Skip to content
Snippets Groups Projects
Commit 3c0bc811 authored by Fabian Seidl's avatar Fabian Seidl
Browse files

Resolve "Adjust key-store handling to work like other version" 

See merge request !186
parent 40dee275
No related branches found
No related tags found
1 merge request!186Resolve "Adjust key-store handling to work like other version"
Pipeline #221053 passed
Stage: build
Stage: test
Stage: analyze
Stage: build-latest
Hide whitespace changes
Inline Side-by-side
goKMS/gnmiHandlers/kms/keyStoreHandler.go
+ 23
53
View file @ 3c0bc811
...@@ -2,26 +2,20 @@ package kmsHandler ...@@ -2,26 +2,20 @@ package kmsHandler
import ( import (
"fmt" "fmt"
"time"
"code.fbi.h-da.de/danet/gnmi-target/handler" "code.fbi.h-da.de/danet/gnmi-target/handler"
"code.fbi.h-da.de/danet/quant/goKMS/kms" "code.fbi.h-da.de/danet/quant/goKMS/kms"
"code.fbi.h-da.de/danet/quant/goKMS/kms/event"
gnmitargetygot "code.fbi.h-da.de/danet/quant/goKMS/model" gnmitargetygot "code.fbi.h-da.de/danet/quant/goKMS/model"
"github.com/openconfig/gnmi/proto/gnmi" "github.com/openconfig/gnmi/proto/gnmi"
"github.com/openconfig/ygot/ygot" "github.com/openconfig/ygot/ygot"
"github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
) )
type KeyStoreHandler struct { type KeyStoreHandler struct {
handler.DefaultPathHandler handler.DefaultPathHandler
kms *kms.KMS kms *kms.KMS
maxKeyFillLevelsDefined map[string]uint64 maxKeyFillLevelsDefined map[string]uint64
events <-chan event.Event
}
type keyFillLevel struct {
storeID string
fillLevel uint64
} }
func NewKeyStoreHandler(kms *kms.KMS, maxKeyFillLevelsDefined map[string]uint64) *KeyStoreHandler { func NewKeyStoreHandler(kms *kms.KMS, maxKeyFillLevelsDefined map[string]uint64) *KeyStoreHandler {
...@@ -41,29 +35,20 @@ func (yh *KeyStoreHandler) Init(config *handler.Config, publishToSubsFunc func([ ...@@ -41,29 +35,20 @@ func (yh *KeyStoreHandler) Init(config *handler.Config, publishToSubsFunc func([
yh.Config = config yh.Config = config
yh.PublishToSubs = publishToSubsFunc yh.PublishToSubs = publishToSubsFunc
var err error
yh.events, err = yh.kms.EventBus().Subscribe(event.KEY_STORE)
if err != nil {
return err
}
_, err = yh.updateOrCreateKeyStoreHandler()
if err != nil {
return err
}
// Start the go routine that takes care of any update from the kms // Start the go routine that takes care of any update from the kms
go func() { go func() {
for { ticker := time.NewTicker(15 * time.Second)
select { defer ticker.Stop()
case <-yh.events:
logrus.Println("Update for KeyStores.") // TODO: add context/channel to stop
_, err := yh.updateOrCreateKeyStoreHandler() for range ticker.C {
if err != nil { diff, err := yh.updateOrCreateKeyStores(yh.kms)
logrus.Errorf("Error within key stores subscription goroutine; %v", err) if err != nil {
} log.Errorf("Error within key stores subscription goroutine; %v", err)
break
// gnmi subscribe things here? }
if err := yh.PublishToSubs(diff); err != nil {
log.Errorf("Error within key stores subscription goroutine; %v", err)
} }
} }
}() }()
