Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
DRKey ported from the old SCIONLab (scionproto#77)
* Drkey feature PR1 (#3) * lib drkey files * Epoch based on Validity period https://github.com/scionproto/scion/pull/2842/files * added test for secret value derivation * embed Validity in Epoch * Replacing RawBytes by byte slice, using xtest to parse hex string suite.go moved out to package exchange Added Equal to DRkey added dep in BUILD.bazel * add bazel for exchange pkg * Drkey feature PR2 (#4) * lib drkey protocol files * adding AS->Host, Host->Host to standard UI + minor changes * Replacing RawBytes by byte slice * Added suite.go UT * mending protocol BUILD.bazel * using testify in suite.go UT * refactoring testify protocol_test.go * Drkey feature PR3 (#5) * Initial commit lib drkey drkeysqlite files * refactor to Epoch based on Validity * minor changes out of revision * refactoring db_test with testify * Drkey port pr4 (#7) * proto/sciond.capnp added drkey data + proto/drkey_mgmt.capnp + auto-generated files + inital go/lib/ctrl/drkey_mgmnt * adapted lvl2_rep to Epoch based Validity * replaced RawBytes by byte slice replaced some missed RawBytes * Use scrpyto.Version in Lvl1Rep.CrtVerDst * added drkey in ctrl/union.go * solving some golint warning in drkey_mgmt * replacing RawBytes in Lvl2req * Drkey port pr5 (#11) * inital commit drkeystorage pkg * testify refactoring config_test.go * Drkey feature pr6 (#19) * cppki validity refactoring * Drkey protobuf * changes in drkeystorage: - Modified ServiceStore interface - Added mock * added DRKey cp requests * Added package go/pkg/cs/drkey: - ServiceStore adapted to use new Fetcher - Prefetcher and SecretValueStore * Added ValitadePeerWithCert function: - This function might help validating authentication information from peer in DRKey exchanges. * added package go/pkg/cs/drkey/grpc: - DRKeyService which handles both Lvl1 and Lvl2 request. - DRKeyFetcher which fetches Lvl1 keys from some remote CS. * added drkey CS config: - added DRKey and DRKeyDB configuration files * Refactoring drkey protobuf * trust: added ClientTransportCredentials: ClientTransportCredentials is used as a wrapper around TLS credentials so that the certificate and server name can be check within the grpc dialing. - Lvl1KeyFetching test is adapted to use ClientTransportCredentials. * mending test to pass * small fixings and explicit implements * refactoring pkg/cs UT * protobuf: Refactoring protobuf Lvl1Response and added UTo * added test inner function to prefectch keys + fixing error checking in drkey_service * deleting unnecessary callOption in drkey_fetcher * improving tests * fixing lint errors * Drkey feature pr7 (#20) * move DRKey requests/responses to their own package * add protobuf DRKey RPC in sciond * added DRKey feature to go/pkg/sciond package: - Implemented RPC interface to serve Lvl2Key request to scionD. - Implemented Fetcher to fetch Lvl2Key from local CS. - Added ClientStore which encompases the logic to handle DRKeyLvl2 feature. - Added UTs. * fixing lint errors * fixing error with serverName in transport_credentials * fixing bugs in drkey fetchers * DRKey feature pr8 (#21) * fix bug in Lvl2reqToProtoRequest * add go/lib/sciond * fixing serverName handling in verifyConnection * fixing validateLvl2Req * fixing concurrency in prefetcher * fixing log messages and config in go/pkg/sciond * added TLSQUIC stack in go/lib/infra/: - QUICStack in infraenv.go is modified so that it also returns a separate QUIC stack. - Added TLSQUICDialer which redirects requests to the TLSQUIC stack. - Added new svc transport. * plugging in DRKey in scionD and CS * fixing lint and tests * added sciond mock * remove exchange suite * remove capnp drkey from go/lib/ctrl * minor changes in cs.go and drkey config * moving out aux code from cs.go to trustlib + minor changes * fixed comment Co-authored-by: JordiSubira <jordi.subira.nieto@gmail.com>
- Loading branch information