Use hash of certificate for user and member IDs by jumaffre · Pull Request #2279 · microsoft/CCF

jumaffre · 2021-03-08T15:20:50Z

Fixes #1378 (part II)

We now use a hex-encoded string of the SHA-256 hash of the DER-encoded certificate (a.k.a fingerprint) for the member and user IDs.

This has the following implication: the user and member certs and digests KV tables are gone and the keyId in signed HTTP requests is set to the Member/User ID.

The Python infra still tracks members/users as 0, 1, etc. (local_id) but also knows their CCF IDs (service_id).

ghost · 2021-03-08T16:09:04Z

member_id_hash_cert@20196 aka 20210310.28 vs main ewma over 20 builds from 19816 to 20184

Co-authored-by: Eddy Ashton <ashton.eddy@gmail.com>

…mber_id_hash_cert

Co-authored-by: Amaury Chamayou <amaury@xargs.fr>

…mber_id_hash_cert

Julien Maffre added 12 commits March 5, 2021 09:54

It builds!

36bf177

Merge remote-tracking branch 'upstream/main' into member_id_hash_cert

5f966f5

Re-add padding

134f44d

e2e test works

62dbf68

Most things works!

ac18697

End-to-end tests work

e12525f

frontend unit test

456337a

Member voting unit test fix

5313ef1

Entity ID class

dd49be2

Refactor

36081aa

Cleanup

6963785

Cleanup

dc0cf71

jumaffre requested a review from a team as a code owner March 8, 2021 15:20

Changelog

8763173

jumaffre commented Mar 8, 2021

View reviewed changes

Comment thread src/node/client_signatures.h

eddyashton reviewed Mar 8, 2021

View reviewed changes

Comment thread doc/schemas/gov_openapi.json

Fix format string

f15c772

eddyashton reviewed Mar 8, 2021

View reviewed changes

Comment thread src/node/certs.h

Merge remote-tracking branch 'upstream/main' into member_id_hash_cert

59a705a

eddyashton reviewed Mar 8, 2021

View reviewed changes

Comment thread src/node/entity_id.h Outdated

Comment thread src/node/node_id.h Outdated

Comment thread src/node/rpc/member_frontend.h Outdated

Comment thread tests/e2e_logging.py Outdated

Comment thread tests/start_network.py Outdated

Julien Maffre and others added 9 commits March 8, 2021 17:23

Fix perf client with signatures

6f6717c

Remove user and member reverse lookup tables

77e7de3

Added doc

f17a4da

Update src/node/entity_id.h

99eb945

Co-authored-by: Eddy Ashton <ashton.eddy@gmail.com>

Merge node id and entity id

61268b8

Merge branch 'member_id_hash_cert' of github.com:jumaffre/CCF into me…

968f9b6

…mber_id_hash_cert

WIP

cfeca4e

Fix failing tests

5ba7b51

Padding in start_network.py

19c47e0

Update doc/governance/adding_member.rst

f548c7c

achamayou reviewed Mar 9, 2021

View reviewed changes

Comment thread CHANGELOG.md Outdated

Julien Maffre added 4 commits March 9, 2021 15:18

value()

2f1708b

Merge branch 'member_id_hash_cert' of github.com:jumaffre/CCF into me…

9625d28

…mber_id_hash_cert

Changelog removed

a1d2640

fmt

489f535

eddyashton reviewed Mar 9, 2021

View reviewed changes

Comment thread src/node/entity_id.h Outdated

achamayou reviewed Mar 9, 2021

View reviewed changes

Comment thread CHANGELOG.md Outdated

achamayou reviewed Mar 9, 2021

View reviewed changes

Comment thread doc/governance/adding_member.rst Outdated

achamayou reviewed Mar 9, 2021

View reviewed changes

Comment thread src/node/entity_id.h Outdated

achamayou approved these changes Mar 9, 2021

View reviewed changes

Julien Maffre and others added 15 commits March 9, 2021 16:56

Merge remote-tracking branch 'upstream/main' into member_id_hash_cert

bd16ad8

Update doc/governance/adding_member.rst

1f2fa7c

Co-authored-by: Amaury Chamayou <amaury@xargs.fr>

More PR comments

586624f

Merge branch 'member_id_hash_cert' of github.com:jumaffre/CCF into me…

17de15a

…mber_id_hash_cert

Merge branch 'main' into member_id_hash_cert

ab99f0d

Update schema

b14c56d

Merge branch 'member_id_hash_cert' of github.com:jumaffre/CCF into me…

594fbb9

…mber_id_hash_cert

Merge branch 'main' into member_id_hash_cert

06a09dc

Explicit trimming and remove operator

bdf5369

Merge branch 'member_id_hash_cert' of github.com:jumaffre/CCF into me…

386bed2

…mber_id_hash_cert

Merge branch 'main' into member_id_hash_cert

111fed2

Comment

2fcd667

Merge branch 'member_id_hash_cert' of github.com:jumaffre/CCF into me…

3022997

…mber_id_hash_cert

Merge branch 'main' into member_id_hash_cert

ecbf91f

Merge branch 'main' into member_id_hash_cert

c78246a

eddyashton approved these changes Mar 10, 2021

View reviewed changes

achamayou merged commit de2ae8c into microsoft:main Mar 10, 2021

jumaffre mentioned this pull request Mar 11, 2021

Fix test install and full test suite in Daily #2300

Merged

achamayou mentioned this pull request Mar 25, 2021

Invalid Entity Id Error When Submitting a Proposal #2353

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use hash of certificate for user and member IDs#2279

Use hash of certificate for user and member IDs#2279
achamayou merged 46 commits into
microsoft:mainfrom
jumaffre:member_id_hash_cert

jumaffre commented Mar 8, 2021 •

edited

Loading

Uh oh!

ghost commented Mar 8, 2021 •

edited by ghost

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

jumaffre commented Mar 8, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

ghost commented Mar 8, 2021 • edited by ghost Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

jumaffre commented Mar 8, 2021 •

edited

Loading

ghost commented Mar 8, 2021 •

edited by ghost

Loading