...@@ -75,7 +60,7 @@ func (yh *KeyStoreHandler) Update(c ygot.ValidatedGoStruct, jobs []*gnmi.Update) ...@@ -75,7 +60,7 @@ func (yh *KeyStoreHandler) Update(c ygot.ValidatedGoStruct, jobs []*gnmi.Update)
return nil return nil
} }
func (yh *KeyStoreHandler) updateOrCreateKeyStoreHandler() ([]*gnmi.Notification, error) { func (yh *KeyStoreHandler) updateOrCreateKeyStores(kms *kms.KMS) ([]*gnmi.Notification, error) {
yh.Config.Lock() yh.Config.Lock()
defer yh.Config.Unlock() defer yh.Config.Unlock()
...@@ -89,21 +74,20 @@ func (yh *KeyStoreHandler) updateOrCreateKeyStoreHandler() ([]*gnmi.Notification ...@@ -89,21 +74,20 @@ func (yh *KeyStoreHandler) updateOrCreateKeyStoreHandler() ([]*gnmi.Notification
return nil, fmt.Errorf("Wrong type, exptected: %T, got: %T", (*gnmitargetygot.Temp_KeyStores)(nil), copyCurrentConfig) return nil, fmt.Errorf("Wrong type, exptected: %T, got: %T", (*gnmitargetygot.Temp_KeyStores)(nil), copyCurrentConfig)
} }
confKeyStores := newConfig.GetOrCreateKeyStores() kmsPeers := kms.PeersDeepCopy()
keyFillLevels := getKeyFillLevels(yh.kms) confKeyStores := newConfig.GetOrCreateKeyStores()
// TODO: Maybe add more config values here! for peerKmsId, peer := range kmsPeers {
for _, keyFillLevel := range keyFillLevels { confKeyStoreContainer := confKeyStores.GetOrCreateKeyStore(peerKmsId)
confKeyStoreContainer := confKeyStores.GetOrCreateKeyStore(keyFillLevel.storeID)
confKeyStoreContainer.KmsPeerId = ygot.String(keyFillLevel.storeID) confKeyStoreContainer.KmsPeerId = ygot.String(peerKmsId)
confKeyStore := confKeyStoreContainer.GetOrCreateKeyStore() confKeyStore := confKeyStoreContainer.GetOrCreateKeyStore()
confKeyStore.KeyFillLevel = ygot.Uint64(keyFillLevel.fillLevel) confKeyStore.KeyFillLevel = ygot.Uint64(uint64(peer.QuantumModule().KeyStore().Length()))
maxKeyFillLevel, ok := yh.maxKeyFillLevelsDefined[keyFillLevel.storeID] maxKeyFillLevel, ok := yh.maxKeyFillLevelsDefined[peerKmsId]
if !ok { if !ok {
return nil, fmt.Errorf("no max key fill level available for store with ID: %s", keyFillLevel.storeID) // TODO(faseid): check if really want to return here?! return nil, fmt.Errorf("no max key fill level available for store with ID: %s", peerKmsId) // TODO: check if really want to return here
} }
confKeyStore.MaxKeyFillLevel = ygot.Uint64(maxKeyFillLevel) confKeyStore.MaxKeyFillLevel = ygot.Uint64(maxKeyFillLevel)
...@@ -123,17 +107,3 @@ func (yh *KeyStoreHandler) updateOrCreateKeyStoreHandler() ([]*gnmi.Notification ...@@ -123,17 +107,3 @@ func (yh *KeyStoreHandler) updateOrCreateKeyStoreHandler() ([]*gnmi.Notification
return notifications, nil return notifications, nil
} }
func getKeyFillLevels(kms *kms.KMS) []keyFillLevel {
kmsPeers := kms.KmsPeers
keyFillLevels := []keyFillLevel{}
for _, peer := range kmsPeers {
keyFillLevels = append(keyFillLevels, keyFillLevel{
storeID: peer.GetKmsPeerId().String(),
fillLevel: uint64(peer.GetKeyStore().Length()),
})
}
return keyFillLevels
}
goKMS/kms/event/event.go
+ 0
21
View file @ 3c0bc811
...@@ -9,7 +9,6 @@ const ( ...@@ -9,7 +9,6 @@ const (
ROUTE ROUTE
QUANTUM_MODULE QUANTUM_MODULE
CREATE_ROUTE CREATE_ROUTE
KEY_STORE
) )
// Event ... // Event ...
