TLS Manager with IP SANs. We basically need to have our custom name validator here as well, so I've added it:

https://github.com/input-output-hk/cardano-sl/pull/3620/files#diff-a879fd32cda407f37cf36a9459d628e8