Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drkey port pr4 #7

Merged
merged 7 commits into from
May 11, 2020
Merged

Drkey port pr4 #7

merged 7 commits into from
May 11, 2020

Conversation

JordiSubira
Copy link
Collaborator

@JordiSubira JordiSubira commented Apr 29, 2020
edited by juagargi
Loading

4 th PR among several in order to port drkey feature to scionlab. Most of the features were first introduced in netsec-ethz#63.

Drkey feature in go/lib/ctrl.

Some minor changes:

  • change ids in proto/sciond.capnp
  • Some refactoring due to carried changes.
  • Some golint cleaning.

This change is Reviewable

juagargi
juagargi approved these changes May 11, 2020
View reviewed changes
Copy link
Owner

@juagargi juagargi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewed 13 of 13 files at r1.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved

@juagargi juagargi merged commit c7142fd into juagargi:scionlab_drkey_feature May 11, 2020
JordiSubira added a commit that referenced this pull request Oct 2, 2020
@JordiSubira
Drkey port pr4 (#7)
7335df9 
* proto/sciond.capnp added drkey data + proto/drkey_mgmt.capnp + auto-generated files + inital go/lib/ctrl/drkey_mgmnt

* adapted lvl2_rep to Epoch based Validity

* replaced RawBytes by byte slice

replaced some missed RawBytes

* Use scrpyto.Version in Lvl1Rep.CrtVerDst

* added drkey in ctrl/union.go

* solving some golint warning in drkey_mgmt

* replacing RawBytes in Lvl2req
JordiSubira added a commit that referenced this pull request Nov 5, 2020
@JordiSubira
Drkey port pr4 (#7)
0a4e618 
* proto/sciond.capnp added drkey data + proto/drkey_mgmt.capnp + auto-generated files + inital go/lib/ctrl/drkey_mgmnt

* adapted lvl2_rep to Epoch based Validity

* replaced RawBytes by byte slice

replaced some missed RawBytes

* Use scrpyto.Version in Lvl1Rep.CrtVerDst

* added drkey in ctrl/union.go

* solving some golint warning in drkey_mgmt

* replacing RawBytes in Lvl2req
juagargi pushed a commit that referenced this pull request Dec 10, 2020
@JordiSubira @juagargi
Drkey port pr4 (#7)
b003a70 
* proto/sciond.capnp added drkey data + proto/drkey_mgmt.capnp + auto-generated files + inital go/lib/ctrl/drkey_mgmnt

* adapted lvl2_rep to Epoch based Validity

* replaced RawBytes by byte slice

replaced some missed RawBytes

* Use scrpyto.Version in Lvl1Rep.CrtVerDst

* added drkey in ctrl/union.go

* solving some golint warning in drkey_mgmt

* replacing RawBytes in Lvl2req
@JordiSubira JordiSubira deleted the drkey_port_pr4 branch December 23, 2020 09:38
juagargi added a commit that referenced this pull request Jan 4, 2021
@juagargi @JordiSubira
DRKey ported from the old SCIONLab (scionproto#77)
707a5e6 
* Drkey feature PR1 (#3)

* lib drkey files

* Epoch based on Validity period https://github.com/scionproto/scion/pull/2842/files

* added test for secret value derivation

* embed Validity in Epoch

* Replacing RawBytes by byte slice, using xtest to parse hex string

suite.go moved out to package exchange

Added Equal to DRkey

added dep in BUILD.bazel

* add bazel for exchange pkg

* Drkey feature PR2 (#4)

* lib drkey protocol files

* adding AS->Host, Host->Host to standard UI + minor changes

* Replacing RawBytes by byte slice

* Added suite.go UT

* mending protocol BUILD.bazel

* using testify in suite.go UT

* refactoring testify protocol_test.go

* Drkey feature PR3 (#5)

* Initial commit lib drkey drkeysqlite files

* refactor to Epoch based on Validity

* minor changes out of revision

* refactoring db_test with testify

* Drkey port pr4 (#7)

* proto/sciond.capnp added drkey data + proto/drkey_mgmt.capnp + auto-generated files + inital go/lib/ctrl/drkey_mgmnt

* adapted lvl2_rep to Epoch based Validity

* replaced RawBytes by byte slice

replaced some missed RawBytes

* Use scrpyto.Version in Lvl1Rep.CrtVerDst

* added drkey in ctrl/union.go

* solving some golint warning in drkey_mgmt

* replacing RawBytes in Lvl2req

* Drkey port pr5 (#11)

* inital commit drkeystorage pkg

* testify refactoring config_test.go

* Drkey feature pr6 (#19)

* cppki validity refactoring

* Drkey protobuf

* changes in drkeystorage:

- Modified ServiceStore interface
- Added mock

* added DRKey cp requests

* Added package go/pkg/cs/drkey:

- ServiceStore adapted to use new Fetcher
- Prefetcher and SecretValueStore

* Added ValitadePeerWithCert function:

- This function might help validating authentication information from peer in DRKey exchanges.

* added package go/pkg/cs/drkey/grpc:

- DRKeyService which handles both Lvl1 and Lvl2 request.
- DRKeyFetcher which fetches Lvl1 keys from some remote CS.

* added drkey CS config:
- added DRKey and DRKeyDB configuration files

* Refactoring drkey protobuf

* trust: added ClientTransportCredentials:

ClientTransportCredentials is used as a wrapper around TLS credentials so that the certificate and server name can be check within the grpc dialing.

- Lvl1KeyFetching test is adapted to use ClientTransportCredentials.

* mending test to pass

* small fixings and explicit implements

* refactoring pkg/cs UT

* protobuf: Refactoring protobuf Lvl1Response and added UTo

* added test inner function to prefectch keys + fixing error checking in drkey_service

* deleting unnecessary callOption in drkey_fetcher

* improving tests

* fixing lint errors

* Drkey feature pr7 (#20)

* move DRKey requests/responses to their own package

* add protobuf DRKey RPC in sciond

* added DRKey feature to go/pkg/sciond package:

- Implemented RPC interface to serve Lvl2Key request to scionD.
- Implemented Fetcher to fetch Lvl2Key from local CS.
- Added ClientStore which encompases the logic to handle DRKeyLvl2 feature.
- Added UTs.

* fixing lint errors

* fixing error with serverName in transport_credentials

* fixing bugs in drkey fetchers

* DRKey feature pr8 (#21)

* fix bug in Lvl2reqToProtoRequest

* add go/lib/sciond

* fixing serverName handling in verifyConnection

* fixing validateLvl2Req

* fixing concurrency in prefetcher

* fixing log messages and config in go/pkg/sciond

* added TLSQUIC stack in go/lib/infra/:

- QUICStack in infraenv.go is modified so that it also returns a separate QUIC stack.
- Added TLSQUICDialer which redirects requests to the TLSQUIC stack.
- Added new svc transport.

* plugging in DRKey in scionD and CS

* fixing lint and tests

* added sciond mock

* remove exchange suite

* remove capnp drkey from go/lib/ctrl

* minor changes in cs.go and drkey config

* moving out aux code from cs.go to trustlib + minor changes

* fixed comment

Co-authored-by: JordiSubira <jordi.subira.nieto@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juagargi juagargi juagargi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JordiSubira @juagargi