...@@ -87,23 +86,3 @@ func (e *RouteEvent) Topic() Topic { ...@@ -87,23 +86,3 @@ func (e *RouteEvent) Topic() Topic {
func (e *RouteEvent) Time() time.Time { func (e *RouteEvent) Time() time.Time {
return e.Timestamp return e.Timestamp
} }
type KeyStoresEvent struct {
EventTopic Topic
Timestamp time.Time
}
func NewKeyStoresEvent() *KeyStoresEvent {
return &KeyStoresEvent{
EventTopic: KEY_STORE,
Timestamp: time.Now(),
}
}
func (e *KeyStoresEvent) Topic() Topic {
return e.EventTopic
}
func (e *KeyStoresEvent) Time() time.Time {
return e.Timestamp
}
goKMS/kms/kms.go
+ 1
2
View file @ 3c0bc811
...@@ -192,8 +192,7 @@ func (kms *KMS) initializePeers(config *config.Config) error { ...@@ -192,8 +192,7 @@ func (kms *KMS) initializePeers(config *config.Config) error {
case "etsi": case "etsi":
qm, err = peers.NewETSI014HTTPQuantumModule(pqm.Address, config.Id, pqm.LocalSAEID, pqm.TargetSAEID, qm, err = peers.NewETSI014HTTPQuantumModule(pqm.Address, config.Id, pqm.LocalSAEID, pqm.TargetSAEID,
config.QuantumModuleTLS, pqm.MasterMode, config.QuantumModuleTLS, pqm.MasterMode,
peer.QuantumModule.KeyFetchInterval, int64(peer.QuantumModule.KeyFetchAmount), uint64(peer.QuantumModule.MaxKeyFillLevel), peer.QuantumModule.KeyFetchInterval, int64(peer.QuantumModule.KeyFetchAmount), uint64(peer.QuantumModule.MaxKeyFillLevel))
kms.eventBus)
if err != nil { if err != nil {
log.Fatalf("Failed to create ETSI QKD module: %s", err) log.Fatalf("Failed to create ETSI QKD module: %s", err)
return nil return nil
......
goKMS/kms/peers/etsi14Quantummodule.go
+ 1
18
View file @ 3c0bc811
...@@ -31,10 +31,9 @@ type ETSI014HTTPQuantumModule struct { ...@@ -31,10 +31,9 @@ type ETSI014HTTPQuantumModule struct {
keyFetchInterval int keyFetchInterval int
keyFetchAmount int64 keyFetchAmount int64
maxKeyFillLevel uint64 maxKeyFillLevel uint64
kmsEventBus *event.EventBus
} }
func NewETSI014HTTPQuantumModule(addr, kmsId, localSAEID, targetSAEID string, tlsConfig config.TLSConfig, master bool, keyFetchInterval int, keyFetchAmount int64, maxKeyFillLevel uint64, kmsEventBus *event.EventBus) (*ETSI014HTTPQuantumModule, error) { func NewETSI014HTTPQuantumModule(addr, kmsId, localSAEID, targetSAEID string, tlsConfig config.TLSConfig, master bool, keyFetchInterval int, keyFetchAmount int64, maxKeyFillLevel uint64) (*ETSI014HTTPQuantumModule, error) {
parsedUrl, err := url.Parse(addr) parsedUrl, err := url.Parse(addr)
if err != nil { if err != nil {
return nil, err return nil, err
...@@ -95,7 +94,6 @@ func NewETSI014HTTPQuantumModule(addr, kmsId, localSAEID, targetSAEID string, tl ...@@ -95,7 +94,6 @@ func NewETSI014HTTPQuantumModule(addr, kmsId, localSAEID, targetSAEID string, tl
keyFetchInterval: keyFetchInterval, keyFetchInterval: keyFetchInterval,
keyFetchAmount: keyFetchAmount, keyFetchAmount: keyFetchAmount,
