andrewjstone
commented
2 months ago @hawkw Thanks for the review! I think I've resolved everything here.
Closed andrewjstone closed 2 months ago
andrewjstone
commented
2 months ago @hawkw Thanks for the review! I think I've resolved everything here.
This is the start of a major change to sprockets. After much discussion, soul searching, and the reality on the ground after the last couple of years it makes sense to make all sprockets connections run over TLS/TCP, rather than a similar protocol based around the design of TLS 1.3. We choose to use
rustlsfor our TLS implementation, and this PR hooks our verification and signing code into the appropriaterustlstraits. By doing this we get a number of things for free that were not part of the sprockets design: session resumption, post-quantum crypto, session key rotation, and most importantly a production ready codebase that is still capable of using our dice verification code, passing signing off to the RoT via IPCC and sprot, and using production attestations before establishing an application-level sprockets connection between sleds.Sprockets has never actually gone into use for a number of reasons, including that we never wired up proper certs from the RoT, and we didn't have all the low level plumbing via IPCC and sprot completed . We now have RoT certificates and application level verification code in
dice-utilthat is capable of verifying cert chains. We also have a way to generate test-certificates with pki-playground so that we can plug in signing code to rustls before we have the IPCC and sprot paths ready.This PR implements the relevant rustls traits for signing and verification, along with test-certificates for testing purposes. It uses file based trait impls that will be replaced in production with IPCC and sprot requests. Only configurations for clients and servers are generated along with a thread based test to ensure we can send messages over an established TLS 1.3 connection using these configs. Future PRs will add proper async APIs for creating and accepting sprockets connections, and sending messages. We will not allow establishment of connections or message sending until we have also added in measurement exchange and attestation via dice-util.