def _create_next_tree(self):
last_ttl_window = 0
while self.run_flag.is_set():
start = time.time()
cur_ttl_window = ConnectedHashTree.get_ttl_window()
time_to_sleep = (ConnectedHashTree.get_time_till_next_ttl() -
HASHTREE_UPDATE_WINDOW)
if cur_ttl_window == last_ttl_window:
time_to_sleep += HASHTREE_TTL
if time_to_sleep > 0:
sleep_interval(start, time_to_sleep, "BS._create_next_tree",
self._quiet_startup())
# at this point, there should be <= HASHTREE_UPDATE_WINDOW
# seconds left in current ttl
logging.info("Started computing hashtree for next TTL window (%d)",
cur_ttl_window + 2)
last_ttl_window = ConnectedHashTree.get_ttl_window()
ht_start = time.time()
ifs = list(self.ifid2br.keys())
tree = ConnectedHashTree.get_next_tree(self.addr.isd_as, ifs,
self.hashtree_gen_key,
HashType.SHA256)
ht_end = time.time()
with self._hash_tree_lock:
self._next_tree = tree
logging.info(
"Finished computing hashtree for TTL window %d in %.3fs" %
(cur_ttl_window + 2, ht_end - ht_start))
def test_two_timesteps(self):
# Check that the revocation proof is "NOT" verifiable across T and T+2.
# Setup
isd_as = ISD_AS("1-11")
if_ids = [23, 35, 120]
initial_seed = b"qwerty"
inst = ConnectedHashTree(isd_as, if_ids, initial_seed)
root = inst.get_root()
# Call
new_tree = inst.get_next_tree(isd_as, if_ids, b"newseed.@1")
inst.update(new_tree)
new_tree = inst.get_next_tree(isd_as, if_ids, b"newseed.@2")
inst.update(new_tree)
# Tests
proof = inst.get_proof(35) # if_id = 35.
ntools.eq_(ConnectedHashTree.verify(proof, root), False)
def _create_next_tree(self):
last_ttl_window = 0
ttl = self.config.revocation_tree_ttl
update_window = ttl // 3
while self.run_flag.is_set():
start = time.time()
cur_ttl_window = ConnectedHashTree.get_ttl_window(ttl)
time_to_sleep = ConnectedHashTree.time_until_next_window(
ttl) - update_window
if cur_ttl_window == last_ttl_window:
time_to_sleep += ttl
if time_to_sleep > 0:
sleep_interval(start, time_to_sleep, "BS._create_next_tree",
self._quiet_startup())
# at this point, there should be <= update_window
# seconds left in current ttl
logging.info("Started computing hashtree for next TTL window (%d)",
cur_ttl_window + 2)
last_ttl_window = ConnectedHashTree.get_ttl_window(ttl)
ht_start = time.time()
ifs = list(self.ifid2br.keys())
tree = ConnectedHashTree.get_next_tree(self.addr.isd_as, ifs,
self.hashtree_gen_key, ttl,
HashType.SHA256)
ht_end = time.time()
with self._hash_tree_lock:
self._next_tree = tree
logging.info(
"Finished computing hashtree for TTL window %d in %.3fs" %
(cur_ttl_window + 2, ht_end - ht_start))
def test_one_timestep(self):
# Check that the revocation proof is verifiable across T and T+1.
# Setup
isd_as = ISD_AS("1-11")
if_ids = [23, 35, 120]
initial_seed = b"qwerty"
inst = ConnectedHashTree(isd_as, if_ids, initial_seed, HashType.SHA256)
root = inst.get_root()
# Call
next_tree = inst.get_next_tree(isd_as, if_ids, b"new!!seed",
HashType.SHA256)
inst.update(next_tree)
# Tests
proof = inst.get_proof(35) # if_id = 35.
ntools.eq_(ConnectedHashTree.verify(proof, root), True)
def test(self):
# Setup
isd_as = ISD_AS("1-11")
if_ids = [23, 35, 120]
initial_seed = b"qwerty"
inst = ConnectedHashTree(isd_as, if_ids, initial_seed)
root1_before_update = inst._ht1._nodes[0]
root2_before_update = inst._ht2._nodes[0]
# Call
new_tree = inst.get_next_tree(isd_as, if_ids, b"new!!seed")
inst.update(new_tree)
# Tests
root0_after_update = inst._ht0_root
root1_after_update = inst._ht1._nodes[0]
ntools.eq_(root1_before_update, root0_after_update)
ntools.eq_(root2_before_update, root1_after_update)