maxKeyFillLevel: maxKeyFillLevel, maxKeyFillLevel: maxKeyFillLevel,
kmsEventBus: kmsEventBus,
}, nil }, nil
} }
...@@ -108,9 +106,6 @@ func (qm *ETSI014HTTPQuantumModule) Client() *etsi14ClientImpl.ClientImpl { ...@@ -108,9 +106,6 @@ func (qm *ETSI014HTTPQuantumModule) Client() *etsi14ClientImpl.ClientImpl {
} }
func (qm *ETSI014HTTPQuantumModule) Initialize() error { func (qm *ETSI014HTTPQuantumModule) Initialize() error {
// sends events on the event bus every x seconds to keep key store config updated
go qm.runBackgroundKeyStoreUpdates()
// start polling keys // start polling keys
if qm.master { if qm.master {
go func() { go func() {
...@@ -216,15 +211,3 @@ func (qm *ETSI014HTTPQuantumModule) GetKeyWithIds(keyIds []etsi14ClientGenerated ...@@ -216,15 +211,3 @@ func (qm *ETSI014HTTPQuantumModule) GetKeyWithIds(keyIds []etsi14ClientGenerated
return container, nil return container, nil
} }
func (qm *ETSI014HTTPQuantumModule) runBackgroundKeyStoreUpdates() {
ticker := time.NewTicker(backgroundKeyStoreUpdateInterval * time.Second)
defer ticker.Stop()
for range ticker.C {
err := qm.kmsEventBus.Publish(event.NewKeyStoresEvent())
if err != nil {
log.Error(err)
}
}
}
goKMS/kms/peers/kmsPeer.go
+ 0
5
View file @ 3c0bc811
...@@ -10,7 +10,6 @@ import ( ...@@ -10,7 +10,6 @@ import (
pbIC "code.fbi.h-da.de/danet/quant/goKMS/api/gen/proto/go/kmsintercom" pbIC "code.fbi.h-da.de/danet/quant/goKMS/api/gen/proto/go/kmsintercom"
"code.fbi.h-da.de/danet/quant/goKMS/kms/crypto" "code.fbi.h-da.de/danet/quant/goKMS/kms/crypto"
"code.fbi.h-da.de/danet/quant/goKMS/kms/event" "code.fbi.h-da.de/danet/quant/goKMS/kms/event"
"code.fbi.h-da.de/danet/quant/goKMS/kms/store"
"code.fbi.h-da.de/danet/quant/goKMS/kms/util" "code.fbi.h-da.de/danet/quant/goKMS/kms/util"
"github.com/google/uuid" "github.com/google/uuid"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
...@@ -215,7 +214,3 @@ func (kp *KmsPeer) SetStatus(updateStatus KmsPeerStatus) { ...@@ -215,7 +214,3 @@ func (kp *KmsPeer) SetStatus(updateStatus KmsPeerStatus) {
func (kp *KmsPeer) GetKmsPeerId() uuid.UUID { func (kp *KmsPeer) GetKmsPeerId() uuid.UUID {
return kp.peerKmsId return kp.peerKmsId
} }
func (kp *KmsPeer) GetKeyStore() *store.KmsKeyStore {
return kp.servingQuantumModul.KeyStore()
}
goKMS/kms/peers/quantummodule.go
+ 0
2
View file @ 3c0bc811
...@@ -11,8 +11,6 @@ const ( ...@@ -11,8 +11,6 @@ const (
defaultKeyFetchInterval = 10 defaultKeyFetchInterval = 10
defaultKeyFetchAmount = int64(1) defaultKeyFetchAmount = int64(1)
DefaultMaxKeyFillLevel = uint64(100) DefaultMaxKeyFillLevel = uint64(100)
backgroundKeyStoreUpdateInterval = 1
) )
// QuantumModule interface definition. // QuantumModule interface definition.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment