Have a browser open with Google (Lots of googling needed for this)
git clone git@github.com/captn3m0/crypto.koans.git && cd crypto.koans
composer install
Koans
koan
noun, plural koΒ·ans, koΒ·an.Zen.
a nonsensical or paradoxical question to a student for which an answer is demanded, the stress of meditation on the question often being illuminating.
What is the colour of wind?
Ruby
ruby path_to_enlightenment.rb
Thinking AboutAsserts
test_assert_truth has damaged your karma.
You have not yet reached enlightenment ...
<false> isnottrue.
Please meditate onthe following code:
./about_asserts.rb:10:in `test_assert_truth'
path_to_enlightenment.rb:27
mountains are merely mountains
# We shall contemplate truth by testing reality, via asserts.deftest_assert_truth
assert false# This should be trueend
tl;dr
Run tests
Why is the test failing? (koans/files directories)
Get it to pass
Don't Cheat
Means you must do something here
Keep a solutions.md file listing down commands as you run them
Setup
Have a browser open with Google (Lots of googling needed for this)
git clone git@github.com/captn3m0/crypto.koans.git && cd crypto.koans
# As Alice
openssl req -subj '/CN=alice.crypto.koans'
-key files/client.key
-new
-out files/client.csr
# As Bob
openssl x509 -req -in files/alice.csr
-CA files/ca.pem
-CAkey files/ca.key
-CAcreateserial
-extfile client.cnf
-out files/alice.crt
Generate a Client Certificate
Step 3
Save alice.crt as client.crt
Save the CA file you received as bob.pem
See testClientBundleGenerated
Theory Break 2
What Alice Had
Client (client.key, client.csr)
What Bob Had
Client CSR (client.csr)
CA (ca.pem, ca.key)
What Bob Had
Client CSR (client.csr, alice.crt)
CA (ca.pem, ca.key)
What Alice Has
Client (client.key, client.csr, client.crt)
Bob's CA (bob.pem)
What Bob Has
Server (1.key, 1.csr, 1.crt)
CA (ca.pem, ca.key)
What Alice Has
Client (client.key, client.crt)
Bob's CA (bob.pem)
What Bob Has
Server (1.key, 1.crt)
Bob's Own CA (ca.pem)
Where we're going
/
As Bob
Bring up a server using your key (1.key) and certificate (1.crt) and allow any client signed
by your CA (ca.pem) to talk to you.
docker run --volume `pwd`/files:/etc/koans
--publish 8443:443
captn3m0/crypto.koans
# ssl_certificate /etc/koans/1.crt;# ssl_certificate_key /etc/koans/1.key;# ssl_client_certificate /etc/koans/ca.pem;# Give your WiFi IP to your partner
/
As Alice
Use the certificate (signed by Bob) and the key
(which only you have) to talk to Bob's server (which
you can verify using the CA given)