def process_drkey_request(self, cpld, meta):
"""
Process first order DRKey requests from other ASes.
:param DRKeyRequest req: the DRKey request
:param UDPMetadata meta: the metadata
"""
dpld = cpld.union
req = dpld.union
assert isinstance(req, DRKeyRequest), type(req)
logging.info("DRKeyRequest received from %s: %s [id: %s]", meta,
req.short_desc(), cpld.req_id_str())
REQS_TOTAL.labels(**self._labels, type="drkey").inc()
try:
cert = self._verify_drkey_request(req, meta)
except SCIONVerificationError as e:
logging.warning("Invalid DRKeyRequest from %s. Reason %s: %s",
meta, e, req.short_desc())
return
sv = self._get_drkey_secret(get_drkey_exp_time(req.p.flags.prefetch))
cert_version = self.trust_store.get_cert(
self.addr.isd_as).certs[0].version
trc_version = self.trust_store.get_trc(self.addr.isd_as[0]).version
rep = get_drkey_reply(sv, self.addr.isd_as, meta.ia, self.private_key,
self.signing_key, cert_version, cert,
trc_version)
self.send_meta(CtrlPayload(DRKeyMgmt(rep), req_id=cpld.req_id), meta)
logging.info("DRKeyReply sent to %s: %s [id: %s]", meta,
req.short_desc(), cpld.req_id_str())
def process_drkey_request(self, req, meta):
"""
Process first order DRKey requests from other ASes.
:param DRKeyRequest req: the DRKey request
:param UDPMetadata meta: the metadata
"""
assert isinstance(req, DRKeyRequest)
logging.info("DRKeyRequest received from %s: %s", meta,
req.short_desc())
try:
cert = self._verify_drkey_request(req, meta)
except SCIONVerificationError as e:
logging.warning("Invalid DRKeyRequest from %s. Reason %s: %s",
meta, e, req.short_desc())
return
sv = self._get_drkey_secret(get_drkey_exp_time(req.p.flags.prefetch))
cert_version = self.trust_store.get_cert(
self.addr.isd_as).certs[0].version
trc_version = self.trust_store.get_trc(self.addr.isd_as[0]).version
rep = get_drkey_reply(sv, self.addr.isd_as, meta.ia, self.private_key,
self.signing_key, cert_version, cert,
trc_version)
self.send_meta(rep, meta)
logging.info("DRKeyReply sent to %s: %s", meta, req.short_desc())