def handle_pcbs_propagation(self):
"""
Generate a new beacon or gets ready to forward the one received.
"""
timestamp = int(SCIONTime.get_time())
# Create beacon for downstream ASes.
down_iof = InfoOpaqueField.from_values(timestamp, self.addr.isd_as[0])
downstream_pcb = PathSegment.from_values(down_iof)
propagated_pcbs = self.propagate_downstream_pcb(downstream_pcb)
# Create beacon for core ASes.
core_iof = InfoOpaqueField.from_values(timestamp, self.addr.isd_as[0])
core_pcb = PathSegment.from_values(core_iof)
propagated = self.propagate_core_pcb(core_pcb)
for k, v in propagated.items():
propagated_pcbs[k].extend(v)
# Propagate received beacons. A core beacon server can only receive
# beacons from other core beacon servers.
beacons = []
with self._rev_seg_lock:
for ps in self.core_beacons.values():
beacons.extend(ps.get_best_segments())
for pcb in beacons:
propagated = self.propagate_core_pcb(pcb)
for k, v in propagated.items():
propagated_pcbs[k].extend(v)
self._log_propagations(propagated_pcbs)
def handle_pcbs_propagation(self):
"""
Generate a new beacon or gets ready to forward the one received.
"""
timestamp = int(SCIONTime.get_time())
# Create beacon for downstream ASes.
down_iof = InfoOpaqueField.from_values(timestamp, self.addr.isd_as[0])
downstream_pcb = PathSegment.from_values(down_iof)
self.propagate_downstream_pcb(downstream_pcb)
# Create beacon for core ASes.
core_iof = InfoOpaqueField.from_values(timestamp, self.addr.isd_as[0])
core_pcb = PathSegment.from_values(core_iof)
core_count = self.propagate_core_pcb(core_pcb)
# Propagate received beacons. A core beacon server can only receive
# beacons from other core beacon servers.
beacons = []
for ps in self.core_beacons.values():
beacons.extend(ps.get_best_segments())
for pcb in beacons:
core_count += self.propagate_core_pcb(pcb)
if core_count:
logging.info("Propagated %d Core PCBs", core_count)
def _verify_path_seg(self, seg_meta):
"""
Signature verification for all AS markings within this pcb/path segment.
This function is called, when all TRCs and CCs used within this pcb/path
segment are available.
"""
seg = seg_meta.seg
ver_seg = PathSegment.from_values(seg.info)
for asm in seg.iter_asms():
cert_ia = asm.isd_as()
trc = self.trust_store.get_trc(cert_ia[0], asm.p.trcVer)
chain = self.trust_store.get_cert(asm.isd_as(), asm.p.certVer)
ver_seg.add_asm(asm)
verify_sig_chain_trc(ver_seg.sig_pack3(), asm.p.sig, cert_ia, chain, trc)
def _verify_path_seg(self, seg_meta):
"""
Signature verification for all AS markings within this pcb/path segment.
This function is called, when all TRCs and CCs used within this pcb/path
segment are available.
"""
seg = seg_meta.seg
ver_seg = PathSegment.from_values(seg.info)
for asm in seg.iter_asms():
cert_ia = asm.isd_as()
trc = self.trust_store.get_trc(cert_ia[0], asm.p.trcVer)
chain = self.trust_store.get_cert(asm.isd_as(), asm.p.certVer)
ver_seg.add_asm(asm)
if not verify_sig_chain_trc(ver_seg.sig_pack3(), asm.p.sig,
str(cert_ia), chain, trc, asm.p.trcVer):
logging.error("ASM verification failed: %s" % asm.short_desc())
return False
return True