Python SignedRevInfo Beispiele

Beispiel #1

 def _rev_entries_handler(self, raw_entries):
     for raw in raw_entries:
         srev_info = SignedRevInfo.from_raw(raw)
         rev_info = srev_info.rev_info()
         self.check_revocation(
             srev_info, lambda x: self._remove_revoked_segments(rev_info)
             if not x else False)

Beispiel #2

Datei: scion_elem_test.py Projekt: xabarass/scion

 def test_revoked(self):
     pcb = self._mk_pcb()
     inst = Mock()
     rev_info = RevocationInfo.from_values(ISD_AS("1-ff00:0:300"), 1, LinkType.PARENT, 1)
     srev_info = SignedRevInfo.from_values(rev_info.copy().pack(),
                                           ProtoSignType.ED25519, "src".encode())
     rev_cache = Mock()
     rev_cache.get.return_value = srev_info
     inst.check_revoked_interface = SCIONElement.check_revoked_interface
     ntools.eq_(inst.check_revoked_interface(inst, pcb, rev_cache), False)

Beispiel #3

    def _issue_revocations(self, revoked_ifs):
        """
        Store a RevocationInfo in ZK and send a revocation to all BRs.

        :param list revoked_ifs: A list of interfaces that needs to be revoked.
        """
        # Only the master BS issues revocations.
        if not self.zk.have_lock():
            return
        # Process revoked interfaces.
        infos = []
        for if_id in revoked_ifs:
            br = self.ifid2br[if_id]
            rev_info = RevocationInfo.from_values(
                self.addr.isd_as, if_id, br.interfaces[if_id].link_type,
                int(time.time()), self.REVOCATION_TTL)
            logging.info("Issuing revocation: %s", rev_info.short_desc())
            if self._labels:
                REVOCATIONS_ISSUED.labels(**self._labels).inc()
            chain = self._get_my_cert()
            _, cert_ver = chain.get_leaf_isd_as_ver()
            src = DefaultSignSrc.from_values(
                rev_info.isd_as(), cert_ver,
                self._get_my_trc().version).pack()
            srev_info = SignedRevInfo.from_values(rev_info.copy().pack(),
                                                  ProtoSignType.ED25519, src)
            srev_info.sign(self.signing_key)
            # Add to revocation cache
            self.if_revocations[if_id] = srev_info
            self._process_revocation(srev_info)
            infos.append(IFStateInfo.from_values(if_id, False, srev_info))
        border_metas = []
        # Add all BRs.
        for br in self.topology.border_routers:
            br_addr, br_port = br.int_addrs.public[0]
            border_metas.append(
                UDPMetadata.from_values(host=br_addr, port=br_port))
        # Add local path server.
        ps_meta = []
        if self.topology.path_servers:
            try:
                addr, port = self.dns_query_topo(ServiceType.PS)[0]
            except SCIONServiceLookupError:
                addr, port = None, None
            # Create a meta if there is a local path service
            if addr:
                ps_meta.append(UDPMetadata.from_values(host=addr, port=port))
        self._send_ifstate_update(infos, border_metas, ps_meta)

Beispiel #4

Datei: base.py Projekt: xabarass/scion

 def process_rev_objects(self, rev_infos):
     """
     Processes revocation infos stored in Zookeeper.
     """
     with self._rev_seg_lock:
         for raw in rev_infos:
             try:
                 srev_info = SignedRevInfo.from_raw(raw)
             except SCIONParseError as e:
                 logging.error("Error parsing revocation info from ZK: %s",
                               e)
                 continue
             self.check_revocation(
                 srev_info,
                 lambda x: lambda: self.local_rev_cache.add(srev_info)
                 if not x else False)

Beispiel #5

 def _handle_scmp(self, spkt):
     scmp_hdr = spkt.l4_hdr
     spkt.parse_payload()
     if (scmp_hdr.class_ == SCMPClass.PATH
             and scmp_hdr.type == SCMPPathClass.REVOKED_IF):
         scmp_pld = spkt.get_payload()
         srev_info = SignedRevInfo.from_raw(scmp_pld.info.srev_info)
         rev_info = srev_info.rev_info()
         logging.info("Received revocation: %s (from %s)",
                      rev_info.short_desc(), spkt.addrs.src)
         lib_sciond.send_rev_notification(srev_info,
                                          connector=self._connector)
         return ResponseRV.RETRY
     else:
         logging.error("Received SCMP error:\n%s", spkt)
         return ResponseRV.FAILURE

Beispiel #6

 def handle_scmp_revocation(self, pld, meta):
     srev_info = SignedRevInfo.from_raw(pld.info.srev_info)
     self.handle_revocation(CtrlPayload(PathMgmt(srev_info)), meta)

Beispiel #7

Datei: seg_recs.py Projekt: xabarass/scion

 def srev_info(self, idx):
     return SignedRevInfo(self.p.sRevInfos[idx])

Beispiel #8

Datei: revocation.py Projekt: xabarass/scion

 def srev_info(self):
     if not self._rev_info:
         self._rev_info = SignedRevInfo(self.p.sRevInfo)
     return self._rev_info

Beispiel #9

Datei: ifstate.py Projekt: xabarass/scion

 def srev_info(self):
     if self.p.sRevInfo:
         return SignedRevInfo(self.p.sRevInfo)
     return None