dtn7-gold icon indicating copy to clipboard operation
dtn7-gold copied to clipboard

Published 20 hours ago verified publisher icon dtn7

bpsec

Open Marlinski opened this issue 3 years ago • 9 comments

Is there any plan to support bundle protocol security bpsec?

https://tools.ietf.org/html/draft-ietf-dtn-bpsec-26

It looks like bpsec is making its way to a proposed standard and will most probably become mandatory for bpv7. Is there any plan to support bpsec at the moment ?

I have just finished an implementation of dtn7 for kotlin:

https://github.com/NodleCode/dtn7-kotlin

as part of the implementation I also implemented bpsec (though there are no proposed BIB/BCB security context just yet) but would appreciate to have another implementation to test against.

Marlinski avatar Feb 19 '21 13:02 Marlinski

I just noticed the issue #7 already exists but it is from 2019, any plan to do it?

Marlinski avatar Feb 19 '21 13:02 Marlinski

First of all congratulations for dtn7-kotlin. I am very excited to see further implementations of the new Bundle Protocol.

Next, bpsec. Of course, this is also on the agenda, but has unfortunately been somewhat neglected. There is a somewhat ongoing implementation in the bpsec branch, but it seems to be kind of stalled. I will contact the relevant person and otherwise take it over myself at some point.

oxzi avatar Feb 19 '21 13:02 oxzi

@Marlinski The bpsec will happen next month. Due to personal circumstances I had shift my work focus, but it is not canceled from my side. I will take a look at your implementation when continuing my work by the end of this month. Let's stay in contact. :)

rokk4 avatar Feb 19 '21 15:02 rokk4

that's great to hear! looking forward to make them speak together :)

Marlinski avatar Feb 19 '21 15:02 Marlinski

Hey is there any update on the BPSec implementation ?

Marlinski avatar Apr 27 '21 08:04 Marlinski

Hey @Marlinski , yes there is some good progress. Have a look at the bpsec branch. I am nearly finished with a bib-iop-sha2-hmac block. Then there are also some processing rules still todo. I hope to get the block finished next week. If you want to have chat about findings, problems and bpsec in general I would be open for it.

rokk4 avatar Apr 27 '21 12:04 rokk4

hey @rokk4, sure can! send me an invite so we can chat over bpsec on jitsi / google meet / zoom.

Marlinski avatar Apr 27 '21 12:04 Marlinski

hey @rokk4 just pinging to check if there was any update since last time? would you like to chat over the implementation? You can send me a PM if you want.

Marlinski avatar Jun 18 '21 09:06 Marlinski

 hey @Marlinski I got a rough draft of the BIP-IOP-HMAC-SHA2. As discussed, here are two strings you could try a first test against: BIB String: 8503020000583A86810100018201662F2F7372632F8182010581820181820158208E7CED016A327364E0E38B294E00B46BB3D38C1CC495C7E5AA441D43AD71A7F4 Bundle String: 9F89071A00020000028201662F2F6473742F8201662F2F7372632F8201662F2F7372632F821B0000009E9CBE307F001A001B7740440C793A3A8503020000583A86810100018201662F2F7372632F8182010581820181820158208E7CED016A327364E0E38B294E00B46BB3D38C1CC495C7E5AA441D43AD71A7F486010100024B68656C6C6F20776F726C6444D02A2ADDFF

They are from https://github.com/dtn7/dtn7-go/blob/9f521edbeb6de123e6d92814c865bd434b99b192/pkg/bpv7/extension_block_bib_iop_hmac_sha2_test.go#L11

I will do/write more tests the next few days. :)

rokk4 avatar Aug 02 '21 15:08 rokk4