Details

Reviewers

• jon
bartek

Commits

rCOMMfedfe134b117: [services] Tunnelbroker - Adding signed string verification function

Summary

This diff introduces a signed string verification function verify_signed_string to use in the "new session" creation process in the Tunnelbroker API. This function will be used in the following D5947 to verify the signed string by the public key provided to make sure the client "own" keys.

Linear task: ENG-2492

Test Plan

As this diff is a part of the stack this diff can be tested on the end of the stack at D5947.
To test it:

Patch to the D5947
Run the integration tests in D5931 using the cargo t --test tunnelbroker_integration_test command.

The expected result is passing the integration test (signing and verifying the string are successful and the new session creation test will pass).

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

• max created this revision.Dec 19 2022, 12:34 PM

• max held this revision as a draft.

Herald added a reviewer: • jon. · View Herald TranscriptDec 19 2022, 12:34 PM

Herald added subscribers: atul, tomek, ashoat. · View Herald Transcript

• max added a parent revision: D5944: [services] Tunnelbroker - Adding of the `base64` crate to dependencies.Dec 19 2022, 12:35 PM

• max added a child revision: D5946: [services] Tunnelbroker - Expose string to be signed to the Rust.

Harbormaster completed remote builds in B14466: Diff 19721.Dec 19 2022, 1:07 PM

Harbormaster failed remote builds in B14466: Diff 19721!Dec 20 2022, 3:49 AM

Rebasing on master changes.

Harbormaster failed remote builds in B14496: Diff 19753!Dec 20 2022, 4:34 AM

• max mentioned this in D5944: [services] Tunnelbroker - Adding of the `base64` crate to dependencies.Dec 21 2022, 5:41 AM

• max edited the summary of this revision. (Show Details)Dec 21 2022, 5:45 AM

• max edited the test plan for this revision. (Show Details)

• max added a reviewer: bartek. • max added 1 blocking reviewer(s): • jon.

• max edited the summary of this revision. (Show Details)

• max mentioned this in D5946: [services] Tunnelbroker - Expose string to be signed to the Rust.Dec 21 2022, 5:51 AM

• max mentioned this in D5947: [services] Tunnelbroker - Modify server handler to use Rust signature verification.Dec 21 2022, 5:57 AM

As we have trouble using Nix in the CI gate please ignore the Nix build fail for now.

• jon requested changes to this revision.Dec 21 2022, 2:01 PM

• jon added inline comments.

services/tunnelbroker/src/server/tools.rs
38–40 ↗	(On Diff #19753)	can we use `expect`, or marshall the Error type to `anhow::Error`, then we can use `?` for the other lines.

This revision now requires changes to proceed.Dec 21 2022, 2:01 PM

• max planned changes to this revision.Dec 22 2022, 8:26 AM

Removing of unwrap().

• max marked an inline comment as done.Dec 22 2022, 11:39 AM

• max added inline comments.

services/tunnelbroker/src/server/tools.rs
38–40 ↗	(On Diff #19753)	can we use `expect`, or marshall the Error type to `anhow::Error`, then we can use `?` for the other lines. Yes, makes sense to pass the `ErrorStack` type by the `?` and `expect` where it's not. Thanks, @jon !