pollere / dct Goto Github PK
View Code? Open in Web Editor NEWDefined-trust Communications Toolkit for secure multicast transport
License: Other
dct's People
Contributors
Stargazers
Watchers
dct's Issues
MBPS Publication Failed to Publish to the collection
Following Environment setup in #3,
When running the operator from a setup similar to MBPS app2, we have the following log:
operator:alice-38782 msg #7 published to Collection.
operator:alice-38782 msg #8 published to Collection.
operator:alice-38782 msg #9 published to Collection.
Application entity operator:alice-38782 received message:
capability = lock
topic = event
location = frontdoor
arguments = locked
message creation time = 1626927042172072 (3.16138mS)
message body: Message number 4 from device:frontdoor-38780
operator:alice-38782 msg #10 timed out without reaching Collection.
operator:alice-38782 msg #11 published to Collection.
Application entity operator:alice-38782 received message:
capability = lock
topic = event
location = frontdoor
arguments = battery_low
message creation time = 1626927044187709 (3.41476mS)
message body: Message number 6 from device:frontdoor-38780
Where the message 10 has failed to reach collection. However, the other peer seems to have received the message.
Would you mind looking into this error message?
Thanks.
SigMgr::stNULL does not match NDN specifications
In SignatureType assigned numbers, Null signature was assigned the number 200 (decimal) on 2020-06-19.
DCT should use the officially assigned SignatureType number for Null signature.
DCT/include/dct/sigmgrs/sigmgr.hpp
Lines 68 to 73 in ef498fd
dnmp.trust does not compile
dnmp.trust is using the replace() function that is unimplemented in the current version of the schema compiler.
Consequently, it is not compiling properly.
Please update the schema so that it does not use the replace() function.
$ ./schemaCompile -vv doc/dnmp.trust
VerSec Schema Compiler Copyright (C) 2020 Pollere Inc., v5.1.0-1-gab45368
doc/dnmp.trust:32.17-24: syntax error, unexpected string, expecting ')'
doc/dnmp.trust:32.35-41: syntax error, unexpected literal, expecting eof or string
Publication #command:
parameters: target pType pArgs
tags: /_network/_domain/target/_topic/_roleId/pType/pArgs/_origin/_cTS
Publication #wirePrefix:
parameters: target
tags: /_ndnprefix/_domain/target
Certificate templates:
cert userCert: /"AliceNetOps"/"dnmp"/"user"/_roleId/"KEY"/_/_/_
cert opCert: /"AliceNetOps"/"dnmp"/"operator"/_roleId/"KEY"/_/_/_
cert dnmpCert: /"AliceNetOps"/"dnmp"/"KEY"/_/_/_
cert netCert: /"AliceNetOps"/"KEY"/_/_/_
binary schema is 354 bytesSource code of schemaCompile
Source code of schemaCompile is missing.
Please upload source code to comply with GPL requirements.
sigmgrs: timing attack vulnerability
SigMgrRFC7693::validate and SigMgrSHA256::validate functions verify BLAKE2b or SHA256 signature.
Each function first creates a correct BLAKE2b or SHA256 signature over the input, then compares the incoming signature with that correct signature.
The comparison step is coded as:
DCT/include/dct/sigmgrs/sigmgr_rfc7693.hpp
Lines 85 to 91 in cdf4c89
DCT/include/dct/sigmgrs/sigmgr_sha256.hpp
Line 85 in cdf4c89
The std::memcmp function returns as soon as finding the first different element.
As a result, these functions are vulnerable to timing attacks because the execution time of these function leaks the information about which is the first byte that differs from the correct signature.
To fix this bug, use a constant-time comparison function such as sodium_memcmp.
Prefix registration error in mbps sample applications
Starting the sample applications, e.g., app2 frequently causes prefix registration errors. To reproduce the identical environment, spin-up a VM using the following Vagrantfile:
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.define "dct-dev-1"
config.vm.box = "bento/ubuntu-20.04"
config.vm.hostname = "dct"
config.vm.provider "virtualbox" do |vb|
vb.name = "dct-dev-1"
vb.cpus = "4"
vb.memory = "8000"
end
config.vm.provision "shell", privileged: false, inline: <<-SHELL
sudo apt-get update
sudo apt-get -y install gcc-10 g++-10 build-essential \
pkg-config python3-minimal libboost-all-dev \
libssl-dev libsqlite3-dev libpcap-dev \
libsodium-dev libz-dev \
liblog4cxx-dev
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100
sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-10 100
sudo update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++-10 100
git clone https://github.com/pollere/NDNpatches
git clone https://github.com/named-data/ndn-cxx
cd ndn-cxx
git apply ../NDNpatches/patch.key-impl
./waf configure
./waf
sudo ./waf install
sudo ldconfig
cd ..
git clone https://github.com/named-data/NFD
cd NFD
git submodule update --init
./waf configure
./waf
sudo ./waf install
sudo cp /usr/local/etc/ndn/nfd.conf.sample /usr/local/etc/ndn/nfd.conf
cd ..
git clone https://github.com/operantnetworks/ndn-ind
cd ndn-ind
git apply ../NDNpatches/patch.ndn-ind
./configure
make -j
sudo make install
sudo ldconfig
cd ..
git clone https://github.com/pollere/DCT
cd DCT/
cd tools/
make -j
cd ../examples/mbps
make -j
wget https://github.com/pollere/DCT/releases/download/v3.0/linux-schemaCompile-bin-1.2.0.tgz
tar -xzvf linux-schemaCompile-bin-1.2.0.tgz
rm linux-schemaCompile-bin-1.2.0.tgz
./schemaCompile -o mbps1.scm mbps1.trust
../../tools/make_cert -s EdDSA -o mbps1.root myNet/mbps1
../../tools/schema_cert -o mbps1.schema mbps1.scm mbps1.root
../../tools/make_cert -s EdDSA -o alice.cert myNet/mbps1/operator/alice mbps1.root
../../tools/make_cert -s EdDSA -o bob.cert myNet/mbps1/operator/bob mbps1.root
../../tools/make_cert -s EdDSA -o cathy.cert myNet/mbps1/operator/cathy mbps1.root
../../tools/make_bundle -o alice.bundle mbps1.root mbps1.schema +alice.cert
../../tools/make_bundle -o bob.bundle mbps1.root mbps1.schema +bob.cert
../../tools/make_bundle -o cathy.bundle mbps1.root mbps1.schema +cathy.cert
cd ../../..
ndnsec key-gen /ndn/alice
SHELL
end
The Vagrantfile already creates three identities for the operators "Alice", "Bob", and "Cathy" in the folder DCT/examples/mbps/.
After starting NFD, repeatedly starting app2 causes the following error:
./app2 alice.bundle
22:50.000232 ERROR /localnet/mbps1/cert onRegisterFailed /localnet/mbps1/cert
22:50.000232 ERROR ndn.Node Node::RegisterResponse::operator(): Error in onRegisterFailed: onRegisterFailed /localnet/mbps1/cert
Difference between `foo` and `#foo` in VerSec language?
I don't understand the difference between a "regular" identifier (foo) and an identifier prefixed by the # sign (#foo). Could this be explained in the language description document?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.