Validate bare protocol locally against OpenSSL reference

[pinkforest]

Should this be re-organised ? e.g. into validation directory ?

generating the certificates requires openssl binaries in the system so best to just use one year certs ?

[tarcieri]

generating the certificates requires openssl binaries

You could use the x509-cert crate instead.

Shelling out to openssl also seems preferable to the certs breaking after a year.

[pinkforest]

keen to get rid of those files - x509-cert sounds like ideal

[pinkforest]

I moved it under validation/local_ping_pong_openssl

Can later translate that Makefile spawned from Command to library calls later

Thought about using x509-cert but the idea is to test against openssl as ref impl incl. generated so 🤷‍♀️

[pinkforest]

I also added different cipher suites and groups so it tests autoneg & pinned as below:

running 13 tests
test test::vs_openssl_as_client_ccm8_sha256 - should panic ... ok
test test::vs_openssl_as_client_group_none - should panic ... ok
test test::vs_openssl_as_client_ccm_sha256 - should panic ... ok
test test::vs_openssl_as_client_group_p521 - should panic ... ok
test test::vs_openssl_as_client_group_x448 - should panic ... ok
test test::vs_openssl_as_client_none - should panic ... ok
test test::vs_openssl_as_client_gcm_sha256 ... ok
test test::vs_openssl_as_client_gcm_sha384 ... ok
test test::vs_openssl_as_client_group_x25519 ... ok
test test::vs_openssl_as_client_autoneg ... ok
test test::vs_openssl_as_client_group_p256 ... ok
test test::vs_openssl_as_client_poly1305_sha256 ... ok
test test::vs_openssl_as_client_group_p384 ... ok