RPC Cross-Language Compatibility Matrix¶
This document details the compatibility matrix for cross-language RPC connections in tofusoup, including client-server language pairs and cryptographic curve support.
๐ค AI-Generated Content
This documentation was generated with AI assistance and is still being audited. Some, or potentially a lot, of this information may be inaccurate. Learn more.
Language Pair Compatibility¶
| Client โ Server | Status | Notes |
|---|---|---|
| Python โ Python | โ Supported | Full support with all features |
| Go โ Python | โ Supported | Recommended for cross-language scenarios |
| Go โ Go | โ Supported | Full support with all features |
| Python โ Go | โ Not Supported | Known bug in pyvider-rpcplugin |
Known Issues¶
Python โ Go Connection Failure¶
Problem: Python clients cannot connect to Go servers due to a TLS handshake incompatibility in pyvider-rpcplugin.
Symptoms: - Connection timeout after 10-30 seconds - TLS handshake failure errors - Server process starts but client cannot establish channel
Workarounds: 1. Use Go client โ Python server (recommended for cross-language scenarios) 2. Use Python client โ Python server (pure Python) 3. Use Go client โ Go server (pure Go)
Related Issues: - pyvider-rpcplugin: Incompatibility with go-plugin server TLS handshake - Expected to be resolved in future pyvider releases
Elliptic Curve Support¶
Python Runtime (grpcio)¶
| Curve | Status | Notes |
|---|---|---|
| secp256r1 (P-256) | โ Supported | Recommended, widely compatible |
| secp384r1 (P-384) | โ Supported | Higher security margin |
| secp521r1 (P-521) | โ Not Supported | grpcio limitation |
Go Runtime (crypto/tls)¶
| Curve | Status | Notes |
|---|---|---|
| secp256r1 (P-256) | โ Supported | Recommended, widely compatible |
| secp384r1 (P-384) | โ Supported | Higher security margin |
| secp521r1 (P-521) | โ Supported | Highest security, Go only |
Curve Compatibility Notes¶
- Python servers: Only accept connections with
secp256r1orsecp384r1 - Go servers: Accept connections with any standard NIST curve
- Cross-language: When connecting Go โ Python, use
secp256r1orsecp384r1 - Auto mode: Set
tls_curve="auto"to let the runtime choose (uses secp256r1)
TLS Mode Compatibility¶
Supported TLS Modes¶
| Mode | Description | Compatibility |
|---|---|---|
disabled |
No encryption | Both Python and Go |
auto |
Automatic mTLS with generated certs | Both Python and Go |
manual |
User-provided certificates | Both Python and Go |
TLS Mode Requirements¶
Auto Mode:
- Server and client must both use auto mode
- Specify tls_key_type (default: "ec")
- Specify tls_curve for EC keys (default: "secp256r1")
- Certificates generated automatically
Manual Mode:
- Provide cert_file and key_file parameters
- Certificates must be compatible (matching key types and curves)
- Both client and server need matching CA certificates
Testing Compatibility¶
Automated Test Coverage¶
The test suite validates all supported combinations:
# Run all compatibility tests
pytest tests/integration/
# Run specific test suites
pytest tests/integration/test_cross_language_matrix.py # Language pairs
pytest tests/integration/test_curve_support.py # Curve validation
pytest tests/integration/test_error_scenarios.py # Error handling
Test Matrix¶
The following combinations are tested automatically:
| Test Scenario | Client | Server | Curve | Expected Result |
|---|---|---|---|---|
| Python basic | Python | Python | secp256r1 | โ Pass |
| Python P-384 | Python | Python | secp384r1 | โ Pass |
| Go โ Python | Go | Python | auto | โ Pass |
| Go โ Go | Go | Go | secp384r1 | โ Pass |
| Python P-521 | Python | Python | secp521r1 | โ Expected Fail |
| Python โ Go | Python | Go | any | โญ๏ธ Skipped (known bug) |
CLI Validation¶
Use the validation command to check compatibility before connecting:
# Check if a connection will work
soup rpc validate-connection --client python --server harnesses/bin/soup-go
# Output:
# โ ๏ธ Python โ Go connections not supported
# โ Supported alternatives:
# - Go โ Python (recommended)
# - Python โ Python
# - Go โ Go
Recommendations¶
For Production Use¶
- Use Go โ Python for cross-language scenarios (most reliable)
- Use secp256r1 or secp384r1 for Python servers
- Use auto TLS mode unless you have specific cert requirements
- Test your configuration with
soup rpc validate-connectionbefore deployment
For Development¶
- Use Python โ Python for quick iteration on Python code
- Use Go โ Go for quick iteration on Go code
- Avoid Python โ Go until the bug is fixed
- Run integration tests to verify your setup:
pytest tests/integration/
Error Messages¶
When encountering compatibility issues, the client provides helpful error messages:
Python โ Go Timeout¶
Connection timeout after 15.234s - Python client โ Go server is not supported.
This is a known issue in pyvider-rpcplugin.
Supported alternatives:
โ Go client โ Python server (use soup-go binary as client)
โ Python client โ Python server
โ Go client โ Go server
Server path: harnesses/bin/soup-go
Unsupported Curve¶
Curve 'secp521r1' is not supported by Python's grpcio library.
Supported curves for Python: secp256r1, secp384r1
Original error: TimeoutError: Connection timeout
Future Improvements¶
Planned enhancements to the compatibility matrix:
- Fix Python โ Go connection (pyvider-rpcplugin update needed)
- Add Rust client/server support (future runtime)
- Add secp521r1 support for Python (requires grpcio update or alternative)
- Enhanced curve negotiation (automatic downgrade for compatibility)
Related Documentation¶
- RPC Matrix Specification
- Running Conformance Tests
- Cross-Language Compatibility
- pyvider-rpcplugin Documentation
Last Updated: 2025-10-11