-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SP-CRA security solutions #331
Conversation
Signed-off-by: Selina Shrestha <[email protected]>
Signed-off-by: Selina Shrestha <[email protected]>
Signed-off-by: Selina Shrestha <[email protected]>
…. Also added underlying secret tables
…ed challenge response authentication (SP-CRA) implementation
modules/sc-mesh-secure-deployment/src/2_0/features/PHY/PHY_CRA_scripts/SP_CRA_v7.py
Outdated
Show resolved
Hide resolved
modules/sc-mesh-secure-deployment/src/2_0/features/PHY/PHY_CRA_scripts/SP_CRA_v7.py
Outdated
Show resolved
Hide resolved
modules/sc-mesh-secure-deployment/src/2_0/features/PHY/PHY_CRA_scripts/SP_CRA_v7.py
Outdated
Show resolved
Hide resolved
How this thing is started in a device boot? This is now implementing a thing and it is not started |
…log file storage directory to temp, other minor fixes, modifications to functional tests script to accomodate sendall changes
For this, this functionality have nothing to with device boot. |
This I dont think is relevant and It has to do with some future implementatian. My entry point is in the script only |
This feature will be started depending on the configurations received from the provisioning server (the provisioning server should specify which features to turn on Eg: SP-CRA, Jamming, IDS) |
modules/sc-mesh-secure-deployment/src/2_0/features/PHY/PHY_CRA_scripts/SP_CRA_v7.py
Outdated
Show resolved
Hide resolved
In next update of the component or version, it might be a good idea to start to use static typing in some level. Static typing helps to understand what functions should return as type or which type of parameters is expected to be passed in. Also it would be good to start to use also some python code style checker. |
Provisioning server will provide only certificates. Provisioning Server functionality and provided services are defined by Solita. |
Understood, Thanks for the feedback. I will keep this comment in future. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How SP_CRA_v7.py is started in a device is still open to me and can't approve. Provisioning server is just providing certificates. It is not providing any configurations.
What I understood from the new requirements discussions is that the provisioning server will (with future work) provide the certificates to setup the upper macsec/ batman as well as configurations such as which 2.0 features should be started. I am planning on starting these features from main.py, but as of now it is empty. |
…r the execution of the script will be from the main script which hadnles the executio of all additional features
… features.yaml files can be used for feature selection
modules/sc-mesh-secure-deployment/src/2_0/features/PHY/PHY_CRA_scripts/SP_CRA_v7.py
Outdated
Show resolved
Hide resolved
TIISR here, for some reason GitHub does not let me reply to this particular comment but it lets me edit @joenpera 's comment: until SP-CRA can self-configure and proves to not affect any other software component (otherwise we have too many things to debug all at the same time 🙂) the idea is to have it disabled by default and then on a per-device basis easily enabled by MDM Server configuration applied by MDM Agent in CommsController. To avoid confusion let's please use the "provisioning" word only in reference to the Flight & Mission Operations (FMO) stuff distributed by NATS and only present in some use-cases, as opposed to our MDM present in all use-cases. |
…cripts as arguments
… Authentication as an additional feature
…le results on the console: Resolving comment from @martin
Following files (new and modified) are added.