Skip to content

Encrypted AuthContainer payload #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 18, 2023
Merged

Encrypted AuthContainer payload #14

merged 3 commits into from
Aug 18, 2023

Conversation

rouming
Copy link
Contributor

@rouming rouming commented Aug 16, 2023
edited
Loading

AuthContainer is the envelope for all messages coming from the controller or sent by EVE. For the LOC case the node config should be encrypted. The best place to provide encryption is to modify the AuthContainer itself, so that the message can be both signed and encrypted (in this exact order).

This patch adds the cipherData and cipherContext members to the AuthContainer to encrypt the payload. The decrypt and validate procedure is the following:

  1. if cipherData is valid the encrypted payload is defined in the cipherData.cipherData member, the protectedPayload is set to null.
  2. Once EVE stack decrypts the payload, protectedPayload member is set with the decrypted data.
  3. The signature verification procedure can follow.

CC: @deitch

@rouming
proto: move config/acipherinfo.proto to evecommon/acipherinfo.proto
db9fe87 
Cipher structures will be used not only from the config package.
In the next patch CipherBlock will be used from auth/auth.proto,
in order to avoid cycle dependencies move everything cipher related
to the evecommon package

Signed-off-by: Roman Penyaev <[email protected]>
@rouming rouming requested a review from eriknordmark as a code owner August 16, 2023 11:20
eriknordmark
eriknordmark reviewed Aug 16, 2023
View reviewed changes
@deitch
Copy link
Contributor

deitch commented Aug 17, 2023

I cannot comment on the content of the change (especially as Erik did that). I can comment on the toolset. It looks like yo ran this using a single step more recent minor version of protoc, but a several steps older minor version of protoc-gen-go.

Can you rerun the make proto with the right tools? Or more easily, inside the devcontainer? If you are in vscode, it should recognize it for you. Else follow the instructions in the README.

@rouming
Copy link
Contributor Author

rouming commented Aug 17, 2023

I cannot comment on the content of the change (especially as Erik did that). I can comment on the toolset. It looks like yo ran this using a single step more recent minor version of protoc, but a several steps older minor version of protoc-gen-go.

Can you rerun the make proto with the right tools? Or more easily, inside the devcontainer? If you are in vscode, it should recognize it for you. Else follow the instructions in the README.

Avi, as I said in the mail thread I can't install devcontainer. I spent quite a lot of time trying to build it from sources and also failed (I'm on linux, not on mac). I'm not using vscode. The whole procedure of 'make proto' now is inconvenient for me and I expect more complains will follow (the whole eve team is using linux, not mac).

I can rebuild the protoc-gen-go, but as I said this is very inconvenient.

rouming added 2 commits August 17, 2023 11:32
@rouming
proto/auth: add cipher data to the AuthContainer message
6ca0477 
AuthContainer is the envolope for all messages comming from the controller
or sent by EVE. For the LOC the node config should be encrypted. The best
place to provide encryption is to modify the `AuthContainer` itself, so that
the message can be both signed and encrypted (in this exact order).

This patch adds the `cipherData` and `cipherContext` members to the
`AuthContainer` to encrypt the payload. The decrypt and validate
procedure is the following:

  1. if `cipherData` is valid the encrypted payload is defined in the
     `cipherData.cipherData` member, the `protectedPayload` is set to null.
  2. Once EVE stack decrypts the payload, `protectedPayload` member is set
     with the decrypted data.
  3. The signature verification procedure can follow.

Signed-off-by: Roman Penyaev <[email protected]>
@rouming
proto: autogenerated protocol files
f6aabbb 
All changes after the 'make proto'.

Signed-off-by: Roman Penyaev <[email protected]>
@rouming
Copy link
Contributor Author

rouming commented Aug 17, 2023

@deitch @eriknordmark updated, please take a look.

@rouming rouming mentioned this pull request Aug 17, 2023
Merged
eriknordmark
eriknordmark approved these changes Aug 17, 2023
View reviewed changes
Copy link
Contributor

@eriknordmark eriknordmark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but if you can pull in #15 you should be able to manually use the devcontainer on Linux.

@rouming
Copy link
Contributor Author

rouming commented Aug 18, 2023
edited
Loading

LGTM but if you can pull in #15 you should be able to manually use the devcontainer on Linux.

Thanks, @eriknordmark . These changes work for me. I replied here: #15 (comment)

@rouming
Copy link
Contributor Author

rouming commented Aug 18, 2023

@eriknordmark @deitch can you please merge this? I don't have write access.

@eriknordmark eriknordmark merged commit 272fc06 into lf-edge:main Aug 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eriknordmark eriknordmark eriknordmark approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rouming @deitch @eriknordmark