SPKI: Generate prototype TRC #3049

oncilla · 2019-08-27T09:16:49Z

This change allows generating prototype TRC payloads.
A prototype TRC will be signed and then combined to a signed TRC.
Signing and combining is left for a future PR.

For convenience, a 'gen' command will also be added in the future that
executes the three phases in a single call.

contributes to #2983

This change is

lukedirtwalker

Reviewed 11 of 11 files at r1.
Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @oncilla)

a discussion (no related file):
Commit description mentions wrong issue (2982 is about goconvey)

a discussion (no related file):
I think it would be great to have some end2end test for this tool. Basically have a set of input files for each subcommand and an expected set of output files, run the tool and check that the output matches the input files. If we use a golden file approach it should be easy to update even. (This should not be part of this PR)

go/tools/scion-pki/internal/pkicmn/pkicmn.go, line 152 at r1 (raw file):

	switch {
	case os.IsNotExist(err):
		if err := os.MkdirAll(dir, perm); err != nil {

Why Stat first an not directly os.MkdirAll? according to https://golang.org/pkg/os/#MkdirAll that should be good enough.

go/tools/scion-pki/internal/v2/trc/ases.go, line 28 at r1 (raw file):

)

// asCfg holds the AS configuration including the from file system loaded

this reads a bit weird. Wouldn't ...including the private keys loaded from file system. sound better?

go/tools/scion-pki/internal/v2/trc/ases.go, line 60 at r1 (raw file):

	primaryASes := make(map[addr.AS]*asCfg)
	for as, keys := range ases {
		if len(wl) != 0 && !pkicmn.Contains(wl, addr.IA{I: isd, A: as}) {

It would make the loop a bit less convoluted if the filtering would be done first in a separate function:

ases = filterASes(ases, wl)

func filterASes(isd addr.ISD, ases map[addr.AS][]trc.KeyType, wl[]addr.IA) ... {
      if len(wl) == 0 {
            return ases
     }
    for as := range ases {
          ...
    }
}

go/tools/scion-pki/internal/v2/trc/ases.go, line 100 at r1 (raw file):

		pkicmn.KeysDir, file), cfg.KeyTypeToAlgo(keyType))
	if err != nil {
		return nil, common.NewBasicError("unable to load key", err, "keyType", keyType)

having the path in the error might be helpful as well.

go/tools/scion-pki/internal/v2/trc/proto.go, line 1 at r1 (raw file):

// Copyright 2019 Anapaya Systems

proto reminds me of protobuf or capnproto whereas here it is probably prototype?

This change allows generating prototype TRC payloads. A prototype TRC will be signed and then combined to a signed TRC. Signing and combining is left for a future PR. For convenience, a 'gen' command will also be added in the future that executes the three phases in a single call. contributes to scionproto#2982

oncilla

Reviewable status: all files reviewed, 6 unresolved discussions (waiting on @lukedirtwalker)

a discussion (no related file):