Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fabrid: Path Validation at Source #2

Open
wants to merge 6 commits into
base: fabrid/data-plane
Choose a base branch
from
Open

Fabrid: Path Validation at Source #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
be0252c
Refactor fabrid accumulator
Aug 7, 2024
47135bf
Wip control options 1
Aug 29, 2024
e76fa83
wip client integration
Aug 29, 2024
27ef35c
Validation at source
Aug 30, 2024
d68beba
fabrid demo copy
Sep 11, 2024
0b06c0e
fabrid demo wip
Sep 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions acceptance/common/topogen.bzl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ def topogen_test(
src,
topo,
gateway = False,
fabrid = False,
debug = False,
args = [],
deps = [],
Expand Down Expand Up @@ -57,6 +58,10 @@ def topogen_test(
if gateway:
common_args.append("--setup-params='--sig'")

if fabrid:
common_args.append("--setup-params='--fabrid'")
common_args.append("--setup-params='--endhost'")

common_data = [
"//scion-pki/cmd/scion-pki",
"//tools:topogen",
Expand Down
2 changes: 1 addition & 1 deletion daemon/internal/servers/BUILD.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ go_library(
"//pkg/addr:go_default_library",
"//pkg/drkey:go_default_library",
"//pkg/experimental/fabrid:go_default_library",
"//pkg/experimental/fabrid/graphutils:go_default_library",
"//pkg/grpc:go_default_library",
"//pkg/log:go_default_library",
"//pkg/metrics:go_default_library",
Expand All @@ -28,7 +29,6 @@ go_library(
"//pkg/segment/extensions/fabrid:go_default_library",
"//pkg/snet:go_default_library",
"//pkg/snet/path:go_default_library",
"//private/path/combinator:go_default_library",
"//private/revcache:go_default_library",
"//private/topology:go_default_library",
"//private/trust:go_default_library",
Expand Down
12 changes: 6 additions & 6 deletions daemon/internal/servers/grpc.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ import (
"github.com/scionproto/scion/pkg/addr"
"github.com/scionproto/scion/pkg/drkey"
"github.com/scionproto/scion/pkg/experimental/fabrid"
fabrid_utils "github.com/scionproto/scion/pkg/experimental/fabrid/graphutils"
libgrpc "github.com/scionproto/scion/pkg/grpc"
"github.com/scionproto/scion/pkg/log"
"github.com/scionproto/scion/pkg/private/common"
Expand All @@ -45,7 +46,6 @@ import (
fabrid_ext "github.com/scionproto/scion/pkg/segment/extensions/fabrid"
"github.com/scionproto/scion/pkg/snet"
snetpath "github.com/scionproto/scion/pkg/snet/path"
"github.com/scionproto/scion/private/path/combinator"
"github.com/scionproto/scion/private/revcache"
"github.com/scionproto/scion/private/topology"
"github.com/scionproto/scion/private/trust"
Expand Down Expand Up @@ -138,13 +138,13 @@ func updateFabridInfo(ctx context.Context, dialer libgrpc.Dialer, detachedHops [
}
defer conn.Close()
client := experimental.NewFABRIDIntraServiceClient(conn)
fabridMaps := make(map[addr.IA]combinator.FabridMapEntry)
fabridMaps := make(map[addr.IA]fabrid_utils.FabridMapEntry)
for _, detachedHop := range detachedHops {
if _, ok := fabridMaps[detachedHop.IA]; !ok {
fabridMaps[detachedHop.IA] = fetchMaps(ctx, detachedHop.IA, client,
detachedHop.Meta.FabridInfo[detachedHop.fiIdx].Digest)
}
detachedHop.Meta.FabridInfo[detachedHop.fiIdx] = *combinator.
detachedHop.Meta.FabridInfo[detachedHop.fiIdx] = *fabrid_utils.
GetFabridInfoForIntfs(detachedHop.IA, detachedHop.Ingress, detachedHop.Egress,
fabridMaps, true)
}
Expand Down Expand Up @@ -194,22 +194,22 @@ func findDetachedHops(paths []snet.Path) []tempHopInfo {
// It uses the provided client to communicate with the Control Service and returns a FabridMapEntry
// to be used directly in the combinator.
func fetchMaps(ctx context.Context, ia addr.IA, client experimental.FABRIDIntraServiceClient,
digest []byte) combinator.FabridMapEntry {
digest []byte) fabrid_utils.FabridMapEntry {
maps, err := client.RemoteMaps(ctx, &experimental.RemoteMapsRequest{
Digest: digest,
IsdAs: uint64(ia),
})
if err != nil || maps.Maps == nil {
log.FromCtx(ctx).Debug("Retrieving remote map from CS failed", "err", err, "ia",
ia)
return combinator.FabridMapEntry{}
return fabrid_utils.FabridMapEntry{}
}

detached := fabrid_ext.Detached{
SupportedIndicesMap: fabrid_ext.SupportedIndicesMapFromPB(maps.Maps.SupportedIndicesMap),
IndexIdentiferMap: fabrid_ext.IndexIdentifierMapFromPB(maps.Maps.IndexIdentifierMap),
}
return combinator.FabridMapEntry{
return fabrid_utils.FabridMapEntry{
Map: &detached,
Ts: time.Now(),
Digest: []byte{}, // leave empty, it can be calculated using detached.Hash()
Expand Down
50 changes: 50 additions & 0 deletions demo/fabrid/BUILD.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary")
load("//:scion.bzl", "scion_go_binary")
load("//acceptance/common:topogen.bzl", "topogen_test")
load("//tools/lint:go.bzl", "go_library")

topogen_test(
name = "test",
src = "test.py",
args = [
"--executable=fabrid-demo:$(location //demo/fabrid:fabrid-demo)",
],
data = ["//demo/fabrid:fabrid-demo"],
topo = "//topology:tiny4.topo",
fabrid = True,
)

go_library(
name = "go_default_library",
srcs = ["main.go"],
importpath = "github.com/scionproto/scion/demo/fabrid",
visibility = ["//visibility:private"],
deps = [
"//pkg/addr:go_default_library",
"//pkg/daemon:go_default_library",
"//pkg/drkey:go_default_library",
"//pkg/drkey/generic:go_default_library",
"//pkg/drkey/specific:go_default_library",
"//pkg/private/serrors:go_default_library",
"//pkg/proto/control_plane:go_default_library",
"//pkg/proto/drkey:go_default_library",
"//pkg/scrypto/cppki:go_default_library",
"//pkg/snet:go_default_library",
"//private/app/flag:go_default_library",
"@com_github_spf13_pflag//:go_default_library",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_protobuf//types/known/timestamppb:go_default_library",
],
)

scion_go_binary(
name = "fabrid-demo",
embed = [":go_default_library"],
visibility = ["//visibility:public"],
)

go_binary(
name = "fabrid",
embed = [":go_default_library"],
visibility = ["//visibility:public"],
)
26 changes: 26 additions & 0 deletions demo/fabrid/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# FABRID demo

This demo shows how two hosts can obtain a shared key with the DRKey system.
The "server" side host can locally derive keys for any other host.
The slower "client" side host can fetch its corresponding key from
the DRKey infrastructure running in the control services.

Note that in this demo, no data is transmitted between "client" and "server".
In a practical usage, the server would derive the key for the client's address
after receiving a packet from the client.

The demo consists of the following steps:

1. Enable and configure DRKey and start the topology.
1. Demonstrate the server side key derivation
1. Demonstrate the client side key fetching
1. Compare the keys

## Run the demo

1. [set up the development environment](https://docs.scion.org/en/latest/build/setup.html)
1. `bazel test --test_output=streamed --cache_test_results=no //demo/fabrid:test`

Note: this demo works on any SCION network topology. To run the demo on a
different network topology, modify the `topo` parameter in `BUILD.bazel` to
point to a different topology file.
Loading
Loading